Jump to content
GreaseSpot Cafe

What's with this? -- Dealing with email spam


Psalm 71 one
 Share

Recommended Posts

I got an email in February from this website (Wordofmouth reasearch) saying someone is looking into my back ground. I went to this site, to read the message, and found out that the only way to read what the person had written, and to be able to respond privately (without giving my email addy), was to register for membership at $20 for 3 months or $30 for 6 months. Yeah, right, I may be an airhead, but I ain't toopid! icon_biggrin.gif:D-->

But now, every 2 weeks or so, I get this "someone is researching your background" thingy. I can opt to no longer recieve their email notifications, but i don't think that would tell the "researcher" not to keep researching.

Now, today, I got an email from some mhaggard, with a virus in it (My scanner caught it). I have this account on outlook, so the message was opened automatically because it was the last on the list. (I'm guessing Norton caught it before I got infected, even tho it was opened)

The subject was titled "Fake", and the message says, "is that your name?"

This email account does have some of my real name in it, and it is on the same server (myexcel), where I posted an email addy on my profile for this site, Psalm71one@myexcel.com Anyone who has read enough of my posts can eventually figure out my name. That is the only one I make public on this site, and this site is the only forum I am a member at. But that Psalm71one email account has been messed with a few times.

(I find emails deleted frequently--I haven't deleted them and my hubby does not have access to that account-I don't think he even knows it exists)

So what gives? I don't think I have made any enemies at this site--I stay away from any arguments. I read many controversial threads, have very strong opinions--may even start an angry response, but I don't post em. When I do post a rare serious post, I don't think I am abrasive.

I don't know what someone would have against me. I'm not real trusting, so there aren't too many people I give my regular email account to, and even them, I have been careful about-- if I have any reservations about em, I follow my instincts.

So what gives, mhaggard--or whoever you are?

Edited by Kit Sober
Link to comment
Share on other sites

I had something odd happen to me about a year ago. Not the same details but a wierd situation like yours. My husband then send something out to complain about it.

I will ask him, something like an internet monitor.

But he said most of these "weird things" were being sent over here from China and other countries...

Maybe Steve! has a suggestion on how to report this person for sending a virus.

Link to comment
Share on other sites

It's just a scam to get you to look at their website. Any email address they can get from anywhere on the net gets sent the same email, "Someone's researching/looking for you" or similar. Notice it never says who. Of course this makes most folks curious, so off they go to the site. As soon as you get there, though, they know your email address was an actual working one, so you automatically go on their "spam-again" lists.

Don't sweat it, and never EVER click on those "opt-out" links. As soon as you do that, most of these spammers will flag your address as a "live" one and sell it to their buddies. You may not get any more spam from site "A", but you'll get a bunch of NEW spam from "B", "C", "D", etc., etc.

icon_smile.gif:)-->

Link to comment
Share on other sites

Hi psalmie, Maybe mhaggard is Merle Haggard LOL

buy I also have been having a fit over my e-mail addy too. Almost the same as you,and I heard of others in hear that are having the same thing,I'm thinking about changing to a different mailbox that I already set up,I ask the Lord "why me lord" what have I ever done to deserve even one of the things you have done for me~~~~~~Love Dovey icon_confused.gif:confused:--> icon_frown.gif:(-->

Link to comment
Share on other sites

If you run your own server, or know the person that runs it, you can have a program called SpamAssasain installed that keeps this stuff from causing problems for you. I use that in addition to some other things (Mozilla Thunderbird and it's built in spam protection, plus custom filters that I wrote) to prevent spam. I'm also very careful about where and how I post my email address. I have a catchall for my email, so if I need to register somewhere using my email address, I make up one specifically for that site. That way, when I start to get spam, I can block all email sent to that email address, but also to see what companies are giving out my email address. It's pretty suprising sometimes.

Anyway, I could write a book on how I deal with spam, how I thwart spammers, and what I do to keep my PC secure. It's probably too much work to do all of it, but you can do much. I do have a few tips for you though:

1) Make sure that your virus scanner is working properly and is updated.

