The Cat is starting to prowl

 

I have not been doing much on this blog lately and I am afraid that a lot of what I do will be reduced. The masses of spam have had to be filtered and dumped, as my ISP can't cope with it, but I have enough to write a full analysis of it. Hopefully, I will have saved someone's bank account. But judging by what the wunch of bankers have done, the criminals are small beer.

I am alive and well and working on a new project. Now all can be revealed and I am one of a team developing a new Project Management System. It's loosely called MX73 and you can read about it on the blog, that I'm starting for the program.

The cat is out of the bag and starting to prowl.

Michael Vincent

 

I get two e-mails a day from this idiot telling me how I can make a lot of money. I don't need advice from people like him, but because he persists, it can't be a very good scheme.

But don't take my word for it, type "Michael Vincent scam" into Google and see what you find.

Hatloans.com

 

I've just had some spam from this company offering me an unsecured loan.

I suspect that's against the rules of the FSA. It may all be kosher, but I certainly wouldn't borrow any money, or buy anything for that matter, from a company that advertised with e-mails that looked like spam.

Why do I say look like spam?

The e-mail came from Frank Pierre [jadinsjyyevettepiab@excite.com]. Is that a genuine e-mail? No! Well, not in my book and I suspect ninety-nine percent of all Internet users.

If you can't reply directly to it, then the e-mail should be illegal. I did reply to the e-mail address and as expected it bounced.

The Loneliest Lady on the Planet

 

I get masses of e-mails a day from this lady. She must be incredibly dim, as she is surely good looking enough to get a boyfriend.

James Miller on the Radio

 

This morning I appeared on Victoria Derbyshire's program on Radio 5 Live discussing some of the worst excesses of spam promoting loans at an interest rate of 183.2%.

The only blemish, was that due to Victoria taking me earlier than the producer thought she would, I informed the nation, I was going to take a quick pee-break.

The Demise of Pump and Dump

 

There has been some discussion as to whether Pump and Dump scams have disappeared on the SPAM-L list.

Here's a graph, which shows they almost have.

Dating Spam

 

This has grown remarkably in the last few weeks.

Look at these figures.

Week % Dating

09/08 1.60
16/08 0.84
23/08 0.81
30/08 0.78
06/09 0.62
13/09 1.72
20/09 3.28
27/09 9.11
04/10 10.48
11/10 13.00

I can't see the point of it, as most has a picture of the same girl, TatianaG.

But look how it has risen in the last couple of weeks.

Viruses Down, Dating Up

 

Over the last few days, the number of virus e-mails I receive has dropped dramatically. On the other hand twenty percent of the spam I get is from dating sites.

You win some and you lose some.

www.attitudeproductions.com

 

Spam is being sent out which point to this web site. Don't click it as it links to a site that tries to install a virus on your site.

The registration is as follows :-

Registrant:
Attitude Media Design
33 Walton Drive.
Aurora, Ontario L4G 1W8
Canada

Registrar: DOTREGISTRAR
Domain Name: ATTITUDEPRODUCTIONS.COM
Created on: 24-JUN-03
Expires on: 24-JUN-09
Last Updated on: 29-MAY-08

Administrative Contact:
Swann, Pete pswann@aci.on.ca
33 Walton Drive.
Aurora, Ontario L4G 1W8
Canada
905-727-9400
905-727-0103

Technical Contact:
Metcalfe, Vic vic@zymsys.com
7 Corbett Cres.
Aurora, Ontario L4G 2E9
Canada
416-435-3457
905-707-2772


Domain servers in listed order:
NS.ZYMSYS.COM
NS2.ZYMSYS.COM

American Cruise Company

 

I am getting calls despite being registered with the Telephone Preference Service from an American Cruise Company. They seem to be using the number 01789 0000000, which should be in Stratford on Avon. Note the extra zero.

It looks like they're generating that number to get round those people who ban Withheld calls.

Yet another reason not to buy American products.

Spamming is OK if you're American

 

This is an except from a piece on The Register about a US spammer called Jeremy Jaynes, who has been set free, because apparently his free speech is worth more than our right not to receive his junk.

Notorious American AOL spammer Jeremy Jaynes had his nine year federal prison sentence overturned today, when Virginia's high court ruled the state's tough "anti-spam" law violates the First Amendment right to free speech.

The court unanimously agreed Virginia's anti-spam law is "unconstitutionally overbroad" because it bans all unsolicited bulk email with false or misleading originating addresses, both commercial and noncommercial.

The law considers unsolicited bulk email a felony if more than 10,000 recipients are mailed in a 24-hour period.

Justice Steven Agee wrote in today's ruling that the state law violates "the right to engage in anonymous speech, particularly anonymous political or religious speech" protected by the First Amendment.

Agee added that "were the Federalist Papers just being published today via e-mail, that transmission by PubliAus would violate the statute."

Until the United States joins the real world, we will continue to get these problems.

Strange Spam

 

I've been getting a lot of spam with different quotes similar to this one.

"Art is one of the means whereby man seeks to redeem a life which is experienced as chaotic, senseless, and largely evil." Aldous Leonard Huxley

Can't see any point!

There are also ones like this.

monel curate monel? hysteresis, fend try.
convene vreeland velasquez try suffragette communicant, suffragette isabel faith isabel hydrous capacitive.

fend suffragette suffragette

compendium compendium terrace? gifford, correspondent isabel.
mauricio reverend vreeland isabel appleton hydrosphere, capacitive hysteresis try pragmatist booky supremacy.

bahrein pierce terrace

extemporaneous try extemporaneous? axon, hydrous borneo.

suffragette grandchild.

None of them seem to have any links and I can't see what message they are about. Perhaps, the senders are trying out new spam methods.

Dating Group Team

 

Not sure if it's fraud, but it is one for the dustbin.

Good Day,

We offer a part time job on your computer.

Job Description:

We will provide you with the texts for our employees with the important information and you will correct the texts as an english speaking person and send them back to us.

Salary:

We don't have a fixed salary for this vacancy. We will pay you $7.00 for every 1Kb of the corrected text. You will get paid at the END of each month. Every month your salary will be different as it depends on your activity.

Example: If you correct about 5Kb of texts per day you will get over $1000.00 at the end of the month.

Requirements:

-Location: USA
-Age: 20+
-Home computer, e-mail address and Microsoft Word -Responsibility

To apply for job please send us the following information to:

Dating.Services.73@gmail.com
__________
FULL NAME:
HOME ADDRESS:
CITY, STATE, ZIP CODE:
Phone number (home or cell, but SHOULD BE available any day time):
E-MAIL:
AGE:
OCCUPATION:
EDUCATION:
AVAILABLE HOUR TO WORK WITH US:
----------

As soon as we revise your aplication we will contact you within 24 hours.

If you have any additional questions, feel free to ask.

Awaiting for your application.

With respect
Dating Group Team

UK Spam from the US

 

Increasingly, I'm getting a lot of spam from UK companies from US direct mail organisations. I got four from load/credit companies today.

There was also one from Tesco. I just don't use them anymore, unless it is to my advantage. I've pointed this out in letters to the company and nothing happens.

Rail Scrap

 

Not really sure what this is about.

As I was spam I posted it.

