Slashdot Mirror

← Back to Stories (view on slashdot.org)

SPAM - A Different Kind of Identity Theft?

Posted by Cliff on from the remember-to-consult-REAL-legal-representation dept.

bmooney28 asks: "After maintaining a single permanent email address through 8 years and five ISP's (via a forwarding service), I lost it all in a day. My first sign of trouble came when I found a message undeliverable email in my inbox containing hundreds of failed email addresses. Apparently, my email address had been pasted as the return address in a mass mailing similar to this one sent to hundreds of random recipients. This process repeated a few times over the next day or so, effectively blacklisting my email address on various master lists and adding my address to thousands of random address books (virus magnets). In the past, I have had a great deal of luck fighting off SPAM and other unwanted email via throwaway email addresses and preemptive email filtering. Now, the email address that I use to communicate with friends, former students, and coworkers around the world is useless. Have any of you ever found yourself in a similar situation? Are there any legal steps that I could take against this company?"

13 of 101 comments (clear)

  1. 2 ways to deal with this by j.e.hahn · · Score: 3, Insightful

    1) The litigious young american will call his lawyer and look into suing this company for fraud and slander/libel. Reap massive multi-million dollar judgment 5 years later.
    2) The sane human being will get a new email address and tell all of his friends, family and other contacts that he's changed addresses.

    Pick one. Do you maybe have legal recourse? IANAL, but yeah maybe. Think about what would happen if someone fraudulently used your home address or phone number.
    On the other hand, how much is that email address really worth to you?

    (note that if the answer to that last question actually has a real substantial dollar value attached to it, then you shouldn't be talking to slashdot, but a real attorney.)

    1. Re:2 ways to deal with this by jhunsake · · Score: 5, Insightful

      I don't see 1) and 2) as mutually exclusive actions.

    2. Re:2 ways to deal with this by drDugan · · Score: 2, Insightful

      unfortunately, the lawyers in this culture have pushed all our hands to the point where we HAVE to deal with litigation to get companies to act decently.

      while it's easy to look down your nose at litiginous behavior, it is typically the only way to keep companies from acting like greedy, spoiled schoolyard bullies.

    3. Re:2 ways to deal with this by Basje · · Score: 2, Insightful

      Au contraire:

      Being forced to take on another e-mail address only adds to your damages.

      You would have a lesser case if you didn't have to change email addresses.

      --
      the pun is mightier than the sword
  2. The worst part is: by Ayanami+Rei · · Score: 2, Insightful

    You won't know why things aren't working until way after you can do damage control, and let everyone know what happened. Most of them will think you're ignoring them and become insulted.

    And as long as we focus on a system where a hashed string is an index into a table, and that is the sole identifying feature of some communication (wanted or unwanted), there won't be a solution forthcoming.

    I think a facet the current problem is there's no easy way to "clear your name" with ISPs. It's easy to harvest and build deny lists, but difficult to deal with those false positives; you know, human interaction. Not a strong point, especially among this crowd (myself included)

    --
    THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
  3. not a big deal for me by faster · · Score: 3, Insightful

    My 9-year-old address has been forged in spam headers about 6 times. I'm guessing that around 150k spam messages have been sent with my email as the 'From' address. I haven't found my domain or my address to be on any blacklists as a result, and I've only gotten ONE reply from a spammee who couldn't tell that the email didn't really come from me.

    I hate it, it sucks, etc. But it hasn't affected my legitimate use of the address.

  4. Just goes to show.. by penguinboy · · Score: 2, Insightful

    Just goes to show why filtering on sender alone is useless, since the From: line isn't authenticated and can contain absolutely anything. A tool like SpamAssassin that checks multiple criteria can be much more effective.

  5. Re:Real identity your email address by DeadSea · · Score: 2, Insightful
    Could it be done so that when you hit reply, you contact one of the pgp keyservers and get back the prefered email address.
    As a spammer, I would start harvesting email addresses from PGP key servers.
  6. Re:It's a losing cause by Mizery+De+Aria · · Score: 1, Insightful

    Yes, but, what if your email address is firstname@lastname.com or something similar that's identifiable to you?

    I have received lots of spam on my primary email account since about 1997. I used to just filter the majority of it with my mail client's filters, but, it was just too burdensome ever since I began receiving spam from spoofed email addresses. I eventually had to resort to dropping my personal email address (which I paid for and had an alotted amount of storage space and bandwidth) at my own domain and obtaining a new email address.

    It's not much work, of course, but, it's something we would be best without. Why shall we be forced to have new email addresses? Similarly, why should we be forced to have new phone numbers? We're paying for these services, yet, in regards to email, we accept the abuse?

    Currently my workaround solution is to have separate email accounts for different uses. I use one for spam (signing up for any services/registering for anything), one for friends and family (and now school), and a few others for my other personalities. I NEVER post my personal email address, nor do I EVER use it when posting information on the Internet or with any programs (during installation or configuration). I also include a disclaimer to my emails as part of my signature warning others to not distribute my email address and/or email message and to not include me when sending spam/chain mail.

    I have once had a completely spam free email address until one day a friend of mine sent me some humorous chain mail. It was very funny, but, it was sent to about 20 of his friends or so. Who knows where it went from there, but, after a few weeks in came the spam.

    --
    If you're religishitty, KILL YOURSELF!
  7. Re:legal steps by walt-sjc · · Score: 3, Insightful

    Speaking of legal steps, I find it interesting that the people who are against making spam illegal are unusually quiet in this topic. They hate to admit that spam is truely evil, and sould be outlawed.

    The scenario that happened to this guy happens EVERY DAY. There is no socially redeeming value to spam. It has to go. Contact your favorite government official of choice in whatever country you live in. Pressure them into outlawing spam. We must have the strong legal tools to bankrupt spammers.

  8. Re:This is 'Collateral Spam' by tdemark · · Score: 4, Insightful

    Actually, I use some_string@example.com just to prevent this sort of thing.

    Since example.com is not available for registration, no one gets hurt.

  9. Ok, I'll bite. by Anonymous Coward · · Score: 1, Insightful

    What are you sending to 75,000 opt-in recipients a day? Are they really opt-in? Looking at your email address and your website link, I have a very hard time believing that 75,000 people are actually interested in anything you say or do.

    75,000??? Inquiring minds want to know!!!!!

    J. Preston

  10. Re:Real identity your email address by walt-sjc · · Score: 2, Insightful

    Fine, but it doesn't scale, and it wouldn't stop spammers from finding your email address. In fact, it would make it easier as all the email addresses are available at one easy-to-use location!

    Technical measures to the spam problem just don't work. Being forced to change email addresses every week is NOT THE ANSWER. Filtering only masks the problem and doesn't solve it (closing the barn door AFTER the cows got out.) More and more people are filtering yet the volume of spam is just increasing. You can't just toss out email standards and create new standards as some people suggest (spammers would probably find a way to spam in a new standard anyway, and any new protocol would take 5-10 years to roll out.)

    What is REALLY needed is GOOD anti-spam laws that would provide for hefty jail terms for spammers that do this kind of thing. Since most spam is US centric (even though spammers frequently use international open relays) US laws would make a huge dent in spam. Other countries would probably quickly follow suit. What is really needed is for congress to work with technical experts to write good laws with teeth. Even the DMA is comming around to the reality that spam is bad and laws are needed