BlueSecurity Database Compromised?

EElyn writes "Numerous users of Blue Security's anti-spam system now report of a new form of aggressive spam. An unknown group of spammers claim to have derived a way to extract the member email addresses of Blue Security group's anti-spam system, called Blue Frog. Blue Frog, a small tool which once installed on the user's computer, enables Blue Security to systematically flood a known spammer's website with opt-out messages; much to the headache of the spammer. Tens of thousands of users have already signed up, so can it really be true that spammers now possess this database? Or is this yet another frail attempt by spammers to intimidate the user?" Another reader sent the text of the letter; read more to see.

Stray1 writes ""You are recieving this email because you are a member of BlueSecurity...." An email from unknown detractors has taken the Bluesecurity anti spam lists and decided to take matters into their own hands. I recieved this Email from an anonymous, and garbled host, which went on to say in not so fantastic english that I, as a Blusecurity member, would recieve this and many more (about 20 -30) spam messages a day until I left the blue security community. Blue Security, (www.bluesecurity.com)a website and community designed to lessen your Spam Email, is down for the moment. Is this what we have come to? Spam,(erm 'high volume email') companys holding your address hostage until you comply? "...We mightve had your email addresses before in our lists, but now, we are targetting YOU, because YOU are a bluesecurity user". I have to say, up until this point, my spam was down by about 70% to 80%."

Blue?

[LCookie]

I guess their server feels "blue" too..

Unrestricted Warfare

[stevesliva]

Pretty soon the spammers will be conducting unrestricted submarine attacks on civilian shipping in the North Atlantic.

Re:Unrestricted Warfare

[Qzukk]

attacks on civilian shipping

Shortly thereafter, the global average temperature will fall a few degrees?

Re:Unrestricted Warfare

[Zebadias]

How can you compleatly miss this FSM reference!!

Yarrrh!! Arrrrrh!

Monty Python

[caffeinatedOnline]

So, if I got this right, the spammers that are getting spammed are now spamming the spammers? Sounds like a flying circus to me!

Re:What must be done

[clevershark]

Seems like a good approach actually. Perhaps some script could be developed that would do nothing but look at a web form, fill in appropriate bogus info, and just hit the site repeatedly with bogus orders. I'll bet any CC provider would soon get tired of having to constantly do verification on bogus CC numbers and would end up closing the spammer's account.

Sure, it's a nasty form of attack, but then that's no less than spammers deserve.

How about posting the web site addresses involved?

[clevershark]

I'm sure that we're all interested in what these people have to sell... also that would probably cause a massive slashdotting.

Bluefrog does WHAT?

[meringuoid]

Not sure that only Bluefrog users getting the message proves anything. The spammers can get the list from Bluefrog themselves by agreeing to not spam its users.

WHAAAAAT?

Bluefrog HELPS SPAMMERS LISTWASH?

Holy fuck. They should say to spammers, 'No, we won't tell you who our users are. Just stop spamming everyone for whom you don't have a confirmed opt-in, and you won't have any more trouble from us.'

If they're helping spammers listwash, then they're firmly on the Dark Side. Fuck 'em.

Go ahead, grab the snake...

[Spy+der+Mann]

If spammers begin writing to us, they'll only increase the form spam they receive.

PLUS! The blue security e-mail database contains a bogus honeypot address per each valid e-mail address.

If this rumour is true, it will be a fatal mistake for the spammers. Because the blue community are ALREADY fighting back. Not only with form complaints on the spammers' websites, but with FORMAL complaints to the FCC, geocities, Microsoft,the MPAA and the FDA about illegal offers.

I joined Blue Security because I already receive 100 spam mails PER DAY. Do you think it'll make a difference whether I receive 100 or 500 e-mails a-day? (99.9% of it is sent to my junk-mail, where it's fed back automatically to Blue Frog)

I feel no mercy for spammers. That's right, you're messing with the wrong guys. The release of this list will only make us MORE POWERFUL.

Do you feel lucky? PUNKS?

P.S. Interesting - the captcha for this post was "predate". I like it. B-)

Re:What must be done

[pla]

That would be awesome, but unfortunately it doesn't work.


The brick idea, no. But the SD article made a nice suggestion - A rectangular chunk of nice thick sheet metal would fit well inside the return envelope, yet weigh far more than one ounce.


Also, one point on the SD article:

of the 161,000 people who wrote to the DMA last year, 116,000 wanted more junk mail. They were sent a booklet entitled "How To Get More Interesting Mail" (as God is my witness, I am not making this up), which tells you various key catalogs that you can send for to guarantee you'll be deluged with stuff.

I can tell you exactly why people ask for more junk mail...

They own wood stoves.

Re:What must be done

[tidokoro]

When solicitors call me at work, I don't make them wait 10 minutes, but I do put them on hold for a minute or so. I figure that's enough to throw off their curve.

We also have in our small company a fictitious employee whose sole job is to have telemarketers routed to his voicemail box.

It's gotten a little tricky once or twice when vendors have showed up at our office actually looking to meet him!

Re:Email I Received

[d_54321]

Here's the email I got:
------
Dear Sap,
You are recieving this email because you are a member of BlueSecurity (http://www.bluesecurity.com).

The blue frog is poisonous and causing us all a very excrutiating and slow death. Please make it stop. Or else...
  Or else what you ask? Oh, don't worry-- we'll think of something. Something bad. Very, very bad.

If you do not cave in to our harmless threats, a great wrath of biblical proportions shall be visited upon your house the likes of which you could never conceive in your most awful nightmares. Seriously. God, the law, and logic are all on our side. Think about it...

Sincerely,
Yet another punk ass bitch who couldn't cut it in the real marketplace.

PS, click here for v1agra.

Re:Eye for an Eye?

[tbannist]

I disagree... Killing spammers will end the spam problem! Violence can be the solution, if applied correctly. Support the death penalty for spammers... It's the only way they'll ever learn.

Re:Is the database compromised? No, the company is

Welcome, Spammer, to Slashdot!
You are truly welcome here, if only because we are hoping you'll accidentally let slip something like, say, your home address and a time you'll be home alone.

And I guess you'll fit in nicely with the rest of the trolls....