Slashdot Mirror
The Story of "Nadine"
Guinnessy writes: "We've all accidentally typed in a wrong email address sooner or later. But can it all go horribly wrong? On http://www.spamresource.com there is the story of Nadine, an account of what happened after an Internet user accidentally gave a wrong email address when she visited a web page and signed up for a sweepstakes. Live in fear...."
Several years ago, I made a typo in my email address when I was updating the contact info for a domain name. Without double-checking I sent the confirmation back to InterNIC. It wasn't till the next day that I realized the mistake. In order to get things back under control, I actually had to register the typoed version of my domain name, so that I could receive InterNIC's mail there.
:)
It's the kind of expensive mistake you only make once!
I kept the typo'd domain for esoteric value, and yes, I now get plenty of spam there. Some things never change.
Now, people can use these rogue websites to their advantage and spam the hell out of people they don't like. So one way or the the others spammers will get to you.
I think the next big invention in internet and computing is a fool proof way to detect and stop spam.
"Resistance is futile"
That also prevents your email address from being maliciously signed up to these sorts of lists, so it's the sort of thing every reputable mailing list should do.
Of course, no spammer is going to bother with confirmed opt-in, so we need to go after ISPs that allow these non-confirmed lists to remain on their net-space.
--
--
I have taken more out of alcohol than alcohol has taken out of me - Churchill
I'm using spamcop.net and it's cut down on my spam by about 85%. Cost is $30/year for having your email filtered. Some spam (15%) still gets through but you can submit that to them to ensure others don't get the same spam as well.
(I have no affiliation with spamcop.net except as a satisfied customer.)
The thing that I find amazing is that these spammers are flat out lying. They claim that ficticious entities "opt in" when they clear could not have done so. Doesn't this constitute some kind of fraud? Is there no legal recourse?
"Your superior intellect is no match for our puny weapons!"
I've been the technical editor for Maximum PC magazine for almost two years. Before I worked here, I worked for Ars Technica. At some point or another all of my email addresses have been posted on high traffic, public websites. Heavy spam has been a part of my day-to-day life for the past 4 years.
It's gotten much worse lately. On any given day, I get about:
20 viagra sales pitches
20 penile/breast enlargement ads
20 get rich quick schemes
30 different porn ads
10 you've won something messages
and another 20 or so messages that don't fit a category
Add anywhere from 3 to 20 assorted virus infected messages, the 20 or so press releases that come in every morning, and I don't know why email's even worth fooling with for the four or five messages that I actually read every day. Most of the repeat spam gets filtered and stored in a special folder, but I still end up seeing 25% of the total spam in my inbox every day.
Does anyone actually think that spam control legislation would help at this point? Most of the stuff I receive comes from the Pac rim countries or Russia. Anyone know any Congressmen or Senators who are pro-spam control?
As a short term solution, does anyone know a spam-filtering good POP3 client, or preferably a proxy I could use to filter spam that uses the MAPS or SPEWS lists?
///Will Smith
There are some e-commerce sites that don't work right behind a WebWasher proxy, but most do, and I buy from the ones that work, so there's no problem there.
My grandmother is 75; her birthday was in October. Just prior, she suffered a heart attack, and I decided to resurrect an old Performa 6360 for her so that she could email and ICQ with my mother and aunt. I provided her an email address at a domain I own. The address had never been used prior. My grandmother had never used a computer, and even getting her to be comfortable turning it on was a challenge. I don't believe she EVER successfully sent my mother a message by herself...although I could be wrong. I would bet that she used that computer a grand total of ten times.
A few months had passed, and I had a sneaking feeling that she wasn't using it. I would ask her, and she'd sheepishly admit that she "didn't have time" to sit and work on it. (Yeah, right. She's 75.) So one day in February I decided to peek into her mailbox to see if there was any mail in there that MIGHT be important...I was FLOORED by what I found.
I now have a mail folder sitting in Entourage that consists of 767 (!!!) unread messages. I simply can't bare to get rid of them. The first is from September 20th, 2001, and the last was sent on February 21, 2002, when I killed the account. None of them were "for" her (from people she knows). And some of the products being offered would probably cause her to keel over.
I am currently simply /dev/null-ing any mail incoming for her address...and I'm sure that if I'd remove that filter, the mail would still be flowing. If anyone (say a reporter, member of Congress, or FTC) would like to have a copy of this archive, I'd be happy to pass it along.
767...I love the internet!
Scott
"Hokey religions and ancient weapons are no match for a good blaster at your side, kid."
Making up domain names still pollutes the namespace, though -- imagine if people made up telephone numbers the same way. Why not use example.com instead?
The example.com, example.net and example.org domains are reserved by IANA for use in testing and documentation; they're the equivalent of a telephone 555 prefix, only less obvious. See RFC 2606, or visit the example.com web page.
IHDAOS (I have done analysis of spam)
It is very likely not the ISP- the money they spend on help-desk complaint people would outweigh the cents received from a spammer.
Spammers will make up lists of names. If you are a john smith, you will get spam. period. Because their lists will have john.smith@X, johnsmith@, jsmith@, johns@... they take lists of the most common names and put together all possible variants. I've seen many cases where they forgot to BCC the list... "asmith, bsmith, csmith...aasmith, absmith..."
Unless your friend's email address is unguessable. Then its likely someone cracked into their system and got the list. Selling it? they'd have to be desparate idiots.