Sunday, January 29, 2006

SPAM - it is not getting better

I thought for a brief moment that the spam situation would be getting better. For a short period in 2005 it did. June and July 33% to 44% of my Yahoo mail was legit, the rest was spam. Towards the end of 2005 it was 54% to 61% legit. However, in January it went into the spam mail hell. Only 44% of my Yahoo mail is legit and the rest is spam. My Google Mail account is getting semi-regular spam several times a week and my Sympatico id is now getting spam. In the last two days I had received only 1 legit message, but, 40 spams.

To those who think spam is a legit way of getting your message out I have a message for you:
  1. Your spam does not work. Most of us now have spam filters and your spams are consigned into the electronic trash heap. Personally I check the sender name and if I don't recognize it I delete it without opening the message.
  2. If I recognize your name as a local operation I make it a point NEVER to patronize your business.
  3. If I am interested in your product and/or service I will go to your web page myself and do my research and compare you against your competitors. No amount of spam will interest me (see #2).

For those of you who are flooded with spam you can do a few things.
  1. If your email package has a spam filter, use it!
  2. If your ISP offers spam protection, use it! If your ISP does not have one ask them why?
  3. If you use HOTMAIL, GMAIL or YAHOO use their spam filters!
  4. If your account is totally flooded look at creating a new email id and only a few friends and family members get that id. Leave the old account as spam bait.
  5. For all of those warranty forms that ask you for your email account, don't use your main id. Create a disposable account. When it gets spammed you can ignore those messages. We do this at home. My Yahoo account is the id used for all warranties and registrations. That is also why I get so much spam.

Wednesday, January 18, 2006

Gmail spam

It finally happened. My gmail account has been spammed. It is quite interesting in that there are only two people who know and send mail to that account. My Sympatico account is now getting the rare spam. When will they learn, I won't buy whatever they are selling. From my point of view it is like having a telemarketer walk into my house and inflict me with their sales pitch and I can't do anything about it.

Tuesday, January 17, 2006

New year, old spam

After a break of two weeks the Paypal Phishing expedition is back. Three very obvious scams in my Yahoo inbox. That and the variations of the Nigerian scam is back in full force with six today. Again a few tips:
  • Never click on a link in a note that purports to be from your bank, insurance company, ISP or just about anyone else asking you to re-enter your personal information again. These companies won't ask you do do this and even if they do it is much safer for you to open your browser and go to the site yourself.
  • If a 'financial opportunity' sounds too good to be true it probably is. Many of these people are playing on our greed.
  • If a company is asking for your email address to register use a throw-away id and never use your main personal email address. I use Hotmail and Yahoo for this and my personal box does not get the volume of spam that I used to get.
If you use Windows:
  • Make sure that your system is up-to-date. Use the Windows update facility.
  • Get a router with a basic firewall. Make the job of the crackers difficult.
  • Get firewall software and keep it up-to-date.
  • Get virus scan software and kep it up-to-date.
If you use Linux:
  • Make sure that your system is up-to-date. Use whatever facility your distro has to install updates. Just because we are using Linux does not mean you don't have to patch your system.
  • Get a router with a basic firewall. Same as windows.
  • If your distro comes with IPTABLES or firewall software use it. Why make the job of a cracker any easier.
  • As for virus scanner that is up to you. I run one as my SAMBA share is used by the kids and they use Windows. This allows me to check the directory even if I am not affected by the virus/trojan.

Sunday, January 01, 2006

New phishing variant

There is a new phishing attack that may catch some people by surprise. It purports to be from an E-Bay member looking for a payment for an item. There is a box at the right hand side at the start of the message with 'Respond to this question in My Messages.'. The link does not go to E-Bay, but, to 'all-design.com.tw' which is in Taiwan. When you get messages that purport to be from someplace like E-Bay, Paypal, Microsoft or your financial institution do not use the embedded link. Go to your browser and go to the site yourself.

Update:
I have received a reply from E-Bay and I will quote the first paragraph of their note:

We have reviewed your report and have found that the message you received was made to appear as if it had been sent by an eBay user; however, it was not. All email sent to you from other members through eBay's email system will also appear in the My Messages portion of My eBay. If you get an email to your registered eBay email address that looks like it's from eBay or another eBay member asking a question, check My Messages first. If it's not there, it's a fake email.

2005 spam in review

Now that the year is over we can review the mail that was sent to my Yahoo account. From June to December I received 2,029 emails. Of those 1,017 were legit and 59 were phishing attempts. Of the spam 651 were porn messages. In December there was a resurgence of spams with 13 phishing emails in the four days before Christmas. Did the U.S. Can-spam act work? To some extent it may have, but, a full 50% of my messages are still spam.