Tag: spam

Categories
End User spam

616 spam comments in 24 hrs

Just done a bit of an experiment. I deleted a load of spam comments from the blog yesterday at 6am and this morning gone back in and counted the little critters again. In just over 24 hours I’ve picked up another 606 spam comments. There may be some legit ones in there but they ain’t gonna be seen amongst the dross (sorry yawl).

It’s basically around 25 spam comments an hour. We never see spam emails any more, at least not when using gmail. This isn’t entirely true as I do get crap from “seo experts” who address me as “Hi” and quote the “can spam act” in the footer. They always get labelled as spam (may have mentioned this before but it’s an ongoing situation).

I’m sure the 25 spam comments an hour far exceeds the rate of spam emails when we used to get them. Although this spam is mostly captured (Akismet) you do have to occasionally remember to permanently delete it or it would start filling up the server.

In the way you used to get quotes about the size of the global email spam problem it would be interesting to look at the equivalent stats for comments.

The pics below show zero comments initially then 616 a day later. There is something very satisfying about pressing the “empty spam” button. It’s a bit like driving down a clear motorway when there is a 10 mile tailback going the other way.

I wonder what the clickthrough rate for a spam comment is. Must be infinitesimally small. You would have to be paticularly stupid to click on one of the links.

screenshot showing zero spam commentsspam606-642

Other spam related posts:
Louis Vuitton spam
London Book Fair 2014 – unsubscribe spam
Spam blocking strategies

Categories
Business online safety security spam

Gmail update – Google+ comment

gmail_updateGot an email yesterday from Google about a change to Gmail. Everyone probably got the same mail. Certainly the mainstream media made big news of it, in the tech sections. When you are sending an email from a gmail account you will now be offered Google+ account holders as recipients of the mail.

One site, whose name is oft misspelled, even published a post on how to change your settings to stop people from being able to contact you via Google+. This would appear to me to be a blatant sop to search engine rankings – a big part of the email I got was all about explaining exactly this so the repetition of this info seemed particularly unnecessary. Whoever gets news out first attracts the visitors so it’s dog eat dog out there in the www.

Anyway “starting this week, when you’re composing a new email, Gmail will suggest your Google+ connections as recipients, even if you haven’t exchanged email addresses yet. Your email address isn’t visible to your Google+ connections until you send them an email, and their email addresses are not visible to you until they respond.

I’ve tried but I can’t seem to get it to work. I guess “this week” must mean “next week” or at least from Monday onwards.

If someone from outside your Google+ Circles emails you then the mail gets filtered into the “Social” tab in your inbox. In my case this means it is unlikely to get read because I never look in that tab. I don’t look in the “promotions” tab either unless I’m expecting a particular mail – eg a password reset.

The tone of the online commentary about this “feature” is in the vein of “Google trying to increase/stimulate Google+ usage” and also all about privacy.

In my mind this is a very useful feature. I want people to be able to get hold of me. The principle is no different to your telephone number. Unless you want to be ex-directory anyone can look up your number. Of course there is the concern about spam but Google has a fantastic antic-spam engine and if it turns out to be “legitimate” spam from a business then this gets filtered into the “promotions” tab as previously mentioned. You can also label a sender as being a spammer which I frequently do if the email addresses me as “Hi”.

So all in all I think this is good. Except as I mentioned it doesn’t seem to work for me! That’s all folks.

Categories
Business online safety spam

Google blocking Microsoft Office365 mail as spam

I note from Twitter this morning that Google is blocking some emails from Microsoft Office365  to Gmail recipients as spam.

The message reads: [157.56.116.103 1] Our system has detected an unusual rate of unsolicited mail originating from your IP address 

I note also that the ip address is ascribed to AS8075 (ours is AS8607  fwiw – pretty contemporary) otherwise known as Microsoft Corporation. This address has been identified in the past as a source of spam – check out Project Honeypot. That link also displays some example mail messages that are clearly spam – “loans available”, “Attention ATM card beneficiary” and so on.

