Jump to content

Is this just spammers luck or what


cppgenius
 Share

Recommended Posts

I received an e-mail a couple of days ago, where the spoofed e-mail address were my personal e-mail address, delivered to my cybertopcops.com e-mail address. Now both e-mail accounts have the same prefix, so what do you guys think, is this pure coincidence or have the spammers made the connection that the two e-mail accounts are related somehow? I've published this example for illustration at the following link: http://www.cybertopcops.com/malware-spam-r...r-13192ni97.php

The latter is kinda scary if you realise the spammers might know more about their spam victims than we realise. But I do not like to give a spammer more credit than he deserves (not that a spammer deserves any credit anyway), but I also do not underestimate them either.

Link to comment
Share on other sites

...Just off the top of my head, my guess would be that there's a list of e-mail addresses out there with both of your addresses in it and that this spammer (and not uniquely this one) has the addresses sorted in alphabetical order and sends spams to several of the e-mail addresses on her/ his list at a time and both of your addresses therefore wound up on the same spam.

Link to comment
Share on other sites

It's rarely "personal" cppgenius but, as you say, if a PC has been infected - say with a keylogger or a back-door remote access - then all bets are off. Under those conditions however, I would expect a more noticeable and higher-value activity to be occurring, such as a raid on bank accounts. But, who could say?

Oh, and will you please de-activate those links to cybertopcops in your signature? (making the slashes italic would do, so they are not clickable, includes replacing the name anchors in the signature with the plain URLs - one of we who were moderators will do it for you if you can't/won't).

We don't like clickable links in signatures, with rare exceptions, and don't want visitors to get the impression we've maybe changed our policy and start flooding in with all sorts of SEO shenanigans - already roughly 50% of new membership registrations are banned for that or associated reasons and we certainly don't want more.

Reasons for the restriction are partly security, partly respect for our host and certainly disdain for any form of spam - NOT saying YOU are spamming. Yes, I know cybertopcops are in the anti-spam fight too, and are not (directly) commercial. That's why the references (which can be selected, copied and pasted into a browser URL window) would be tolerated - and you have already contributed numerous live links to cybertopcops pages to illustrate points in previous posts (going back for years and including your last, above) which are welcomed.

Link to comment
Share on other sites

It's rarely "personal" cppgenius but, as you say, if a PC has been infected - say with a keylogger or a back-door remote access - then all bets are off. Under those conditions however, I would expect a more noticeable and higher-value activity to be occurring, such as a raid on bank accounts. But, who could say?

Oh, and will you please de-activate those links to cybertopcops in your signature? (making the slashes italic would do, so they are not clickable, includes replacing the name anchors in the signature with the plain URLs - one of we who were moderators will do it for you if you can't/won't).

No problem Farelf, sorry, I was not aware of this policy, is the signature now acceptable?

For a moment I thought my gmail account got hacked somehow, but the e-mail header told me that this was not the case. In the end I still think this was just dumb luck and not intentional, especially for the fact that these malware infested e-mails are flooding e-mail accounts from everywhere..

Steve, never thought of that, but could very likely be what happened here.

Edited by cppgenius
Link to comment
Share on other sites

No problem Farelf, sorry, I was not aware of this policy, is the signature now acceptable?

Sig is fine, thanks for understanding.

The e-mails - yes, one naturally assumes the worst but the actuality is usually more mundane (the Copernican principle - principle of mediocrity and all that). But as "Peter and the wolf" reminds us, sometimes it can all come true. Steve T's alphabetically-ordered list theory does sound good.

When I used to get lots of spam, so far as could be gathered from those that included the address list, a favourite way of ordering was by domain - but ESPs are much more into edge filtering these days so I doubt that would work as well now (trend too easily detected). To the extent that mass-mailing spammers would even care. As ever, it is probably fruitless trying to guess how the little devils minds work, but they rarely, if ever, turn out to be as smart as we credit them to be. With the mass-mailing model, they don't have to be.

Link to comment
Share on other sites

I received an e-mail a couple of days ago, where the spoofed e-mail address were my personal e-mail address, delivered to my cybertopcops.com e-mail address. Now both e-mail accounts have the same prefix, so what do you guys think, is this pure coincidence or have the spammers made the connection that the two e-mail accounts are related somehow? I've published this example for illustration at the following link: http://www.cybertopcops.com/malware-spam-r...r-13192ni97.php

The latter is kinda scary if you realise the spammers might know more about their spam victims than we realise. But I do not like to give a spammer more credit than he deserves (not that a spammer deserves any credit anyway), but I also do not underestimate them either.

Make sure it is "spoofed" check your sent folder to see it looks normal or your email account compromised

Encourage the use of SpamCop email reporting as this shuts down BotNets (MailWasher makes it even easier)

Use a more complex password for ones email easily remember and as standard, is to use the first letter of your name your letterbox number an = sign, then your super secret alphanumeric password Example

Petzls letterbox is 1234

P1234=SuperSecretPassword_1234

This would take a dedicated computer over a million years to crack or 240 bit encryption

Link to comment
Share on other sites

Make sure it is "spoofed" check your sent folder to see it looks normal or your email account compromised

That's the first thing that I've done, but like I said, it is apparent from the header information that the e-mail went a different path to my mailbox.

Thanks for the password tips. I wrote an article once on the best password practice and I am also a huge supporter of the arbitrary alphanumeric password (not dictionary words but random letters, numbers and a special character or two, just as a curve ball). I must say, your take on a strong password makes it a bit easier to remember, if you keep certain parts the same. Also makes it convenient with the magnitude of passwords we have to remember these days. :rolleyes:

Link to comment
Share on other sites

That's the first thing that I've done, but like I said, it is apparent from the header information that the e-mail went a different path to my mailbox.

Thanks for the password tips. I wrote an article once on the best password practice and I am also a huge supporter of the arbitrary alphanumeric password (not dictionary words but random letters, numbers and a special character or two, just as a curve ball). I must say, your take on a strong password makes it a bit easier to remember, if you keep certain parts the same. Also makes it convenient with the magnitude of passwords we have to remember these days. :rolleyes:

Well nowadays I just use a password saver, from a USB and always use maximum length Alphanumeric upper/lower case.with characters (some log-on don't accept characters).

The only weakness are the limits imposed by the login page.

One of my Banks require three fields to be filled which is no problem for my program. another require me to carry a gadget where you dial your password number and determined by the time of day (guessing) gives you at least a 10 number password

I don't now have to remember some have one change their password monthly. In this case most just add the month to beginning or end of password like 01 to 12.

Big problem with tablets though, yet to find a secure method or good program to use on one. Would imagine Ipad would have something

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...