Articles taggés Spam
Tripadvisor members have probably received an email from the CEO, explaining that their member’s list has been accessed by a third party.
It’s just one more company to add to the long list of those who have had their client’s list leaked.
It will make spammers very happy, but again, the positive thing is that, at least, they’ve come forward, unlike some other companies I’ve used in the past which just don’t even bother to acknowledge the fact that there has been a leak…
I don’t know if it was built by spammers or if they sell their database or if it’s too easy to hack, but if you leave an email address on that site, you will get spammed a lot…
Escher Auernheimer of Goatse Security had this to say:
“I released a semantic integer overflow exploit for Safari through
Goatse Security in March– it was patched on Apple’s desktop Safari but
has yet to be patched on the iPad. This bug we crafted allows the viewer
of a webpage to become a proxy (behind corporate and government
firewalls!) for spamming, exploit payloads, password bruteforce attacks
and other undesirables. The kicker is that this attack cannot be
detected by any current IDS/IPS system. We released this in March, mind
you, and Apple still hasn’t got around to patching this on the iPad! I
know through personal experience that the patch time for an iPad
vulnerability is over two months and counting. Given that, the number of
parties which probably have active iPad exploits likely numbers in the
hundreds, if not the thousands. The iPad simply is not a safe platform
for those that require a secure environment.”
If you want to spam the world, BT is one of the best network to be on. Nb 7 in Spamhaus’ worst ISP list0
Spam continues to plague the Internet because a small number of large Internet Service Providers sell service knowingly to professional spammers for profit, or do nothing to prevent spammers operating from their networks.
Although all networks claim to be anti-spam, some network executives factor revenue made from hosting known spam gangs into corporate policy decisions to continue to sell services to spam operations. Others simply decide that closing the holes in their end-user broadband systems that allow spammers access would be too costly to their bottom lines.
The majority of the world’s service providers succeed in keeping spammers off their networks and work to maintain a positive anti-spam reputation, but their work is undermined daily by the few networks who, out of corporate greed or mismanagement, choose to be part of the problem.
Source: Spamhaus Blocklist (SBL) database. Data is compiled automatically every 24 hours from the SBL database and sorted by the number of currently listed SBL records for each network (ISP/NSP). The source data, including record information on each spam issue listed can be viewed by clicking on the Number of Known Spam Issues links.
I came across quite a few companies that were either reselling my data
without my consent, got hacked or had rogue employees.
The offenders range from small online shops to large Telecom companies.
How can you find out?
It’s easy, if you’re not afraid of getting your hands dirty. You
“simply” need to register a domain name and get mail hosting with it
(shouldn’t cost more than £14/year). What that means is that you’ll buy
mynewdomain.com and will be able to receive emails that are being sent
Once you’ve bought the name, log into your control panel and define what
is called a “catchall”. Call it, per example,
All emails sent to mynewdomain.com will get delivered to that one
mailbox that you’ve defined and that you will monitor by adding it to
you email “client” (Thunderbird, Outlook, etc.)
Now…let’s say you want to buy shoes online at Schuh (one of the
offenders…). When you type in your email address, use something like
This is a unique email address that only that company knows about. Make
sure you untick all the boxes that say that they can sell your data, etc.
When they send you the confirmation order, they will send it to
email@example.com and it will be transferred to
firstname.lastname@example.org and you will get it in your inbox.
Two months later, you get an email from “your bank”, asking you to log
into your account because there was a security issue. It’s the typical
scam. A quick glance at the email address it was sent to and you notice
that it’s email@example.com. That’s not the email address
that your bank has on file which can only mean one thing: your data
leaked out of the Schuh IT systems. It doesn’t really matter how it
happened. They breached their obligations. You can decide to contact
them or to report them, up to you.
I read about this way of filtering emails a few years ago and it worked
really well for me.
The cons of this solution
Lots of spammers send emails to random email addresses like
firstname.lastname@example.org. If your anti-spam filters are not up to date,
you may get quite a few of these spams delivered to your new inbox. You
can use additional techniques to make the difference between a random
spam and an email address that you use to fill up forms. Per example you
can always start your addresses with “abc-“, it would look like
email@example.com. The chances of a spammer randomly
sending an email to this address are quite slim.
The other “problem” is when you need to get in touch with one of these
companies and they don’t provide an online form. You then need to send
an email from a real email account. I suggest you create one that you
will use to send those messages. something like
firstname.lastname@example.org. And you can use the “reply-to” feature when
you compose your email and you would type in the email address that you
used when ordering from them.
I’ve probably lost many of you at “simply” :D, but felt like it could be
useful for those of you looking for a solution ;).