So it's finally happened. The bogus name used on a piece of spam I received was my own, right down to the middle initial.

So the question is, is it just the harvesting of my name being used on spam or has the computer actually been hijacked? I don't think there's anyway the one at home could have been hijacked without my knowing it, but the one at work was attacked in a major way right before Christmas, with my quick shutdown eliciting the message that someone was working on my computer through the ethernet and would be cut off when I shut down. I've finally rescued the data and will be formatting that drive today, but...

It is way past disconcerting to get email from myself for those damn sex ads and I would be more than happy to prosecute if I could possibly figure out who, how, and where. And what the hell do I do if that email with my name on it went to everyone where I work?

wow... that stinks. Doesn't your work have a firewall? That isn't cool when your computer is being controlled from outside your own control.

Even by formating your disc drive, someone can still get into your computer thru the same way they got in before. You need a firewall.

I've had a similar problem with one of my old school accounts. Apparently, someone has been using my address to spam other people, and I only found out about it when I was informed that one of the spam messages bounced. I contacted the administrator there, but they never did anything about it. I have another address that I give out when a webpage makes you put your address in (so all the spam goes there, I just have to delete everything every week or so) and I get messages from myself there too. It's very annoying, I have no idea what it is though.

I have had that happen too...But now I have all this stuff for firewalls and ad blockers now....

I just think its so funny that they use my email addy for my name which isnt even close and then I get stuff from people that must think I am a man....I set up a different addy as well for all the spam to go into...

When I've examined those sorts of messages they weren't really sent through my account. The header information wasn't right.

I have had emails spoofed my name... but by doing a traceroute... they do originate somewhere besides your computer. As Buddha said.

Look into copywriting your NAME (your name spelled in all capital letters, like it is on your drivers license). Then attach a $1,000,000 use fee for every time it's used commercially. If this email is used to sell a product, that is a commercial use. Now, you have to find out who's using it, how many messages they sent out using your copyrighted property, and send them a bill for using your property. This bill would be ($1 mil) * (the number of times it's used in the message) * (the number of messages). I would wager that the result is a high dollar figure, and as such is due you the copyright holder.

If it's used in a private communication, that is private use and as such isn't subject to such fees, so personal communication, letters, e-mails from friends, would not be infringing on the copyright.

I looked at the details, and it's actually originating from <frenchmenrework@bilbo.net>. The problem LL, is I seriously doubt if even that is a real address. Or at least certainly not one that could be presented with the bill.

Grinner, it's going back in with a theoretically high security Windows 2000 professional ediction plus antivirus and firewall. Plus anything else I can tag onto it.

By far the worst decision I've made in the last year was saying it was okay to publish my info at work. I was "unlisted" the first three years. Now when I go in and try to unlist myself, it totally ignores me. No doubt I'll have to contact the IT department to do it for me. I am currently getting about 5-10 spam letters to every real email, and I get probably 3-5 work-related email letters a day. At this point I've developed the theory that this is an al quada (don't remember the spelling) terrorist approach to taking down all hope for productivity in the workplace, because it has totally trashed my ability to get things done quickly and easily in the last six months, and it just keeps escalating. I feel like I'm in a private war, only I know everyone else is in the same situation.

I never said it would be easy... :P But seriously, if you can glean a cool billion out of these cats, I think someone would take the case on a contingency...

Also you'd have to look into international copyright protections, as this is no doubt originating overseas...

It is more than likely coming out of Korea or China. The Vast majority of Spam comes out of those countries.

Actually my firewall has caught a couple of attacks (which I know is not spam) and traced them for me. One originated in Germany, one in Egypt (I think it was, middle east in any event) and one in California.

I've discovered the abuse address for my university and sent the email to them. They supposedly contact the IP to complain. What I would like to do is start forwarding every single spam I get to them and see if that will get them off their asses to take care of the problem.

Spammers don't like to have their email box filled.

They use two tactics: bogus email addresses in the return field, or have their program put your email addy in the return field. Either way, you have no simple way to bounce the message back to them.

Try using spamcop.net. You can get a free account there with a very quick signup which will allow you to just copy and paste any spam you receive, (include the headers), press a button, and Spamcop does all the header research for you and figures out where it really originated. It also formulates a spam report, and at the click of a button, sends the report to the abuse addresses that need to be notified. It even looks at any links in the body of the email itself and contacts the abuse address associated with it, if it's different from the email account, itself.

Grant you, this approach still requires that the people at these abuse addresses a) actually give a darn that spammers are abusing their resources and b) know what they're doing and how to stop the person responsible. Like terminating their account if the person holds an account with them, or closing open relays that spammers take advantage of. Many email services will flat out refuse traffic from some domains because they have so many open relays, they're a spammer's paradise. It's like free taxi service to your inbox, with no security to slow them down.

