Jump to content

Should spam also get reported to the FTC?


Vanguard

Recommended Posts

Posted

For some spams, I report them to the FTC (spam[at]uce.gov). I realize that they won't take action against a particular spam but they may take action against a spammer whose reported aggregate volume of spam inflicts many recipients. I go through the Spamcop reporting mechanism (send the spam, get a confirm message, click the link to the web page, and submit if correct). That helps the blacklists but doesn't promote any legal action against massive spammers that the government might target.

If the FTC already has access to the summary of volume statistics per spam source from SpamCop and other DNSBls then there would be no point in me sending off a separate copy of the spam to them. Otherwise, shouldn't the FTC be included in the spam report if its source is within their jurisdiction (but perhaps as a daily, weekly, or monthly summary of volume from that spam source with links provided to a list of reports)?

It seems that if spam[at]uce.gov exists to report spam to the government then perhaps some pressure can be applied against spammers from that direction. With the FTC actually asking to have spam sent to them as noted at http://www.ftc.gov/spam/, why not do it? If there is a perceived or known problem with including the FTC in providing statistics to them, why not add another checkbox to include sending a copy of the spam to the FTC as the user's discretion (since the FTC says that it wants deceptive spam reported to them)?

Posted

...Personally, I (try to) report all spam with a non-empty body to spam[at]uce.gov. SpamCop reporting has a feature that allows us reporters to add a limited number of e-mail addresses to which SpamCop should allow us to select to report. If you'll provide us with a description of how you submit your spam reports (www.spamcop.net or from the Held Mail box or ...), someone will undoubtedly let you know how to do this.

Posted
... If you'll provide us with a description of how you submit your spam reports (www.spamcop.net or from the Held Mail box or ...), someone will undoubtedly let you know how to do this.

27268[/snapback]

I have the free reporting account at Spamcop. As mentioned, I send the spam to <myspamcopid>[at]spamcop.net, get a confirm message back from SpamCop, click the link in that e-mail to open the SpamCop reporting web page, and submit if correct. There may be a field where I can add more recipients for the spam report but I'd have to remember their e-mail addresses. If the spam source were found to be in the USA or its properties, I'd rather just have another checkbox to include them to get a copy of the spam.

It'd actually be handy to have a slew of appropriate checkboxes to send a copy of the spam to the appropriate agencies. For pyramid scheme spam that has the user send money to postal addresses, it'd be nice to have a checkbox to fraud[at]uspis.gov. A checkbox to spoof[at]paypal.com would be handy to include a copy to Paypal regarding a phish mail. Another checkbox to reportphishing[at]antiphishing.org to report all phish mails. Since I'm there at the SpamCop reporting page making selections as to who gets a copy of the spam report, it'd be nice if there were more choices to apply more leverage against spam and phish mails. Rather than a separate "Notes" textbox for each contact, provide one common textbox (in addition to the spam source contacts) where you could enter notes that applied across a multiple selection of recipients.

Right now, I have to go off sending a separate copy of the spam or phish mail using my e-mail client because I'm not going to remember all those contact e-mail addresses (that why users have address books!).

Posted

If they are offering something obviously illegal, then be sure to report it. I have read that they are cracking down on illegal offers and scams sent through e-mail and have heard they have made some high-profile arrests. I am not sure if they are going after CAN-spam violations, but I do know that they are supposedly being very aggressive about scams and the sale of illegal products (i.e. viagra).

Posted
I have the free reporting account at Spamcop.  As mentioned, I send the spam to <myspamcopid>[at]spamcop.net, get a confirm message back from SpamCop, click the link in that e-mail to open the SpamCop reporting web page, and submit if correct.

27276[/snapback]

...Thank you! I can help you, now (see below).
There may be a field where I can add more recipients for the spam report but I'd have to remember their e-mail addresses.

27276[/snapback]

...Nope, that's not it!
If the spam source were found to be in the USA or its properties, I'd rather just have another checkbox to include them to get a copy of the spam.

It'd actually be handy to have a slew of appropriate checkboxes to send a copy of the spam to the appropriate agencies. <snip>

Right now, I have to go off sending a separate copy of the spam or phish mail using my e-mail client because I'm not going to remember all those contact e-mail addresses (that why users have address books!).

