Slashdot Mirror

← Back to Stories (view on slashdot.org)

Where Is Spam When You Want It?

Posted by timothy on from the come-here-little-spider dept.

Sean writes "In a complete twist to what everybody else is trying to do these days, I need to attract spam to an e-mail address for a research survey I am conducting. I have submitted a few articles to a handful of Usenet groups, and I have signed up to some general mailing lists but so far I have nothing to show for it. How come by personal account gets 100+ spam each day yet when I try to find it I get nothing? Where should I post my address so that it attracts spam?"

25 of 580 comments (clear)

  1. Why not by Alystair · · Score: 5, Insightful

    You want spam? You should have put in your email address into the submitted article...

  2. Free porn sites? by Dancin_Santa · · Score: 3, Insightful

    Seems like there's more than a few people suggesting signing up with free porn sites to get spam.

    Personal experience?

  3. Re:Hotmail. by norsk_hedensk · · Score: 5, Insightful

    yeah but if they ask for you email address and you give it to them, it is not spam anymore. spam is unsolicited. you giving them your email says that they can email you. unless they say they WONT send spam, but yeah, thats gonna happen.

  4. You're best bet by edthemonkey · · Score: 2, Insightful

    I think your best bet for simulating spam would be to give the account to a 14-16 year old kid for a week or two. One of the types that plays stupid games and talks to their friends on messaging programs all the time. They drop their email addresses all the time without really thinking about it.

  5. Re:Outlook... by dboyles · · Score: 5, Insightful

    If you do this, are you willing to be responsible if someone hijacks the machine and uses it to commit illegal/unethical acts? I know, it's unlikely that this would happen, but knowingly putting an open machine online with the intention of having it compromised is asking for trouble. It's one thing to not know any better, but it's another to be apathetic to the situation.

    --
    -- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
  6. Spam heaven is right at your doorstep! by pongo000 · · Score: 2, Insightful

    Simply respond to your own post here on /. with your e-mail address. /. is a spam magnet. The majority of spam I receive is from an e-mail address I used to use here that I quit using over a year ago.

  7. TROLL-MOD PARENT DOWN by Anonymous Coward · · Score: 1, Insightful

    Didn't get a great view of the pictures... but they looked like gay porn with fat men... honestly... if you clicked like I did, YHBT, and HAND.

  8. Re:If you want to be scientific, don't by Dobob · · Score: 2, Insightful

    I would have said the same thing, but that would have been redundant.
    But, it all depends on the precise of your study (you should have been more precise when asking here). Here is some possibility of studies and how you should act :

    1- Which actions get you the most spam : create many new email accounts. Paste slashdot@... here, suscribe to pr0n with pervert@, post to Usenet with usenet@, ... and yada yada yada, you got the point. The check the spams each account got after some time.

    2- What spam do specific people gets : get the spam real people got for the last n days. A university teacher shouldn't have the same spam as a child or as ./ reader. You should ask them before to remove all their anti-spam protection.

    3- What constitute spam : just do anything you want. Try everything you think of to increase spam, you need quantity, not quality.

  9. For real spam... by rsilvergun · · Score: 2, Insightful

    You have to make sure you click the opt-out check boxes if you're signing up places. If you go to a porn site and sign up to recieve mail from them it's hardly spam. Yes, I know you'll still get a lot of stuff you didn't ask for. But since this is for research, it seems like the distinction ought to matter.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  10. Use a control group by Kehl · · Score: 4, Insightful

    Create Several Email Addresses - Be scientific ...

    Address 1 - (Control Address) Post No Where and read no messages until the testing time is over

    Address 2 - Post On Usenet (Deja.com)

    Address 3 - Post In Public ICQ program

    Address 4 - Porn Sites

    Address 5 - IRC

    etc .....

  11. Re:Outlook... by Anonymous Coward · · Score: 1, Insightful

    Ethics and law are two entirely different (and sometimes diametrically opposed) things. It is not illegal to set out a machine to be compromised.

  12. Re:Outlook... by dboyles · · Score: 3, Insightful

    Ethics and law are two entirely different (and sometimes diametrically opposed) things.

    Very true.

    It is not illegal to set out a machine to be compromised.

    Perhaps not criminally illegal, but I believe the owner could certainly be held liable for damages. Imagine if a virus writer put a destructive virus on a stack of floppies and left them precariously around a public computer lab. When the program on one of those disks gets run by some curious person, don't you feel that the virus writer is at least somewhat liable, even though he didn't "pull the trigger"?

    --
    -- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
  13. Why isn't Microsoft responsible? by dcavanaugh · · Score: 3, Insightful
    After all, it's their product that set the stage for all of this.

  14. Re:Ebay by Graspee_Leemoor · · Score: 2, Insightful

    He's talking about making your ebay nickname contain your email address. E.g. instead of setting your nick on ebay to be JohnSmith78 and putting your email address in ebay's system, you set your nickname to be "johnsmith78@aol.com".

    Ebay specifically discourages this because lots of people have had their passwords to ebay stolen by people sending them fake email pretending to be from ebay and asking for their password for "security purposes".

    graspee

  15. Re:Outlook... by kd5ujz · · Score: 3, Insightful

    Actually, assuming there is no labeling, and with the legal system what it is, you could definitely be held liable. Ever wonder why there are warnings to not light fireworks while they are in your hand/mouth? In this day and age, you have to assume everyone is an idiot. If your server does not have a legal disclaimer, you may very well be liable.

    --
    -William
    God is everything science has yet to explain.
  16. Shadango.com, fo sheezy.. by KevinHanson · · Score: 2, Insightful

    Yeah, I got an account on there a couple of months ago. It's definitely very cool.. it can even check Yahoo/Hotmail accounts.

