Archive for the ‘Spam & Virus Vectors’ Category

Another Press Release/Announcement Annoyance

Tuesday, December 20th, 2005

Perhaps this is a really an issue with all incoming e-mail, but when one gets hundreds of press releases and product announcements the information overload is significant. As is the data volume.

I want to quickly peruse an e-mail and figure out what to do with it. For that reason, as well as because of system security, I use Qualcomm’s Eudora e-mail software, with the Internet Explorer HTML rendering function turned off. I have seen too often with friends and clients and associates where using Microsoft’s Outlook and Outlook Express or Internet Explorer have resulted in them getting infected with a virus or infested with spyware or malware.

This also means, however, that in my e-mail software, I will not see any remotely referenced images (nor will my opening of messages automatically tell some marketer out there that I have seen their e-mail). Eudora also has very basic HTML rendering capability. While it will typically show me formatted (italic, bold, etc.) text, it doesn’t do JavaScript or embedded graphics, and HTML-embedded images with graphical text messages are pretty much completely non-viewable.

The benefit of this is I can quickly read an e-mail without having to wait for images to load. The downside is that if some feels that they need to present their material to me in a way which emphasizes style (pretty looking text and images) over substance (just the facts, using text), I won’t see it. In a way this is actually a good filter – if there’s no text I can read because the entire message is pure HTML, then I typically assume the sender has nothing much to really say and I ignore the e-mail. I also manage to avoid a lot of pr0n spam this way – I just don’t get to see the pictures because Eudora does not show them.

So, if you want to get a message across to me, do it in plain text, not with whiz-bang graphics and pizzazz – that is lost on me and my simple e-mail software. And, text messages are also much, much smaller – saves on storage and bandwidth. And if you really need to send me a product image instead of a link to a page with such content, then send me an attachment, and keep it small.

American Cancer Society mailing list stolen?

Sunday, August 7th, 2005

Last year I made an on-line donation to the American Cancer Society in honor of a dearly departed friend. As I typically do, I created a unique e-mail address at one of my domains to register with the American Cancer Society. These address have some sort of descriptive text component followed by a number and sometimes some more random letters to the left of the ubiquitous “@” sign. They are quite unique and very unlikely to be guessed by traditional dictionary attacks.

So, imagine my surprise when, a few hours ago, I get an e-mail addressed to the unique address provided only to the American Cancer Society (ACS), which has nothing to do with ACS activities.

The mail message had a subject of “Just to her…” and was offering “Soft V__gra” (two letters blanked to avoid poorly designed spam filters), with a link to a web site presumably selling the offered goods.

The implication is that the American Cancer Society, a reputable organization, has had some part of all of its mailing lists hijacked by a spammer.

This could have happened in several different ways:

1) A PC which had my unique address on it at the ACS or an outside mailing house contracted by ACS, got infected with spyware which stole all the e-mail addresses and forwarded them to spammers (a vast majority of spyware and viruses are used for data collection these days).

2) Someone hacked into said PC(s) and outright stole the mailing list(s).

3) Someone with access to said PC(s) took the data and sold/gave it to someone else.

Regardless of which of the above methods caused my address (and thus very likely many others) to leak out to a spammer’s database.

Worse yet, I have just gone and done a search on my filtered spam archives, and find that I have been regularly receiving similar spam to that unique address as of July 17, 2005, so the theft of addresses likely occurred before then.

I count six spams – three for medication and three for pirated software.

Just goes to show that companies need to take the security of their mailing lists extremely seriously. I have reported this to the ACS, and urge anyone else who can trace the source of spam to an ACS list leakage please contact them.