The Story of "Nadine"

← Back to Stories (view on slashdot.org)

Posted by timothy on Thursday May 9, 2002 @09:30AM from the not-a-porn-story dept.

Guinnessy writes: "We've all accidentally typed in a wrong email address sooner or later. But can it all go horribly wrong? On http://www.spamresource.com there is the story of Nadine, an account of what happened after an Internet user accidentally gave a wrong email address when she visited a web page and signed up for a sweepstakes. Live in fear...."

5 of 270 comments (clear)

Min score:

Reason:

Sort:

Both sites choked - Google to the rescue by Seth+Finkelstein · 2002-05-09 09:42 · Score: 5, Informative

Bandwidth-choked.
Read it off the Google cache
(Note to people accusing me of karma-whoring: The search formatting above is non-obvious)
Sig: What Happened To The Censorware Project (censorware.org)
1. Re:Both sites choked - Google to the rescue by jafuser · 2002-05-09 09:52 · Score: 5, Informative
  
  I happened to catch this article just as it came up on Slashdot so I managed to get most of the pages before they disappeared.
  Mirror
  
  --
  Please consider making an automatic monthly recurring donation to the EFF
Re:Now what about spam-terror? by reaper20 · 2002-05-09 10:21 · Score: 5, Informative

It's not perfect, but Spamassassin is pretty damn close.
Re:I'm no email antispam guru... by ShaunC · 2002-05-09 11:00 · Score: 5, Informative
But why doesn't someone do this deliberately? That is, create a domain for the sole purpose of receiving spam only, and automating a banned email list to other servers.
This is already a fairly widespread practice, though there's no need to use a special domain just for that purpose, or to keep that domain secret. In fact, you want the spamtrap to be quite public, otherwise spammers aren't going to find it. All you need is a dedicated mailbox - even a freebie Hotmail account - to create your own spamtrap. Seeding the spamtrap is simple, and can be done using any or all of the following methods:
- Post "test" posts to a few newsgroups, I suggest alt.test and alt.business.multi-level, using your new spamtrap address as the From and Reply-To address. (Technically, test posts are not appropriate in alt.business.multi-level, but if you want a fast track to spam, that's the place to go.)
- Visit the "remove" links in spam you already get at your existing mailboxes, and type your spamtrap address into the remove box. If you have the time or patience, you can do the same thing with spam which contains a remove address instead of a link; send remove requests from your spamtrap. Removal is spammerspeak for opting in, so this will grow your spam collection quickly.
- Embed a mailto link to your spamtrap address on a couple of webpages you control. Make the mailto visible only to web-scraping robots by linking to a 1x1 pixel black image file in place of a period on your page; human viewers will see it as a period, harvesting programs will see it as fresh meat.
Whatever you do, don't give your spamtrap address to anyone for legitimate email, and don't sign up for anything using that address. If you follow those two guidelines, every single message that mailbox receives is guaranteed to be spam. This will give you the ability to archive, auto-report, etc. the incoming mail without fear of false positives.

Shaun
--
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
Use me@privacy.net instead by driehuis · 2002-05-09 12:23 · Score: 5, Informative

Please, don't pull domain names out of a hat. There is an official fake address that you can use:
me@privacy.net
See their website for more info.

A friend of mine runs a domain that happens to be used a lot by people who think they enter a non-existant domain, and it's driving him nuts. Well, there is some amusement value in noticing how many variations people come up with, but still...

--
Bert Driehuis -- All I asked was a friggin' rotatin' chair. Throw me a bone here, people.