Occam's razor.
The days of a virus harvesting emails from address books are largely over,
though it certainly was common 10 years ago.
There are dozens of ways spammers harvest email addresses. An easy way to get
a nexus of related people is from forwarded emails and is probably the most
common method. No hacking is involved and far less risk and work is required.
For example, David Gilbert posts something exceedingly witty to tower talk. I
find it worth repeating and forward it to every one of my 50 or so Irish
cousins (literally - my mothers siblings bred like rabbits). One of them
forwards it on and at some point the email with the addresses of all the
previous senders and recipients ends up in the hands of a spammer or email
address seller. That person can now spam all my cousins by spoofing my
address. He may not subscribe to tower talk, but knows that I do. He also
knows who my cousins send email to, and who they send email to.
My computer did not need to be hacked. I'm sure it still happens, but it is
exceedingly rare.
Al
AB2ZY
________________________________
From: David Gilbert [mailto:xdavid@cis-broadband.com]
Sent: Saturday, March 31, 2012 9:34 PM
To: Al Kozakiewicz
Cc: towertalk@contesting.com
Subject: Re: [TowerTalk] Fwd: Unwanted crap msgs
Actually, it is true ... all of it. Reread my post and you'll see that I said
that if the spam messages are sent to other addresses from your address book it
is likely that your computer was hacked.
a. "Likely" means probably, not exclusively
b. Not only do you (as a potential spammer) know that I subscribe to TowerTalk
and that the list will accept a message from me, you know a whole bunch of
other people from which TowerTalk will accept a message. Why would you stop at
spoofing messages only from me when you could be doing the same thing from
several dozen other subscriber addresses that have currently posted a message?
They wouldn't have to be the same message ... it would be simple to send
different messages purporting to come from different people. That doesn't
happen , though. Why?? The simple answer is that that isn't how it is general
done ... see item a.) above. If it were, we'd be getting tons of phony emails
supposedly from lots of subscribers of the various lists that we post to.
Instead, spammers tend to (see again item a.) above) rely on hacking a
computer and accessing the address book to get exposure to the broadest
demographics possible.
I'll bet that almost every spam message sent to TowerTalk was also sent to
other addresses from the affected person, or at least similar messages sent at
the same time.
All that being said, I have a non-ham related web site with a unique email
address included on one pf the pages. About once every two years I'll see a
flurry of bounced spam emails spoofed from that address, and it has nothing to
do with my computer being hacked. Somebody simply mined that email address and
spoofed it.
Dave AB7E
On 3/31/2012 2:24 PM, Al Kozakiewicz wrote:
Actually, that's not true. As a subscriber to tower talk, I now know David
Gilbert's email address and that
towertalk@contesting.com<mailto:towertalk@contesting.com> will accept a message
purporting to be from him. Armed with that knowledge and an ISP that doesn't
care if I operate an SMTP server, I can send email to everyone who subscribes
to this list without ever accessing your computer. I don't need to have access
to your address book, only copies emails you've sent or have been sent to you.
And I can get them legitimately.
Al
AB2ZY
-----Original Message-----
From: towertalk-bounces@contesting.com<mailto:towertalk-bounces@contesting.com>
[mailto:towertalk-bounces@contesting.com] On Behalf Of David Gilbert
Sent: Saturday, March 31, 2012 4:17 PM
To: towertalk@contesting.com<mailto:towertalk@contesting.com>
Subject: Re: [TowerTalk] Fwd: Unwanted crap msgs
True. It does not require that your computer be hacked, although it likely was
if the spam messages get sent to addresses in your address book.
73,
Dave AB7E
On 3/31/2012 1:06 PM, HansLG@aol.com<mailto:HansLG@aol.com> wrote:
The sad thing is that "they" only have to know your e-mail address to
make the spams. "They" can fake it all in their own server. You will
only know you were hit if some of the e-mails come in return.
Hans - N2JFS
____________________________________
From: bmarx@bellsouth.net<mailto:bmarx@bellsouth.net>
To: towertalk@contesting.com<mailto:towertalk@contesting.com>
Sent: 3/29/2012 12:52:17 P.M. Eastern Daylight Time
Subj: Re: [TowerTalk] Unwanted crap msgs
Phishing attempts that are successful, such as this one, are usually
easily remedied, by changing the email password. That is if it does
happen to you.
Bill Marx W2CQ
On 3/29/2012 10:16 AM, Al Kozakiewicz wrote:
I doubt it was you at all. I looked at the original message header
and
it came from a yahoo server, not sbcglobal.
Unless contesting.com takes some measure to validate that messages
actually originate from a server authorized to send on behalf of a
domain, anyone with a PC on the internet can install an SMTP server
and send email to tower talk appearing to be from Jim McLaughlin.
Al
AB2ZY
_______________________________________________
_______________________________________________
TowerTalk mailing list
TowerTalk@contesting.com
http://lists.contesting.com/mailman/listinfo/towertalk
|