HomeRoast Digest


Topic: OT: Re: Mailing List hacks (7 msgs / 194 lines)
1) From: Michael Wascher
Andy,
It may not be such an amateurish attempt. Remember, the scammers are
looking for non-technical & gullible people, and they have an enormous
pool from which to choose. What better way than to let the possible
targets self-select?
How is this done? Keep the attempt amateurish, put in a few
misspellings & grammatical errors, don't hide the screwy links. If
anybody does reply they're probably a good target for the scam. And
the scammer can concentrate on just those few people.
It is all about knowing & targeting your customer.
What you did earlier was the best thing you could have done. Warn
people, as soon as possible. There are people out there who won't
notice that there are issues. BTW, there are people who, even with
your warning, will get scammed. And some of them will blame you.
--MikeW
“Greetings, my friend. We are all interested in the future, for that
is where you and I are going to spend the rest of our lives. And
remember my friend, future events such as these will affect you in the
future.” -- Criswell, Plan 9 from Outer Space
On Tue, Sep 4, 2012 at 11:11 PM, Andy Thomas  wrote:
<Snip>
m email using my name, but it was not even sent from my account. Probably j=
ust an amateur attempt at phishing, and no harm done, as far as I know. I c=
ertainly didn't suspect this list or anyone on it; I just didn't want any o=
f you good people to get caught if it had turned out to be a serious attack.
<Snip>
nd not likely a source of the problem.
<Snip>
from someone else's contact list on an improperly protected computer - some=
one with your address in their list.  This has happened to me when some old=
 e-mail addresses were "stolen" from a long-unused contact list at Yahoo.  =
The spammers then used my e-mail address to spam other people by showing th=
e origin of the spam to be my e-mail.  (I suspect the origin of the contact=
 list because one person's e-mail 'bounced' back to me as undeliverable - a=
 person who was only on that list and who had died a number of years ago.) =
There is no solution to this kind of 'theft' and spamming since many of the=
se servers are off-shore, the 'crime' is not worth law enforcement pursuit,=
 and our laws do not apply outside of our country.  The only thing you can =
do is judicious use of the delete key and make sure your own anti-virus pro=
grams, firewalls and routers block thieves.
<Snip>
inly not SM.
<Snip>
mariascoffee.com
<Snip>
a>
<Snip>
mariascoffee.com
<Snip>
a>
<Snip>
Homeroast mailing list
Homeroasthttp://lists.sweetmariascoffee.com/mailman/listinfo/homeroast_lists.sweetma=riascoffee.com
Sweet Maria's Forum
Our new Coffee Library

2) From: Martin Maney
On Wed, Sep 05, 2012 at 10:12:31AM -0400, Michael Wascher wrote:
<Snip>
Which I was recently convinced, by a similar argument, is why so much
scammail still comes from Nigeria.  If you're informed enough for that
to make you say "uh-oh, spam", then just deleting it is exactly what
they want you to do.
All of which kind of suggests that the best way to fight back would be
to reply to as much of this junk as possible - make them have to look
at it, try to keep them thinking you might be this week's fool to be
parted from his money.  Even if you can't pull that off, just giving
them another [million] red herring replies would make the scam a whole
heck of a lot less attractive.
tl;dr: we're fighting spam all wrong with good filters!?
-- 
A craftsman is defined by his ability to tell bad from good,
good from better. If I had no basis on which to do that,
I would be a poor craftsman indeed.  -- Eevee
Homeroast mailing list
Homeroasthttp://lists.sweetmariascoffee.com/mailman/listinfo/homeroast_lists.sweetmariascoffee.comSweet Maria's Forum
Our new Coffee Library

3) From: Ira
At 06:03 PM 9/6/2012, you wrote:
<Snip>
I believe you're wrong. The email addresses I have that I've never 
responded to spam with tend not to get spam. Once you publish an 
email or reply, they know it's a good email and your name will be 
passed around to all the spammers. I have 10 or so email addresses. 
one of them, the oldest and one that at one time was published on my 
website gets a few hundred spam messages/day. The rest get between 
zero and a few. Don't let them know you exist and you won't get spam. 
I don't open spam messages, I don't download them so none of the 
pictures embedded in the emails that would let them know I exist are 
ever opened. Keeping spam away is a lot of work. I enjoy those email 
addresses that get no spam and it's a lot of work to keep it that 
way, but I think it's worth the effort.
Ira
Homeroast mailing list
Homeroasthttp://lists.sweetmariascoffee.com/mailman/listinfo/homeroast_lists.sweetmariascoffee.comSweet Maria's Forum
Our new Coffee Library

4) From: Rich
I completely agree, never touch them. If you open them then eventually 
you will have nothing but spam.
On 09/06/2012 11:12 PM, Ira wrote:
<Snip>
Homeroast mailing list
Homeroasthttp://lists.sweetmariascoffee.com/mailman/listinfo/homeroast_lists.sweetmariascoffee.comSweet Maria's Forum
Our new Coffee Library

5) From: Michael Mccandless
I've had unused email addrs that collected spam
If you reply, you confirm the address & will receive even more.
MMc
On Thu, Sep 6, 2012 at 9:38 PM, Rich  wrote:
<Snip>
Homeroast mailing list
Homeroasthttp://lists.sweetmariascoffee.com/mailman/listinfo/homeroast_lists.sweetmariascoffee.comSweet Maria's Forum
Our new Coffee Library

6) From: Martin Maney
On Thu, Sep 06, 2012 at 09:12:56PM -0700, Ira wrote:
<Snip>
I never said you had to reply from a valuable email address...
It was just a neat thought experiment, though it could actually happen
if the big email providers and ISPs could be convinced to generate
suitably sincere fake replies to some percentage of the spam.  Think of
it as a DOS targeting the spammers instead of everyone else for a
change.  Or don't.
-- 
If nature has made any one thing less susceptible than all others of
exclusive property, it is the action of the thinking power called an
idea, which an individual may exclusively possess as long as he keeps
it to himself; but the moment it is divulged, it forces itself into
the possession of every one, and the receiver cannot dispossess
himself of it.  -- Thomas Jefferson
Homeroast mailing list
Homeroasthttp://lists.sweetmariascoffee.com/mailman/listinfo/homeroast_lists.sweetmariascoffee.comSweet Maria's Forum
Our new Coffee Library

7) From: Michael Wascher
They'd never do it. SPAM filters aren't good enough, so some of the
responses would be sent to legitimate users.
Only 2 things would slow it: educate users (you'll find a significant
portion of your users are unteachable, and people do make mistakes too); or
change the internet to provide positive credentials for every user &
traceability (this available but not widely implemented & many do not want
it to be).
“Greetings, my friend. We are all interested in the future, for that is
where you and I are going to spend the rest of our lives. And remember my
friend, future events such as these will affect you in the future.” --
Criswell, Plan 9 from Outer Space
On Tue, Sep 11, 2012 at 9:37 PM, Martin Maney  wrote:
<Snip>
mariascoffee.com
<Snip>
a>
<Snip>
Homeroast mailing list
Homeroasthttp://lists.sweetmariascoffee.com/mailman/listinfo/homeroast_lists.sweetma=riascoffee.com
Sweet Maria's Forum
Our new Coffee Library


HomeRoast Digest