Slashdot Mirror

← Back to Stories (view on slashdot.org)

My Short Life As An Unintentional Porn Spammer

Posted by timothy on from the you've-got-spam dept.

Freerange writes "Mike Masnick wrote up his experience getting slammed by a somewhat new kind of spam attack that doesn't get much hype (yet?). A spammer spoofed his personal email address as the 'reply-to' for a batch of spam, with interesting results for Mike: "I can now answer the questions 'who replies to spam?' and (should anyone ever wonder) 'what are the hundreds of variations on bounced messages?'" From Politech."

8 of 557 comments (clear)

  1. Not New @ All by devaldez · · Score: 5, Interesting

    I experienced this five years ago and a group of sysadmins helped me track the guy back to his ISP and we turned the info over to the FBI as identity theft. We were told that my experience did not meet the threshold for them to investigate further ($5000 in damages). Worse, the ISP didn't have a code of conduct prohibiting this type of thing...

    Sucks when it happens, but isn't new.

    Probably the same idiot in Minnesota:(

    --
    "... but you can love completely without complete understanding." - Norman Maclean, "A River Runs Through It"
  2. Re:Reverse spam really isn't that new... by The_K4 · · Score: 5, Interesting

    The new one i've run into recently is they use some kinda script so that the reply-to address in my address....which makes fintering really easy becuase how often do I send mail from my account TO the same account. However I could see some stuipd user getting very confused. :)

  3. It happened to my wife! by mjh · · Score: 5, Interesting
    This exact same thing happened to my wife. At the time, she had an email address "@iname.com". Someone posted something to alt.bestiality.something or another with the From and reply-to set to her email address. The actual email was talking about what Julia and her little sister liked to do, and encouraged suitors to respond in email.

    Holy crap the email she got! Emails came from people all over the world. An incredibly rare number of them included clothing and were simply introductions. Most of them included an attached nude picture of (I assume) themself (either that or there is a cast of nude pictures of incredibly ugly people floating around somewhere). Some of them demonstrated their sexual experiences with animals. But every single one of them seriously pursuing some sort of sexual relationship with someone that

    1. they had never met
    2. wasn't actually my wife

    This whole experience turned my wife off of the internet for a long time.

    I was able to track down the original post to alt.bestiality.whatever it was, and tracked it to a posting through deja news. (This was about 5 years ago). But ironically, there was nothing in that post that included "go to this website" or anything like that. The only contact information in it was my wife's email address. At the time, I assumed that the person who did this wanted us to change email addresses so he/she could have the one that we had (which was simply my wife's first name@iname.com).

    After tracking it down I sent deja the information and asked them to pursue it. And I changed my wife's email address. We have our own domain now. BUT I still, occasionally login to the iname.com account and empty it. I want that account to stay active forever so that whoever tried this doesn't win.

    What would you do if this happened to you? What are the defenses for this kind of thing? The email that came in wasn't spam. It was real email from real people who had real mailboxes. How do you prevent this kind of thing? So most of the antispam techniques that I know of wouldn't have worked. Additionally, we occasionally get emails w/attachments from friends who want to show us pictures of their kids. So blocking all attachments won't work. What should be done?

    --
    Key to financial independence: Spend less than you earn. Save and invest the difference. Do it for a long time.
  4. Swift and effective retribution... by dcavanaugh · · Score: 5, Interesting

    A spammer forges the wrong domain into a batch of spam, and the victim strikes back.

  5. It's called a "Joe Job" by Rathian · · Score: 5, Interesting

    Sometimes spammers do this just by putting whatever domain in. Other times this is done deliberately as a means of attacking someone.

    The term Joe-Job got it's name originally from Joes.com when a spammer decided to get revenge in this fashion. Information can be found here:

    Spam Attack!

    I can say from having had this done to me, it absolutely sucks. It creates a huge mess that takes weeks to clean up, plus the joy of dealing with people who decide to attack you for something you didn't/would never do. If I were to ever get my hands on those responsible....