I sense a wry smile as you read this. Global commercial internet wars! “Google tries to shut down Microsoft email”. I suspect though that there will be no malice aforethought here. Managing mail platforms is a 24×7 job. As an email service provider you can’t afford for your server IP addresses to be blacklisted because of some customer generating spam. It might not even be that customer’s fault. It’s almost certainly an infected PC.

spam attacksMicrosoft will have a huge team of people managing their email platform. That spam was identified is also a testament to the Google anti spam capability which is widely considered to be the best in the game.

The pic inset is an old screenshot depicting incoming spam attacks – the legitimate mail has had to be amplified x10 so that you can actually see it. Fortunately the vast majority of the spam never makes it to the desktop.

IP addresses blacklisted as a source of spam don’t usually stay on the blacklist for very long – 24 hours maybe but it can certainly be a nuisance for those trying to send or waiting to receive emails.

I don’t think email has a long term future in any case or at least it is going to have niche applications (spam etc :)), but lets not get into a lengthy debate.

Ciao

Categories
Business online safety spam

spam blocking strategies

Trefor DaviesI am pretty aggressive in protecting my gmail account from unwanted email. The Timico mail is beyond redemption after years of attending trade shows although my strategy of signing up as The Reverend or Lord Trefor Davies seems to be working. Any mail or phone calls I get for one of those titles gets shoved straight in the bin.

The main problem I have with my trefor.net/gmail account is people wanting to sell me SEO or web development services. Often these emails come with elaborate messaging in the footer telling me that this is absolutely not spam and that they provide an unsubscribe function. However they usually can’t be bothered to find out my name and address the email as Hi. On this basis I tell Google that they are spammers. It gives me pleasure.

I’ve started to add similar emails to my block list on my Microsoft Exchange account. This morning someone I have never heard of from a company I have never heard from invited me to hook up on LinkedIn. I ignored it. This afternoon that same person has sent me a generic mailer addressed to “Hi”. If he went to the effort of looking me up on LinkedIn he might as well have gone that extra step and added my name into the email!

Ciao baby…

Categories
Business nuisance calls and messages Regs

ICO Annual Report and nuisance calls from 08432890049

ICOThe Information Commissioners Office has 355 staff. Hadn’t realised it was such a big outfit. When you think about it with the world moving online and with so much information about us being kept in so many places the ICO has a huge brief. Also the ICO website has been changed from .gov to .org to emphasise its independence.

I know this because I’ve just come from the ICO’s Annual Review at Central Hall in Westminster. Being on the ICO’s Tech Reference Panel and all that!

A lot of meeting was just the presentation of statistics. Did you know that over the past year more than 225,000 people called the ICO’s helpline? Well you do now. There are some big growth areas such as SPAM calls and texts. It’s good to see that the ICO is starting to bare its teeth when it comes to this kind of stuff. We have seen the first two lots of fines (called civil monetary penalties for some reason) to the value of £225k imposed on pest cold callers. These people are just the lowest of the low.

I’ve started to report incidents of spam calls to my own phone – coincidentally got one this morning from 08432890049. I have duly reported it here. If all of us report it every time we get a spam call or text we can at least contribute towards nailing the ones in the UK. The overseas call centres are unfortunately beyond the reach of the ICO. I’ve just started to get rude with them.

You can look at the report yourself here. In line with the ICO’s new green policy the only hard copies available are the ones required to be kept by Parliament. Now there’s a very telling message in itself.

I will leave you with a fact that was related by Commissioner Christopher Graham. The ICO is currently looking at online privacy Ts & Cs. I got the impression that they are looking to try and come up with recommendations for a set of rules that would provide adequate privacy protection for people signing up for new products and services online and who just tick a box to accept conditions imposed. Did you know that if you added up every set of T’s and C’s you accept in this way it would take 77 days if you had to actually read it all? Well now you do 🙂

Categories
Business spam

Spam

pirate_flag_thumbI like to occasionally click on the unsubscribe link on unsolicited emails, ie spam. It makes me feel better even though I know it isn’t going to make a blind bit of difference to the amount of crap that comes through to my inbox. Sometimes I block the user and sometimes I even respond to them telling them to go away.

