Re: Mailing lists and unsolicited/malicious spam

[GuidoZ <uberguidoz () gmail com>]

[Big snip]

> > For those of you who already have a "mailing list only"
> > e-mail address and a seperate address for work
> > related/corporate/company matters, do you see a different
> > level of unsolicited spam, compared to the work address or
> > other private e-mail address for friends and family? I'm
> > thinking about setting up the same myself, just for
> > experimental reasons! I think i'll find some differences
> > between the two.
> This is true, GuidoZ could expand on this fact I know. If he is
> around..lol Then again most corporate e-mails systems (and some people
> at their house) have very in-depth spam filters and programs to weed out
> spam and junk mail. The number would look different and should be
> different.

Yeah, I'm around now and then. ;) I have a "list only" email address
(this one) that I started recently and only use for mailing lists. (It
gets around 20 of them or so. Mostly SecFocus lists, also the BTs, few
scattered support lists.) I have noticed an increase in spam - and it
can only come from one place: Spam crawlers. I haven't used this email
address to register software, I haven't given it to anyone, and I
haven't emailed anything BUT a list from it. I'm only getting about 8
spam a day so far, which isn't bad at all. Gmail is good about
catching 99% of them.

As for my other addresses, they are receiving more spam simply because
they have been around longer. However, a few addresses I've created
recently JUST for consulting (it's only on my business card, nowhere
else) hasn't received a single spam message in almost 7 months. (My
Gmail "list-only" account is about the same age.)

The email addresses I've had for a decade are receiving roughly 5,000
spam a day (yes, 5 thousand - wee!). I've given up trying to save them
and don't use them anymore, except to study spam and phishing
attempts. =) In fact, I'm current working with someone at the Georgia
Institute of Technology (gatech.edu) to analyze the different
spam/phishing tactics for better filtration and general knowledge.
Hey, for once spam was good for something...

--
Peace. ~G


On Fri, 26 Nov 2004 08:13:47 -0600, Todd Towles
<toddtowles () brookshires com> wrote:
> > How many people are actually subscribed (on FD) and what are
> > the general figures for subscribers for high profile mailing
> > lists, has any figures ever been released? And would the
> > theft of the list of e-mails subscribed be of value to
> > spammers? I think it would be, I hope FD admin is up to date
> > with and keeping tracks of bugs as the rest of us. If
> > malicious hackers/script kiddies got hold of the list, I
> > think they would be able to attack a good percentage of
> > inboxes with whatever they send. Weather it be porn spam or a
> > phishing to take passwords or if it be malcious code to take
> > advantage of POP mail clients via SMTP.
> Number 1, I highly doubt than a spam message would be very effective
> using the FD list of address only. Number 2, this list is full of
> security professional (white, black and grey) and I would guess that
> most of the core users you see on here would not just run a attachment
> or be fooled by the double extensions trick. Given there most likely are
> "normal internet users" on this list but I would guess that number is
> pretty low.
>
> > I think already FD is targeted by spam/phishing hackers who
> > wish to collect e-mail addresses for further exploration.
> > Perhaps posting on FD could be a security risk in itself
> > (well not just FD but mailing lists online in general) as far
> > as POP mail clients and SMTP is concerned. (web-based e-mail
> > has its own problems which usually don't have the risk of
> > taking over computers like mail clients do. Usually web-based
> > e-mail is just at risk from xss/cookie disclosure/account
> > theft, whereas malicious code sent to mail clients can take
> > over whole computer systems)
> Every mailing list is targeted by spammers and phishing. There are
> program that are designed to spider google and collect e-mail addresses.
> Since this list is mirrored several times in several sites in different
> countries, this shouldn't be a surprise.
>
> > For those of you who already have a "mailing list only"
> > e-mail address and a seperate address for work
> > related/corporate/company matters, do you see a different
> > level of unsolicited spam, compared to the work address or
> > other private e-mail address for friends and family? I'm
> > thinking about setting up the same myself, just for
> > experimental reasons! I think i'll find some differences
> > between the two.
> This is true, GuidoZ could expand on this fact I know. If he is
> around..lol Then again most corporate e-mails systems (and some people
> at their house) have very in-depth spam filters and programs to weed out
> spam and junk mail. The number would look different and should be
> different.
>
> > Plus, do FD admin and other high profile mailing lists have
> > honey pots or similar methods to catch FD/mailing list born
> > spam? I believe a big mailing list can have its own
> > domestic/internal spam, seperate from the general internet
> > who are not subscribed to the given mailing list or lists,
> > and even different mailing lists having its own group of
> > spammers targeting them, with its own nature of
> > spam/phish/malicious code exploration.
> I would guess that most spammers don't mail thru mailing list. Most
> would use the thousands and thousands of relay bots all over the
> internet to hide their e-mail in bulk. When I say in bulk, I mean in
> bulk. To target a single list with a crafted message would be anymore
> wasteful. Now that doesn't mean it wouldn't work, it would most likely.
> But just like in stealing cars or wireless internet. Why take the time
> to create the special message (or break the WEP) if you can send out a
> general "New Microsoft patch" or "We need your banking info" and get a
> 10% return. There 10% return will be normal internet users that most
> likely don't know about about computers, don't have AV and don't know
> about the spam underworld. Spammers don't want to get caught, they want
> to use the computers that are still infected with the CodeRed worm.
> Unmanged computer heaven. ;)
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html