Description:
We wish to confirm you with full corporate responsibility that we are end seller ready, willing and able to transact and sell the commodities, with the following specifications, terms and conditions.
Sales and purchases will be based on the following procedures
.
The Product is Used Train Rail Scraps with the Specification of R50 & R 65 as conformed to the ISRI Codes.
Manufactured in Russia & Ukrain
The Origin is South Africa .
Quantity: 360, 000 MT (Three hundred and sixty Thousand Metric Tons)
Contract Period: Twelve Months.
Price: USD$125 per Metric Ton FOB.
Payment Terms: with only POF we will deliver the goods and there will be no up-front payment of any sort until delivery to your port. The POF will come as Pre-advise(MT799) to our bank which Seller will present to Buyer as his nominated bank account.

If you confirm willing, ready, we will send you the Verbiage of POF.

Inspections: By Buyer and at the port of loading by SGS for clear and clean of the quantity of the goods loaded on board vessel.
Chemical Composition: International Standards as follows:
R50 - 51.67 kg/m GOST 7173-75
C : 0.67 -- 0.8%
Mn : 0.75 -- 1.05%
Si : 0.13 -- 0.28%
P : max. 0.035%
S : max. 0.045%
Ar : max. 0.15%
R65 - 64.72 kg/m GOST 8165-75
C: 0.6 -- 0.082%
n: 0.75 -- 1.05%
Si: 0.13 - 0.28%
P: max. 0.035%
S: max. 0.045%
Ar: max. 0.15
Please confirm if you are willing to close down the contract as to enable us schedule and arrange for your urgent trip to South Africa for inspections of the materials and signing of the contract with us.

Finally, be informed that upon your acceptance to this offer, we will be providing you with all the related documents for your perusals before coming down to South Africa for the signing of the contract with us. Contact us with this phone number (+27825853552)

PLEASE REVERT YOUR EMAILS TO THE FOLLOWING ADDRESS: ebl.contract@gmail.com or ebl1.contractor@gmail.com
Regards
Benard M Radebe
Thanks

Sears Spam

 

Every day I get three or four spam e-mails from Sears.

It just shows how stupid some companies are, as I don't have a Sears near me. They should get their act together.

Loan Spam

 

I'm getting about six to ten spam messages a day trying to sell me a loan. Not the usual sort from joke companies in the UK, but from companies in the UK, who would think themselves totally proper.

One had an APR of 192% and was proud of the fact!

Isn't it illegal for these messages to be sent out from a spammer in the US?

Incidentally, the e-mail addresses they are sent to, were all harvested from the daisy.co.uk web site some years ago.

Spam is 30 Years Old

 

According to the Register, spam is thirty years old tomorrow.

Happy birthday spam!

Subject: $REPLINK

 

There are a lot of spam messages of this nature about today.

It's our old friend the Canadian Pharmacy.

Write to the Canadian Ambassador about it. If a million of us did that, they might do something about these load of crooks besmirching the name of Canada.

High Commissioner
Canadian High Commission
1 Grosvenor Sq
London, W1K 4AB

020 72586600‎

Yahoo

 

Most of the fraud, I've had lately have been sent by Yahoo customers.

At least Yahoo have their spam priorities correct, then!

10/10 For Virgin Wines

 

I received some spam e-mails that had been sent on behalf of Virgin Wines.

I wrote a letter to complain and got a good apology from them immediately.

I shall certainly be buying product from there.

A New Daily and Weekly Spam Record

 

When I started detailed counts in August 2007, the weekly figure was 61,629.

Last week the weekly figure was 200,036, which is a rise of about three and a quarter times.

The daily figure for Saturday was also 36,357.

What are governments doing about it?

Fuck all!

PerfSpot

 

This social networking site claims to be whiter than white. So why have I had a lot of spam trying to get me to visit the site?

Spam Blogs

 

I'm now getting a lot of spam, which is based on a blog, usually Blogger.

This is a typical one.

Cheap Apple s0ft: iWork, iLife, .MAC etc.

http://sheenahayerkr.blogspot.com

No extra prices for shipping, only downloadable s0ft, right at your desktop.

http://darcynorfolkgt.blogspot.com

There is more than a 40% discount!

Surely, Blogger and their parent Google, should put in extra security. But then look at GMail.

Van Dough Klykes

 

What a load of old tosh this one is?

It may not be fraud, but there will only one winner; Mr. Klykes. A very unlikely name.

The twit can't spell either! What a tosser!

Hello,
Van Dough here with some information about my newest
home business that offers a tremendous opportunity to easily
make OVER two thousand dollars per month working just a
few minutes per day.
This is not MLM, recruiting, netwroking, powerlines, downlines,
and all that jazz.
This is a subscription to the most unique ways to make money
that i have ever seen. You can test the waters with as little as $10
and I guarantee, you won't believe how big that $10 bill will explode
when you implement a few of these systems.
CLICK HERE FOR MORE DETAILS
Or go immediately to: >>> http://www.shmyl.com/bugpson
Thank You for your time and have a great day!

Van Dough Klykes
www.escape-from-job.info

Avandia Alert

 

I've had three of these spams by some sort of Ambulance Chaser.

It just shows how low the US has sunk.

Get Six Get Another Free

 

Spam messages last week were a total of 124,111 of which 4,380 were to my proper e-mail accounts.

This week so far the figures are 123,985 and 4,191.

So for the six days of this week, we've had as much as we had the whole of last week.

Crap US Offers

 

I'm getting a lot of these every day now. I think it was because I unsubscribed from one, which of course confirmed my e-mail.

A lot of them say that I subscribed from an IP address in Virginia. I didn't, so they've been passing my e-mail around illegally.

Come on Bush, stop your countrymen sending spam to everybody.

Spam Breaks The 20,000 Barrier

 

Yesterday, that daily level was broken for the first time.

And I suspect it will not be the last.

A New Record for Spam

 

Yesterday was the highest figure ever at 18441 messages.

In other words the United States is still doing nothing to curb spam.

The Changing Face of Spam

 

It is now six months, since I started the new method of collecting and analysing spam.

If I tried to collect all the spam sent to daisy.co.uk, jamesmiller.com and all of the other domains I use, it would be a nightmare, as I get upwards of 13,000 messages every day. I may be sad, but not that sad.

So I just analyse the spam sent to legitimate e-mail addresses in those domains and then split it down into several groups like Banking, Drugs, Gambling, Loans, Pornography, Pump and Dump, Replicas, Viruses and Others. The last group contains all the weird ones of which I have no idea what they are about.

Note that all of the graphs in this topic can be clicked and you will see a full-size version in another browser window.

Average Monthly Spam

This graph shows the average number of spam e-mails I've received every day from August 2006 to the 19th of January 2008.


As you can see it has risen alarmingly. In just under 18 months, the numbers I have received has gone from about 3,000 a day to around 14,000.

So why has this alarming increase not been raised in the media?

Probably because Internet companies have been able to grow to accommodate this traffic and also because governments and especially the US government have done little to halt the tide of spam.

Percentage Good Addresses in Spam

Here, I show the percentage of spam I received that goes to e-mail addresses that I have used.


Typically, many of the e-mails I get are to e-mail addresses that have been made up by computer programs run by spammers. The reason is that spammers get paid to send e-mails by the million, so it is easier to create bogus ones than find genuine ones.

