The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Tuesday, June 24, 2008

Boneheaded spam from Netflix

I just got spam from Netflix, offering me a trial offer. The spam was sent to the account which I used to join Netflix several months ago. Morons.

Wednesday, June 18, 2008

Linhardt drops the other shoe

Or the fourth shoe. Whatever. Who's counting?

Two weeks ago, I wrote about how E360 had dropped their third SLAPP lawsuit against Susan Gunn, Mark Ferguson, and Kelly Chien. E360's tactic seems to be to file unwinnable but expensive nuisance lawsuits against Gunn et al, and then drop the lawsuit at the last minute, allowing them the ability to file yet again later on. The theory being, I suppose, that you can hurt your victims more by dragging them into court repeatedly than by dragging them into court once and seeing it through to the end.

At the time, I speculated as to what Linhardt had planned for the next time.

I didn't have long to wait, as within days, Linhardt slapped Gunn with yet another subpeona. At Susan's request, I've not mentioned it until now, but her lawyer has given her the go-ahead and so you may now read it in her post on usenet.

I'll let you read it for yourselves, but in a nutshell, they demand that she cough up everthing she knows and every piece of documentation she has on the inner workings of Spamhaus.

The subpeona seems to be void on jurisdictional grounds, so it's unlikely that E360 will be getting anything from Susan.

Labels: , ,

Tuesday, June 17, 2008

The IRS isn't sending refunds to you by email

Especially not if your refund is $252.

Since it's tax refund time, there's been a lot of IRS phishing going around lately. Whoever is sending it isn't interested in giving you $252, they're interested in your social security number and your banking information. Also, the IRS doesn't use servers in Hong Kong. Stay frosty out there.

It's probably pointless to point these out, since the majority of my readership is probably too savvy to fall for it anyway, but do pass this on to your more gullible friends and relatives.

Oh, and while I'm on the subject, you didn't win any lottery you don't remember entering. There's been a lot of that going on lately too.

Friday, June 06, 2008

A rising new threat: ransom-ware

Reported the other day by Kapersky Lab: A new variant of Gpcode, known as Virus.Win32.Gpcode.ak has been classified.

This virus selects some files on the victim's computer, encrypts them, and then offers to sell the decryption program for a price.

The Gpcode virus is not new, but previous versions had used a weak enough encryption that it could be broken. The new version uses a 1024-bit key and fixes previous flaws in the encryption althorithm.

For obvious reasons, victims are strongly encouraged not to pay the ransom or otherwise deal with extortionists.

The best defenses are good preventative measures. Back up your files regularly. Run anti-virus software. Don't run Windows operating systems (that part was my idea).

If infected, Kapersky makes the following recommendations: DO NOT RESTART or POWER DOWN the potentially infected machine (presumably to give experts a chance to analyze the infection.) Contact Kapersky at stopgpcode@kaspersky.com with the following information included in the email:

  • Date & Time of infection
  • Everything done on the computer in the 5 minutes before the machine was infected, including:
    • Programs executed
    • Websites visited
Kapersky says they'll try to help recover your encrypted data.

Personally, I'm not sure what they can do to help without the extortionist's private key. Your best bet is to hope the person gets caught, in which case they'll presumably be forced to cough up the key. Helping Kapersky analyze the virus is your best course of action.

Ransom-ware is not a new concept, of course. The Kapersky Lab article mentions that the Gpcode virus is two years old at present. There have been other forms of ransom-ware as well; two years ago I wrote that the FTC was coming down on Sanford Wallace for infecting users' computers with spyware, and then offering to sell them the tool to remove it.

Wednesday, June 04, 2008

An amusing IQ test

A correspondent sends me an amusing story about phishing, cellphone spam, and being tricked into giving permission to be spammed (which I wrote about a couple years ago). I'll just quote it directly:

I was playing Scramble on facebook and one of the ads made it through my ad filter. Just for fun, I clicked on the "10 minute IQ test". 10 easy questions which took about 30 seconds total to answer. The 11th question was clearly the real IQ test. They ask you to enter your cell phone number to get your results by text message. The small print at the bottom says by submitting your cell number you are subscribing to their word club service, and they will charge you $20 a month (for AT&T users) to get a word sent to your phone once a week. I didn't submit my cell number.

I guess I passed the IQ test.
The Boston Globe and Engadget (among many others) have articles about AT&T settling lawsuits about such fraudulent charges and what you can do if you find one on your phone bill.

And if you're not an AT&T customer, don't be smug*, Verizon, Sprint, and T-Mobile are facing similar lawsuits.

Monday, June 02, 2008

E360 drops lawsuit against Feguson, Gunn, and Chien — again

This just in: alleged spammer E360, who has filed SLAPP lawsuits not once, not twice, but three times against various individuals it thinks are somehow connected to Spamhaus, or who simply called E360 a spammer, has voluntarily dropped their lawsuit yet again.

Quick history: David Linhardt, the owner of E360 first filed a lawsuit against Susan Gunn, Mark Ferguson, Kelly Chien, and other anti-spam activists in federal court. That suit ended when Linhardt didn't even show up in court (neither did the defendants, who had never been served.)

A month later, Linhardt re-filed the same lawsuit, but in state court this time. This forced the defendants to get lawyers and prepare for a lawsuit all over again. In September 2007, Linhardt once again dropped the lawsuit.

True to form, he filed yet a third lawsuit in January of this year, naming Susan Gunn, Mark Ferguson, and Kelly Chien. This lawsuit was interesting in that it coincided with E360's lawsuit against Comcast. Things became interesting, with suits, counter suits, and counter-counter-suits flying thick and furious. There are rumors of offers from Linhardt to settle out of court which were presumably rejected by the defendants.

In mid-April, Gunn filed a motion to dismiss for lack of jurisdiction. The court gave Linhardt until May 27 to file a response, which Linhardt did not do. Gunn then filed a motion to dismiss based on Linhardt's failure to respond to the first motion.

Finally, comes news that Linhardt has filed his own motion to dismiss. The filing also notes that he's managed to settle with Ferguson. Unfortunately, as with most out-of-court settlements, neither side is saying what the terms were. Knowing what I know of Ferguson, I'm betting that he's not the one who conceeded anything.

The interesting thing is that Linhardt filed to dismiss with prejudice, meaning he won't be allowed to file again.

Now I'm not a lawyer, but I'm puzzled as to why the plaintiff would file to dismiss with prejudice, thus shutting the door for good on his ability to file yet again. This is essentially a legally-binding pledge not to sue again. Is he hoping that by doing this, he'll convince the defendants not to file any counter-suits? Or perhaps this will make the court look more favorably at him in such a suit. Or perhaps this was a condition that was attached in some sort of settlement he made with Ferguson.

If not for the fact that he'd filed with prejudice, I would assume this was just another round of his previous tactic of repeated file-and-drop. He knows he can never actually win a SLAPP lawsuit against anti-spam activists, so his most damaging tactic was to file a suit, and then drop it before he can lose, thus allowing him to repeat the attack. But filing with prejudice? Either he really means to let it go, or it's a diversion of some sort — perhaps he's planning to file in Federal court again next time.

Labels: , ,