I’ve done it on a number of occasions with recruitment firm ComputerFutures who send me no end of rubbish. Including one “consultant” who said he was going to be in North London and would I like to meet for a coffee. I said it was a bit far to come from Newark. I’ve tried unsubscribing from their list as well as individually asking their people to take me off the list but to no avail. The last time was this week when I threatened the sender that if I got another email from his company I would ask all my friends in the industry to blacklist their IP addresses. Probably not hugely ethical but so far I haven’t had another peep from them!

Today  I was merrily blocking and unsubscribing when  I got a  mail from Amanda at Sheffield Chamber of Commerce and Industry. It wasn’t addressed to me personally, ie none of the old familiar Hi Trefor, hope things are well. It was just  “Good morning”. No name (no pack drill either fwiw and whatever one of those is).

Amanda was offering me a “free taster session for her 1 Day Telephone Prospecting Masterclass”. This seemed particularly not well targeted, me being a CTO and all.

I replied to her asking where she got my email address from and got a reply saying she “captured data from a search which includes Companies House, Dunn & Brad Street etc”. There really is no hope for us all. These mailing lists get recompiled from scratch on a dynamic basis. As soon as you unsubscribe from one someone else goes ahead and puts together another and there is no way you can stop it.

I’m pretty sure the Sheffield Chamber of Commerce are a good bunch of people and Amanda is just doing her job but it is a shame there is no way for people to have better targeting. It almost makes Google, Facebook et al seem like good guys. Like it or not at least I am sometimes interested in they chuck my way because as often as not it’s based on my search history.

Amanda does need to adopt some best practices mind you. She offered no unsubscribe link for example. I told her this in a reply and copied one of our sales guys in so that he could give her a call and sell her something. Seemed like the right thing to do. If she becomes a customer I’ll delete this post. Can’t have people writing stuff like this about our customers now can we?

Ciao baby!

Categories
Business spam

Does this person come from the double glazing industry?

Hello
Enterprise Management 360 along with Gartner and IDC will be distributing a comprehensive research on Building bridges with real-time Optimized Data Center Infrastructure Management with key content from Emerson, a leading infrastructure Management Industry

You have been selected out of 100 executives you will also have a No Obligation opportunity to speak with an industry expert to discuss any questions or possible solutions that can help your organisation to maximise your Infrastructure Management.

Please do email me if you have any questions.
Regards,
xxx

Like most of you I get more than my fair share of “legitimate” junk email. I occasionally spend a few minutes unsubscribing from lists but I know it is a futile task. My name is out there. I am a marked man.

It is usually easy to spot true spam should it make it past the trap. This one however is one of the legitimate junk mails that looks like genuine spam.

The text has been lifted verbatim including grammatical errors. How can a business hope to win customers if this is how it speaks to prospects. No name – just Hello. No Obligation opportunity to speak with an industry expert! No unsubscribe link. I wonder how they chose my name out of the 100 executives. Must have been a chance in a million hundred.

I allude to the double glazing industry in the title but I suspect I am being most unfair to the hard working folk in that market sector. I don’t even know why I bothered to write this post but it tickled my fancy and it has given me a break from writing some really interesting stuff on SIP trunks. I have remove the links to protect the innocent.

PS for a No Obligation opportunity to talk about SIP trunks go to the Timico business website – there is a chat line there. Tell em I sent ya 🙂

Categories
End User security spam

Automated spam calls to mobile – what to do

unwanted automated phone callsThe scam business continues. Just got what I think was another PPI mis-selling call via automated call to my mobile. The originating number was 07588034908. I was expecting a call and was just trying to figure out if this was it at the same time as answering the phone so I missed the first half sentence. I just caught the words “to claim your compensation press 5” so I hit the cancel button.

This is the first time I have had an automated phone call. I stayed with some friends in the USA once and they never used to take a call at home until the person had started to leave a voice mail so they knew who it was. They got so many automated calls it had become a real nuisance.