You will notice in the graph, that this percentage was decreasing, but this process seems to have stopped and may have reversed.

Perhaps they have made up enough addresses.

One side effect of made-up e-mail addresses, is that many companies bounce e-mails that don't exist, so this creates more unwanted e-mails which generally go to another legitimate organisation, whose e-mail address has been spoofed to send the original e-mail.

So one spam message causes a chain of unwanted messages.

Percentage Weekly Banking Spam

We all get quite a few e-mails that are trying to obtain your bank account details.

This graph shows the percentage of this type of e-mail that I get to legitimate e-mail addresses.


These tend to go up and down a bit and they are not as high a percentage as they used to be a couple of years ago. Most these days seem to be for NatWest, who I would never bank with, in case I was fooled.

You do wonder though how much fraud they create?

I think that the banks may make the situation worse, by generally paying out if there has been an on-line fraud. They should only pay out if the police take a formal statement and put all of those defrauded in a database.

Why should I say that?

In on-line gambling, there is quite a bit of poker room fraud, where two people working together use a stolen credit card to upload money, lose it from one individual to another and then withdraw it.

Are crooks doing that with on-line banking?

One puts a fair bit of money into an on-line account and generates a proper persona with the bank. Then his Internet friend in Ruritania withdraws it all, whilst his friend is on holiday or better still in hospital.

I suspect the bank would refund the cash.

If these e-mails didn't exist, then there would be much less chance of illegal withdrawals.

Percentage Weekly Drugs Spam

This type of spam makes up the majority that I receive.


As you can see the level of this type of spam varies between about forty and sixty percent of all of the spam e-mails I receive. It has perhaps risen slightly over the sixth months I have been doing this detailed analysis.

Contrary to popular opinion it is not all about Viagra. But perhaps seventy percent is about this type of lifestyle drugs, whilst the remainder is general drugs aimed almost exclusively at the American market. Many of the sites that do this type of promotion are based in Canada and are there because drug prices in that country are lower than the USA.

So again, it is the USA that must get its act in order to cut the level of this type of spam. But then the US Government must act against the drug companies, who benefit on the one hand from high prices and on the other from the sales in Canada.

Everybody, who has tried to reform the greedy American healthcare system has failed, so I doubt that we'll see any reduction of this type of spam.

Depressing isn't it?

Percentage Weekly Fraud Spam

This type of spam is one where crooks are trying to entice you to part with your money for various fee fraud or 419 scams. (419 scams are named after that part of the Nigerian penal code. Enough said!)


What seems to be happening here, is that the fee fraud ones, where you collect cheques for companies and then pass the money to a third party after deducting a percentage are declining.

Perhaps people are getting more sensible and just laugh at them. I hope so.

There is also the fact, that they are annoying legitimate companies, who are involving law enforcement agencies and hopefully there has been a degree of collar feeling.

But the 419s keep coming! I didn't realise that there was so much money unclaimed in bank accounts!

Percentage Weekly Gambling Spam

Here the spammers are promoting gaming sites. They are a complete waste of time as far as I'm concerned, as I only deal with reputable sites like Betfair.


There seems in the chart to have been a big push at the start of December. Could this be because the US government had stopped access to what I would consider are legal gambling and poker sites based in reputable jurisdictions?

So protectionist legislation and tactics brought in by the US moves the punters into the hands of crooks.

Percentage Weekly Loans Spam

This type of spam is where the spammers are promoting loans to people who have desperate credit problems. Did I hear sub-prime loans?


Note how they went quiet with all of the problems of the sub-prime market and now that finance has dried up for the people who took these loans, the loan spam has started again.

I would have thought the best way to get your house reposessed would be to take out a loan promoted by a spammer.

Percentage Weekly Pornography Spam

Pornography and especially child pornography, is quoted by many as the reason the Internet should be banned.


Note that the level rose around mid-October, but typically it is of the order of a few percent. None of these contain an image larger than about a 100 x 100 pixels and the number that are promoting child pornography is extremely small. (I have had about ten or so in the period of this analysis. None had images, so I just reported them to the Internet Watch Foundation and then erased them.)

Percentage Weekly Pump and Dump Spam

Pump and dump scams are those where you are encouraged to buy worthless shares, so that others can make a killing.


In this graph they show a fairly steep decline from about ten or twelve percent to virtually nothing.

Why?

Because the SEC in the USA has a very strong policy of suspending shares mentioned in these scams.

In other words, action can work.

So why is the US not taking action in other areas to stop spam?

Percentage Weekly Replicas Spam

This group includes replicas of expensive watches and other luxury goods.


The graph shows that this spam increased in the run up to Christmas and the New Year and has now started to fall back.

That illustrates to me, that spammers are not mindless, but target their rubbish to where the weak may break and buy their crap.

Percentage Weekly Virus Spam

This group is composed of messages that try to get you to download viruses. The messages are characterised by IP addresses and teasing messages.


The graph may or may show that this type of spam is declining, as it does tend to turn up in bursts.

But whenever you get it, never download it.

Percentage Weekly Others Spam

This group contains everything else.


Note how it has declined.

Could this be because spammers are concentrating on spams that work?

An interesting point is that a sub-group of spams that are unreadable as they are in Russian, Japanese or other non-Roman languages appears to have declined.

Conclusions

There are some main conclusions that can be made :-

1. About 60% of spam is drug-related.

2. A large proportion of spam is aimed at customers in the USA.

3. When action is taken at a government level, as the SEC has done in the case of Pump and Dump scams, the spam can be seriously reduced.

4. Spammers change their pattern of spamming according to circumstances.

But above all, it is about time that the US got its act together on spam and acted against US companies involved in the process.

Bolotocard

 

I am getting a lot of spam e-mails promoting something called a Bolotocard. I won't give the link here as I don't do that for products that are advertised in this way.

They come from an organisation called CIP-A Marketing at 1276 North Main St, Miami, FL 33132.

I have tried to unsubscribe using the link at the bottom, but I just seem to get more of the spam.

Spam and the US Elections

 

I’d be interested in hearing the various candidates opinions on Internet spam. It’s gone up three times in the last year and about 90% is either from the US or aimed at the US.

J Willard

 

The idiot who spammed me with the Tesco Gift Cards, is now promoting loans in the UK.

Get from £300 to £1000 deposited directly into your account!!!!

Get the cash you need within 24 hours or less!

ALL applications accepted, only a 1 page form.
NO credit checks and FREE to apply!!

J. Willard
2202 S. Figueroa St.
Los Angeles, CA 90017

This points to a company called UKCashLenders.co.uk.

Now I'm not an expert on loans, but I do wonder if it would be worth dealing with a company that has been mentioned in a spam e-mail.

Tesco Gift Vouchers

 

This is definitely spam judging by the e-mail addresses and why would Tesco use a such a system. They also have an address in California.

Get a £150 Tesco gift voucher!

J. Willard
2202 S. Figueroa St.
Los Angeles, CA 90017

I've had nine of the little darlings. I also had another 48 in my spam trap.

It seems to be linked to a company called e-PayDay.co.uk or FreePay.com.

The latter claims that "Freepay.com is an independent rewards program and is not affiliated with any of the listed products or retailers."