2) Download and use a program like AdAware to make sure you don't have any adware/spyware/etc. on your computer.

3) Download and install a firewall program. I reccomend ZoneAlarm because it's the easiest to use, but it makes your computer boot time a little slower.

4) Switch from using Internet Explorer and Outlook (if you are doing so) to something safer like Mozilla. It's free and works mostly the same way. You can get either the full Mozilla suite, or update the browser (Firefox) or email client (Thunderbird) by themselves.

5) Change all of your passwords. If you suspect that someone is reading your email, change the password for it.

Those should be a good start, and they're not all that difficult. There are other things that can be done too, but you'd really need to have an expert help you out. One thing I do occasionally on my home network is to run a packet sniffer to see what is going on. This isn't something a novice can pick up too easily, but if you have a good understanding of networking you can tell what programs are trying to do and what information is being sent. For example, POP email (what people generally use for Outlook, Eudora, etc.) sends the passwords in a format that anyone on your network with a packet sniffer can read. Webmail is often more secure if you see in the URL bar that it starts with https:// rather than http://. Instant messenger conversations are easily readable with a packet sniffer. My wife didn't understand how easy it was, so the other way I showed her how to do it, and we were able to recreate a conversation she had with her mother over MSN Messenger. The rest are just as easily read. What you read on the web can be traced and read as well.

Before you get scared though, I want you to realize that for that to happen, someone has to be on the same network. So if the WayGB wanted to break into your email account, for example, they'd have to be either on the same network as your computer (meaning if you are using just one computer in your home and have no wireless network, you should be ok) or have installed a trojan (a program that can be used to spy on you and control your computer.) There are other ways to get that information, but most of the people who know how to perform those types of things are too responsible to do it.

Anyway, watch out for scams like the emails you have gotten, and if you do what I reccomended above, you should be safer than at least 90% of the people on the internet.

Link to comment
Share on other sites

I also wanted to mention that bad things can happen to anyone on the internet. A few weeks ago, a bug was found in Winamp that would allow someone to get access to your computer via going to a website in Winamp's built in browser. Since I don't like how long the newer version takes to boot up, I've kept an older version that is victim to that flaw. I also sometimes listen to internet radio stations, which have the ability to pop open the browser.

So, about a week ago, I was using my computer when all of a sudden I had problems moving the mouse, and saw that it was moving on it's own. I also noticed that when I would try to open certain things like the Task Manager (what you get when you press Crtl Alt Del) it would be minimized, and my hard drive was going crazy with activity. All this after I was listening to a few new music stations that popped up the Winamp browser.

Of course, I left this computer on the DMZ of my network, and I had temporarily disabled my software firewall and forgot about it, so this computer was completely out in the open and someone had gained control of it from the internet. The person controlling it was preventing me from reenabling my software firewall, so in desperation I had to pull the network card out of my laptop and then fix it. A few hour lapse of security on my part ended up with my computer being "0wn3d" temporarily. I was able to go back and fix it, but it still isn't good.

Another thing is that my software firewall shows when I get a port scan from the internet. I get about 100 within the few hours that I leave my PC online at home (when it's in the DMZ rather than behind the hardware firewall.) Port scans are the equivalent of a burglar jiggling the doorknob of your house to see if you locked it. I get a ton every day, and while they can safely be ignored for the most part, most people are not aware of it occuring and have "their doors unlocked." Port scanning is not illegal, and it isn't always used for bad purposes, but it can definitely be a sign that someone is trying to get in. It's not necessarily that they specifically target you though, because often people will run port scans against entire areas of the internet.

The moral of the story I guess is to do your best to secure your PC, but it's not foolproof.

Link to comment
Share on other sites

*checks*

Hm. Slow morning. Only 35 port scans. Higher activity

times (like during primetime tv) I can get 100 in an hour

or more.

We've discussed various security measures in the computer

forum. I'm no expert, so anything I can use, you can use.

First one, e-mail addresses.

I have a public e-mail address. It's not posted here.

I don't use it here.

If I have problems with an e-mail address, I know roughly

where it came from-my public one is limited, etc.

