Are Sp*mmers getting lazy?
-
Spam: "Girls looking for the same as you!" Me: "WTF - Girls looking for bugs in my code?"
Some of us walk the memory lane, others plummet into a rabbit hole
Tree in C# || Fold With Us! || sighistthe best kind of girls!!
-- Transmitido en Martian en SAP
-
I've been getting spammed more and more with a blank subject, no text, no attachments - nada. What's the point?!! Are spammers getting so lazy, they can't even fill in the members of the object to annoy me or destroy my computer with? Sheesh! (I realize I can setup a rule to catch these, but I'm too lazy! :-D)
- S 50 cups of coffee and you know it's on!
I agree with others and think it is just checking the address before placing you on the list to sale to others. If they mail does not bounce back, you get on the list!
Rocky <>< Latest Code Blog Post: ASP.NET HttpException - Cannot use leading "..".. Latest Tech Blog Post: Anti-Spam idea - Help!
-
So if the mail servers just deleted emails that were to addresses they don't recognise instead of bouncing them then this tactic wouldn't work and eventually the spammers databases would become totally full of spurious email addresses - and therefore their value would be diminished?
'--8<------------------------ Ex Datis: Duncan Jones Merrion Computing Ltd
Yes, but it's a drastic tactic: it then means that legitimate misaddressed email goes down the black hole too, so if you're addressing an email to someone who isn't in your contacts list and mistype it (say, from a business card) you wouldn't get notified that they didn't get the message. Having said that, I have Exchange here at work set up with the "Intelligent Message Filter" (Microsoft's spam trap) to archive anything that looks sufficiently like spam and not generate an NDR. I wish others would do this: I've had to set the 'ignore all Non-Delivery Reports' option in my personal email account's control panel because of the enormous number of NDRs I get (or got) from spam that has my address in the From line sent to an invalid one, or one handled by a spam trap configured to generate NDRs. A lot of it wasn't actually 'from' my personal address, but 'from' randomuserpart@_myhostname_.demon.co.uk, all of which I get.
Stability. What an interesting concept. -- Chris Maunder
-
Roger Wright They're not lazy; they're fishing. Since your server didn't bounce the blank email they now know that the address is valid, and they can sell it. Valid addresses are worth big bucks in the slimy world they inhabit.What happens if the receiving end has a catch account? Wont this mean that all spam that is caught by this catch all account will be valid in their eyes but actually they are sending spam to sometimes an unmonitored account, or are deleted shortly after they arrive.Since it doesn't cost any more to send 100 emails than 1 email, they don't care if their scattergun approach only hits 1% genuine mailboxes. It's believed that a lot of spam is sent via zombie networks - infected computers - and so it doesn't even cost them much of their own CPU time or bandwidth.
Stability. What an interesting concept. -- Chris Maunder
-
They're not lazy; they're fishing. Since your server didn't bounce the blank email they now know that the address is valid, and they can sell it. Valid addresses are worth big bucks in the slimy world they inhabit.
Steve Echols wrote:
I realize I can setup a rule to catch these, but I'm too lazy!
Get over the laziness and make a rule - you're about to be slammed. Good luck, though; these pissants change hotmail accounts about every ten minutes. Rules are great, but the options they offer are few. Most phony advertisers use a mix of decimal digits and random alpha characters. Few filters let you set up rules to catch such patterns - they tend to let you exclude specific addresses only. That's just about as useful as teats on a boar.
"...a photo album is like Life, but flat and stuck to pages." - Shog9
-
So if the mail servers just deleted emails that were to addresses they don't recognise instead of bouncing them then this tactic wouldn't work and eventually the spammers databases would become totally full of spurious email addresses - and therefore their value would be diminished?
'--8<------------------------ Ex Datis: Duncan Jones Merrion Computing Ltd
Many hosting providers provide this as an option (at least, mine does). I think that spammers are less concerned about incorrect addresses, legitimate mailing list companies, that have a real opt-out/unsubscribe option (not one where they just move your address from one list to another) are concerned, not the a$$holes that send you
Buy This Stockimages,Need Viagra?, andCheap Rolex Watchesemails. IME, lots of the spam these days use not just an incorrect return address, but a return address of the last person they sent the spam to! That way, the wrong person gets blamed. Also, that is why you may get a spam email followed by a bounce message with the exact same subject as the previous spam email - they sent it to you using a return address of the last guy they sent it to, and they sent the next one using your email as the return address. As such, the importance of having valid email addresses for these kind of spammers is not that important. Also, there exist lots of "spam poison" mechanisms designed to create page after page of false email addresses to flood an email-scraper application with useless email addresses (I have several of those kinds of links on my site). You may have noticed - it is not working all that well! :) Peace!-=- James
If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong!