In other words it's a spammer at best and a fraudster at worst.

This is the registration address for e-PayDay.co.uk

297 Kingsbury Grade #D, PO Box 4470
Stateline
NV
89449-4470
US

Cyberlover

 

Scambusters are always a good source of early warning on new scams. This morning I received this from them about a new product called Cyberlover.

So watch out.

A new class of bots (software robots) have found their way onto online dating forums, and we predict this is just the beginning of a new class of scams that will probably grow very fast.

These programs mimic online flirting with the goal of getting victims to provide personal information.

The first of these programs is called CyberLover.
Unfortunately, CyberLover is good enough at automating its chat so that victims have a hard time recognizing that it's an automated robot rather than a real person.

Further, CyberLover can establish up to 10 "relationships" in 30 minutes. That means that scammers can use this software to automate the scamming process: rather than having to spend time themselves, they can unleash this software to find hundreds or thousands of victims at a time.

CyberLover can be used for financial and identity theft, as well as leading to "personal" websites that deliver malware.

Currently, CyberLover is targeted at Russian dating sites.
However, it won't be long until we see similar bots in other countries (probably next month).

Action: Always use common sense. Don't provide financial or other personal information. And be on the alert that you may be flirting with a robot. ;-)

Christmas Day

 

I can't fathom this one out, but I had a lot more spam on Christams Day than any other since I started taking detailed counts.

Have they nothing better to do?

merrychristmasdude.com

 

This is an attempt to get you to download malicious software, so that spammers can use you to send spam.

Don't open any of these e-mails.

This website tells a lot more.

The registration details are :-

Registrant ID: P4DHBN0-RU
Registrant Name: John A Cortas
Registrant Organization: John A Cortas
Registrant Street1: Green st 322, fl.10
Registrant City: Toronto
Registrant Postal Code: 12345
Registrant Country: CA

Administrative, Technical Contact
Contact ID: P4DHBN0-RU
Contact Name: John A Cortas
Contact Organization: John A Cortas
Contact Street1: Green st 322, fl.10
Contact City: Toronto
Contact Postal Code: 12345
Contact Country: CA
Contact Phone: +1 435 2312633
Contact E-mail: cortas2008@yahoo.com

Why don't you phone the number above and wish the dude a Merry Christmas?

The Beach Bum Club

 

I had several of these e-mails.

I have unsubscribed to see what happens.

It may not be fraud, b ut I doubt anybody will make any money from it.

This Automated system is putting over $10,000 in many students pockets EVERY WEEK.

Right now, you can discover how to benefit from leveraging the power and momentum of ~ Inner Circle ~ and create massive Streams of Income for yourself.

http://thebeachbumclub.net

I have decided to open my ' Reverse Funnel System ' to the public for a limited time. This could be the Breakthrough you have been waiting for. Get yours before it is too late.

http://thebeachbumclub.net

I am absolutely convinced that my proven System will create massive wealth for virtually anyone regardless of your background your education or even your current level of income...

I'm going to PROVE it.

Ty Coughlin

Korean Spam

 

Yesterday, I got several e-mails like this.

This is the website seen on the news and 60 minutes. http://eiavalue.com/

They pointed to various web sites, all of which were dead and registered in Korea.

Does anybody have any idea what they are about?

Christmas is Coming

 

Over the last week, the number of sites promoting replica watches and other luxury goods has increased significantly.


From averaging around seven or eight percent for some months, in the last week the amount of spam in this class has risen to about thirty percent.

The amount of drug spam has reduced a bit, but loans and "pump and dump" have dropped to a low level. It just shows how the spammers change when they find something more profitable.

Is UK Ready For New Nuke?

 

I've had a lot of these today. They point to a website that doesn't exist.

Ignore them.

DATAMONITOR: Is UK ready for new nuke?.

Released : Thursday, November 15, 2007 2:18 AM
RDATE:15112007
London -- Whether the Chernobyl nuclear disaster was the catalyst or not, since around the time of that fateful day, nuclear power has fallen largely from favour as a means of generating electricity. Since 1990 news of nuclear power plant closures have outweighed those of plans for extending the life of current plants or indeed building anew. While some countries, France and Finland for example....

Selling Illegal Drugs On-Line

 

I'm getting a lot of spam selling illegal drugs on-line. So it's mainly pot, but I can bet that no-one is doing anything about it.

We sell Pot online

click right here

Musical Pump and Dump

 

We now have musical pump and dump. There is a small mp3 in the e-mail, which gives you a rendition of where you should waste your money.

Is this being clever? Or is it the last throw of a desperate group?

Let's hope it's the latter.

Alexey Tolstokozhev

 

It is being reported that Alexey Tolstokozhev has been shot dead in Russia. He is supposeed to be a spammer, but he's not known on Spamhaus.

If he is responsible for a lot of spam, then we'll see the levels drop in the next month or so.

I'm not holding out much chance.

Porn Up, Loans Down?

 

Porn related spam is typically between two and six percent of the messages I get.

But yesterday it was sixteen percent.

Is this a blip or a new set of rubbish?

I also haven't had any loan spam for the last few days. I suspect with all the problems of housing loans in the US and the UK, that no-one is responding to it, or if they do, they can't get anybody to lend the money.

Wrong! - The loans are back again this morning.

Porn though is still up, as is casino related crap.

Your Envoy may be due for a 33000 Kilometer Service

 

I thought at first this was fraud, but it's so rediculous, that it must be genuine.

I would never buy an American can anyway, due to Bush, capital punishment, the spam they send me etc. etc.

Dear James:

According to our records, your Envoy may now be due for a 33000 Kilometer Service:

Our trained technicians will change your engine oil & filter and perform all the recommended maintenance listed in your owner's manual as well as inspect other safety related components. Proper maintenance with genuine factory parts helps keep your Envoy operating at peak performance.

For additional information or to schedule an appointment, please call us at 306-525-5211 or to schedule an appointment online click here: schedule appointment

I hope you are enjoying your Envoy.

Sincerely,
Darah Gusal
Service Manager
Capital Pontiac Buick Cadillac GMC
service@capitalpontiac.ca
306-525-5211

Stop Smoking

 

I've just started getting Stop Smoking spam. I had eight today.

At least that load of spammers are a bit ethical. But only a bit!

The Rise and Rise of Spam

 

This graph shows how spam has risen and risen since August 2006.

No comments are necessary.

Loan Spam

 

This is a typical loan spam.

Note that it says that interest rates are at their lowest point in 40 years. I thought there was a bit of banking crisis.

Dear Homeowner,

Interest Rates are at their lowest point in 40 years!

We help you find the best rate for your situation by matching your needs with hundreds of lenders!

Home Improvement, Refinance, Second Mortgage, Home Equity Loans, and More! Even with less than perfect credit!

This service is 100% FREE to home owners and new home buyers without any obligation.

Just fill out a quick, simple form and jump-start your future plans today!

Football Downloads

 

Well not real football, the stupid American variety.

Don't click the link as it's a virus download.

Life as we know it is back, NFL season is open.
Get all the information you need for every game.
Stay informed for every game with our free game page:
http://81.23.98.120/

Another Record

 

Yesterday, the daily spam record was broken again.

It was 14611.

