Category: Spam

Posted on
by

This showed up in the spamtraps today:

Subject: Truth of the matter

Dear Sir,

This letter can only define Nigeria Scam, a.k.a. 419. If this mail look like scam to you delete it, we are looking for serious minded person.

As we all know, top officials do loot funds out of the country with non-residence foreigners. When they try and fail, the world hears it as fraud/scam, but when they go through, nobody or a newspaper writes it.

This trade is huge here and people are making lots of money out there in most foreign countries. Though the government are mapping out sophisticated strategies to checkmate unauthorized dealers. From the president to the cleaner in the house, they are all into this trade.

And so on.

This has got to be the most brazen variation I’ve seen — and the first one that admits what it is up front. Of course it goes on to try to convince you that no, this one’s the real thing, we’re only trying to cheat other people, not you, because you wouldn’t fall for that sort of thing, would you?

I’m trying to figure out whether the proper response to this is “WTF” or “O_o” or just “Unbe-flipping-lievable.”

Posted on
by

Found in a spamtrap today:

“Remove your bills the Christian way”

WTF?

What follows is a long, disjointed collection of unrelated sentences that I suspect is actually Bayes poison (some spammers have figured out that using natural-sounding language is more effective at making Bayesian filters, well, less effective). There is, however, apparently an image above that, which I suspect contains the real payload.

Now if it were trying to get rid of creditors the Christian way, it might make more sense…

Posted on
by

Rob Cockerham of Cockeyed.com (home of the fascinating How Much is Inside? series) noticed the same model showing up in a lot of his spam (often wearing the same dress). He collected the advertisements, and linked them together in what he calls An Unsolicited Commercial Love Story.

Since he first wrote it up, other people have spotted the same model on banner ads, MSN articles and even a kiosk at UCLA. Where will “Alicia” show up next?

Aren’t stock photos fun?

(Via SpamBlogging)

Posted on
by

From a recent abuse report:

Hello. The spammer below is either using your resources to send out BULK, unsolicited, S.P.A.M. or is deceptively trying to make it look as if from your server as the ISP.

I’ve seen similar wording before, mainly on reports via SpamCop, but this really made me wonder.

I know what SPAM is (processed lunch meat), and I know what spam is (unsolicited bulk mail), and while many people get them confused, this is the first time I’ve seen S.P.A.M. Obviously they meant spam, but what if it was an acronym?

So, what should S.P.A.M. stand for?

Posted on
by

Via Email Battles: First ‘warspamming’ case reaches court.

Basically the guy (allegedly) drove around LA with a laptop looking for insecure wireless networks, then connected to them and sent spam using people’s home accounts.

The term comes from wardriving — driving around looking for unsecured networks — and warchalking — marking walls or sidewalks to indicate the presence, type and speed of the networks found. Early wardrivers discovered that Pringles cans make good amplifiers.

Further etymology: according to the Jargon File, war-driving is a play on war dialer. War dialers were programs that would call up a series of phone numbers looking for modems, faxes, or other phone-based systems it might be able to crack into. And that term started out as wargames dialer, a reference to the film War Games. (Whew!)

It turns out that warspamming is older than I thought: the term was coined two years ago, though this is the first case to go to trial. The defendant is being tried under CAN-SPAM, which went into effect this past January.

An interesting statement from the article:

If Tombros is convicted or pleads guilty then warspamming — also known as drive-by spamming — will move from being just a theoretical possibility to a genuine threat.

What, so in the two years since someone came up with the idea, no one has ever seen it done? And we have to wait for a conviction to determine whether it’s happened now? We don’t need to wait for a trial to know that spammers — an annoyingly resourceful lot — are using thousands of virus- and spyware-infested home computers as zombies. Warspamming doesn’t even require programming skills (or ties to virus writers — although I understand access to already-compromised networks has become a brisk business on the black market.) Surely someone has logs to show that it’s been done.

Update October 4: The defendant was convicted. Apparently, this is the first conviction obtained under CAN-SPAM. (via The War on Spam)

Posted on
by

Not five minutes ago I received my first 419 scam in a language other than English.

What’s strange is that even though it uses normal case and I can’t read more than a few words of French, it’s still obvious what it is. It has the same general structure with the opening, the “Excuse me for contacting you even though you don’t know me” line (I think), talks about a sub-Saharan African nation (Côte d’Ivoire), and of course, “($8,500,000) Huit Millions Cinq Cent Mille Dollars Américains.”

Posted on
by

Via The War on Spam and The Spam Weblog:

Hackers hijack federal computers. Apparently the DOJ discovered, during their crackdown on cybercrime, that hundreds of Department of Defense and Senate computers had been turned into zombies.

Nice.

Can we really be sure they were only used to send spam? After all, zombies are generally the result of viruses, worms or trojans that install backdoors, so that the attacker can run anything on the system. Setting up a distributed and disguised spam-sending network just happens to be the most profitable application right now, but you can bet there are a lot of people out there who would love to take over — or just look through — US military computers.

I don’t know about you, but I find this really disturbing.

“Would you like to play a game?”