• Quick note - the problem with Youtube videos not embedding on the forum appears to have been fixed, thanks to ZiprHead. If you do still see problems let me know.

Sudden increase in spam

Dave_46

Graduate Poster
Dave_46
Joined
Jun 29, 2005
Messages
1,061
Location
UK (south Bucks) Occasionally France (the Vendee)
I have set up an Email redirect from my wife's wesite, to my general Email address, looking for Emails addressed to enquiries@domain.com. I generally get about 100 a day spam Emails addressed to randomletters@domain.com, which I identify as spam and automatically delete subsequent messages.

I checked this morning as usual, and shut down Outlook Express. About 4:00 pm I opened Outlook Express, and there were over 500 Emails, and of the first 20 or so, most are addressed to the same (random)address. A lot of these are automated replies, notifying of bounced spam.

My question is, should I be worried about this, or is it just an extension of the spam barrage, albeit to a higher level than I normally see?

Dave

ETA ALL the Emails were to the same address, and I've had another 200 in the last 40 minutes, all now automaticaly consigned to the bin.
 
Last edited:
Most likely it's not being targeted specifically at you. You shouldn't worry more than usual.

http://en.wikipedia.org/wiki/Directory_Harvest_Attack

On the other hand, it may be targeted specifically at you, in which case you should stockpile food, water, and ammunition. A zombie invasion is probably imminent.
 
Last edited:
We just spent thousands on a spam appliance which reduced our spam to almost zero but this last week tons have been getting through. Mostly starting with Re: Pics. I think some big spam virus may have gotten activated because logs show hundreds and hundreds of IP addresses which is why I think the appliance is having trouble keeping up with it. All the ads are identical, too, regardless of the subject line getting through.

Just a surge, hopefully not a sign of things to come.
 
Last edited:
I take it your site generates a random redirect address for each visitor? It would then just mean that someone has added one of your addresses to some sort of major spammers database.

In addition it appears that the spammer is using your addresses in forged reply-to lines, which accounts for all the bounced mail notifications. This can be very annoying as you can potentially get hundreds of thousands of useless messages.

There's not much to worry about as the spammer will eventually move on to some other addresses. If you wish to, you can join a service like SpamCop and report the spam. 99% of what you report will come back as coming from a permanently blacklisted address (typically in Korea or Brazil) but there is a chance that you can catch a major spam run early in it's execution (from a compromised computer or a legit account in violation of terms and services) and stop it cold. If your website has been picked out by a spammer for abuse, so much the better if you can stop him.
 
Dave_46 said:
Thanks folks.

As I suspected/hoped, there's not much to worry about.

For information, from 100 spam messages a day, I have gone to about 1000 in less than 12 hours.

Dave
Click to expand...

This may be because I've been using your e-mail account for my porn registrations. Maybe not.
 
an odd thing happened on my Yahoo account. i sent one mail, to someone i trusted. after that, spam started hitting me. my guesses are a) some router on the route to the other system was somehow harvesting addresses or b) a brute force attack on the Yahoo servers yielded my username.

in the case of AOL, you can enumerate people's addresses via the SMTP server.
 
illogical said:
an odd thing happened on my Yahoo account. i sent one mail, to someone i trusted. after that, spam started hitting me. my guesses are a) some router on the route to the other system was somehow harvesting addresses or b) a brute force attack on the Yahoo servers yielded my username.

in the case of AOL, you can enumerate people's addresses via the SMTP server.
Click to expand...

c) "someone you trusted" is malware-infected
 
They just keep coming up with new tactics. The current angle of attack is a pdf attachment which is locked against copying or viewing. This means that a robot cannot be used to scan the text for incriminating phrases or words.
 
Just another note, I have a Yahoo e-mail that I use to recieve some business e-mails. I have never, ever sent an e-mail from that address and have only gotten one Nigerian scam there in all the years I've had it. I only check it once every two weeks or so and when I checked it today there were about 30 spams in the inbox and almost a thousand in the Yahoo spam folder. Holy Cow! From nothing to a thousand in two weeks. Thank goodness Yahoo at least seperates out the obvious ones. Whatever this new tactic is, it's aggressive.
 
You must log in or register to reply here.

Back
Top Bottom