Over fifty seven percent of the identifiable spam was for drugs like Viagra, Cialis and Anatrim.

All Web Site Owners Should Use This

 

I'm very suspicious of this innocent looking message. It links to a page defined by an IP Address. It could be something that downloads a virus.

When you get messages like this that don't use a sensible web site and also ones signed like this with Simon, but from an e-mail address named Tim, don't click them.

Hi,
Do you own a web site?
If so would you like a web site rankings report, that tells you where you site is positioned in the Search Engines on your chosen keyword search phrases.
It would probably be very useful to know what people are typing into the search engines to find your products or services, we also offer a keyword analsis for your web site.
Hope this will be of benefit to you.
Best Regards,
Simon

Highest Daily Spam Total

 

I started logging spam in August 2006. I did it before that, but not as scientifically as I do now, so that is the real start date.

When I started the level was around 2,000 messages a day. Now it is averaging out at around 10,000.

But yesterday the total number of spam messages was 11,910.

Pfizer Sends Out Viagra Spam

 

Oh! Dear!

This article from Wired says that Pfizer's computers have been infected with the malware that sends out Viagra spam.

Sumercourt.com

 

Don't go to this URL.

Someone posted a comment on this blog, that linked to that URL. It tried to download a virus, which luckily was stopped by McAfee.

Good on you McAfee.

I think one of the morals of this is that if you blog, then make sure you don't click on any links in posts, unless you are absolutely sure who they are and what has been posted.

Spamnation

 

I find that this site, Spamnation, goes into greater depth about spam e-mails than me, so if you want more information check them out.

Video Scam

 

I've had a few of these. Don't click the link.

Hurricane Chris filmed the most amazing new video.

Be the first to see it. Go here to get the video: http://xx.xxx.xx.xxx/

Software Scam

 

This is a fairly incidious scam that I got two of yesterday. Install the software and you get something very nasty on your computer.

So far I've found Home Reno Planner and Digital Kittens.

Would you help us with our new software Home Reno Planner

This beta testing will enable us to fine tune the software for public release. All beta testers will receive a free copy of the final version and free updates for life.

Simply download the software. Try it out for one week. Email us what you think of it. Here is your chance. Follow the link to our secure download center: http://90.188.139.194/setup.exe

Programming Specialists Required! Freelance Work!

 

Genuine? Judge for yourself. I had several copies yesterday.

WiSoft INC. is currently seeking outstanding people for freelance working to fill position of Software Development Team of a group of 6-10 developers. Free working graphic, stable payments, career growth, migration opportunity.

Position A: System modules and driver deveploer.

------- Successful candidates should correspond to the following required competencies / skills:
- C++/ASSEMBLER expert programming skills
- Expirience of programming TCP\IP-based applications.
- Average english language skills
- Deep knowledges of win32 systems structures
------- SALARY: Starting: 2.000$/Month

Position B: Web-developer.

------ Successful candidates should correspond to the following required competencies / skills:
- Average english language skills
- PHP(or Perl) & Mysql professional development skills
- Expirience of development large web-based project
----- SALARY: Starting from 1000$/Month

Interesting? Send us your CV now!
Contact e-mail: natashaivanova@ukr.net

YouTube Scam

 

I had fourteen e-mails like this yesterday.

Man you have got to tell me where you picked her up. I saw this on the web, it has to be you. here is where I found it... http://www.youtube.com/watch?v=eEL9tKRejAY

It looks innocent enough, with a standard link to YouTube.

Goto the link in this topic and you'll get a message ferom YouTube saying that the video has not been uploaded.

But click the link in the e-mail and you will be taken to some disreputable site. I suspect, it's another version of the postcard, fake subscription scam.

Postcards Make a Comeback

 

Obviously, the fake subscriptions didn't work, so they've gone back to postcards.

Anthony Edwards

 

This idiot keeps sending me spam e-mails offering his search engine services.

There is no address, no contact me or any means of stopping them.

So fuck off Anthony Edwards.

Meltdown - But No Let-up in Viagra Ads.

 

This letter from Richard Whitbread appeared in the FT.

Sir, Is it possible that one benefit of the meltdown of credit lending will be a reduction in the number of spam emails I receive telling me I have been pre-approved for some unimaginably large amount of borrowing in US dollars? I wish I could see a similar end to the enthusiasm for telling me about Viagra.

I replied as follows :-

Richard Whitbread is unlikely to see much of a drop in spam because of the problems in the financial system.

A year ago, spam to our spam trap and analysis system was running at about 2,000 messages a day. Now it is around 10,000 in every twenty four hours. Over that period loan offers in the trap have fluctuated to as high as 10% of the total and almost disappeared for some weeks. They now sit at around 6%. Even if loan offers stopped completely, their place would be taken with the endless rise in Viagra and other drug ads which have risen in the last year from about 40% to a figure yesterday of over 60%. There are also plenty of other scams coming on stream, including the latest one of fake subscriptions designed to sign your computer up as a spam-generator.

The only good news is that the so-called Pump and Dump scams promoting shares have fallen from about 40% to a few percent and almost nothing on certain days.

Why should this be so?

Because the SEC has taken strong action against companies that are mentioned in the scams and restricted trading in their shares. There’s no point pushing something you can’t buy and sell.

So this action by the SEC has been many times more successful, than the US Can-Spam Act (Often called the Shut Up and Eat Your Spam Act) and all the legislation enacted by the EU. We are fighting nuclear and chemical weapons with pea-shooters and tissues.

Something must be done soon, as if my five times increase in spam transposes to the whole Internet, we will all be in an Internet meltdown of immeasurable proportions.

It wasn't published.

Fake Memberships - 3

 

This is the latest list.

Cat Lovers
CoolPics
Dog Lovers
Downloader Heaven
Entertaining Pros
Free Ringtones
Free Web Tools
Fun World
Funny-Files
Game Connect
Internet Dating
Job Search Pros
Joke-A-Day
Mobile Fun
Net Gambler
Net-Jokes
Office Antics
Online Hook-Up
Pet World
Poker World
Recipes Galore
Resume Hunters
Ringtone Heaven
Ringtone World
WebTunes
Web Cooking
Web Connects
Web Players
Wine Lovers

Salvador Prata (Prat)

 

Another scam for a non-existent lottery from Salvador Prata.

The scam e-mail came from Portugal.

One out of five, marked with a must try harder.

REFERENCE NUMBER: UK/940X2/68
TICKET NUMBER: 112-4540-525-106
DATE: 21/8/2007

Congratulations,

This e-mail is to inform you that you have been selected as a winner for a cash prize of £750,000.00(Seven Hundred and Fifty Thousand Great Britain Pounds) on our ONLINE SWEEPSTAKES PROMOTION program which was held today, 21th of August, 2007 in London, United Kingdom. To file your claim, do contact our fiduciary agent assigned to your file via email as given in the contact details below providing your Full Name and Reference Number(UK/940X2/68) to commence the process ofreleasing your cash prize.

Contact Person: Mr. Fredrick Wells
Email: claimsoffice@uknlfoundation.com
Tel: +44 704 570 3554

Yours Truly,
Andre Walter(Online Coordinator)

It gets interesting if you look up who owns the domain registration.

