Jump to content
Sign in to follow this  
doxer

Stock spam flood (PRFC)

Recommended Posts

I use one domain as a spamtrap domain. Robots that visit the website associated with the domain get handed a unique bogus email address; mails to that address are logged and analyzed.

Apparently the Russians are big on web-scraping, because most of the spam captured in this way is either in Russian or is typical of Russian-managed botnets (i.e. pharmacy spam). There are a handful of the other usual suspects, such as CEO Sales Solution and advertise-bzs.net, but mostly there's not much variety.

A certain amount of spam gets sent not to one of the machine-generated 'trap' addresses, but to addresses at the domain that consist of strings of seemingly random letters and numbers. My initial assumption was that these were pieces of message IDs that had been mistaken for email addresses by braindead list-builder software.

However, I'm currently seeing a tidal wave of spam pumping a penny stock with the symbol PRFC, sent to literally thousands of these non-existent random addresses (a fair amount of PRFC spam also hits 'real' addresses both on this domain and others). It starts to look less like bad de-munging and more as if the spammer is deliberately generating and targeting nonsense addresses.

My question is, what's the point? Most domains will have their catchall email address disabled. The addresses generated in this way are so oddly-formed that there's almost no chance that they'll somehow discover a real address. Or is this just what happens when you take the infinite monkeys with their infinite typewriters off the task of writing Shakespeare and set them to sending stock spam?

Thoughts, observations, insights would be welcome.

Share this post


Link to post
Share on other sites

We used to believe that trying to fathom the ways of spamdom was a certain passport to madness but I

I think you got it right with your post to "Spammer Rules" - magnify a tiny margin sufficiently and the sum of it becomes appreciable. The only issues are the cost and to whom that accrues and those are tied up in the measure or definition of "margin".

Incidentally I am amused at the "infinite monkeys" paradigm now creeping into internet commentary - all it takes is a very (very very) large number of monkeys - if there were an infinitude of 'em they would have completed their task on the first run (with an infinite number of perfect copies - and an infinite number of less than perfect copies) since infinity is indivisible by definition. One hopes that (an infinite resource) is not the explanation for any apparently surplus capacity in the monkey tasking business. But I quibble-joke, we know what is meant.

For the moderately paranoid, the O/P's links are to ROKSO and WOT respectively. For the really paranoid, you won't trust either of us anyway.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×