Full Disclosure mailing list archives
Re: Mailing lists and unsolicited/malicious spam
From: GuidoZ <uberguidoz () gmail com>
Date: Mon, 20 Dec 2004 02:19:49 -0500
[Big snip]
For those of you who already have a "mailing list only" e-mail address and a seperate address for work related/corporate/company matters, do you see a different level of unsolicited spam, compared to the work address or other private e-mail address for friends and family? I'm thinking about setting up the same myself, just for experimental reasons! I think i'll find some differences between the two.This is true, GuidoZ could expand on this fact I know. If he is around..lol Then again most corporate e-mails systems (and some people at their house) have very in-depth spam filters and programs to weed out spam and junk mail. The number would look different and should be different.
Yeah, I'm around now and then. ;) I have a "list only" email address (this one) that I started recently and only use for mailing lists. (It gets around 20 of them or so. Mostly SecFocus lists, also the BTs, few scattered support lists.) I have noticed an increase in spam - and it can only come from one place: Spam crawlers. I haven't used this email address to register software, I haven't given it to anyone, and I haven't emailed anything BUT a list from it. I'm only getting about 8 spam a day so far, which isn't bad at all. Gmail is good about catching 99% of them. As for my other addresses, they are receiving more spam simply because they have been around longer. However, a few addresses I've created recently JUST for consulting (it's only on my business card, nowhere else) hasn't received a single spam message in almost 7 months. (My Gmail "list-only" account is about the same age.) The email addresses I've had for a decade are receiving roughly 5,000 spam a day (yes, 5 thousand - wee!). I've given up trying to save them and don't use them anymore, except to study spam and phishing attempts. =) In fact, I'm current working with someone at the Georgia Institute of Technology (gatech.edu) to analyze the different spam/phishing tactics for better filtration and general knowledge. Hey, for once spam was good for something... -- Peace. ~G On Fri, 26 Nov 2004 08:13:47 -0600, Todd Towles <toddtowles () brookshires com> wrote:
How many people are actually subscribed (on FD) and what are the general figures for subscribers for high profile mailing lists, has any figures ever been released? And would the theft of the list of e-mails subscribed be of value to spammers? I think it would be, I hope FD admin is up to date with and keeping tracks of bugs as the rest of us. If malicious hackers/script kiddies got hold of the list, I think they would be able to attack a good percentage of inboxes with whatever they send. Weather it be porn spam or a phishing to take passwords or if it be malcious code to take advantage of POP mail clients via SMTP.Number 1, I highly doubt than a spam message would be very effective using the FD list of address only. Number 2, this list is full of security professional (white, black and grey) and I would guess that most of the core users you see on here would not just run a attachment or be fooled by the double extensions trick. Given there most likely are "normal internet users" on this list but I would guess that number is pretty low.I think already FD is targeted by spam/phishing hackers who wish to collect e-mail addresses for further exploration. Perhaps posting on FD could be a security risk in itself (well not just FD but mailing lists online in general) as far as POP mail clients and SMTP is concerned. (web-based e-mail has its own problems which usually don't have the risk of taking over computers like mail clients do. Usually web-based e-mail is just at risk from xss/cookie disclosure/account theft, whereas malicious code sent to mail clients can take over whole computer systems)Every mailing list is targeted by spammers and phishing. There are program that are designed to spider google and collect e-mail addresses. Since this list is mirrored several times in several sites in different countries, this shouldn't be a surprise.For those of you who already have a "mailing list only" e-mail address and a seperate address for work related/corporate/company matters, do you see a different level of unsolicited spam, compared to the work address or other private e-mail address for friends and family? I'm thinking about setting up the same myself, just for experimental reasons! I think i'll find some differences between the two.This is true, GuidoZ could expand on this fact I know. If he is around..lol Then again most corporate e-mails systems (and some people at their house) have very in-depth spam filters and programs to weed out spam and junk mail. The number would look different and should be different.Plus, do FD admin and other high profile mailing lists have honey pots or similar methods to catch FD/mailing list born spam? I believe a big mailing list can have its own domestic/internal spam, seperate from the general internet who are not subscribed to the given mailing list or lists, and even different mailing lists having its own group of spammers targeting them, with its own nature of spam/phish/malicious code exploration.I would guess that most spammers don't mail thru mailing list. Most would use the thousands and thousands of relay bots all over the internet to hide their e-mail in bulk. When I say in bulk, I mean in bulk. To target a single list with a crafted message would be anymore wasteful. Now that doesn't mean it wouldn't work, it would most likely. But just like in stealing cars or wireless internet. Why take the time to create the special message (or break the WEP) if you can send out a general "New Microsoft patch" or "We need your banking info" and get a 10% return. There 10% return will be normal internet users that most likely don't know about about computers, don't have AV and don't know about the spam underworld. Spammers don't want to get caught, they want to use the computers that are still infected with the CodeRed worm. Unmanged computer heaven. ;) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Mailing lists and unsolicited/malicious spam GuidoZ (Dec 21)
- <Possible follow-ups>
- Re: Mailing lists and unsolicited/malicious spam GuidoZ (Dec 21)