Domain Name.......... uknlfoundation.com
Creation Date........ 2007-07-25
Registration Date.... 2007-07-25
Expiry Date.......... 2008-07-25
Organisation Name.... James Reid
Organisation Address. P.O Box 326
Organisation Address.
Organisation Address. PAINTER
Organisation Address. 23420
Organisation Address. VA
Organisation Address. UNITED STATES

Admin Name........... James Reid
Admin Address........ P.O Box 326
Admin Address........
Admin Address........ PAINTER
Admin Address........ 23420
Admin Address........ VA
Admin Address........ UNITED STATES
Admin Email.......... info@uknlfoundation.com
Admin Phone.......... +1.7574427051
Admin Fax............

Tech Name............ Microsoft Office Live
Tech Address......... One Microsoft Way
Tech Address.........
Tech Address......... Redmond
Tech Address......... 98052
Tech Address......... WA
Tech Address......... UNITED STATES
Tech Email........... support@officelive.com
Tech Phone........... +1.8665915483
Tech Fax.............
Name Server.......... ns1.officelive.com
Name Server.......... ns2.officelive.com

Do you think someone ought to tell Microsoft?

Fake Memberships - 2

 

I got 33 yesterday to my main e-mail out of 479 spam e-mails.

That's 6.9%.

Incidentally my main spam trap, which contains all the made up e-mail addresses got 1150 out of 10124, which is 11.4%.

So it does seem that this group of spammers have a pretty useless database, as it contains more crap addresses than the average.

I have found a bit more about this spam and you can read it here on F-Secure's web Site.

They also seem to be inserting these messages in blogs, without the owner of the blog knowing. So check your block.

Fake Memberships

 

So the postcards, e-cards etc. go and what do we get instead. Fake memberships.

Welcome,

Are you ready to have fun at Free Ringtones.

Member Number: 376845665434
Temp Login ID: user2762
Your Temp. Password ID: tb149

This Login Info will expire in 24 hours. Please Change it.

Follow this Link: http://98.200.206.172/

Welcome,
Membership Services
Free Ringtones

They all look the same and todays list includes; Job Search Pros, Free Ringtones, Web Cooking, Recipes Galore, Game Connect, Mobile Fun, Pet World, Cat Lovers, Net-Jokes, Poker World, Joke-A-Day, Office Antics, Online Hook-Up, Fun World and Ringtone Heaven.

Don't click the link.

By the way the IP address in this e-mail is supposedly in the US. It may be or it may be not. Take your pick.

Play4Profits

 

I've not got much idea what this is about. Go to the web site and it doesn't say much, using the sort of bland words and rubbish that you get with most Internet scams. The only way to get more information seems to be to register.

It's just that I got this e-mail from someone local to me from a spammer, robot or something like that.

Do you wish to Play 4 Profits? It would be surprising if you didn’t – all of us want to create profits from our endeavours to enjoy the good things in life.

Created by an established British company with a great track record of innovation, expansion and pay-outs, both these featured businesses are set to be the front runners in the business Opportunity/MLM/Network Marketing sector.

For further information, please visit : -

www.play4profits.co.uk or www.play4profits.com

Good luck and best wishes

As I said the address was local and it didn't take me long to find out about the name and address given at the bottom of the e-mail.

So I sent them the following letter.

Play4Profits

I don’t know what sort of scam you may be promoting by sending scam e-mails, but I thought I had better tell you, that I take invasions of my privacy by spam seriously.

I’ve enclosed the e-mail I received on Saturday.

You will notice that it is from 5676ccdaaiply@walla.com, which is the sort of e-mail address generated by robots, spammers, criminals and crooks.

Can you please explain how your name is at the bottom?

If I do not receive a sensible explanation, the e-mail will be passed to the Information Commissioner, who take this type of abuse very seriously.

By the way, I did look at the website recommended in the e-mail. I couldn’t really understand it, but it seemed to have all the vague hallmarks of a scam to remove mugs from their money. I would not be stupid enough to join such a scheme and I have put the original e-mail and my reply on my blog.

James Miller

P.S. I do not use Remove at the bottom of e-mails, as this only confirms to the spammers, that I exist.

It'll be interesting to see what sort of response I get.

E Cards Have Gone?

 

It would appear that the hideous postcards, ecards and messages that have been inflicted on Internet users have stopped. I certainly haven't had any since 16:34 on the 18th of August.

This is one of the first days they haven't turned up since the 2nd of July.

Sydney Car Centre and Monster.com

 

Accusations have been made by people who post comments on this list, that some of the spam from Sydney Car Centre comes in some way from Monster.com.

I strongly suspect that Monster is a completely innocent party in all this. Could it be that addresses are being harvested in some robotic way from the site, by someone posing as an employer?

I'm going to be putting my CV on monster.com and see what happens. I shall be using a new e-mail address that will not be posted anywhere else.

Perhaps, if anyone else does this, they might like to tell me what happens.

Why Am I Getting All This Spam?

 

This rather old report from 2003, written by the Center for Democracy and Technology, may shed some light on the question.

Internet Crime

 

So the House of Lords think it can stop Internet crime.

Pull the other one.

Who is going to tell, the Russians, the Chinese and the Americans, to leave us alone.

The only people who seem to be doing anything are the Hong Kong Police. At least their response to problems completely shames that of UK Police forces. Try reporting a problem in the UK.

What Does This Mean?

 

I get several e-mails a day like this one.

06/03/2007 (13:53 GMT +03:00) 1.0
Content-Type: text/html
Date: %CURRENT_DATE_TIME

%MESSAGE_BODY

Any ideas on what it means?

How Scams Work

 

I have received this detailed account from E about how the scams work. Thanks to him for his concise details.

Read it and if you still want to get involved, read it again and again, until you decide that you have better things to do with your money like getting it out of the bank and setting fire to it.

You may post this to your web site, if you like.
The money transfer scam works like this:

The scammers transfer dirty money to the victim's bank
account (after the victim unwittingly supplies them with
their bank details.) The victim then transfer the funds to
one of the scammer's 'designated accounts' and removes,
as per instructions, a percentage for his 'commission.'
Unbeknownst to the poor souls who fall for this obvious
scam, they become unwittingly entangled in an international
money laundering scheme, the results of which can have
criminal implications.

The scammers also use the bank account details given to
them to cut new plastic using the victim's name. They use
the card and the victim's stolen personal information to buy
products on sites like e-bay and others, and in shopping malls.
They then re-sell the stolen goods, move to new bogus 'delivery'
addresses and keep the cash flowing in their money laundry.
This is done to hundreds of victims every day by criminal gangs
operating worldwide.

You've been robbed, had your identity stolen, and committed
a crime by being an accessory to money laundering criminals.

Its a multi-billion pound business each year operated almost
entirely by organized criminal gangs, especially mafia, operating
from Russia, Asia, Eastern Europe and offshore tax havens. The
authorities can't crack it. It is next to impossible to catch them.

Moral of Story:

A. Buyer Beware
B. Do NOT respond to spam

E is one hundred percent right with the last bit.

It's Not Me!

 

I've recently had several e-mails accusing me of sending them spam.

It's not me, but someone sending e-mails as if it came from me.

There is absolutely nothing I can do about it, so the best thing you can do is complain to your government and ask why they are not cracking down on spam.

