Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by MainID

  1. As 'petzl' said - "One of your friends who has your email address has been hacked." and posting it on the internet in a caesural message opens it up for harvesting by spam bots trolling for email addresses. And they also somehow harvest email addresses from provider lists as I regularly receive spam where every address is from the same network (like MSN) and in alphabetical order (IE: name[at]... name1[at] name2[at]..) And they can also purchase a spam list of harvested addresses off the internet complied for email marketing. It's the sent count that matters. And if they are being paid by the batch or email why would they want to stop or limit their income? They are hoping for the one gullible user who will think the spam was meant for them and does not consider that its to good to be true. For spammed sites, its the sending count that maters. Again, its the send count... as they have nothing to do with the site other than getting paid to send the spam, they don't care. And the site is hoping for that one gullible user who will think the spam was meant for them! SpamCop can not stop or prevent the spammer from jumping around and using several different email providers for sending their spam. SpamCop reports the associated sending IP address of the spammer to its provider. It's the email provider associated with the spamming IP who needs to take action. Does SpamCop make a difference. From a casual spam reporter who uses SpamCop to report received spam I think it does. I was receiving up to and over 300 spam emails to my accounts daily and I have been reporting them for some time now and it has gown down to around 30-50 a day, sometimes less. Is it always effective, maybe not, does it make a difference, I think so! One needs to consider the ISP terms of use - as they are Not sending the spam from their domain, so the ISP can not take action on something which has not happened. Reporting the offending spamming IP and hoping it gets suspended from sending more spam is the only thing which can be done, aside from reporting the reply to or contact email address to the provider. Ether way they will just jump to a different email provider to send that one-time-spam message to their list. Over time as the spammer gets tired of jumping around to different providers this spam from the sender will decrease as they will grow tired of the lengthily process needed just to send their spam. then the will sell it or give it away and a new spammer will arise!! And the process starts again... All is just my option and how I see it...
  2. You are absolutely correct, I was trying not to turn the reply into a spam sending tutorial. As 'michaelanglo' said, these spammers will often use several different email providers (or compromised/spoofed email accounts) at the same time to send their spam in order to avoid being suspended before they have their spam lists sent and maximizing their spam sends. Note: the sending email address is almost always fake, spoofed, or compromised (hacked) and the spam sender has no intent on using it again as its subject to being suspended by the provider, and is why SpamCop reports the spam sending IP address it its provider.
  3. I get these all the time (russian pharmacy scam emails). They captured/harvested your email address from the internet and added it to several different spam lists. As some of these scam domains are now from china, they are spamming you as much as they can just hoping for a customer. As they do not filter these harvested spam lists, and your email address is in them, when they spam from their spamming list you will receive a spam email from each list you address is on. So if they are comming in groups of four emails at a time, then you can bet that you are on at least four of their lists. Unsubscribing from those spam emails will only comfirn you received them. You should not open these emails in full HTML view (use txt view) as this will send back the tracking indicator (a 1x1 pic image used for tracking) and comfirm the email address which will be added to more spam lists. Yes, sometimes the domain hosts seem like they just don't care as they refuse spam reports. Which is why when I review these scam spammed sites I add the spamming IP in the review.
  4. I get this also. I call it retaliation spam. As it not really spam as its comming from a valid list response. Someone associated with the ag.state.oh.us placed your address in the list response as a payback for some unknown reason. I get this from the Stanford Edu mailing list (over 3000 of them). I was placed on the reply to list after I reported one of their IP's for having a Bank of America phishing page to their network administrators. Guess they fowarded the complant to that student with my email address and they retaliated by placing me on every list they could find. I contacted their network abuse and asked that my email address be purged from their network and filtered from any outgoing mailings. Guess it worked as they mainly stopped.
  5. SpamCop no longer (for my account) shows the bounce flag message after signing in to report the processed spam. 200150JUL13
  6. SpamCop still works fine, autoresponders are received and the spam is processed. Just need to keep clicking the 'problem resolved' button each time spam is sent to my account. Q. If users need to keep clicking on the 'problem resolved' button till it's resolved, does/will it have any negative affect on their accounts with SpamCop???
