jducoeur

I just got an email that looks, for all the world, like an attempt to make a hotel reservation. The English is fairly atrocious, and it appears to be bcc:'ed to me, but damned if I can figure out what the scam is here -- there are no links, no requests for me to send anything except a confirmation and the cost to put up 10 people in mid-May.

Mind, I still figure it's a scam -- some long-play attempt to get at my personal information or something like that. But I will admit that this could just be someone who is very, very confused...

Continuing my policy of calling out Major Companies That Ought to Know Better: I just got half-a-dozen copies of a spam in my accidental waks.org honeypot. They're all from "Quest", which is apparently the company that used to be Dell Software, now purchased and renamed.

So -- let's hear it for Quest, the software company so incompetent that they are doing their marketing via the same full-of-fake-email spam lists that the script kiddies use...

Ah -- there's the followup.

In my rant the other day about Twitter's incompetence, I mentioned that I was continuing to get emails *after* I had rejected an email address. This just happened three times in a row, all identical, so I now see a bit more of what's going on.

The original fake accounts had email addresses of the form "wrigk2px@w***.org". I definitely rejected these, saying that they were not valid addresses. What has now just happened is that I've received matching emails from Twitter, one to each of them, with a subject line of "Thanks for checking in, [Fake Name]" saying (with a pretty graphic), "Nice to see you again. With the Twitter app [big graphic of a phone], you'll never miss a moment of the conversation. [Download button]". These are addressed to "RECLAIMED_172128452_wrigk2px@w***.org".

I have no idea what this "RECLAIMED" nonsense is about, but at this point I am much more prepared to slam Twitter for incompetence. I'm honestly unsure whether this followup spam is being initiated by the spammers or by Twitter themselves, but they are totally not taking enough care to remove bogus email addresses from the system. There is no excuse whatsoever for me continuing to receive emails to my domain after I have explicitly told them that this is not a real account.

And I should note, the really I am *seriously* angry at them is the complete lack of *any* obvious mechanism to report this. Their help system is a maze of twisty little passages that tries to enumerate every kind of problem they can think of, automating the support for each one. This problem isn't listed anywhere, and the ones that are even vaguely close all lead into complex and inappropriate forms that are definitely *not* appropriate. I can't find an "other" category anywhere, nor any way to, eg, contact a support representative, after about fifteen minutes of clicking links all over the place. So I haven't yet been able to figure out any way to report this problem, leaving me with little option but to vent publicly. *That* is almost definitionally incompetent customer service.

(The only thing I can think of is to link to @Support, which I'm going to try with this post.)

I suspect I'm going to have no choice but to install the rather expensive Block Sender app (thanks to Laurion for suggesting this line of thinking), and hope that it works. But even if it does, Twitter deserves brickbats for forcing me into this and not providing a decent approach...

Got this spam on the SCA Questions list the other day. I haven't the slightest clue what they are thinking, nor even what language a few of these words are supposed to be from, but man -- I can *so* see confusing a poetry slam with a dramatic reading. (The combination of punctuation and repeated words just *makes* it as performance art, not to mention that a bunch of lines are more or less iambic.)

potboy baboo nopal.
lives grouch gooey budge!
cashew chalk coatee oakery?
potion alb feel bay.
mix give scamp.
pupa blase.
pawn sin.
oakery estop reflux wen?
bled sin tops cashew.
fully cooker swathe nimbus!
alb fully glover.
smelt brazil public penes.
gasper reflux pink sap.
sniffy ape nimbus gypsa.
fiber cashew rococo agile?
tempi sap elan grouch!
slam public.
chose moving alb rococo.
estop lives.
luting nimbus valuer rococo?
gird seer nimbus hubby!
moving shrink large.
pant acuity luting wen?
arise alb nopal.

[Happy (rare) birthday to napoleons_mommy!]

Okay, I can't really fault the SCA site's filters in this particular case. This morning's email to the Questions List had the Subject line "Change from dagger to BROADSWORD!" Of course, it's penis-enlargement spam...