Avoid driving a vehicle taller than you and remember that Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road!
DeleteFXPFiles & CheckFavorites (Please rate this post!) -
Roger Wright wrote:
Valid addresses are worth big bucks in the slimy world they inhabit.
So if I created myself 500 gmail addresses, I could ethically sell them and just never read them ?
Christian Graus - Microsoft MVP - C++ Metal Musings - Rex and my new metal blog
Hmmmm... Not a bad idea!:-D
"...a photo album is like Life, but flat and stuck to pages." - Shog9
-
True. I hadn't thought about that, since I use OE and wildcards don't seem to work.
"...a photo album is like Life, but flat and stuck to pages." - Shog9
-
True. I hadn't thought about that, since I use OE and wildcards don't seem to work.
"...a photo album is like Life, but flat and stuck to pages." - Shog9
-
:laugh::laugh: Just kidding. :-D
Roger Wright wrote:
That's just about as useful as teats on a boar.
:laugh: Just got an image of a transexual pig, for some odd reason. :laugh:
Roger Wright wrote:
Get over the laziness and make a rule - you're about to be slammed.
So you're saying we're screwed...great. With all the brain power on planet CP, we can't come up with a way to fix this problem?
- S 50 cups of coffee and you know it's on!
Steve Echols wrote:
Just got an image of a transexual pig, for some odd reason.
:omg: You are giving us way too much information. :~
I'm on-line therefore I am. JimmyRopes
-
Ah, good point. I Shift+Delete these bad boys, never open them, but by that time it's pointless, because it didn't bounce. So...I can expect further spam, in some form, from these low lifes. :sigh:
- S 50 cups of coffee and you know it's on!
Steve Echols wrote:
I Shift+Delete these bad boys, never open them, but by that time it's pointless, because it didn't bounce.
Does anybody know if it is possible to simulate bouncing? If that's technically possible, then, probably, mail hosters such as GMail, Yahoo, etc should bounce (absolutely similar to the case if mailbox doesn't exist) messages, which user explicitly ratifies as spam. Maybe we should submit such feature suggestions to our mail services?
-
Steve Echols wrote:
I Shift+Delete these bad boys, never open them, but by that time it's pointless, because it didn't bounce.
Does anybody know if it is possible to simulate bouncing? If that's technically possible, then, probably, mail hosters such as GMail, Yahoo, etc should bounce (absolutely similar to the case if mailbox doesn't exist) messages, which user explicitly ratifies as spam. Maybe we should submit such feature suggestions to our mail services?
I found this link a couple days ago. There's some interesting stuff in it about fake bounces (if it's true, that is :)). http://spamlinks.net/prevent-secure-backscatter-fake.htm[^]
- S 50 cups of coffee and you know it's on!
-
I found this link a couple days ago. There's some interesting stuff in it about fake bounces (if it's true, that is :)). http://spamlinks.net/prevent-secure-backscatter-fake.htm[^]
- S 50 cups of coffee and you know it's on!
I wonder why isn't it possible to track the whole chain between sender (spammer) and target. Target host definitely should know from what host it had received a message, that second host should know such as well, etc. In this case, assuming all ISPs in the chain hate spammers and agree be part of anti-spam operation, we can submit spam-report to ISP which hosts our mailbox, that isp can send it to the next ISP in chain etc, and by this way spam-report will reach originating ISP, which can catch a spammer - its client, and if it (originating ISP) refuses, then it should be considered as spam-friendly ISP and blocked by higher level ISPs.
-
I wonder why isn't it possible to track the whole chain between sender (spammer) and target. Target host definitely should know from what host it had received a message, that second host should know such as well, etc. In this case, assuming all ISPs in the chain hate spammers and agree be part of anti-spam operation, we can submit spam-report to ISP which hosts our mailbox, that isp can send it to the next ISP in chain etc, and by this way spam-report will reach originating ISP, which can catch a spammer - its client, and if it (originating ISP) refuses, then it should be considered as spam-friendly ISP and blocked by higher level ISPs.
I don't even know how all this stuff works, but I think there are ways to "spoof" where it came from, which is part of the problem. I don't know why the internet gurus can't come up with a foolproof set of technologies, where you can't fake who you are. Then again, I get phone spammed all the time under the same caller id number, but it's always a different company trying to get me to give them money. So it's not just the internet. So, I guess we're stuck in Spam, Spam, eggs, and Spam land. :)
- S 50 cups of coffee and you know it's on!