    I always just used my Yahoo account to get spam when I signed up for stuff online. BUT, just today I found out that Shadango allows you to generate temporary, 'disposable' email accounts. See, you generate a random email account, sign up for whatever online (using that new account), and all the crap goes to the temporary account, which you can delete/change at will.

    It has definitely helped to cut down on the amount of spam I get. Kevin Hanson recommends it highly.

    -Kevin

  17. Re:Outlook... by RumpRoast · · Score: 2, Insightful

    IANAL, but I don't think that ignorance of a law is a defense at all. If "putting an open machine online with the intention of having it compromised" were illegal, it wouldn't matter if you were negligent, ignorant, or had alterior motives: you would still be guilty.

    --

    My Ass hurts.
  18. Re:Outlook... by circusnews · · Score: 4, Insightful
    I was about to use one of my mod points in this thread, when I came to this post.
    Okay, let's talk about the box of goodies. Let's say you leave a box of weapons outside with full knowledge that a neighborhood kid will probably find it and will likely use the contents for something illegal. If that happens, do you think you are partially responsible for whatever happens?
    dboyles goes on to make the point that does not equate running an insecure machine with handing out a small arsenal, and that you aren't responsible for others' actions, you are only liable for your irresponsible action. These are both points I agree with, but the analagy used still bothers me.

    Gun's are designed to kill. Computers are not designed for cracking/spaming/etc. If you leave a chain saw out in your back yard, knowing that the kid down the block is (1) a bit whacked, (2) could be a potential danger, and (3) should not be on your property, are you partially responcible for when he kills some one with that chain saw? Now, what if it is the kid on the next block that could be the danger? Or the next city, county state of country? At what point is it no longer reasonable to expect that the public to know something is a threat?

    It used to be enough to run a virus scanner every so often. Now you have to start by patching your systems regularly, then move on to running regularly updated virus scanners, installing and updating firewalls for the network, scanning for spyware, installing and updating desktop firewalls, updating spam filters, chasing drivers, updating applications (add more from the endless list here), all to keep a system going. So I ask again, at what point is it no longer reasonable to expect that the public will know something is or could be a threat?

    And at what point does the public feel that it is no longer reasonable to expect them to know something is or could be a threat when it comes to that "harmless little box on the desk"?

  19. Re:Outlook... by racermd · · Score: 3, Insightful

    Well, if it's a honeypot, it is probably monitored at least somewhat regularly. If it ever does become a problem, someone would be able to pull the plug on the machine, both logically and physically, in pretty short order. Yes, 10 minutes is enough time for someone to do some serious damage with and/or to a compromised system. But a close eye on things should keep the damage to minimum.

    --
    My sources are unreliable, but their information is fascinating. -- Ashleigh Brilliant
  20. Re:Change your thesis - Decode the encryption. by refactored · · Score: 2, Insightful
    Are they really that lame?

    It wouldn't stop any spam filter I have seen.

    Ah well, probably some ISP out there has such a silly filter.

    I was envisioning something smarter along the lines of hidden fields (have a look at ye average web form , a lot of them have hidden fields to hold state and tracking info).

    For example as I type this, let me look at the "Page Source". Ooo lookee, on slashdot itself....

    <input TYPE="HIDDEN" NAME="formkey" VALUE="wkbUcMWxhR">

    I'm thinking along the lines of...

    If builders built the way programmers wrote then the first woodpecker to come along would destroy all of civilization

    ie. Workout the encoding for the hidden fields and tweak them to freak out any automated processing software the spammers use.

    A similar idea is to feed carefully crafted cookies to web servers to crack them.

    For example, I would guess that the spammers spam each newsgroup / discussion list with a slightly different URL, the URL goes exactly the same place but records which spam campaign produced the best results.

    Now tweak that URL in crafty ways and you may DoS their server.

  21. I didn't see anybody post this method... by PhoenixOne · · Score: 2, Insightful
    ...but I'm not reading every post. ;)

    The best (worse?) way to get spammed is to fill out online survey. You know those free online IQ tests with the inflated scores (I scored 182 and I have problems doing my taxes ;))? If you use your real email address you will feel very dumb about a week later when your mailbox fills up with "Get a collAge degree at home!!" mails. ;)

    Also start sending those cute greeting card emails to yourself. Most of those are just collectors for emails.

    I think they stopped cruising USENET for emails. To few people use their actual emails there anymore...

    --
    Spell cheek you've failed me four the last thyme!
  22. Re:Outlook... by MADCOWbeserk · · Score: 3, Insightful

    I think you are entirely wrong in your suggestion that honeypots are irresponsible. Honeypots provide a way to track and monitor the latest exploits and hackers. In fact if a hacker uses a honeypot in his activites he is much more likely to be tracked and caught because he hacked a logged and monitored machine.

  23. It'll take time by trenton · · Score: 2, Insightful
    You've got to understand how the system works. The same people (or system) that collects email addresses won't be the ones to send it. Consumer/producer model.

    I'm sure your now addresses have been harvested by a number of systems already. You'll have to wait, though for a client to buy a list, or another wave of mailings to go out before one is sent to you.

    --
    Too big to fail? Does that make me to small to succeed?
  24. Re:Outlook... by ^Case^ · · Score: 5, Insightful

    Isn't this (more or less) the point of a honeypot?

    More or less yes. The major difference is that with a honeypot you make sure that there's only a way in -- you make it impossible for the offender to use the honeypot to carry on attacks from the honeypot. And that does not seem to be the case in this example.

  25. How to attract spam by lost+in+place · · Score: 2, Insightful

    Here are two controlled studies of which activities attract spam, and how much:

    "Why Am I Getting All This Spam? Unsolicited Email Six-month Report"
    "The Great CNET Spam-off"