27276[/snapback]

...Okay, here's what you do:
  • go to http://www.spamcop.net/
  • if you haven't already done so, log in
  • click the "button" under the spamcop.net logo (at the top left corner of the screen) labeled "Preferences" -- it's the right-most of the five buttons
  • under "User Preferences," click the link labeled "Report Handling Options "
  • look for the text box under the label "Public standard report recipients" and fill in the addresses, such as spam[at]uce.gov, to which you might wish to send reports (note that this textbox limits you to 100 characters); if you want to have more than one such address, offset each address with a single space

The next time you go to the page to report a spam, those addresses will be offered.

...Good luck and happy spam reporting!

Posted

Once uopn a time, the FTC asked for SpamCop reports. Julian obliged, adding in copies that went out for each and every spam report/complaint. It didn't take long for the FTC to then ask Julian to STOP IT!!!! Those folks obviously didn't have a clue what they were asking for, and the killing of their e-mail servers wasn't anticipated <g> So, no, there is no "automatic" FTC report offered. Paying users can add some addresses (scoped way down due to abuse by your fellow SpamCop reporters) that will be in the list of targets for sending the reports. Vanguard's e-mail submittal offers a solution by itself, simply add the FTC as a CC: .... The rest of the suggested/requested type of "SpamCop provides addresses" would be based on the parser trying to analyze content .. not done now and not expected in the future .. there are enough bad reports sent out as it is by users that are supposed to be reviewing the results now offered (noting again, that based on previous reporter experience, some items that were originally programmed with a "checked" default were removed/changed to "unchecked" ot even ignored [e-mail addresses in the spam body for instance])

If you follow my FAQ entry about the name/address change, you'll find that the current FTC address was put into place for the same reasons as above, as use of the old address was feeding into their 'main' server and was basically overloading that system. (I'm pretty sure I provided snippets from my dialog with that FTC system manager..???)

Posted
The next time you go to the page to report a spam, those addresses will be offered.

...Good luck and happy spam reporting!

27286[/snapback]

Thanks for the info. After adding "spam[at]uce.gov reportphishing[at]antiphishing.org spoof[at]paypal.com fraud[at]uspis.gov", there is only 15 characters left to define another recipients. Hopefully I get the option to edit this list so I can remove, say, PayPal and Antiphishing when it is not a phish mail, and I only want to include the postal inspector division when it involves postal mails, like with postal pyramid schemes.

Posted
Thanks for the info.

27292[/snapback]

...Glad to have been of help! :) <g>
<snip>

Hopefully I get the option to edit this list <snip>.

27292[/snapback]

...Yep. Follow the same path and make whatever changes to that list you wish. The text box is fully editable.
Posted
...Glad to have been of help! :) <g>...Yep.  Follow the same path and make whatever changes to that list you wish.  The text box is fully editable.

27293[/snapback]

Actually I was thinking that the submit page would present the same list of e-mail addresses and I would have to edit that. After updating my preferences and having a spam to report, I see that you get a list of checkboxes for each space-delimited e-mail contact. Works great. Just wish I had more than 100 characters to list other contact addresses, or maybe an address book feature.

I reported one spam already and had the option with the extra checkboxes of which other contacts to include in the report. Then on the next one, those checkboxes were gone. Eventually I figured that I either had to login or keep the cookie that got saved (I use cookie whitelisting to determine which ones get kept, and I forgot to add *.spamcop.net to the list). Once I figured that out, and ducked out of the way of me slapping my forehead, it worked again.

Posted
Once uopn a time, the FTC asked for SpamCop reports.  ... It didn't take long for the FTC to then ask Julian to STOP IT!!!!

Yeah, I'm sure they were ill-prepared for the volume of spam reports they got. If I send the spam report from SpamCop, will the FTC still accept it or might they have a block on e-mails coming from SpamCop?

If you follow my FAQ entry about the name/address change, ...

Got a link to that? I've been bouncing around the SpamCop FAQ pages until my eyes have blurred over.

