Help!! Spam specifically targetted to SG account.

General discussion re sg.

Help!! Spam specifically targetted to SG account.

Postby vsp » Wed Mar 03, 2004 2:43 am

Sorry for this long post

It has been less than 5 days since I opened my SG account.
I posted to usenet using an SG ID I created for this purpose

2 days after that, I get 20 spams at an ID named
hf.50.<myid>@spamgourmet.com. Note that hf is not the ID I created for my USENET account

All these emails were in German and were from domains ending in .de

Two observations:
1. It seems that all these guys needed to know for creating an ID to spam me was that my ID was <myid> (heck what I am trying to hide <myid> == "vsp" :-). They then proceeded to to send me 50 messages (probably) of which I received 20

2. Use a prefix - I hear you say?
Well, how about I choose a prefix, then 2 days later I receive 20 spams at an ID created using this prefix. Then I log in again and change the prefix and receive 20 spams again and here we go again ... This is far from the "register and forget" idiom promoted by SG right?

My conclusions:
1. Here spam is being targetted specifically to the SG service.
2. 20 emails is a HUGE default. Please make it 3 (expandable to 20 by user login and request)
3. Prefixes will also prove to be unsafe against a targetted attempt like this one and will require regular visits to spamgourmet.com to change the prefix

A question:
Can I disable my forward email ID and make it a null string so I can retain my SG account and login, just not have it forward any emails till we figure what is happening here. I would like to come back later and then provide a forward email address.

Hope we can work around this hiccup
vsp
 

Postby SysKoll » Wed Mar 03, 2004 4:25 am

The problem is that spammers start to be so pissed off at SG that some of them are developping procedures to spam SG users specifically. That means we're winning. We're deleting 90% of their crap right off the bat and they know it.

Your suggestions are well noted. We are working on something we'll explain soon.

In your case, if you are afraid that someone might create a specific address, here is a workaround solution.


  1. Before you post a new address to Usenet (where it'll get picked by spammers, guaranteed), create it on the system by firing an email to that address. Select the count you want while you're at it.
  2. Then logon to SG and put a watchword on your account. Choose a nice one that's not trivial. This will prevent the creation of new disposables but won't affect the existing addresses, including the one you just sent.


Yes, I'm aware that the next iteration of this involves disabling or changing the watchword. But come on. You're posting on Usenet, the spam haven of the Internet, and you don't expect to have to take precautions? That's unrealistic. There are places that you don't visit without a lot of precautions. It's like visiting a morgue during an Ebola outbreak and giving a big hug to each corpse: if you don't wear an airtight suit and burn it afterwards, then suffer the consequences!
Last edited by SysKoll on Wed Mar 03, 2004 3:34 pm, edited 1 time in total.
-- SysKoll
SysKoll
 
Posts: 893
Joined: Thu Aug 28, 2003 9:24 pm

Postby vsp » Wed Mar 03, 2004 2:53 pm

Hi SysKoll,

I do appreciate your comments about the Ebola example, but I would like to reiterate some observations.

1. The ID I used for USENET was _not_ spammed. Someone really targetted the SG service by just using my login ID - vsp- and creating an new email ID for me on their own.

2. Of course, I do intend to use prefixes and watchwords from now on, but the spammers have defeated one of the strong points of SG, namely the ability to use the no-brainer mode

I will look forward to the new changes being made.
Thanks for your comments
vsp
 

Postby SysKoll » Wed Mar 03, 2004 3:40 pm

The ID I used for USENET was _not_ spammed. Someone really targetted the SG service by just using my login ID - vsp- and creating an new email ID for me on their own.


That happened to me too. I posted a disposable in a public forum, and a variant of it (not the posted address) was spammed (and still is). My best guess is that someone manually tinkers with SG addresses in the hope of getting through.

The changes on which we (especially Josh) are working now will drastically limit the potential damage a spammer can do to an account, even without using watchwords.
-- SysKoll
SysKoll
 
Posts: 893
Joined: Thu Aug 28, 2003 9:24 pm


Return to General Discussion

Who is online

Users browsing this forum: No registered users and 21 guests

cron