It started to get like that here to the point that the ICO has begun to address the problem. It may be that the ICO makes headway but I’d like to bet not. The law is complex with many areas where it is not easy to prove guilt. It is also difficult to know whether you have given permission for your number to be called by accidentally not unchecking a box at some stage of an online registration process. The Telephone Preference Service (TPS) certainly doesn’t seem to be effective.

There is more info on this subject on the ICO website here. It covers unwanted marketing calls, texts and faxes and tells you what is and isn’t allowed and what you should do if you get these unwanted communications.

I just registered the above phone number as the source though often these are pre-pay sims where the operator doesn’t know who the owner is. I rang it back but it is obviously just a machine making outbound calls. If we all register incidents as they happen we may at least make some progress.

The PPI mis-selling compensation industry may not be outside the law but the methods used to drum up leads must surely be pretty borderline.

Categories
Business datacentre

To whom it may concern

"legitimate" spam exampleThere is nothing more annoying than being spammed. Anti spam software is pretty good these days and I rarely get spam spam if you know what I mean.

Spam spam is the bad stuff trying to sell me  viagra, handbags, penis enlargements etc etc etc.

Unfortunately these days the spam spam problem has been replaced with “legitimate” spam. This is the stuff sent by genuine companies who have bought my name off some database.

Over the last 24 hours I have had emails from Apposite Technology Parters (que?), datacentres.com News, Retail Week Jobs, OFFTEK, easyjet, BLiNQ networks, Sparks, SAP, Telecoms Tech and others. I go through phases of unsubscribing from mails I get sent but it’s like pushing water uphill. The cat is well and truly out of the bag.

Most of them I can just ignore. There isn’t much point in marking the sender as junk because it usually comes from some non descript mail server address. The ones that are really annoying come with Subject line content such as “Your enquiry” or “Re: ” There should be a website where we can name and shame senders of such emails.

That’s all – had to get it off my chest.

So long.

PS Akismet is brilliant at catching spam comments in wordpress blogs. I’ve just looked and I had 2,600 items caught in the spam folder. The flavour of the day seems to be ugh boots, nike gear, longchamp bags, louis vuitton and other such dross.

Categories
End User social networking

I just blocked someone on Facebook – one of those easy decisions but nevertheless painful

It really really pains me to admit it but I have just blocked an absolutely gorgeous woman on Facebook. The friend request came in out of the blue and thinking she must be a friend of a friend I took a look.

This woman was highly attractive and had some very sexy photos in her profile. I have to say I left the invitation to friendship on the screen for a minute or two but then took the plunge and blocked her. She must have been a very lonely person – only had thirteen or so Facebook friends, three of who were clearly the same person with different accounts. I would have liked to have had the option of “block and report spam” but it was either one of the other so I just went for the former.

I shudder to think what I might have been letting myself in for had I accepted the request. Caveat Emptor.

Categories
Engineer spam

More spam

As an update from yesterday’s post the botnet attacks are getting even more frequent. I’ll post some notes tomorrow on best practice for ISPs contending with spam. You can see the increase in frequency and intensity over yesterday. Some crook somewhere has obviously decided on a new “marketing campaign”.

mail-darktues

Categories
Engineer internet spam

Spam attacks

I sometimes sit and watch SPAM attacks coming in on our mail servers. ISPs are constantly having to ward off spam. It is like being in a cyber war. What is mind boggling is that sheer volume. The chart below shows unwanted mail below the x axis and legitimate stuff above.

You can barely make out the legitimate mail because in the scale it is dwarfed by the spam. It is also interesting to observe that the attacks come in waves.  You can see the major incoming waves on Sunday evening followed by periodic smaller attacks which appear to be the work of botnets.

