The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Wednesday, December 23, 2020

Name and Shame: Bitly sells me out.

 I just got a couple of those "please open this invoice" spams. It was sent to a tagged email address I'd only ever given to Bitly (a URL shortening service).

So either Bitly sold my contact info to scammers, or their security is substandard.

Saturday, September 15, 2018

Name and Shame: avcanada.ca sells me out

I'm getting spam (we have embarrassing video of you) to a tagged address I gave to avcanada.ca.

So either Avcanada sold my email address to spammers, or their security is substandard.

Name and Shame: Myspace leaks my login info and password

I just got one of those "we have a video of you masturbating so send us money" spams. This one was a little different in that it included my myspace account name and my password in the clear.

So either Myspace sold my contact info to scammers, or their security is substandard. The very fact that they stored my password in the clear is troublesome.

Tuesday, December 23, 2014

Name and Shame: Tribe.net sells me out

I'm getting spam (Russian women want to date you) to a tagged address I gave to tribe.net.

So either  Tribe sold my email address to spammers, or their security is substandard.

Wednesday, July 23, 2014

Name and shame - Android Developer's Conference sells me out

A couple years ago, I attended the Android Developer's Conference (Andevcon). Ever since then, my inbox has been flooded with email sent to the tagged address I gave them. Most of that email was in some way related to Android development, so I let it slide.

But this morning, I got spam advertising quickie loans to that tagged address, so we know that Andevcon shared my email with spammers.

Wednesday, May 14, 2014

Name and shame: The San Jose Mercury News sells me out

Just one for the official record: an email address I only used for the San Jose Mercury news has been sold to the "El Paso Times Online" who seem to be an actual newspaper. The address was used to send me spam about a health seminar.

Tuesday, December 17, 2013

"FedEx" tracking spam

Just a quick heads-up. With the holidays around, there's been a flood of fake FedEx spam.

You get an email saying that the package was delivered, and that you should click on the attachment.

Obviously, it's a virus. If you're reading this, you're probably savvy enough to know better than to click on this attachment, but make sure your not-so-savvy friends and relatives aren't clicking on it either.

Tuesday, November 26, 2013

Grrr; Senderbase lists my server

File this one under hidden costs of spam.

I run a small server out of the back room in my house. It's just a place for me to keep my own files where I can access them. Very low bandwidth.

I'm on a dynamic IP address, and use dyndns to access it. That's all fine.

Now, my service provider has me listed in the SpamHaus PBL. For those unfamiliar with it, the PBL is the "Policy Black List". It's a list of IP addresses which the owners have informed Spamhaus, out of courtesy, should never be sending unauthenticated email. It is not a list of IP addresses that have actually done anything wrong.

That's well and good, and it reflects well on my service provider that my address is listed. Dynamic IP addresses shouldn't be sending email. And I don't.

But the friendly folks at Senderbase have decided that a PBL listing means I must be hosting malware. And so now I find there are networks from which I can't access my own files.

So now it's off to see if I can't convince them to adjust their filters.

Thursday, August 15, 2013

Wayne Mansfield back in the news, fined $95,000

New Zealand Business Day reports that longtime spammer Wayne Mansfield has — again — been fined for spamming.

The article, Spam leads to $95,000 fine, reports that Mansfield had been spamming advertisements for his sales coaching seminars using a purchased email list containing around 67,000 addresses. Typical spam runs were to 10,000 addresses at a time. "Unsubscribe" requests were being ignored.

Although Mansfield is an Australia resident, the New Zealand court ruled that he was still subject to fines in New Zealand.

The article notes that he was banned from running a business for four years in Australia, although that ban has now expired.

Monday, March 11, 2013

Name and Shame -- Dropbox leaks my email

Based on a tip from John Levine's blog, I went back and looked at my own spam filter. Turns out that I've received two spams in the last month to the tagged address I gave to Dropbox when I opened my account there.

Did they sell their mailing lists, or were they stolen?  I don't really care; they had a duty to keep that information away from spammers and they failed. Frankly, I would have hoped for better security from a company to whom people trust their personal data.

Well, the primary lesson here is that you can't trust the cloud. If you're putting personal stuff up on Dropbox or any other cloud service, make sure you encrypt it at your end first.

News: Dropbox users report spam emails after last year's data breach. (ZDNet)

Relevant articles: How to encrypt your cloud storage for free (PCWorld), How To Add a Second Layer of Encryption to Dropbox (LifeHacker).  Executive summary:  Use TrueCrypt (or any other crypto software) to manually encrypt your files before uploading them, or BoxCryptor (Windows, Mac, iOS, Android) as a front end to DropBox, Google Drive, or any other cloud provider.

