Newbie - need help

[fullnameoralias]

Hello everybody,

About a month ago I started receiving dozens of spam messages daily on one of my primary emails (no idea how it got leaked to the spammers - they even know my name, so it was probably stolen or sold by somebody). After a week of this hell, I registered on spamcop.net and started sending spam reports. I save email as .eml file (I use M$ Outlook), paste it into Web interface, get it parsed (it finds the spam source and the advertized Web site) and hit "Report spam" button. I can see history of my reports (so far about 260 emails, 4 or 5 reports for each email) and no answers from anybody. I also keep receiving spam at the same pace, from which I conclude that something isn't working the way it's supposed to.

Answering the most obvious question - I didn't register as a "mole", so I guess reports that are coming out contain all information necessary to track down the culprit.

All emails are coming from different addresses (.com, .net, .il, .bz, .nl and some others). Most (not all) of the Web sites advertized belong to yahoo-inc.com; I can't find who registers them; whois simply says the Website was registered by Inktomy Corporation. As far as I understand, it means that whoever it is registers sites through domains.yahoo.com.

I think I need a little help here to figure out what can I do. Thank you in advance.

ps. If person or persons behind it read this message, I would like to assure them that one way or the other I will track them down.

[Wazoo]

Your question isn't obvious, but as I saw no "problem" with SpamCop Reporting, I moved this to the Lounge. With all the data provided in the SpamCop FAQ (linked to at the top of this page) all the previous Topics and Discussions existing already, perhaps you could take some time, read up on some of this stuff, and try to come up with a bit more specific query. My initial thought was to also Merge this into the Is it really doing any good? Discussion, but I'm not sure of your actual answers wanted.

[fullnameoralias]

Aha. I got it.

ALL Web sites advertized are exactly the same; they all are registered on different names, undoubtedly, fictitious. Web sites represent one simple page with OnClose event (which by the way is blocked by all major browsers you dufus) redirecting the user to http://www.rygevyweti.biz/ (created in Frontpage 3.0) which has the following text:

Hello! You are receiving this email because you was join some paysite access to Paycom paysites. We know that you are receiving spam emails to your yahoo email. We need your email address and we asking you to sell it for us Or we can give you access to Pay site you like for Life Time. So, If you interested just send to email polsatos[at]yahoo.com your yahoo username and password and address of paysite for which you like Life time access and email to which you want to receive it. When your yahoo Id will be checked you will receive your lifetime password on the email that you will include in your message email to us! Thank you for Undarstanding!

I'm not exactly sure what the kid is trying to say here besides the fact that it's some sort of scam.

The main question is though - what do I do now?..

[dbiel]

Original SpamCop FAQ & Added Forum Items, Never up to date, changes often

1) do NOT respond to it. That would be the worst thing you could do, unless you want to increase the amount of spam you are receiving.

2) report it as spam.

Back to your orignal question. If you want to reduce the amount of spam you receive, reporting alone is not the answer. It must be combined with some type of filtering system. One of the easiest one to use is the SpamCop email account.

I do not have to time to go into any more detail now, but there is a lot of information is our forums and in the FAQ. You may want to look at How I use spam Cop, A detailed example

[fullnameoralias]

Sorry Wazoo, I wasn't specific enough. I'm tired, it's getting late, and I just spent couple hours tracking this #$%$#%. My question was - why wasn't I seeing any replyes to my reports?

I guess it doesn't matter now - I know all spam is getting from one source, and now I need to fin dout what this source is.

The rygevyweti.biz is regstered to:

Registrant Name: Janet Sasser

Registrant Organization: Janet Sasser

Registrant Address1: 1851 Kelberg Ave

Registrant City: Hoffman Estates

Registrant State/Province: IL

Registrant Postal Code: 60192

Registrant Country: United States

Registrant Country Code: US

Registrant Phone Number: +1.8471787427

Registrant Email: billikompares[at]yahoo.com

which must be another fake. Is there any way to track a person behind a domain name? Don't they have to go through some procedure to prove their identity when they register a domain?..

[dbiel]

Personally I have not received a single reply. My preferece is set to "Forward only replies from sentient people" My primary use of reporting is to feed the SpamCop BL which I then utilize by filtering all my mail through my SpamCop email account.

But remember that each of us have our needs and desires. I hope that you will continue to find a use for SpamCop.

[Farelf]

My question was - why wasn't I seeing any replyes to my reports? ...

34038[/snapback]

As seen, they usually don't reply. SpamCop reporting (presumably to network-abuse[at]cc.yahoo-inc.com in this case) is effective in terms of what SpamCop does. Sometimes a "manual" report will get some response - wouldn't think so in this case though. If you want to get up close and personal, there are other groups which do that sort of thing. http://419eater.com/forum/index.php seems to be one such, I don't know anything about them, other than they Google easily There again oldskoolflash - http://forum.spamcop.net/forums/index.php?showuser=3531 - reports some remarkable success in going all the way to get spam sites shut down. If you haven't already, take a look at his topics/postings for some inspiration.

[Jeff G.]

Welcome!

A companion question to "why am I not getting any responses?" is "why am I still getting the spam?". The best way I've found to filter out the spam email messages you are reporting is to use blocklists. The two blocklists that are affected by your SpamCop Reporting are the SCBL (sources) and SURBL (sites), so they should logically be a part of your filtering system.