Sunday, April 30, 2006

Spam flood

This evening I checked my Yahoo account like normal. I normally have five to twenty email messages a day with about three-quarters of them being spam. Well this evening I had eighty-three messages with only one, yes one, being legit. As I am running Linux I am fairly certain that I didn't get a trojan or virus, but, I am scanning my system anyways. It appears that the bot nets are in full flood spamming and that has me wondering what new and disgusting exploit are they trying to use to add to their nets?



Update 2006-05-01:

In the last three days I have one hundred and forty-five emails and only two were legit. There must be something going on in the bot world. One hundred and twenty of them were for porn and I automatically delete them without even reading them. They may be hoping that the curious will eventually click on the message.

If your ISP offers spam filters make use of them! The filters may accidentally classify legit email as spam, but, you should be able to redefine it as legit later on. If you are on dial-up, using the filter will allow you to keep your mail pickup times to a minimum. You can then use the web mail interface (the ISP has one doesn't it?) to review the subject line of the mail and the sender of the mail flagged as spam so you can pick out the ones you actually want to receive.

Friday, April 28, 2006

Current state of SPAM

Last year they trumpted that the CANSPAM act in the U.S. will improve the state of email. The number of unsolicited commercial emails (UCE), porn spam, scams and such would decrease. Well they were wrong, for a month or so after the act went in the mail did improve, but, now I am getting even more crap deposited in my inbox. Not only my Yahoo is spammed, but, my Goggle mail and my Sympatico account is spammed on a regular basis (though not as much as Yahoo).

I have been keeping track of the Yahoo account and here is a short summary of legit email:

January - 42.7%
February - 49.6%
March - 38.3%
April - 27.6%

So far out of 1455 messages only 553 were legit. There were 50 phishing attempts and the rest were UCE, porn and scams. In my not very humble opinion the law is almost completely useless. Spammers just moved their operations to where U.S. law does not apply, fired up their bot nets and let fly with their spam like usual.

Thursday, April 20, 2006

New spam/scam

In the last three days I have received nine emails that I would classify as a scam. It is about a stock and it is probably too good to be true. I can't even copy the message as it is a graphic image and not a standard text message. There is a 'removal' option that they specify at the bottom, but, it probably just confirms that they sent the mail to a live account and really start the spam stream.

If you want stock information don't take unsolicited notes, talk to a real financial planner or stock broker. They will do a fair bit of work identify what level of risk you can handle and make recommendations on what you should invest in. You also should do your own homework and research the companies before investing.

For the last 10 days the email in Yahoo has been approximately 2 spam for every legit email. One question for the legislators in the U.S. How effective do you think the CANSPAM act is because just the same amount of crap is migrating into my mailbox now?

Saturday, April 08, 2006

More phishing

For the last week I have been getting a number (seven) phishing attempts that claim to be from CHASE. Again, don't respond to requests from any company that asks you to re-enter your personal information by clicking on the link provided no matter what the story is. Go straight to the site yourself or better yet call them up on the phone and check.

Here is a copy of the email and I will highlight all of the errors in red that they made in the message.


Dear Chase Member,

This email is to inform you, that we are upgrading our ways of security and your account may have been compromised by other parties.

Our terms and conditions you agreed to state that your account must always be under your control or those you designate at all times. We have noticed some
unusual activity in our research due upgrading related that your account indicates that other parties may have access and or control of your details in your account.

These parties have been involved with money laundering, illegal drugs, terrorism and various Federal Title 18 violations.

Your will need to re-enter some imformations about your account for advanced verification and to let us know that your are aware of this violation and due this way we can stop the outside parties.

We won't require your ATM PIN number for this operation!

Please follow this link to complete your security verification and protect your account :

Update your account now.

Please be aware, if you don't upgrade your account this will lead to money loss and we will have no other liability for your account or any transactions that may have occurred lately.

Thank you for your time and consideration in this matter .

Sincerely,
© 2006 JPMorgan Chase & Co.




I removed the link on 'Update your account now'. When you get such a message check the address that the link leads to you will notice that it will not be to the site that the message claims to be from.