A number of exploits are specifically designed for Outlook,

and attempt to hijack your Outlook address book. If you

must use it, may I suggest putting one of your own addresses

in it, so if they spoof your name as a header, then you'll

get one from yourself, and know something's up?

I'd chill in the computer forum and look over the security

suggestions, if I were you.

Link to comment
Share on other sites

Thanks, allaya, for your responses. I was feeling ....y when I posted!

I think I will try to find out what is happening with the one account where emails are getting deleted. That bothers me--Pmosh, first thing I'm gonna do is change all my passwords, at least!

Zix, I remember you or Steve! at one time had posted something about a kind of scam that sends out emails with some sort of subject line that makes it seem like ya know the sender, but is spam. So I started deleting anything and everything I didn't recognize, because if I understood correctly, some of those emails have a tracking device that lets the sender know that it is a "live" email addy because it was opened. (Did I understand that correctly?) If anyone has changed their email addy and then emailed me and didn't let me know about their new addy, they are getting deleted!

Also, about the someone is researching your background thingy, I did kinda figure it was a way to get people to their site-- get their money for at least the minimal membership, and then not really be anything. Thanks for letting me know about clicking the opt-out link. But what a pain that I have to put up with their emails then! (I know, better that one, though, than 10 others that they sell my addy to).

dmiller, I wish that were true for me. I have a hotmail account that is the one I use for an email addy when you have to give an email addy--I use it for e-magazines, also. That mailbox is always full of junk. (Trying to sell me anything from home loans to weenie-enlargers! Hmmmm! LOL!)

I delete everything but the magazines I was expecting--and no, I don't open any of the others. I woulda thunk I would get less and less, but I go in there once a week and my mailbox is usually almost full!

Pmosh, your post was very helpful (some of it went over my head-but don't tell anybody! LOL!)

I have both ad-aware and spybot-- I run those about twice a month (The frequency I am online varies--sometimes it's over a week before I get back online, other times, every day and then I skip it again for another week)

I had heard somewhere that anything by Microsoft (Msn, hotmail, Outlook and Internet Explorer has some sort of tracking thingy, which keeps track of the types of websites ya go to, and the subject lines of all your emails, and then ya get all this junkmail or pop-up ads related to your internet habits. Not sure if that is all true, but I've never liked Outlook, anyway! I wanted to use something different, but hadn't looked into it very far.

What I have right now is, I guess, a dino-puter-It's five years old!! It has 128 RAM, a AMD-K7processor, has 16 GB of storage, and I thought I had a great machine. Cept, lately it glitches up a lot, and I get a "out of memory" pop-up screen fairly often and have to reboot! AKKKK!

We have a friend who is a computer programmer and he is willing to rebuild this puter. I guess he would know how to put in that Spam Assasin, huh?, and that packet sniffer? I'll get the firewall installed then, also.

I would gladly switch out of IE and Outlook, but I don't think I will be able to s'pain it well enough to convince my hubby to switch. Can I put my own email accounts on the Thunderbird email client at least? (He doesn't use this puter too often, but I know he'd want Outlook or outlook express for the email account that is the whole family's)

Link to comment
Share on other sites

quote:
Originally posted by Psalm 71 one:

I think I will try to find out what is happening with the one account where emails are getting deleted. That bothers me--Pmosh, first thing I'm gonna do is change all my passwords, at least!


It's good to change your passwords regularly anyway, but even I get pretty lazy with that. In fact, at work places when I'm required to do it once a month, I usually use something like pass04 for April, pass05 for May, etc. icon_biggrin.gif:D-->

quote:
Originally posted by Psalm 71 one:

Zix, I remember you or Steve! at one time had posted something about a kind of scam that sends out emails with some sort of subject line that makes it seem like ya know the sender, but is spam.


It's not hard. Anyone can send email from anyone else on the internet. It's extremely easy to spoof emails. There are ways to tell to a degree whether they're real or not, for example if you send an email from a yahoo.com address, but the mail server is not mail.yahoo.com.