This does make reporting and tracking the headers a lot easier, though. If I am really good about reporting all my spam through Spamcop for a few weeks, I usually see a significant drop in the amount of spam I receive for quite some time. Most network folks do accept and respect Spamcop reports, it seems. I've been reporting the heck out of every spam I receive for the last week or so, and I've already seen a drop of about 10 or 15 a day. At its worst, I sometimes got as many as 40 in less than 24 hours. I expect a bigger drop in a few days.

On a side note, almost as bad as the porn are those drug spams, where they misspell every darned word in an effort to avoid your spam filter, and they tack on a bunch of random words at the end. I HAAAAAATE those!

Originally posted by sny
Try using spamcop.net. You can get a free account there with a very quick signup which will allow you to just copy and paste any spam you receive, (include the headers), press a button, and Spamcop does all the header research for you and figures out where it really originated. It also formulates a spam report, and at the click of a button, sends the report to the abuse addresses that need to be notified. It even looks at any links in the body of the email itself and contacts the abuse address associated with it, if it's different from the email account, itself.

Thanks for the info. I'll check them out. I also need to look up if the spamnet is making the reports.

.......deletions to conserve space..............

On a side note, almost as bad as the porn are those drug spams, where they misspell every darned word in an effort to avoid your spam filter, and they tack on a bunch of random words at the end. I HAAAAAATE those!

This is what I'm finding spamnet excels at. They're able to go beneath the random stuff that we can't come up with filters on our own for and are able to detect some kind of digital signature in it to filter it out. But I still want these people tracked down and hung by whatever the most painful private part applies.

The thing that I totally fail to understand is what kind of positive reinforcement the spammers are getting. Is there actually one person out of every 100,000 spending money with these folks? That's what tickles at my brain making me wonder if there isn't some totally different agenda at work here that has nothing to do with spammers as individuals.

Woo. Okay, I think I'm starting to feel better. My Spamnet is filtering it all to a spam folder. And I'm set up to forward every last bit of it to Spamcop. I didn't realize I could now forward mail from any account to them. Time to go clean out the aol account that never receives anything BUT spam.

Isn't that what AOL is for... spam?

Originally posted by grinner
Isn't that what AOL is for... spam?

Well, d'oh. ;) Actually they've introduced some pretty decent anti-spam features of late. But you do have to use the report spam feature. It's seems to be doing a decent job of filtering based on the reports now. And heh, I'm not about to knock them. They, at least, have taken some folks to court over it. It is however all but impossible to send the report to Spamcop in any efficient way. You have to actually open each individual spam to forward it, at least from the internet access. And that is way too much trouble.

I agree... that is why my firewall is set to bounce spam back. some still gets thru... about 12 a day or so... but down from the Hundreds I was getting. I have noticed more attacks on my firewall since I had my brother set up the bounce back feature... hmm???

How do you tell a firewall to bounce spam back? I thought firewalls either do or do not allow network traffic through certain ports, and since spam email comes in through the same port as non-spam email how would it tell?

I have no Idea... my brother set it up. He is a computer geek.

i don't know why, but i don't get spam mail... never have... i'm grateful cuz i see all the crap my mom gets on hers at work!!!

You can try Mailwasher (http://www.mailwasher.net/)

From personal experience, when your addy gets overrun with spam it's time to run.

Originally posted by BillFrugge
You can try Mailwasher (http://www.mailwasher.net/)

From personal experience, when your addy gets overrun with spam it's time to run.

Oh, I agree on the running part. I would give anything to be able to start over. But this is my professional, unchangeable, unmodifiable except by human resources, etc. etc. account. It has a very specific format, is absolutely required to have my last name, and as near as I can tell, no ability to keep my address private. Which is bit absurd given it's a private university. My only choices are to change my name or change universities, and I'm not in any danger of doing either.

That is frightening ... I wish we had some form of legislation that stops these sickos from dumping their trash on anyone they wish. I feel very strongly that one should not be permitted to receive anything pronographic UNLESS one has requested to receive it.
I am just so grateful that as a parent, when my kids were growing up, I didn't have to worry about this trash coming into my home.

Spammers should die and rot in hell.

Sorry to hear you're having spam trouble that is so personal. I have wondered before where they get some of the names they use, but mostly because they are so obviously made up.

Originally posted by fermicat
Spammers should die and rot in hell.

Sorry to hear you're having spam trouble that is so personal. I have wondered before where they get some of the names they use, but mostly because they are so obviously made up.

Ah... you haven't been hit by the 50 a day, all from perfectly reasonable and obviously real names. All the more likely to make you open it wondering if it is business or just someone whose name you've forgotten. The names are real. They're harvested off the internet anywhere real names are publicly available.

I believe in the death penalty for spammers.