If ninety-nine percent of spam were to be removed, then people like terrorists, paedophiles and crooks would be much more easily traced, prosecuted and sentenced to a long stretch in jail. We all want that don't we?

So why won't that government in the Land of the Free pass a decent and watertight Anti-Spam Act?

Daily Spam Pattern

 

This graph shows the spam I received on the 23rd of July, this year.


Someone was using daisy.co.uk to send rubbish.

United States National Medical Association - 2

 

This one is getting up my nose.

I've had nearly three hundred this morning already.

Sydney Car Centre - 5

 

I've had quite a few e-mails recently accusing me of sending out the Sydney Car Centre scam. It does seem to be one that has got a lot of people very heated.

If you don't believe me then look at Bob Bear. He's been following the scam since it started.

It would seem that if you have a decent junk filter on your e-mail, most of these e-mails will end up there. This is because they are all so similar, that a decent filter such as that in Outlook 2003 or 2007 will bury them.

You can also create a rule in most e-mail programs that will assign any e-mail that contains "Sydney Car" will be sent to the Junk folder.

Canadian Charity

 

Here comes another scam. This time supposedly from Canada.

This intention is of most importance to all EU candidates

We are glad to present you our new project.
This is a job prospect for EU candidates only.

Requirements and benefits:

Monthly gross salary: USD 1800-3600 per month
Age limit: 18-80 y.o.
Possible profession growth and promotion opportunity
Internet access, cellular or home phone number and the e-mail
Part-time (2-3hr per day) and full-time employment (8hr per day)

Our organization Canadian Charity is looking for new candidates and collaborators in Europa.

Become a part of our donating system that includes global donations to HIV positives, war refugees from Middle East and starving children from poorest European countries.

Our program does not charge or ask you to invest anything. We do not try to take your capital. Our regional sponsors and investors from different European Union and North American regions have already accepted our deal and are now the investing affiliates in our multi-national donating program.

Collaborate with our investors during the donation process and get from 1500 EUR (1800 USD) up to 3000 EUR (3600 USD) income per month. Together we can make this program work with highest efficiency and thus have an occasion to ease the sufferings and decrease the needs of thousands of people.

This position you can request is the "Donating Assistant" (future promotion to "donating manager" is possible after 3 months of successful assistance).

Please let us know if you are interested in becoming a part of our system and EMAIL US. We will then send you more details concerning the position of a "donating assistant".

Thank you very much for your time and for your wish to help the ones who really need our help and joint support.

I think I've seen some of these before from somewhere else. It's the HIV, war refugees and poorest European countries.

[I searched and I was right. See the International Donation Association.]

DON'T FALL FOR IT.

Interestingly, they may be breaking EU law by putting an age limit on the job.

Hong Kong and Spam

 

There was a suggestion here a few days ago that the Hong Kong Police have taken an interest in all the rubbish pointing to .hk web sites.

Believe it or not Hong Kong law enforcement wants to deal with this. Forward spams on to them enquiry@hkdnr.hk , crimeinformation@police.gov.hk , hkcert@hkcert.org

Yesterday, I only received 591 spam e-mails that pointed at .hk web sites and a much lower level of spam for a Sunday. But of these e-mails 482 pointed at www.koal.hk. This then points to an on-line gambling site.

So are the authorities in Hong Kong starting to get rid of the rubbish?

Who Is Bob Smith?

 

I received this e-mail to bobsmith@daisy.co.uk from Friends Reunited this morning.

Hello Bob,

Thanks for registering on friendsreunited.co.uk

Click to complete your registration

You'll then be able to find your old friends.

Regards

The Friends Reunited Team

P.S. Remember, with Friends Reunited your email address is never revealed.

If the link above doesn't work, go to www.friendsreunited.co.uk, login and enter the validation code: QPZ

Huh!

I like the bit that remember with Friends Reunited your e-mail address is never revealed. But what if dear old Bob puts the wrong one into his registration.

Obviously, I shall think about taking legal action against Bob, when it turns out, I'm getting masses of spam to bobsmith@daisy.co.uk.

McAfee Fights Back

 

I thought that McAfee had been outsmarted but the company is now catching the greetings cards again.

Good for them!

A Record Week For Spam

 

Last week was a record week for spam, since I started collecting statistics.

A quick look, shows that most of it is still the drug scams, but crooks like bent casinos are bombarding us with more and more.

But it's still too much and it's about time that the US took action.

McAfee Outsmarted

 

I said on this blog that McAfee had got a stop on the greeting cards that deliver nasties.

Their stop lasted about one day and now they are back with a vengance.

It just shows how clever spammers are.

An Angry Individual

 

Someone has accused me of sending him spam messages. I tried to reply to them by e-mail, but unfortunately, he gave me the wrong e-mail address.

So this is the message I send them.

I am sorry you are getting messages that appear to be from me, but I can assure you that I am not sending you messages, except of course this one. The messages you are getting are probably due to people using my domain name as a spoof, when they send e-mails. If you check the headers the messages usually come from the US, Russia or China, so I suggest you complain to the appropriate embassy.

I would suggest that you employ a proper spam filter from someone like McAfee or use the filters in Outlook to put these e-mails in the Junk E-mail folder.

I should hasten to add that I get about 8,000 spam e-mails a day and I have proved that with the right software I can manage them.

If you read my history at http://www.jamesmiller.com, you will see that I have been involved in the computer industry for over forty years and that I am a very ethical businessman. So I would have no need to send spam messages to anyone.

In addition, if I was a crook, would I give you my full details in this e-mail.

James Miller

Daisy Analysis Ltd.,
East Green Farm,
Great Bradley,
Newmarket, Suffolk CB8 9LU

I am genuinely sorry that this person is being upset, but until the US, Russian and Chinese governments take action, the tide of spam will increase.

If the individual involved will send me an e-mail, with their correct e-mail involved, I will try to ascertain how they can minimise the problem.

You've Got Worms

 

It didn't take long for the next scam to come along.

Dear Customer,

Our robot has detected an abnormal activity from your IP adress
on sending e-mails. Probably it is connected with the last epidemic
of a worm which does not have official patches at the moment.

We recommend you to install this patch to remove worm files
and stop email sending, otherwise your account will be blocked.

Administrator

Just as with the Greetings Card Scam it links through an IP address to some nasty on the Internet.

I looked up one e-mail address and the results are shown.

Unknown domain: 67.158.42.211
[IPv4 whois information for 67.158.42.211 ]
[whois.arin.net]
OrgName: PrairieWave Telecommunications, Inc.
OrgID: PRAIR
Address: 5100 S Broadband Ln.
City: Sioux Falls
StateProv: SD
PostalCode: 57108
Country: US

As of eight o'clock this morning I've had 52 of the little bastards.

Titles of the e-mails include :-

Alert!
ATTN!
Malware Alert!
Spyware Alert!
Spyware Detected!
Trojan Alert!
Trojan Detected!
Virus Activity Detected!
Virus Alert!
Virus Detected!
Warning!
Worm Activity Detected!
Worm Alert!
Worm Detected!

The rules are with any e-mail from a sender that you don't know, then don't click on any links or attachments it contains.

Remember you are your own worst enemy.