This spam is of course not passed on to our customers who pay us for a premium service. You can zoom in by clicking a couple of times on the picture.

mail-dark1

Categories
End User security spam

Spam not Spam

I have recently started corresponding with Randy Abrams of anti virus company www.eset.com.  He has commented on some of my posts in the past.  He offered this postulation today:

“Sometimes I receive spam from legitimate companies. They shouldn’t be spamming me, but this isn’t the Viagra, Rolex, and other run of the mill spammers I am talking about… these are generally IT companies.

So, I am considering automatically subscribing these spammers to Industry News with an email indicating that they have been subscribed and can choose to opt out. Your thoughts. Good idea? Too good for them?   Give it a try?”

My standard response to legitimate spammers is to reply to them asking whether they have read www.trefor.net?  It seems only fair.  They are sending me unsolicited mail.  It’s amazing how many of them then do read the blog,  I get quite a lot of positive feedback this way.  I’m sure some of them are reading this post now 🙂 .  I have a fairly relaxed view on life.  We are all trying to earn a living.  We all need to be friends within sensible bounds.

Categories
Engineer internet peering

LINX64

Timico is a member of LINX, or the London Internet Exchange. Linx is a not for profit  meeting point in London where ISPs and network operators meet to peer their traffic, ie to share their connectivity with one another.

It is a sign of the pace of growth in internet related activity that membership of LINX rose  in 2008 to 308, up by around 20% from the previous year. The peak traffic carried over the LINX network is over 400Gbps which is a lot of ADSL connections.

The LINX meetings are not only good networking opportunities but a great place to keep up with developments in internet technology. This week the subject matter includes at IPv6, DNS security and SPAM. LINX64 is sponsored by Telehouse.

I’ll post any useful material as it happens.

Categories
End User internet spam

Spam attacks

Trefor.net  started being subjected to spam attacks a while ago. Any domain that has been in use for a while gets it as spammers’ systems learn of its existence.  The interesting thing is that these attacks come in waves. I can sit in the Network Operations Centre and watch email traffic surge due to an attack.

The occurrence of these waves often coincides with spam on trefor.net which appears as comments in posts. Fortunately I have to moderate comments so they aren’t seen by readers. I never get spam email because our systems catch pretty much all of it.

Categories
End User spam

Sources of Spam

Spam hotspots
Spam hotspots

I’ve been talking to a number of anti-spam and anti virus technology vendors recently.

It is important to keep up with what is going on in this field. As we move into 2009 it is a subject I will be writing more about.

In the meantime I came across this map of sources of SPAM. There are a number of them floating around online. It is interesting to see that all the usual suspects are there: South East Asia, Russia, Brazil.

I was quite surprised to see so much activity in the USA and Europe. Perhaps I shouldn’t have been.

Categories
Business fun stuff

A day in the life

Life is rich. If yours isn’t you should seriously think about doing something about it. I was wondering what to write about today out of the many things that are going on. In the end I thought I’d just rattle off a list of things I was involved in during the day because I believe it illustrates the point of those opening three words.

Got in and made a cup of tea. Then spent time discussing a contract we are about to sign with BT. Checked up on progress of our 21CN trial orders. Sat with tech support discussing a Virtual Machine project we are looking at. Discussions with our new Business Development Director who starts in January (more on him in due course I’m sure). Meeting with Cisco to discuss marketing plans for the Cisco Small Business portfolio for 2009. Lunch with Cisco. Meeting with Nortel to discuss hosted VoIP propositions. Drop Nortel off at station. Arrange tech meeting to discuss SPAM strategy for 2009. Conference call with VoIP Operations Manager to discuss specific customer technical issue. Home to take kids to cubs. Catch up chat with CEO. Go to school prize giving evening (son Tom won prize for English  and yes of course I am proud of him). Chat with headmaster congratulating him on chosing son as prizewinner. Home. Kiss wife. Do emails and write blog post.

Tomorrow is another day, another blog post. Friday is a day off to take the kids to the Lincoln Christmas Market. Check it out here. They get hundreds of thousands of visitors each year (or so I’m told). We live slap bang in the middle of the action so it is difficult to ignore. One of the kids’ school shuts down for the duration because access to it is impossible. The parents run a cafe which raises around £10,000 each year for the school PTA funds. Thats one heck of a lot of teas and coffees at a pound each. 