At work I have programs that email a summary of what they've done when they complete. Since these programs don't have real email addresses, I have them sending their names out as their email addresses. Just to show you how easy this is to do, here's all you need for a perl program to send an email from whoever you want. The only thing is that you need an email server that allows you to send emails through it (easy to find, and you can easily install the software on your own PC if you want.)

quote:

use Mail::Sendmail;

my %mail;

my $mailto = "victim@isp.net";

my $mailfrom = "fakespammer@fakedomain.com";

%mail = (

To => $mailto,

From => $mailfrom,

Subject => "Buy v.1.a.g.r.a",

Message => "Spam spam spam"

);


That's all that's required. Granted, there's more to my program than that (including error checking for whether or not the email worked) but someone could easily put that in a loop and send spams out, or incorporate that with a database and send the email out. Writing spam software is extremely easy, and it's also very easy to fake who the email is from. You can trace it enough to determine that it's fake if you wanted to, but you can't figure out exactly who it was that sent it.

quote:
Originally posted by Psalm 71 one:

So I started deleting anything and everything I didn't recognize, because if I understood correctly, some of those emails have a tracking device that lets the sender know that it is a "live" email addy because it was opened. (Did I understand that correctly?) If anyone has changed their email addy and then emailed me and didn't let me know about their new addy, they are getting deleted!


There are a few ways they can track you. One is to include a return reciept request (or something like that), which Outlook automatically replies to. I use this at work so I can have proof that some slackers read my emails. Another is the dangerous idea of HTML email. I prevent Thunderbird from accepting html email. Usually, they can track if you've read it (and other things) by including a graphic, even if it's a small invisible one, in the email. They can know when you read it, what your IP address is, what browser you use, etc.

quote:
Originally posted by Psalm 71 one:

Pmosh, your post was very helpful (some of it went over my head-but don't tell anybody! LOL!)

I have both ad-aware and spybot-- I run those about twice a month (The frequency I am online varies--sometimes it's over a week before I get back online, other times, every day and then I skip it again for another week)


You're welcome. Also, as I forget if it was mentioned here or not, the commercial version of Adaware has something that runs constantly, a lot like how virus scanners work. If you have a bunch of people in your house installing software and visiting questionable websites, you may want to invest in that.

quote:
Originally posted by Psalm 71 one:

I had heard somewhere that anything by Microsoft (Msn, hotmail, Outlook and Internet Explorer has some sort of tracking thingy, which keeps track of the types of websites ya go to, and the subject lines of all your emails, and then ya get all this junkmail or pop-up ads related to your internet habits. Not sure if that is all true, but I've never liked Outlook, anyway! I wanted to use something different, but hadn't looked into it very far.


I don't know how true that is. I do remember it happening for MSN or something a long time ago, but I don't think it does anymore. As far as other programs like Outlook go, the problem is that since Microsoft makes the OS and all of the software such as Office, Outlook, IE, etc. they try to set it up to have more functionality so that it works better for the users. This can be a problem though, when people figure out how to abuse it. All of the problems with Outlook and MS Office for viruses is due to the fact that Microsoft includes a full programming language in these programs. There is plenty of potential for abuse with that, even though they've closed some of the holes. I will try to avoid going into details, but there are ways of having programs talk to each other. I wrote something in Outlook so that when I get an email, I can click a button on it and it will enter the email into another program for me so I don't have to type it. (For those that want the details, this can easily be accomplished via using COM objects with VBA, then customizing Outlook to call the VBA script via a button you added.) When you allow programs to talk to each other, that means that a spreadsheet you open can mess with your email, or that your Word document can connect to the web, and that either can connect to your hard drive to do whatever it wants. Microsoft has put exceptions in to prevent these things, but they were added as an afterthought, rather than how Java specifically set out to prevent malicious programs from wreaking havoc on your computer.

quote:
Originally posted by Psalm 71 one:

What I have right now is, I guess, a dino-puter-It's five years old!! It has 128 RAM, a AMD-K7processor, has 16 GB of storage, and I thought I had a great machine. Cept, lately it glitches up a lot, and I get a "out of memory" pop-up screen fairly often and have to reboot! AKKKK!


