Safe Speed Forums

Completly non-SS related but...

I sem to be getting large amounts of Spam these days (which is mostly filtererd by BTinternet-quite good actually)


But there are a few things I am wondring about.

1) The delivery address is frequently "similar" to mine but NOT the same! How do I end up getting it??

2) the delivery dates are often "Ahead" of the current date, sometimes by years! How do they do this??

3) sometimes the spam contains nothing more than poetic gibberish Initially I supected Viruses and trojans but virus checkers give them a clean bill of health. What is going on??

4) Is anybody actually enough of a "Damn Foo" to actually buy dodgy stocks, pharmaceuticles and software from these sites?? Do people really respond to requests from "Loyds" or "Midlund" bank to confirm their personal details??

_________________
"The road to a police state is paved with public safety legislation"

1) The similar name is on a list of names. You name is there somewhere but further down the list.

2) The date could be taken from a variety of sources. It doesn't bear any meaning on anything though.

3) The poetic gibberish is to fool the spam filters into thinking its a genuine e-mail. The actual message will be in a picture file in the e-mail. When the message is opened the picture will be visible.

4) Yes. It's worth Billions. Otherwise i don't think they'd bother....

1) The delivery address is frequently "similar" to mine but NOT the same! How do I end up getting it??

You probably have one of those accounts that allow <anything>@username.<your isp> and your address is set as a catch-all for your user account. If this isn't the case, I can't help.

2) the delivery dates are often "Ahead" of the current date, sometimes by years! How do they do this??

Very easily. An email message is just plain text and you can do it with any text editor (such as notepad). However, most spammers don't use regular mail clients and use spamming tools instead. BTW, many spammers set the message date well into the past because some anti-spam sites won't act on spams that are apparently over a few days old.

3) sometimes the spam contains nothing more than poetic gibberish Initially I supected Viruses and trojans but virus checkers give them a clean bill of health. What is going on??

The gibberish is there to get around Bayesian filters. If you can see the gibberish you either have a decent email client or the message was mal-formed. Another recent trick is to use animated gifs that have just a little "noise" in the first frame with the message in subsequent frames. This gets around most anti-spam filters that can read images. It's an evolutionary process, as anti-spam filters get more sophisticated the spammers invent more sophisticated ways to get around those filters.

4) Is anybody actually enough of a "Damn Foo" to actually buy dodgy stocks, pharmaceuticles and software from these sites?? Do people really respond to requests from "Loyds" or "Midlund" bank to confirm their personal details??

Yes, there are enough mugs who are that naive or foolish. The spammers and scammers send their garbage out by the million and it only takes a tiny fraction of a percent for there to be enough suckers to make it worth their while.

HTH,

_________________
Will

I also think a lot of spam comes from 'wannbes'. Let's face it, a smart 14 year old can issue millions of emails from his bedroom with a standard PC.

So, yes, there are professional spammers, but my guess is that 90% comes from wannabes and makes nothing.

One also wonders about the proportion now getting caught in spam filters. It's very possible that 90% is getting trapped before it gets a chance to bulge our inboxes.

_________________
Paul Smith
Our scrap speed cameras petition got over 28,000 sigs
The Safe Speed campaign demands a return to intelligent road safety

I meant the entire industry is worth billions. From selling pills, "pump and dump" schemes, money laundering, credit card fraud....

As with any industry there are a few big guns and many small fry. Still doesn't stop the industry being worth a lot...

1)

spam software generates zillions of random email addresses based on a few rules and try them out by sending a spam message.
most of the email addresses are invalid, information which conveniently the receiving servers bounces back, so the spam software can correlate which email addresses are valid and spam them some more

either that or your address has got onto a spammers list or been harvested by a spambot scanning web pages for email addresses, they're either doing the above with that list to test it.. or what you see is the list of validated email's they're sending to.

As mentioned if you have a catchall address like joe@bloggs.isp then Joe90@bloggs.isp would also get delivered. If they use screen-scraping software then often the addresses will get corruped so email like joe0d@ and joexx@ will get added to the list. Otherwise, some ISPs prevent dictionary attacks on their servers by accepting all email and delivering it to the closest matching account. I think GMail did this for a while.

It has been alledged that the internet would come crashing down if the vast majority of spam wasn't blocked out at an ISP level.

A recent case in which a US spammer sued SpamHaus for blacklisting his email server brought to light the degree to which the stability of the internet relies on services like theirs.

You can read more about the case at Slashdot:

http://slashdot.org/search.pl?query=Spamhaus

It's around the other way really, the majority of spam is now coming from a small numer of major spam kings, many of them Russian. The key is having access to a botnet of comprimised PCs which takes time and money to gather, and there is a lot of trading of IP addresses and passwords to previously-comprimised PCs behind the scenes.

I think there is still a good amount of spamming by smaller-scale operations, but the "pump and dump" stock spamming obviously requires a fair amount of organisation and money up-front to make it work.

Gareth

A lot of the scam emails are apparently generated by a handful of individuals in Nigeria. You can see them get their cumuppence here:

http://www.419eater.com/

Pump and dump blues

Another reason for this, not already mentioned is that the "to" field is just one field used for mail delivery. Your address may well be in fields you can't normally see.

I use this as a basic spam filter, anything not specifically addressed or CC'd to me goes in the trash.

The address the message is sent to is contained in the "SMTP Envelope".
Imagine a real letter, the address is on the envelope. When you get the e-mail the "Envelope" has been "opened", or at least you don't get to see it's details. I haven't worked out why they have so much trouble getting the envelope's e-mail address and the apparent To: address to match though. It looks so silly!

Whatever is inside this envelope is written by whoever sent you the letter. This includes the date and where it is supposed to have come from. Which answers point 2.
They set the date high or low to get to the top or bottom of your inbox, or so I believe. But it looks un-professional.

Usually as the e-mail travels through different servers they each stick a date in the e-mail's header to let you know when they got the message, but this is not normally seen.

I do hope nobody buys things from spammers. It's a stupid thing to do. "You want cheap breast enlargement? You call guy you never heard of before and I do it!! I can't get date & time right but boob job no problem. While I at it want you penis enlargement? Yes yes? Cheaper if get both sir!"

_________________
Andrew.

The to: field can contain the name of the person before the email.

The officially to address contains just the emails and doesn't differentiate between to and cc.

Spam used to be the electronic equivalent of junk mail, but it isn't even that any more. It's just worthless "noise" on the Internet.

In their obsession with punching these messages through spam filters, many spammers remove all identifiable contact information such as web links or phone numbers, so even if the recipient DID want to buy cheap Viagra or whatever, he has no way of contacting them. All this crap does is slow down the Internet.

_________________
“For every complex problem, there is a solution that is simple, neat, and wrong.” - H. L. Mencken