Edited to add: see also Spideroak, which does encryption at your end: https://spideroak.com/

Tuesday, January 29, 2013

Name and Shame -- Dyndns leaks my email

Today, I got hit by a phishing email from a Russian spammer.  The email was sent to a tagged email address I had only given to dyndns.org.

Did they sell their mailing lists, or were they stolen?  I don't really care; they had a duty to keep that information away from spammers and they failed.

Wednesday, October 17, 2012

Name and shame: Waiter.com sells me out

This is happening more and more often.  This time, I received a phishing spam to an email address I had only ever given to waiter.com.

The most likely explanation is that Waiter.com or their email provider failed to properly secure my email address and it was stolen by spammers, but either way, shame on Waiter.com for not protecting it better.

Sunday, October 14, 2012

Name and shame: deabath.com sells me out to Nikon

Just received spam from Nikon camera to an email address I had previously given to deabath.com.

Either DEA Bathroom sold my email address to Nikon, or they failed to secure it properly and it got stolen.

Either way, shame on DEA Bathrooms for not keeping my email safe, and shame on Nikon for spamming.

Thursday, October 04, 2012

Name and Shame: Sporty's Sells Me Out

Got some spam today to the tagged email address I had used only with Sporty's Pilot Shop.

Yet another internet vendor who either thinks my personal information is a commodity to be bought and sold, or who didn't think their contact database needed protecting.

Probably the latter, but doesn't anybody care about security any more?

Here's the text of the spam (one sample) with the formatting removed.

Fax Message [Caller-ID: 400-610-8390]
You have received a 62 pages fax at Thu, 04 Oct 2012 12:12:49 +0530.
* The reference number for this fax is min1_20121004121249.56555.
View this fax using your PDF reader.
Click here to view this messagePlease visit www.eFax.com/en/efax/twa/page/help if you have any questions regarding this message or your service.
Thank you for using the eFax service!

Don't click the links, of course. The payloads are dead links now, but presumably led to phishing sites.

Sunday, August 26, 2012

Thank you scammer, for my morning chuckle

Got a pretty typical phish this morning; the usual "please help me launder my money out of Nigeria" scam.
But the "From" line was unsually good:  From: "James Ford"<...@aol.com>

Friday, April 27, 2012

Spam riding the tailcoats of ham

Ham is the term used to describe unwanted email that clogs up your inbox like spam, but isn't strictly-speaking spam.  It typically takes the form of mailing list traffic that you signed up for but can't figure out how to unsubscribe from, or advertising from a company you once did business with online.

For years now, I've been subjected to the occasional bit of ham from LinkedIn reminding me of this or that invite I haven't yet replied to, or a message I haven't read yet.

Lately, I've noticed a fair amount of actual spam coming in designed to look like LinkedIn ham. The layout, artwork, and subject line are similar to the "You have a pending message from X" messages I frequently get from LinkedIn, but the link takes you to a phishing site.

The key signs that it's a fraud are the From: line which is typically gibberish, and the Subject: line which is just a little bit off, but these will likely be fixed as the phishers refine their fraud.  Ultimately, the best defense is the practice you should be using on all emails: always hover over a link before clicking it, and make sure it goes where you think it does.

Be careful out there, you hear?

Tuesday, April 10, 2012

Twitter fights spammers in court

According to Tech News World, twitter Twitter is suing a number of spammers and spam-support providers.

In particular, Twitter is going after five tool providers who make apps such as TweetBuddy and TweetAdder which are used to insert advertisements into trending Twitter topics.

Thursday, December 01, 2011

Michelle Bachmann campaign -- spammers

An article from the Iowa Republican: Bachmann Campaign In Hot Water Over Misuse of Homeschooler Email List

In a nutshell, the Bachman campaign downloaded the email contact list of the Network of Iowa Christian Home Educators (NICHE) without NICHE's knowledge or permission and used to to send political spam to its members.

Interestingly, campaign laws may now require NICHE to make its mailing list available to any other political candidate that wants to use it.

Friday, October 21, 2011

Shout out to "MainSleaze" anti-spam web site

Just a quick pointer to a new blog run by Catherine Jefferson: MainSleeze

The title pretty much says it all, it's a blog devoted to naming and shaming mainstream companies that use Spam in their advertising.

Sunday, July 10, 2011

Name and shame: CDR Outlet sells me out

A tagged address I gave only to CDR Outlet has just received spam, ostensibly for some McDonald's coupons, but probably really a virus.

Now, whether CDR Outlet deliberately sold my email address, or a rogue employee sold a copy of the email list, or a rogue email service provider sold it, it's impossible to tell, but whichever it was, shame on CDR Outlet for not protecting my email better.