I easily get over a 1000 per day because I get copied with every e-mail that goes to any address on either of my web sites. I'm currently getting zapped by the worm du jour -- didn't infect my Mac, of course, but enough of my clients have obviously opened the executable attachment that it's rampaging through their crappy Windows address books right now.

LC, I get spam addressed to me from me all the time, people spoof my web site e-mail to send out spam and I haven't come up with a way to stop it. Of course I get spam all day long that also appears to come from CNN.com so I figure if those guys haven't figured out a way to stop it yet, I don't feel so bad -- they have a few more IT people than me! ;)

There is no legislation that will stop spam, I don't care what any politician says. Most of it is routed through foreign countries anyway. What needs to happen is that someone develops a new, secure way to deliver e-mail so spammers can't elude detection.

But a few well-chosen death penalty spam cases world-wide might put a dent in it for starters! :sniper:

I always thought that the spam was being distributed through the "Axis of Email!"

My frelling "abuse" IT person where I work has deemed it sufficient to email me the standard FAQ posted at the website in response to my request for help. With my name in front of it, it's supposed to constitute a personal reply. I've responded rather directly that I know damn well how to avoid spam, and that one of them is to get your frelling name off of publicly available lists so that it can't be harvested. Which is what I asked how to do in the first place. Send me the bloody information on how to do it or tell me who to complain to if it is University policy to not allow it. Frelling idiots.

Originally posted by Kurt_eh
I always thought that the spam was being distributed through the "Axis of Email!"

:lol oh that's a good one!

I tell ya the remaining Monty Python members should sue these spammers for ruining a perfectly good sketch

Can your email tool be set up to only accept email from
addresses listed in your inbox? That would seem to prevent
email from strangers. Just a thought.

Originally posted by Scaper989
Can your email tool be set up to only accept email from
addresses listed in your inbox? That would seem to prevent
email from strangers. Just a thought.

What you're referring to is "White List Filtering". Which is the BIG HAMMER. It prevents mail from spammers, but it also prevents mail from anyone else you don't already have either on your "white list" or in your "address book" (depending on the software involved) from reaching you. So if you activate white list filtering, you usually have to check your junk mail folder frequently to make sure legit emails aren't getting tossed.

I wish I could remember the name of the software, but I can't, off the top of my head. It did more sophisticated black lists and white lists. It would, when receiving an email from someone who was not on your white list or in your address book, temporarily put them on the black list and hold their mail, then email them back and ask them a simple question, like "How many kittens in this picture?" and require them to answer with a radio button. (Not much chance of a mass mailer getting that right.). If they responded with the correct answer, it would then let the email through and add them to the white list. No response or wrong response, no email access for you! It required a bit of work on the user's end, but not too much. And it seemed nicely configurable. I just remember reading the review for it.

Strict white lists are great, as long as you know no one from a professional group you are a member of will try to reach you at that address after receiving your business card, or your email isn't the contact address on a webpage, or anything like that. Otherwise, you still have to do a bit of manual "filtering", just to make sure some poor soul who really does need to email you isn't getting tossed with the junk. My spam filter is pretty good, but it stil does occasionally catch one it shouldn't. And of course, some slip through. Still better than being forced to examine them all myself.

I maintain an earthlink address because they have that sort of thing, and use it for all places I provide my e-mail addresses.

People in my address book are gated right through.

Stuff they can identify as spam straight off goes to a Known Spam folder. I get 150+ of those a day - I've had the address for six years now, so it is doubtless in just about EVERY spammers hands.

Any mail left over goes to a Suspect Spam folder. Every day I go in and check for mail I WANT and can just click to add them to my address book. The rest I whack with one click. I usually get about twenty to forty of those a day.

I can't recommend earthlink as an ISP provider, though. All sorts of problems with messages that get re-delivered every send/receive cycle (wake up in the morning and you have 50 copies of five or six e-mails) and when their servers go down they never admit to it - when you call help they'll have you re-install all sorts of stuff (I have a relative who re-installed IE5 and Outlook professional before they checked and found out service was intermittant in the area).

But their spam treatment is the greatest. I wish more providers would go that route.

I heard about a kid that lived down the street from me that used to spam himself so much that he went blind.

:lol

He had sweaty palms...

See now, thats an example of a post I don't approve of! :lol

I'll try harder. My goal is to get to 80-82%.

It's good to have goals. :)

I just got an email from Zonealarm. They're setting up some sort of service where you can create 1000 different email addys and have them forwarded to your real addy. Then, you simply kill off the addy that's getting the spam.

I just had mail returned to me (as undeliverable) and it wasn't any mail that I had really sent. It appears to have been sent from an earthlink account and I don't have one, only the "helo" thinkgy was set to my address. Also, it had the subject line used to transmit the latest worm du jour. Makes me wonder how many other emails are out there that purport to be from me.

BASTARDS.