Posted
Yeah, I'm sure they were ill-prepared for the volume of spam reports they got.  If I send the spam report from SpamCop, will the FTC still accept it or might they have a block on e-mails coming from SpamCop?

No block .. it was the feed of the "aitomatic CC: of every report" that was shut down. The "individual" making the report is still fine (though noting that even this flow caused the changed address to off-load their main e-mail server)

Got a link to that?  I've been bouncing around the SpamCop FAQ pages until my eyes have blurred over.

Suspicions are that you are "bouncing" around the www.spamcop.net FAQ and somehow missed the Pinned item/link 'here' (read before posting) that takes you to a single-page listing that incorporates that FAQ into a much expanded form ...????

Posted

For the other places that you some times want to report to that won't fit into the approch above, I add the names to the address list along with <myspamcopid>[at]spamcop.net, when I report the spam.

Although I am not a fan of Bill G, don't forget Piracy[at]microsoft.com for "Cheep SW" Bill Gates has the money to track them down. There seems to be 2 canned messages in response. If the link works they say "Think you, we care" If the link is broken Bill ask for name, phone #, address etc. By then I don't care and the link doesn't work any more so I send the any info with the original report. This seems to work.

spamwatch[at]symantec.com also ask for reports of their SW for sale, but don't expect to get a think you. the FDA also has an address which I can't find right now.

Posted

Marjolein's Ban spam page offers a list of reporting address as do a couple of other links found on the Forum FAQ (again noting the read-before-posting thing)

Posted
Suspicions are that you are "bouncing" around the www.spamcop.net FAQ and somehow missed the Pinned item/link 'here' (read before posting) that takes you to a single-page listing that incorporates that FAQ into a much expanded form ...????

Yep. Was bouncing around the FAQ for a couple hours. Then I went back to the pinned articles. Had I started from the bottom of the link list then I would've found the FTC article much quicker. As it was, I started from the top and kept clicking on potential articles and the links in them and the links in them and ... eventually my eyes glazed over. Lots to read, lots of interruptions, so after awhile I got do to the appropriate article (http://forum.spamcop.net/forums/index.php?showtopic=1972).

Lking, thanks for the other links but there is a limit of 100 characters for the alternate e-mail contacts that I can define under Preferences (and why an address book would be preferred - but then I'm a freebie SpamCop reporter so having the resource overhead of providing address book probably won't happen, but a longer input textbox would help).

Posted
but a longer input textbox would help).

It was your fellow SpamCop reporters that caused this "too short" space. There once was a 'bitchlist' site and folks used data there to send their reports to addresses included on that site. Basically, the 'bitchlist' site was a place that people fed with every possible address they could find for a particular ISP, including innocents like the receptionist on the third floor .... after the massive complaints from those folks, this input field you are describing was reduced to something like 25 addresses ... I'm betting that you can guess why it's even smaller these days ....

Posted
... is a limit of 100 characters for the alternate e-mail contacts that I can define under Preferences (and why an address book would be preferred - but then I'm a freebie SpamCop reporter so having the resource overhead of providing address book probably won't happen, but a longer input textbox would help).

27399[/snapback]

"What we have here is a failure to communicate" From Cool Hand Luke I think although can't spell communicate the way it should be said.

I intended to say when submitting spam as an attachment to an email addressed to <submit.xxIDcodexx[at]spam.spamcop.net> I also address the report (with attachment) to FDA, adobe uce.gov etc and other fokes in my mail app address book. So I was referring to "your mail app address book" not one provided by SC (spamcope.net).

So I fell into the bad habit of assuming you knew what I was talking about (don't know why you couldn't see my screen). Sorry. When I started reading here I spent 2 days looking for a feature being written about, until I figured out it was part of spamcop mail not spam reporting.

Posted
"What we have here is a failure to communicate"  From Cool Hand Luke I think although  can't spell communicate the way it should be said.

Yeah, said right before the *BANG* and then Luke died.  Perchance inferring a sublimal metaphor there?  :huh:

I intended to say when submitting spam as an attachment to an email addressed to  <submit.xxIDcodexx[at]spam.spamcop.net> I also address the report (with attachment) to FDA, adobe uce.gov etc and other fokes in my mail app address book.  So I was referring to "your mail app address book" not one provided by SC (spamcope.net). 