Categories
End User internet spam

Another Spam Good News Story

The Washington Post has reported that USA colo provider McColo has had it’s internet connectivity cut off by its ISPs because it had been playing host for some time to Spammers. It’s very much worth reading the article.

Categories
End User internet security spam

Spammers Hammered – Hooray

One of our tech support team, Will Curtis, mentioned to me today that the amount of spam he has been receiving on his home email account dropped considerably around two weeks ago.

He also came across this article which tells that the Federal Trade Commission in the USA had raided an organisation that was supposedly one of the largest spam gangs in the world. The Chicago based gang had all its equipment confiscated.

I asked around to see if anyone else had similarly experienced the reduction in spam. Amazingly Ian Christian from the netops team had also seen a reduction and was able to provide a graph to show it in action. There is a clear drop in week 41.

Unfortunately spam will inevitably rise again. Our current monitors suggest that 37% of mail inbound through the Timico mailsafe system is spam. Very little of it makes it through to the end users though.

Categories
End User internet security

Alphabet attacks

Following my last post which was on security I was sat in the Timico NOC today and interestingly watched a SPAM attack in progress.

It was an alphabet attack. This is one where someone’s email server is compromised and used to send out SPAM by rotating through the alphabet for email addresses (eg [email protected] – the SPAM algorithm works its way through every combination of alphabetical variants. In this case it was targetting Italian .it addresses.

Our network monitoring picked it up and we immediately blacklisted/shut down access to that Exchange mail server. We also contacted the customer to let him know and so that he could take remedial action and remove the offending SPAM.

Apart from being interesting to watch it in action, a bit like standing on the edge of a battlefield watching the fighting, it again highlighted the need to have secure passwords. In this case we tried accessing the offending server and were able to log on using a simple admin/password combination of credentials.

When I started this blog I didn’t think that security would become such a mainstream subject but I was wrong

Categories
Engineer security

Junk email

Junk email filters are great. I don’t get much if any SPAM because of the Timico anti SPAM/virus service but I do get a lot of emails from genuine businesses trying to sell me tickets to conferences (usually not in the same country as I live) and from headhunters trying to place candidates.

Whilst everyone has to make a living these unsolicited sales approaches can really clog up my intray .  Amazingly enough I only recently discovered how to filter out by domain so that they all go into the junk email folder.

Also if someone calls me without a caller ID then they only stand a 50% chance of me picking up the phone. The philosophy here is that if you don’t want me to know your phone number then I quite possibly don’t mind not knowing you.

This isn’t to say I am unapproachable but you need to have an elevator pitch ready. We have recently met with some impressive technology vendors who got through on a good elevator pitch.

Categories
Business security voip

SPIT and SPAM

One of the problems facing the VoIP industry is of course SPIT. SPIT is the SPAM of the Internet Telephony industry. Robot diallers are a huge problem in North America and I have a friend who always listens to who is leaving an answer phone message before picking up the call. A high proportion of calls are from computers.

 

In the IP world it is even easier to make huge volumes of VoIP calls from a computer, particularly because there is potentially no cost involved. The model here is the same as for SPAM which is of course essentially free of charge.

 

The interesting dilemma is that whilst a SPAM filter can monitor and email for particular types of content this is not possible in Internet Telephony where a call has to be set up and answered before the callee knows who is speaking to them.

 

We therefore have to employ more sophisticated techniques in spotting this type of traffic and in general an ITSP will monitor the call traffic on its network to identify unusual patterns. For example if a specific caller is making multiple calls inside an unreasonable short space of time then it cannot be a human making the call. Alternatively if calls to many different end users are going unanswered then this too is unusual behaviour and is likely to be a computer.

 

The level of SPIT facing an ITSP has not yet reached the proportions of SPAM which can be over 90 percent of all incoming emails (if you are receiving a high level of SPAM you need to change to a professional anti SPAM service). It is however certainly something that a serious ITSP takes seriously.