Sometimes you need to reinstall everything from scratch in order to get it working ok again. Your computer may be old, but it's not that old that it shouldn't be useful. About the only things I would look into would be a bigger hard drive and an upgrade to Windows XP.

quote:
Originally posted by Psalm 71 one:

We have a friend who is a computer programmer and he is willing to rebuild this puter. I guess he would know how to put in that Spam Assasin, huh?, and that packet sniffer? I'll get the firewall installed then, also.


I don't know your friend, but I often cringe at "computer guy" friends of people. I mean, even I have done dumb things when I thought I knew what I was doing (such as installing an English service pack for Windows on my mother in laws Spanish language computer) but I would bring this stuff up with him and see what he says. He may not completely agree with what advice I've given, but that's fine. Some of it is probably a little overboard, but things like installing ZoneAlarm are very simple and should eliminate a lot of problems of the potential of someone breaking into your PC. The packet sniffer idea is probably too much in your case. It's like how you know to give cough syrup for a cold, but the packet sniffer would be like examining the phlegm under a microscope and seperating the DNA of the virus to determine what it is exactly. SpamAssasain is good, and there is a version that runs on the desktop, but I have heard a few complaints about it. The person that hosts my website (and thus my email) runs it on the server, which is great, and it filters a lot for me.

quote:
Originally posted by Psalm 71 one:

I would gladly switch out of IE and Outlook, but I don't think I will be able to s'pain it well enough to convince my hubby to switch.


Switching from Internet Explorer to Mozilla Firefox is extremely easy. You can get more information on the Mozilla Firefox website. They have screen shots and installers. I believe the version right now is 0.8 and they have an easy windows installer. It's open source, so if you have problems with it, there are a bunch of guys sitting around with nothing better to do than to fix it's bugs for free. icon_smile.gif:)-->

quote:
Originally posted by Psalm 71 one:

Can I put my own email accounts on the Thunderbird email client at least? (He doesn't use this puter too often, but I know he'd want Outlook or outlook express for the email account that is the whole family's)


You can put your own email account on Thunderbird to have it completely seperate. One thing though, is that Thunderbird is fairly different from Outlook. It's pretty easy to use if you used Netscape Email a few years back when they were around, but if you're used to Outlook it may not be that easy. You can check it out at the Mozilla Thunderbird site. I have to admit that I've considered going back to Outlook for my email regularly, because there are certain things that Thunderbird doesn't do well, and changes that should be made to the layout of the menus and other things. It may not be an issue for you if you just want to use it for email. I used Outlook for the calendar and address book functions, as well as the integration with my Palm Pilot, and it was a pain to deal with Thunderbird for some of that. However, for email only, it's a great program.

Link to comment
Share on other sites

quote:
Sometimes you need to reinstall everything from scratch in order to get it working ok again. Your computer may be old, but it's not that old that it shouldn't be useful. About the only things I would look into would be a bigger hard drive and an upgrade to Windows XP.
Except that the typical hard drive runs about $100 on sale now, and the WinXP upgrade costs $90. Add another $40-$80 to install those if you're not a computer geek, and you're already in the $250 neighborhood. Most of the large electronics chain stores will offer a complete computer package nowadays for about $400 or so.

It's getting to the point where it's almost more economical to buy another instead of update the CPU/motherboard/RAM in a computer.

[EDIT: Ok, I went and checked. This week's Best Buy ad has a 2.7GHz Intel Celeron computer w/256MB RAM, 40GB hard drive, DVD-CD/RW drive, 17" monitor and color printer for $389.97 after MIR. For another $80, you can get a 2.8GHz CPU, 512MB of RAM, an 80GB hard drive, and separate DVD/CD drives.]

Link to comment
Share on other sites

Zixar,

That's true, but I'd get at least a 100GB HD if it were me, a mere 40GB wouldn't cut it (although 80GB isn't too bad), that way people can store all the ISOs of Windows XP and other software that you download off of KaZaA. icon_biggrin.gif:D-->

(Just to be clear though, XP came with my computers so I have real licenses.)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...