Goodbye Greetings Card Scams

 

They disappeared (for the moment anyway) at a minute to six in the evening on Sunday.

So McAfee, and probably the other anti-virus companies too, have got their man.

They did take a month or so to do it.

McAfee Cracks the ECards

 

As of today, the ECards are now showing as viruses because my McAfee system is stopping them.

But it took them from the 16th of June to stop them.

Spam by Spamhaus?

 

I've just had this message in what looks like a typical spam message. The title was "My guin and chokoloskee" and it was from someone called Nettie Powell.

>>>>>>>

WORKING TO PROTECT INTERNET NETWORKS WORLDWIDE Spamhaus tracks the Internet's Spammers, Spam Gangs and Spam Services, provides dependable realtime anti-spam protection for Internet networks, and works with Law Enforcement to identify and pursue spammers worldwide.

The SBL database is maintained by a dedicated international Spamhaus team based in 9 countries, working 24 hours a day, 7 days a week to list new confirmed spam issues and - just as importantly - to delist resolved issues.

The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.

The Exploits Block List can be used by all modern mail servers, by setting your mail server's anti-spam DNSBL feature (sometimes called "Blacklist DNS Servers" or "RBL servers") to query xbl.spamhaus.org.
Use of the XBL is free for users with normal mail servers (but networks with high email traffic should see DataFeed).

You can get MUCH MORE if you contact us:

The Spamhaus Project Ltd. //Address Deleted// but it was in Kent with a phone number.

<<<<<<<

I doubt it's spam, but why? Could it be to discredit Spamhaus?

Two of the phone numbers in these e-mails are mentioned in the defauct web site, Ultradesign.

All very curious.

Changing Face of Spam

 

The graph below shows the types of spam at several dates over the last year.

In that time the number of spam messages per day has increased from under a thousand to well over seven thousand, so all values have been normalised as percentages.


Looking at the various types of categories of spam, you can make a few simple conclusions.

1. Pump and Dump after being consistently over twenty percent has dropped significantly in the last couple of months to less than five. The SEC is clamping down on this fraud and it would seem that many of the crooks in this area have moved on.

2. Drugs, mainly of the erectile disfunction group, have shown an amazing consistency over the last few months and seem to be stuck on about fifty-five percent. A good percentage are from Canada.

3. Bank phishing scams are still with us and after a few months at low levels, they have now returned to higher ones, due to a concerted attack on the Royal Bank of Scotland.

4. Casino spam and mainly for one group operating out of Antigua are showing a steady growth and now make up nearly six percent of the total.

5. Fraud, mainly spurious job opportunities are not as high in the past, but the crooks are consistently thinking up new ideas.

6. Electrical Goods and Computers are a new group that has not been seen before and I suspect the work of one group. Perhaps an ex-Pump and Dump merchant.

7. E-Cards are a curious and dangerous group as they consist of a download that can seriously damage your computer's health. As they are all the same, they are probably one group of crooks, who are responsible for four percent of all the spam I get.

8. Others is not as bad as it seems, as many are returned mail messages, where crooks have used daisy.co.uk addresses to send spam. Perhaps the only good news is that there are only 28 messages in this group advertising pornography.

So you can see that as one avenue closes another opens and the spam continues to rise and overwhelm the Internet.

Girls Like That

 

Yesterday various e-mail address at daisy.co.uk received nearly 400 e-mails with the subject "Girls Like That".

Girls lie when they say "size doesn't matter" that's just to make us feel better,
The truth is they want their partner to have a huge one, and they will keep searching until they find it!
Now you can be that big man with the new improved and doctor recommended enlargement pills,
click here to get your supply before they sell out! http://xxxxx.xxx/
Kuszczak who collected easily. 'Boro then introduced
the UK's Ministry of Defence, is postponed due to a
replay. Middlesbrough looked the most likely to score

Can anybody believe that sending this number of e-mails is worthwhile?

Messages with a PDF

 

Recently there have been a lot of messages with a small PDF file attached.

It's a new version of "Pump and Dump".

Don't open the PDF, as although it's safe it's a waste of time.

E Card Explosion - 2

 

I've had 255, 290 and 588 e-cards in the last three days.

DON'T OPEN ONE. You'll get seriously infected.

E Card Explosion

 

I'm getting loads of these which all have the same format.

Good day.

Your school friend has sent you a greeting postcard from 2000greetings.com.

Send free ecards from 2000greetings.com with your choice of colors, words and music.

Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print.

To view your ecard, choose from any of the following options:

--------
OPTION 1
--------

Click on the following Internet address or copy & paste it into your browser's address box.

http://189.19.78.226/?92ded5e559ae0855a16e2a14205cd1712445ec8

--------
OPTION 2
--------

Copy & paste the ecard number in the "View Your Card" box at http://189.19.78.226/

Your ecard number is
92ded5e559ae0855a16e2a14205cd1712445ec8

Best wishes,
Mailer-Daemon,
2000greetings.com

They all have the same features :-

1. IP addresses instead of URLs. That's dodgy in it's own right.

2. A title like "You've received a greeting postcard from a school friend!"

3. They always give you two options.

I've had reports that they install some malacious software on your computer.

So don't click on any of those links.

Robert Soloway

 

Robert Soloway is a serial abuser, who is fully described on Spamhaus. A couple of days ago, he was arrested and now looks likely to spend some time and possibly a long time in one of the United States finest prisons.

But will it make much difference?

Over the last few days, I've received 12, 14, 4, 9, 2, 15 and 0 e-mails from his company called the Email Broadcasting Company. At least I didn't get any yesterday, but thats a small drop in the 5-8,000 I get every day.

I doubt it. But at least the sentence he'll hopefully get will encourage others to stop. But not if they're in China, Russia or other democracies, where extradition would not be possible.

Tiscali - A Cautionary Tale

 

Tiscali have been suffering attacks by spammers and some of their customers have been unable to send e-mails.

This is the start of an article in the Daily Telegraph.

Thousands of emails sent over the past week may have disappeared into a "black hole" without any warning they have been lost.

A small percentage of Tiscali Broadband's 1.8 million customers are thought to be affected, with an unknown proportion of all emails going astray, after the company fell victim to "spammers".

Although the problem began a week ago - on May 24 - many customers are still unaware they may have lost important business and social messages because the usual "error" warnings are not being returned.

I've just looked at their web site and the front page says nothing about this.

That is not a very good customer support policy.

Political Spam

 

Yesterday I had several spam e-mails protesting about human rights abuses in Estonia.

They had pictures of the Prime Minister dressed up to look like Hitler and the s in Estonia was shown using the SS symbol from the Nazis.

Click this link to see what the BBC says about it all.

I don't know the rights or wrongs of what is going on, but the three Baltic states have not got a happy history in the last hundred years or so and it would be hoped that the EU will give them some stability.

Pump and Dump Goes Graphical

 

Stonebridge Resources Exploration is now being promoted using elegant graphics, with even fake adverts for trading web sites at the bottom.

It doesn't matter how professional it is, it's still crap.

Abuse

 

A good web site always receives mail on abuse@xxx.xxx.

FreeWebCards.com, who today have started showering me with spam, have just bounced my e-mail to abuse@freewebcards.com.

So in my book, they're spammers and crooks.

DON'T USE THEM.