  7. Same here the SpamCop Service email is bouncing back.
  8. Well for me I was on SpamCop.net, not currently known for spamming! Me, "I" clicked the scripted "Problem Resolved" button on the SpamCop.net page which showed the bounce message. I am using the right site, right?? SpamCop.net? ======================= Me, I, 1. Received spam emails, 2. Sent the spam emails (as I always do) as attachments to my SpamCop reporting address, 3. Opened the SpamCop.net website, 3. Signed into my account, 4. Clicked the Report spam link, 5. Received the following, hxxp://www.spamcop.net/ Welcome, MainID. Your average reporting time is: 8 hours; Pretty good! Bounce error Your email address, <snip> has returned a bounce: Subject: Please ensure your email account is reliable, then click below: "Problem Resolved" (button) News: (Last Modified: Tuesday, February 12, 2013 9:32:25 PM -0500) (Email-account news) Mail Admins: Delayed bounces, virus notices, vacation messages - More.. Warning: We are seeing a new round of phishing attempts aimed at SpamCop/CESmail email account holders. These emails ask for your user name, password and birthdate, stating these are needed to upgrade you to a new service. Do not respond to these emails! We are not changing services or servers. We remind all users that we will never send out a request for personal or account information, will never send an email with a zip or executable attachment or send you a link to a zip or executable file. Never Click On These Links or Attachments. Email status now on Twitter! Corporate Email Services (the provider of the SpamCop brand email service) is providing mail status updates through Twitter. Follow them at #cesmail_status © 1992-2013 Cisco Systems, Inc. All rights reserved. HTML4 / CSS2 Firefox recommended - Policies and Disclaimers
  9. Same here. The autoresponders are in my inbox, yet SpamCop keeps notifying of a bounce. Bounce error message in the SpamCop screen has no subject or reason! What I receive when clicking report spam: Bounce error Your email address, <Snip> has returned a bounce: Subject: Please ensure your email account is reliable, then click below:
  10. I have seen this several times before. Some report to a Hotmail account and some to a Gmail account. Me not knowing if these are real spam reporting accounts I just cancel them!!
  11. They have their ways. Sneeky bas[at]$#ds are very determined to get that email out...
  12. This is very common. The Yahoo account "could" have been accessed and the owner should change their password and let their contacts know someone is sending spam using their email address. Also, if an email was "CC'ed" to all of the contacts, then forwarded again and somewhere a spammer got/received that email which lists all of those email addresses they then just increased their spamming list. This happens allot when everyone wants to "Forward" a "really good joke" to everyone they know, and they "Forward" to their friends, and they "Forward" to their friends... the list of email addresses grows...! hxxp://www.newsmediaguild.org A site with a "weak" password that was Hacked and then used for email spam so this site is reported and keeps the main sites open longer as they are not reported as often. Same redirection: hxxp://www.newsmediaguild.org/way hxxp://www.newsmediaguild.org/way/vwvvgufjl?lclmzkadur The redirection code is in the sub-directory "way". The code string at the end of the URL just tells the spammer who initially sent the spam email URL and who gets credit for the redirection. In this case "vwvvgufjl?" starts the redirection and is a tracking code, "lclmzkadur" tells them who spammed it (something like that, not a coder here). You can also see these type of tracking codes in any newsletter you receive. They let the sending site know you received the email and which link was clicked. hxxp://e-fxnews.com FAKE NEWS SITE - Site is used as a Redirection to Illegal Internet Pharmacy/Supplement, Replica or Work-From-Home Scam site. "Looks real don't it"... Thats the intent, to make the visitors think its real and click the links. Note: all of the links go to the same site... http://www.storeberryrasp.com Spamvertized site - An Internet Pharmacy/Supplement Weight-Loss Scam site. "Pharmacy spam" brands promoting medications, herbs, supplements, Weight-Loss, devices and augmenting body parts. There are sooo many of these... [edit - "payload" storeberryrasp link broken, please don't post these links folks - you are doing the spammer's work for him when you do, and risk the reputation of this site besides]
  13. Little help from me then... as I don't have the AOL mail program to work with it! Does the AOL client program have a "message properties" like in Outlook? Seems like the email programs would be user and advance user friendly, not only pretty!! Guess their programers don't think the AOL users need to know about the headers, or they don't want them to report them outside of AOL. Thanks - Don D'Minion for the reply
  14. The "hxxp" is just to keep the link from resolving in the forum (as I am not promoting that site through SpamCop). Yes replacing it with http or coping/paste the URL without the "hxxp://" will also work. Reading AOL forums, to get the full header and body users need to save the email as an HTML from with-in the programs "save as". Open the email, then save as. Its a long process, email saving, html opening as text, copying, spamcop pasting, sending... and as others have posted, it seems like they are trying to make it harder (like Yahoo...). You are correct; "So far, the browser option gives the best "source" to submit spam to Spamcop". SpamCop Admin: I searched but couldn't find... Will SpamCop accept email attachments as HTML??? Then the AOL (not AOL webmail) users could save their email header/body (with links) as an HTML, then when finished forward them to SpamCop as an email attachment!
  15. View all Headers in AOL AOL makes it easy for you to identify mail that originated from outside the AOL service by replacing the mail headers with a simple line that reads "Sent from the Internet (Details)." At the top of the email, to the right of Sent from the Internet, click the Details link. To Set up email headers: 1. Sign on to the AOL service, and then click the Settings icon. 2. Click the Mail Settings link. 3. Click the Advanced tab. 4. Under the When reading mail in Full View, click one of the following options: Always minimize headers Always minimize headers when I scroll Never minimize headers 5. Click the Save button. Note: email from another AOL member will not include a header because the email has not traveled outside the AOL service. Reference: hxxp://help.aol.com/help/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=187620
  16. For my web based AOL account I click the "Action" button, then "View Message Source". It opens in a new window with full header and body.