So I fell into the bad habit of assuming you knew what I was talking about (don't know why you couldn't see my screen).  Sorry.  When I started reading here I spent 2 days looking for a feature being written about, until I figured out it was part of spamcop mail not spam reporting.

I understood what you meant. What I meant is to have an address book (or a longer textbox to list more contacts) within the Spamcop reporting service. I am a freebie Spamcop reporter so I don't have whatever features are available to SpamCop mail account holders. Yes, I can add other recipients in my local e-mail client (Outlook or Outlook Express) to my spam abuse report that gets sent to Spamcop but: (1) The recipients won't get the same message from me that comes from SpamCop; and, (2) There is the aggregate potency presented by a report received from SpamCop that is not inherent to a post originating from just me.

Before knowing about the preference setting (where I could add a list of additional contacts), I actually did have to add the other contacts in my e-mail client so they would also get a copy of my spam report. I don't know if SpamCop tolerates comments added to the body of a spam report (i.e., in the body, my comment is then followed by a copy of the spam), so I would send a copy to SpamCop and then send a separate copy with my comment to the other contacts. So the process of using my own e-mail client and its address book to send to other contacts wasn't unknown to me, except that I would prefer to have those contacts notified with a copy of the same spam report that is issued by SpamCop sent to the list of "usual suspects". SpamCop's reporting interface lets me add a separate note to each contact so that I don't have to bother sending multiple e-mails for the same spam abuse report, and the spam report originates from SpamCop instead of me.

Since I will be visiting the web page to review my submission to SpamCop and okay it (i.e., I have to go there anyway), having a user-selectable list of additional contacts would be handy. If the additional contact list were not available in Preferences, I would still be back to my prior method (which you mentioned) of sending my spam report to SpamCop and include the other recipients or of sending a copy to SpamCop and then sending another copy to the other contacts so that I could add a comment just for them.

According to Wazoo, apparently a few excessive aggressives screwed up the rest of us from having a long list of additional contacts: spammers don't care who they afflict and vigilantes don't care about collateral damage. Well, at least, I can get a few of the most important ones added as optional selections to that web page.

Posted

Yep, Jeff this would be a lot easer if I could tyupe.

Vanguard I think you under estamate the power of the dollar. Uncle Bill is modivated, He wants (needs) every report of some one trying to rip him off. As I put in an earlier post I get a reply to all SW reports I send. The turn around time is not a constant wich gives the allusion that something happens before responding (like taking a coffee break).

Posted
(1) The recipients won't get the same message from me that comes from SpamCop; and,

As a generic statement, there's mud in that there water ... Focus in on one. the FTC ... Technically, they aren't looking for a SpamCop report .. your spam submittal gets added to on huge repository for use by interested/qualified people/agencies. One could even walk the line that the SpamCop report submittal might actually dilute the impact of that amount of 'evidence' due to the munging done in that output.

(2) There is the aggregate potency presented by a report received from SpamCop that is not inherent to a post originating from just me.

Again, that does depend on who is being pointed to here. For instance, sending in 'your' complaint may get around the "another one of those dang SpamCop things .. why do they keep spamming us?" filters

I don't know if SpamCop tolerates comments added to the body of a spam report (i.e., in the body, my comment is then followed by a copy of the spam),

Definitly hazardous to your account.

so I would send a copy to SpamCop and then send a separate copy with my comment to the other contacts.

Some commentary may cause your report to be shot and deleted in place. ISP abuse guy writes up a filter such that all incoming that starts with xxx goes to a special filter for the termination notice evidence .. then along comes your 'version' of that same spam ....

I would still be back to my prior method (which you mentioned) of sending my spam report to SpamCop and include the other recipients

Noting also the quandry of the SpamCop parser (generically) wanting the spam "attached" whereas many other 'targets' will reject e-mail with attachments to a role/abuse account.

Posted
As a generic statement, there's mud in that there water ... Focus in on one. the FTC ... Technically, they aren't looking for a SpamCop report .. your spam submittal gets added to on huge repository for use by interested/qualified people/agencies. 
If comments are superfluous and ignored then why does SpamCop offer to let users add them when they use the submittal completion web page? There may be additional information beyond what is exhibited within just the spam mail which could prove useful or perhaps is even mandatory.

