[TowerTalk] Fwd: Unwanted crap msgs

Al Kozakiewicz akozak at hourglass.com
Sat Mar 31 20:43:02 PDT 2012 

Occam's razor.

The days of a virus harvesting emails from address books are largely over, though it certainly was common 10 years ago.

There are dozens of ways spammers harvest email addresses.  An easy way to get a nexus of related people is from forwarded emails and is probably the most common method.  No hacking is involved and far less risk and work is required.  For example, David Gilbert posts something exceedingly witty to tower talk.  I find it worth repeating and forward it to every one of my 50 or so Irish cousins (literally - my mothers siblings bred like rabbits).  One of them forwards it on and at some point the email with the addresses of all the previous senders and recipients ends up in the hands of a spammer or email address seller.  That person can now spam all my cousins by spoofing my address.  He may not subscribe to tower talk, but knows that I do.  He also knows who my cousins send email to, and who they send email to.

My computer did not need to be hacked.  I'm sure it still happens, but it is exceedingly rare.

Al
AB2ZY

________________________________
From: David Gilbert [mailto:xdavid at cis-broadband.com]
Sent: Saturday, March 31, 2012 9:34 PM
To: Al Kozakiewicz
Cc: towertalk at contesting.com
Subject: Re: [TowerTalk] Fwd: Unwanted crap msgs


Actually, it is true ... all of it.  Reread my post and you'll see that I said that if the spam messages are sent to other addresses from your address book it is likely that your computer was hacked.

a.  "Likely" means probably, not exclusively

b.  Not only do you (as a potential spammer) know that I subscribe to TowerTalk and that the list will accept a message from me, you know a whole bunch of other people from which TowerTalk will accept a message.  Why would you stop at spoofing messages only from me when you could be doing the same thing from several dozen other subscriber addresses that have currently posted a message?   They wouldn't have to be the same message ... it would be simple to send different messages purporting to come from different people.  That doesn't happen , though.  Why??  The simple answer is that that isn't how it is general done ... see item a.) above.   If it were, we'd be getting tons of phony emails supposedly from lots of subscribers of the various lists that we post to.  Instead, spammers tend to (see again item a.) above)  rely on hacking a computer and accessing the address book to get exposure to the broadest demographics possible.

I'll bet that almost every spam message sent to TowerTalk was also sent to other addresses from the affected person, or at least similar messages sent at the same time.

All that being said, I have a non-ham related web site with a unique email address included on one pf the pages.  About once every two years I'll see a flurry of bounced spam emails spoofed from that address, and it has nothing to do with my computer being hacked. Somebody simply mined that email address and spoofed it.

Dave   AB7E




On 3/31/2012 2:24 PM, Al Kozakiewicz wrote:

Actually, that's not true.  As a subscriber to tower talk, I now know David Gilbert's email address and that towertalk at contesting.com<mailto:towertalk at contesting.com> will accept a message purporting to be from him.  Armed with that knowledge and an ISP that doesn't care if I operate an SMTP server, I can send email to everyone who subscribes to this list without ever accessing your computer.  I don't need to have access to your address book, only copies emails you've sent or have been sent to you.  And I can get them legitimately.

Al
AB2ZY

-----Original Message-----
From: towertalk-bounces at contesting.com<mailto:towertalk-bounces at contesting.com> [mailto:towertalk-bounces at contesting.com] On Behalf Of David Gilbert
Sent: Saturday, March 31, 2012 4:17 PM
To: towertalk at contesting.com<mailto:towertalk at contesting.com>
Subject: Re: [TowerTalk] Fwd: Unwanted crap msgs


True.  It does not require that your computer be hacked, although it likely was if the spam messages get sent to addresses in your address book.

73,
Dave   AB7E



On 3/31/2012 1:06 PM, HansLG at aol.com<mailto:HansLG at aol.com> wrote:


The sad thing is that "they" only have to know your e-mail address to
make the spams. "They" can fake it all in their own server. You will
only know you  were hit if some of the e-mails come in return.

Hans - N2JFS



____________________________________
  From: bmarx at bellsouth.net<mailto:bmarx at bellsouth.net>
To: towertalk at contesting.com<mailto:towertalk at contesting.com>
Sent: 3/29/2012  12:52:17 P.M. Eastern Daylight Time
Subj: Re: [TowerTalk] Unwanted crap  msgs


Phishing attempts that are successful, such as this one, are  usually
easily remedied, by changing the email password. That is if it  does
happen to you.
Bill Marx W2CQ



On 3/29/2012 10:16  AM, Al Kozakiewicz wrote:


I doubt it was you at all.  I looked at  the original message header
and


it came from a yahoo server, not  sbcglobal.


Unless contesting.com takes some measure to  validate that messages


actually originate from a server authorized to send on  behalf of a
domain, anyone with a PC on the internet can install an SMTP  server
and send email to tower talk appearing to be from Jim  McLaughlin.


Al
AB2ZY

More information about the TowerTalk mailing list