    Unfortunately, the problem with tracking down those responsible for this dispicable act is the same one with tracking spammers down in general. It is time consuming, costly and may not yield a desireable result.

    If you want to see more on this, just Google Search for "Joe-Job"

    It is good to bust/report spammers, but when you do, look at the spam and the site being spamvertized. You might have received a joe-job email and by reporting them, you're playing into the spammer's hands.

    If you ever get joe-jobbed, I would say one defense on the web is to change your page to one similar to the "Spam Attack" page I reference above.

  6. Re:Spam needs a technical solution. by IamTheRealMike · · Score: 5, Interesting
    About a year ago I designed a new email system. It was pretty kickass.

    It was kind of a cross between usenet and standard email. When you "sent" an email, it was in reality uploaded to your message store (the idea of the inbox was removed). Then notifications were sent to each person that a message was in the To field. That meant that for instance you could edit messages after they were sent, you could bring people in on threaded conversations half way through preserving the threading and so on. It also meant the attachment limit was decided by the senders account, not the receivers. Want to send a 200mb video to your hotmail using friend? No problem.

    One of the features of this system was that key signing was built in from the start. That meant, you could opt to trust certain "roots", probably international ISPs. If you wanted to setup a newMail server, you'd have to get your hosting ISP to sign it for you, probably requiring a contract to be signed saying you'd shut down any abusive accounts etc.

    Mailing lists were dealt with specially, I've never been happy with the way they currently work.

    Combined with send limits (how often do you email >100 people?), that meant that spam could be cut down quite significantly. In particular, because it could be shut off at the source, if a spammer did somehow manage to spam lots of people at once, all it'd take is one report and the email would magically disappear from peoples message stores, before they'd even seen it in some cases. If the spammers were running their own servers, revoking their certs would do a similar trick.

    It wouldn't eliminate spam of course, that's not possible. Smart enough people will figure out ways around it. However, having accountability built in from the start would help curb the situation a lot.

    Originally I was going to write the client as a commercial app, but make the protocols open (with a non-commercial free license available). However, I ended up working on autopackage instead, so I never got around to it. If somebody thinks it'd be cool, contact me and I'll fill you in.

  7. Unfortunately, posting to /. can generate spam.... by droopus · · Score: 5, Interesting

    Two stories, one related to /.

    I submitted an article to /. last weekend about the Simpsons cast on Bravo. To my utter shock, it was accepted and posted. I stupidly put my very private email (the one that didn't ever get spam) in the Email field. I know, I know...

    Less than two hours later, I started getting weird email, complete with .zip.pir attachments, and a few with blatant Trojans. Luckily, I'm OSX so they had no effect, but I was amazed how quickly the email hoovering app grabbed that email addy. They seemed more malicious than sales oriented.

    I haven't received any today at that address but I'm still kicking myself. Moral: spammers hoover slashdot, so don't post your email here, ever.

    Story two: For almost five years I had the email bruce@altavista.net. In November, I got mail from Mail.com stating that the Altavista.net domain was being closed down and they were replacing my long-used address to something like bruce@way-cool-dude.com. Um, no thanks I said, I use this account for business and that doesn't work for me.

    Ok, they said, how about we reactivate bruce@mail.com and you can have that? "Hmm, neat addy, easy to remember," so I agreed. They activated it on a Monday night.

    Tuesday morning I woke up to more than 400 mails. Maybe 20% were typical Hotmail "make your penis so big you need a hose reel" spams but a full 80% were Joe jobs: spammers who had used that address as a reply-to. I knew I was going to shut it down but I watched it for three days just to see.

    Total Joe job spams, almost four thousand (in three days) before I had them cut the damn thing off. Said fuck it, and bought a domain for business mail, and ended that adventure.

    Someone oughta make a law.....

    --
    "The pie shall be cut in half and each man shall receive.....death. I'll eat the pie."
  8. Re:Reverse spam really isn't that new... by AndroidCat · · Score: 5, Interesting

    Keith Henson, during a deposition. It's all over the place, but definitely here

    --
    One line blog. I hear that they're called Twitters now.