One could even walk the line that the SpamCop report submittal might actually dilute the impact of that amount of 'evidence' due to the munging done in that output.
Facts remain such regardless of the source (truth is how you interpret facts). Since LOTS of users will be reporting spam from their webmail accounts (which require no real proof of identity), there is no difference in getting a spam report from a munged SpamCop sender or from a webmail user as they are just as anonymous as each other (well, okay, some webmail providers actually add a header that identifies the sender by their IP address but that is worthless info for a dial-up user sending the spam report).

Again, that does depend on who is being pointed to here.  For instance, sending in 'your' complaint may get around the "another one of those dang SpamCop things .. why do they keep spamming us?" filters
Well, if they are going to ignore SpamCop reports then why would they bother with mine? They'll just bit bucket everything coming in on their abuse[at]domain account. Of the entire populace that sends them spam reports, I would think the use of SpamCop would tend to engender a more savvy group of senders and so those reports would be more valuable than some newbie sending them a bitchgram. Yes, in every populace there are the dummies, but I would think the percentage of dummies in the SpamCop community of spam reporters would be less than the percentage of dummies in the populace that is not even aware of blocklists.

Definitly hazardous to your account [to add comments].
I figured the SpamCop parser couldn't handle comments. That is why if I wanted to add a comment that I had to send different sets of report e-mails for the same spam - except now with the mini-list available in Preferences of contacts that I can instead submit to SpamCop and then decide to include comments (after deciding to send the report).

Some commentary may cause you report to be shot and deleted in place.  ISP abuse guy writes up a filter such that all incoming that starts with xxx goes to a special filter for the termination notice evidence .. then along comes your 'version' of that same spam ....
Then the same unintelligent string compare might also match on text in the spam and end up deleting the abuse report even without any commentary added by the sender.

Noting alos the quandry of the SpamCop parser (generically) wanting the spam "attached" whereas many other 'targets' will reject e-mail with attachments to a role/abuse account.
I don't attach the spam. It is in the body of my spam report e-mail. I remember seeing recommendations that the spam be attached. I think that was because some users don't realize that inline forwarding discarded all the headers of the original e-mail, and the headers are the juicy part.

In Outlook, I use the SpamSource plug-in. Even they recommend sending as an attachment to SpamCop but I still leave it configured to send the spam in the body of the message. I haven't had a problem yet with SpamCop parsing the spam that is in the body of my e-mail.

In Outlook Express (used for a different set of accounts), I hit Ctrl+F3 to show the raw data of the message and then copy/paste it into an e-mail sent to SpamCop, so the spam is again in the body of my message and not as an attachment. Since forwarding as an attachment is not an option in OE, copy/paste of the raw message data is an easy alternative.

Since almost no other contact wants the spam as an attachment, and since I used to include other contacts when sending my spam abuse report using my local e-mail client, I didn't want to send it as an attachment. SpamCop has behaved okay so far with the spam in the body of my e-mail. However, since I figure SpamCop doesn't want anything but the spam, that means I cannot add any comment for the carbon copy that gets sent to the other included abuse contacts. Before I had to send one e-mail to SpamCop and another e-mail to the other contacts. Now I can send one copy to SpamCop and then checkoff any additional contacts when I okay the report get sent (and I can add comments to just some of those contacts).

I've found the mini-list available in Preferences for other contacts very helpful.

Posted

Debating all the points raised here will be better served as a conversation in the Lounge area. If you want, I'll split these last few posts out and move them over there ... .. heck, maybe the whole thing should get moved .. it's not really an issue/query that deals with "problems with the Reporting system" ....????

Since forwarding as an attachment is not an option in OE, copy/paste of the raw message data is an easy alternative.

Huh? How about heading over to the "How to use... / Reporting" Forum, find a post dealing with OE6 Secure Handling, and when you get to the Right-Click part, check your menu options (for example) ...???

Posted

Well we all have different experiences.

