[Mgs] recent spam

[David Councill]

I haven’t seen any spam as described. But since I was a former system/email administrator, perhaps I can shed a bit of light on this. Email addresses can be harvested through address books or even off the Internet. Programs can scan websites to pick up anything matching an email address format. The past several years, one of the commonest methods was/is to collect some email addresses and then email those users and ask for their account login information. It will be under the pretense of a security change or email quota exceeded or some other misleading excuse – and it works as people frequently respond with their username and password. Then with that information, the hacker can login to that email account and harvest more email addresses plus they can use that account and that account’s mail server to send out more emails asking for email account logins or to sell something or to send out malware.

 

Until I took a new job and moved a couple of years ago, I had the same email address for about 20 years. I was also very active on the Internet. So I would get a lot of spam. And spammers would often use my email address (but not my account) when sending spam so I would often get non-delivery notices as a result. So when other people brought similar problems to me under my role as the university email administrator, I would tell them to do a google search on their email address to show them how spammers can easily find and harvest their email addresses. And if you do that, you will see that this mailing list has a public exposed archive, available right on the Internet. So it is possible that your email address could have come from the autox.team.net server. Some spammers will go so far as to subscribe to email lists so they can not only send a spam message to all the subscribers but they may also have access to a list of all the subscribers, thus having a clean email list to spam to. But the easy way is just to use a program that runs scans across the web with minimal human intervention needed.

 

Spam filters may also be an issue. In reality, I believe that currently 90% of all email is spam but the figure might be a bit out of date. Most of this is easily blocked due to blacklists maintained on the Internet that track the IP addresses of sites or computers sending out large amounts of spam – you usually will only see spam from sites not yet blacklisted or spam that has been crafted to avoid blacklists and/or other spam filters. It may be that you need to turn on the spam filters as some email providers have this configurable to some extent. I currently run my own mail server and am not very active posting on the Internet – and my only filtering right now is using a couple email blacklists. Before I configured the filters, I was getting maybe 10 spams a day, now the spam is fairly rare – maybe a couple a week.

 

David Councill

64 MGB – and driving it today

67 MGBGT 

72 MGB

 

 

From: Mgs [mailto:mgs-bounces at autox.team.net] On Behalf Of S. Carr via Mgs
Sent: Monday, March 14, 2016 11:46 AM
To: MG List
Subject: [Mgs] recent spam

 

Has anyone else on the MG list recently been plagued by spam--much originating from overseas--about (fake) invoices attached as zip files, and other such garbage?  As I’ve been getting this stuff on the 2 email addresses I use for lists (one MGs, one Healeys) I suspect that someone on the list has had their computer hacked and their address book copied.  (Needless to say, it’s all immediately deleted without being opened.)

 

Sarah Carr

MGB/GT in PA

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://autox.team.net/pipermail/mgs/attachments/20160315/c4f55030/attachment.html>