  17. They usually don't have permission as they harvested the email address. They send the "No Email" because they want your IP and the click rate when visited. At least Google added an abuse link...
  18. The spammers use googlegroups so it's reported and not them. Allows them to stay active longer. Reporting to Google, right,,, You need to signup with the group just to report them, which lets them know you are real, and Google seems unresponsive to abuse reports (they must use the same network IT people as Yahoo). What I did to stop the GoogleGroup spam. I had to "unsubscribe"!!! It did work... I used "hxxp://emkei.cz/" to respond to the email so they wouldn't get my IP. Just copy the emails subject and body and send it back to the unsubscribe address using your address (which they already have). I did receive an "unsubscribe" notice back from the GoogleGroups and that spam stopped. Doing this, you are unsubscribing from that "GoggleGroup" which is handled through Google...
  19. Nice topic post. The phishing emails I receive for the common major banks are being picked up by SpamCop and reports are being sent to them. For the readers of this topic, if in doubt about a site (the main URL) check the website WOT (no I have no connection with them). As myself and other spam, Scam and Phishing reviewers post scam and phishing site warnings there as they are received. This site also picks up listings and reports from the major web sites; PhishTank, SpamCop and blacklists.
  20. For new reporters, or those who are not quite sure of what to do but wants to help "take a bite of of spam" should use the easiest and safest method to report spam, Use SpamCop... Its quick, easy. and safe Yes, if a user does not have their computer setup to open or view "any" unknown attachment/message or the experience to do so should leave them alone, No You did not win anything, no one freely has millions for you, and your bank or credit card company "WILL NEVER" contact you through email asking for "any" information or verification of information that "they already have" and never click on URL's no matter what they "look" like. To correct, I report the Scam email addresses (in the reply-to, email body or attachments) to their Email Providers/host using a prepared scripted and accepted email format which provides a complaint and full headers and body w/attachment. Reports to SpamCop are reported as received (forward as attachment). It is time consuming but it may help keep someone from being scammed. Usually "greed" will always win and that's what the Scammers hope for. But this should only be done by users who have researched, learned and are prepared to do advanced reporting (opening attachments, following URL's).
  21. Yes the scammers expect to have their accounts closed. With quick reporting it limits anyone from responding to them, Then if they did, they then need to explain why the change of address. For me Yahoo sucks when it comes to them keeping their system clean. They keep closing the "real" accounts I create to report these scams. Google, never here from them, but I usually don't see the same reported address twice. Hotmail (Live, MSN and their other massive names) GMX and the other popular hosts respond to closures within hours of reporting them. So it does help (keeps the scammers running), just takes time. And yes, I open those attachments and report those accounts...
  22. Thanks, Yes one needs to figure which address to report. From: usually fake/forged/victim. Reply to: good only if the spam does not contain an address in the "body/attachment". Body/attachment: overrides all other addresses as this one would be the main reply/scam address which needs closing to stop the scam (keeps the running).
  23. From what I understand, SpamCop sends reports to the email senders IP host, or where the email IP is from, not to the senders email address host. As the sending email addresses are usually fake. Reports are also sent to a URL host when a site is spamvertized in the email. So SpamCop is doing its job of reporting the sending IP. Sometimes I receive replies from the IP host saying they have taken care of the abuse. But the Spammers are creating disposable email accounts to send those spams knowing that address/account will be reported and closed. To combat the Spammers, the "reply to" or body email address needs to be reported. This with SpamCop makes the Spammers work harder. I use a scripted HTML file (need to copy/paste the header/body) to prepare complaints to the "reply to" email hosts and have around 10-15 of the major email provider spammed accounts closed daily. I stopped reporting Yahoo spam as Yahoo likes to delete the Yahoo accounts used to report the abuse of Yahoo services (they closed my 10 year old account after I reported spam to them). The file can be found here <spamtrackers.eu/downloads/index.php>. You will need to register to download it or you can PM me (e: mainid hotmail) and I can send a copy of the current HTML scri_pt I use (it does make it easier to report those email accounts).
  24. It's easy to post a problem or complaint, it's easy to point fingers and ask why something is not fixed. But the hardest part is saying thanks when it's fixed. So I just wanted to post a big thank you for all of the SpamCop support/IT, and the helpful posts and updates from the forum. For me its back to normal, seems a little faster. Reporting works fine and I receive the AutoResponder within minutes of reporting the spam. Thanks everyone.
  25. Houston, We Have Liftoff: Mouse - Go Keyboard - Go SpamCop - Go, all systems normal...
  • Create New...