I send all reported spam as attachments to SpamCop and every one else at the same time. reportphishing[at]antiphishing.org, like spamcop, also recomend this approch on their web pages.

With the SW offers I include in the body where the link ends up (some times its not the same as what is in the spam), Name from the web page, address (if found on their site) , phone number (if available) etc. basicly all the information requested if the link is broken when the 'real' vender gets the report. Someone reads the damn thing because I no longer get request for additional info. It the link to OEM SW is broken when I get the spam I say so in the body and get a 'thank you' response vs. the 'give us their name' response. AND to the comments about info in the body messing up spamcop, none have failed yet.

I agree with Wazoo about a parsed, mungened spam. If all the reports come from spamcop, all sent to <x> many with the same date stamps it could look many copies of the same mail or spam and not have the same proponderance of evedance if they come from many sourses with real addys. But I think we are down to mHO (s).

Posted

Although not seen in a long while, these types of things would come up over in the NANAE newsgroup on a regular basis ... some person asking who SpamCop was and why SpamCop would have sent over 3,000 copies of the same damn thing (keying on the Subject: line, and being in a standard format, of course, those were all the same) ... and of course, the appropriate responses would come pouring forth ... Julian was born upside down and brain dead .. SpamCop reporters were at least seven levels lower on the Internet User Scale than brand-new-AOL-users, who were already 10 levels below rancid pond-scum ... eventually, some of these other fine folks started receiving spam from the original poster's IP and then it was their turn to pound on that person for being an idiot .... never once going back with the "hey, SpamCop was right" thought/comment <g>

Posted
Debating all the points raised here will be better served as a conversation in the Lounge area.  If you want, I'll split these last few posts out and move them over there ... .. heck, maybe the whole thing should get moved .. it's not really an issue/query that deals with "problems with the Reporting system" ....????
Does it do this? How to do this? Why not do this? Works great, thanks. Too bad its limited. Get info on why it's limited. Why I prefer the added contacts be available on the web page instead of my e-mail client. These aren't questions on topic to this forum on how to use the reporting system?

Starting with http://forum.spamcop.net/forums/index.php?...indpost&p=27423 there was some increasing drift but, hey, don't blame me for all of it. If the drift is still related to the topic, and since it seems (to me) that the starting post was on-topic, I don't see a need to move it to another forum. But if that's what you want to do, go for it.

Huh?  How about heading over to the "How to use... / Reporting" Forum, find a post dealing with OE6 Secure Handling, and when you get to the Right-Click part,  check your menu options (for example) ...???

My bad. I've been trialing something like 6 different e-mail clients and must've remembered the wrong one. Or, for some old reason, I got stuck in that mode of forwarding e-mails in OE. That or I really pulled a boner and have missed that option for a long time. Actually, as one of the many links I was following before (in trying to find another FAQ you mentioned), I had read http://forum.spamcop.net/forums/index.php?showtopic=3571. It discusses the same copy/paste method that I mention to be using (copy/paste of the raw message data), and that forwarding (as inline) is bad, but it never really does mention forwarding as attachment, not even in the summary. Too bad I can't remove the Forward toolbar button and replace it with a Forward As Attachment button, or have a global option to choose to always forward as an attachment. Not even OE's help mentions forwarding as attachment. The default is what likely gets used. Also, I rarely use OE for e-mail but mostly as an NNTP client for newsgroups, so I'm more familiar with Outlook for e-mail.

Right now I'm finding that if I forward as attachment (.eml file) a test e-mail to myself that an error occurs yet I can send okay other test e-mails with other filetypes attached. I'll figure that bug on my own since that really is off-topic. So, for now, I have to use the mentioned method of cut/paste until I find what is causing the error on retrieving e-mails with .eml attachments. It never stops. The raindrops just change size.

Hopefully without risking going off-topic (but it doesn't seem that way to me), now that I see forward as attachment is doable in OE (and the .eml file is a text file that SpamCop can read okay), how about forwarding as attachment in Outlook? When forwarding as attachment in Outlook, you get an .msg file instead of an .eml file. When I look inside a .msg file with a text editor, there is a ton of babble at its beginning and I don't see the headers; i.e., an .eml file looks like a proprietary format.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...