| ♦ REFRESH to rotate MAAMAW'S CLICKY NOTES thru this space..... Timely Tips, Best of the Boards & More ♦ |
Be sure to visit the Current Message Board when you're finished here. We're very friendly, so don't be shy... just jump right in and post your question. Scams outnumber legitimate biz ops about a bzillion to one, so it's well worth your time. |
| | View Thread | Return to Index | Read Prev Msg | Read Next Msg | |
|---|
FIB - Scams 101 - Ye Olde Archives
Posted By: The Roadie <wcarton@flash.net> In Response To: Re: I know I'm in the minority here, but.... (Mike Jolley)
Friday, 24 June 2005, at 9:47 a.m.
> This stopped happening a couple years ago :) It was a big problem. Now the
> spam is either from Internet biz newbies or people in unregulated
> countries like Nigeria.
It stopped happening for you because it sounds like you or your ISP have good filters. Large companies like Kraft/Gevalia Coffee have turned to spammers for more business, trying to achieve a "plausible deniability". And they're getting sued. http://legal.hypertouch.com/
Millions of idiots still buy pills, refinance, and fake college degrees.
http://www.sophos.com/spaminfo/articles/masssuit.html
Newbies are easy to catch and educate. Nigerians are easy to filter. The top 200 ROKSO-class spammers are still a huge problem at the ISP level.
> 10 years ago there were no spam laws. Why would you listen to scammers
> like AOL anyway?
Because AOL takes spammers to court and is quite effective. Also Microsoft.
> AOL claims that they can justify charging you a chunk of
> change every month to reduce the quality of the graphics you get, and oh
> yeah, they can justify the expense of the three dozen or so AOL CDs I've
> received in the mail and used as coasters and thrown away.
As they say, "friends don't let friends use AOL." :-)
> I agree that AOL wastes tons of money. I'd estimate the waste at 50%
> because their retail price is at least 50% more than their service is
> worth.
Then they may be a scam, which we've just discussed in another thread. :-)
But they sue spammers, so part of them (their legal team) is OK in my book.
> Ok, I'll just blacklist all of the spammers in the USA, then drive them to
> China. Then I'll blacklist all the billion people in China. I know exactly
> which button to push on my secret control panel.
All the country-based and rogue-network blacklists you would ever need can be found at http://www.blackholes.us/
You need to be running your own mail server, or a user-based filter like SpamPal, to use these lists. But they work. If you don't have customers or friends in Argentina for instance, you can filter them and not look back.
> Spammers are more criminal today than in the early days when their main
> desire was to flood servers to the point that they stopped functioning?
Yes. Much more. The early spammers that flooded servers were dumb. A good parasite never kills the host it's in.
Custom-written virus payloads and proxy abuse are specifically criminalized in the CAN-SPAM law, although trespass to chattels has been used as a charge against spammers for ten years.
> No, I think most spammers today are newbies who want to get out of
> poverty.
Perhaps by the numbers of spammers. Not by the numbers of emails sent. No more than 5% of the spam I see in my filters comes from MLM or other sorts of newbies. At the ISP level, it's almost all the pharma, XXX, mortgage, fake watches, etc. professionals. If you lurk for any time in the spammer forums such as specialham.com (when it's up, that is) you can see what they get recruited to spam for.
> From my experience, most viruses today are fairly harmless Java spyware,
> unless you're talking about the viruses that routinely arrive in my inbox
> after having been detected by three levels of anti-virus software.
You're clued in, and aren't likely to get infected. Aunt Tillie, who is running a DSL or cable modem with no AV and no firewall and still on WinXP SP1, is likely already infected. Once infected, even if a nice nephew installs AV - the virus has already made sure it will be ineffective against the installed payload.
The insidious virus payloads that were commissioned by big time spammers, are email relays. Then the spammer uses them to send a few emails per hour, which slows down the victim's computer so little that they don't even notice. Spyware and keystroke loggers might bog down a system to the point of unusability, but that's counterproductive for spammers, who are trying to remain undetected. A good parasite not only refrains from taking down the host, but tries to not even annoy the host. They live longer that way.
> Are you talking about remote control trojans like Back Orifice and NetBus?
Nope. Old threat. MyDoom, Sobig, and more recent ones. The new ones get installed by the Aunt Tillies of the world, phone home to the zombie master using some high port number, that rotates through various ports so a traffic sniffer might not see the packets, and sends some encrypted packets to get its instructions. The victim gets copies of the spam to send out over the next few hours, a list of addresses, and even updates and patches to the email engine. Remote administration, even. And when the victim sends out 10-20 emails an hour, their ISP doesn't even notice it against the background noise.
But when the spammer owns a million such CPUs, they can send out millions of spam per hour from the distributed network.
Old news:
http://www.cnn.com/2004/TECH/ptech/02/17/spam.zombies.ap/
http://www.vnunet.com/vnunet/news/2125683/huge-increase-virus-infected-spam
> That's what it would take to make my computer a zombie. I think I'll know
> when that happens to me, and fortunately I make backups of all my data in
> case I need to reformat my hard drives.