So in my more paranoid moments, I contemplate the possibility of the government mounting a self-coup, and trying to turn the country into a truly authoritarian state. (I don't think the current Administration will, but that's more because I don't think they're competent enough than that they wouldn't like to do so.) In which case, the question arises: how do you organize the resistance? Specifically, how would such a hypothetical resistance communicate?

It's not an easy problem. I take it for granted that the government is monitoring at least a large fraction of electronic communications today -- I think it's likely that they're sniffing all email that goes through the main backbone of the Net. Lots of people say that Encryption Is the Answer, but that's just not true: until and unless encryption becomes truly widespread (and kudos to Microsoft, who are making a real effort to do that with their new network stack), if you use encryption you are *totally* obvious, and become an immediate target. Encryption is only really effective in such a situation if it doesn't *look* like encryption.

Which brings up the idea: what about hiding your secret messages in spam? I mean, think about it. Spam is everywhere today, and it's perfectly normal for ordinary, harmless machines to be sending it out. It accounts for a *huge* fraction of all email sent, and the government sniffers have to be filtering against it.

But spam *is* essentially an encryption mechanism, designed to be hard for machines to read but easy for humans to do so. Typical modern spam contains images full of random noise, and tons of randomly-chosen and often misspelled words -- loads of just the kind of entropy that makes for good data-hiding. Any software engineer who can't figure out how to harness that for hiding secret messages should hang up his keyboard. Done right, I bet it it would give the NSA *fits*. It's hard enough to recognize that a given message *is* spam -- I'd bet that figuring out that it isn't *really* spam, but actually contains embedded communication, is much harder.

So remember: when the time comes, and people are up against the wall, spam may prove to be your best friend...

The bad news: some spammer is sending out a substantial quantity of spam (a couple hundred a day) that purports to be from our domain, so we're getting all those bounces.

The good news: they seem to have hooked upon a single false email address that all that email is coming from. Don't know where they came up with that particular permutation (it doesn't look randomly generated, but it's not one we've ever used), but pretty much all of the current spam is coming from it. So filtering out the bounces is nicely easy...

Okay, yes -- they deserve to be dropped in a vat of boiling oil and left there until well crisped. But still, one has to be impressed by the cleverness of the stock-push spammers. Today's variation seems to be email with many very short, very wide animated GIFs embedded in it. When you open the email, the GIFs begin to play, showing random slight visual garbage that eventually resolves into the usual "INVESTORS WATCH OUT! FIRM WILL BLOW YOUR MIND!" spam message. No single GIF contains anything other than garbage: you have to render all of the GIFs, laid out properly, in their final frame, to see the text.

I have to wonder how many people are falling for these things at this point. I mean, they're actually hiring some halfway smart programmers here, as they try to stay a step ahead of the spam filters, and they're working hard -- I can see the spam tech evolving week by week...

Edit: Okay, not quite as smart as I thought -- upon closer inspection, it's still all a single GIF, that just happens to render bit by bit for no apparent reason. So the final frame is still the same as the previous round of spam tech; shouldn't take long for the anti-spam forces to catch. But I suspect they'll think of the many-little-images version soon...

This was almost certainly advertising some sort of Pills Sold Cheap (I deleted it reflexively before the contents even became visible). But I am amused by the Subject line, which came out as:

"***SPAM*** It is absolutely good for you!"

and which gave me an immediate gut-level expectation of an email touting the health virtues of processed lunch meat...

Okay, it's an evil phishing spam. But most of these phishing attempts are so pathetically lame, I have some small admiration for one that's well-executed. In this case, it claims to be a response to an eBay argument -- a faked reply. I've gotten these before, but this one has just the right tone: very defensive, with the person at the other end getting very offended about having been threatened over a bad bid. The immediate gut reaction is to log in and say, "Sorry, but you've got the wrong person". But of course, the "Respond Now" link (alone of the links in the message) goes to a phishing site.

I'm far too suspicious to fall for this, but it's nicely executed, and a good reminder to continue to be suspicious of all links found in email...