Great. Clued in people sometimes get infected, but not usually.
> Ok, I'll agree that there are probably 75,000 computers on earth that are
> overrun with viruses in any given day. But the people who own those
> computers don't know about security. So what can I do about that?
The 75,000 was from a clueless report. I've seen articles that claim there are 100,000 more infected CPUs every month, but can't find the reference right now.
There's a difference between our writing styles. I can give references - you're guessing. Please keep up.
A recent article on the evolving threat:
http://www.spamhaus.org/news.lasso?article=156
> You're wasting your money. Few computers have a fixed IP address. A
> computer's IP address is based on the MAC address contained in the
> ethernet card as negotiated with the nearest DHCP server. I'll sell you my
> IP address for whatever amount you want. Email me those pennies.
What are you smoking? Cable and DSL connections are long term leases, and rarely change, especially if the connection is always held on by the CPU.
And given the nature of the spam engines contained in the zombie systems, the new owner needs to just contact them for a minute, send them the location of the zombiemaster system(s), and if the IP ever changes on the victim's CPU, it "phones home" to reconnect with its master. These guys aren't dumb. They don't target dialup connections - they need the broadband connections that have very slowly changing IPs.
> So GetResponse is now anti-spam? Good, so am I. Nice to meet you.
And so is AWeber, amazingly enough. Nice to meet you, too. You sound pretty technically savvy, but unless you're in the trenches along the front lines in the spam wars, or reading a lot of real-time data about the nature of the threat, you're likely to underestimate the magnitude of the enemy.
| | View Thread | Return to Index | Read Prev Msg | Read Next Msg | |
|---|
FIB - Scams 101 - Ye Olde Archives is maintained with WebBBS 3.11.
|
| PLEASE READ THIS LEGAL NOTICE CAREFULLY BEFORE YOU FILE A LAWSUIT OR EVEN WASTE TIME THINKING ABOUT IT. It has been done before, but never successfully. In fact, the last dodobird who tried it ended up being ordered to pay more than $77,000 in attorney fees ($65,000+ to my attorneys and $12,000+ to my co-defendant's legal advisor).
If your attorney is worth his salt, he's going to tell you that the expense of filing a lawsuit you can't win is a whole lot worse than any "damages" resulting from messages posted on this insignificant little chunk of cyberspace. NEWS FLASH: I didn't just climb down off that ol' turnip truck yesterday. I'm well aware that expressing a negative opinion, relating one's personal experience, and restating provable facts are all legal in this country and do not constitute libel, slander, or defamation -- so you don't want to play games with me, and you sure don't want to start something you aren't prepared to finish. I don't take threats lightly, and I don't accept bribes (or did you call it a "mutually-beneficial arrangement"?). I'll turn you in faster than you can yell, "ARREST ME, I'M SCUM!!" Do yourself a favor and turn your legal team loose in greener pastures. Although we may, from time to time, monitor or review discussions, postings and the like on the Friends In Business (Scams 101) Message Board, we are under no obligation to do so. We are not responsible or liable for any claim arising from the content of any such discussions or postings or for any error, defamation, libel, slander, omission, falsehood, obscenity, pornography, profanity, danger, or inaccuracy contained in any information contained within such locations on the Site. You are prohibited from posting or transmitting any unlawful, threatening, libelous, defamatory, obscene, scandalous, inflammatory, pornographic, or profane materials or any material that could constitute or encourage conduct that would be considered a criminal offense, give rise to civil liability, or otherwise violate any law. You are likewise prohibited from posting any false claims against any company or individual. We will fully cooperate with any law enforcement authorities or court order requesting or directing us to disclose the identity of anyone posting any such information or materials. By posting messages and/or content on the Friends In Business (Scams 101) Message Board, you give permission for Lesley Fountain/Friends In Business/Shoestring Success Publications to display, distribute and use the posting and content for publication, advertising, promotion, excerption or example. You grant Lesley Fountain/Friends In Business/Shoestring Success Publications complete, perpetual, but non-exclusive rights to use, archive, reproduce, adapt, modify, distribute, sub-license, repurpose, rework, compile, or offer for sale or resale the messages, postings or content appearing on this site in whole or in part, throughout the world and universe, on a royalty-free basis without remuneration. If you cannot accept or agree with the terms of service for this website and discussion board, you are advised not to post on this board. In closing, I would like to remind you once again that it is still legal, in this great country of ours, to express a PERSONAL OPINION, as long as it is presented as opinion and not as fact. And finally, all you scammers out there will do well to remember that TRUTH IS AN ABSOLUTE DEFENSE against charges of libel, defamation, and slander... so if you're operating just a hop, skip, and jump ahead of the law, you might want to think twice before doing anything stupid... (AND SHAME ON YOU!!). |