How to handle threats from forum spammers! [Sample threat]
Spammer 101
1. Spammers are stupid. 99%+ of them have very limited computer knowledge. 2. Spammers always lie. And since they're also stupid, it's really easy to see these lies. 3. Spamming is a long-term failure. They're wasting their time. 4. But spammers also waste your time -- be you mere recipient, site owner, or server admin. Sample Threat + Response About a week ago, I got this gem in my inbox: Quote:
It was unusual to get this sort of email from a @comcast.net address. There was the slim possibility that the email was legit. We'd recently made some stricter anti-spam and security changes to our site, and may have overtightened it by accident. It was a possible oops on our part. We'd already caught two other minor issues from the new rules. So I wrote back: Quote:
Quote:
A retired disabled guy wants to make instructional videos? Possible, but unlikely. This is already looking like a scam. :rolleyes: Nothing in use accuses anyone of being a felon, or "trafficking" anything, etc. The email was sent in the wee hours of the morning. It's extremely unlikely that a disabled senior in Delaware was sending us emails at that hour. Nor is a "Dahl" (northern Europe ancestral name) going to speak Engrish like a middle easterner. Something was up. :hmm: I especially enjoyed the flimsy threats to tell "friends in the nation's capital". He doesn't seem to even know what nation the site is hosted in. So I checked the server logs. And I got a hit: Code:
missilemike A search of the IP address came back as: Code:
IP Address: 104.151.242.62 You can go one further yet, and look at scalabledns.com on WOT: https://www.mywot.com/en/scorecard/scalabledns.com It's just a spammer domain. And a search of the email address brought back a bunch of Arabic blah-blah: https://addons.mozilla.org/ar/firefox/user/missilemike Yep, middle eastern, as I'd suspected all along. So I wrote back. (And I must've been in a good mood, as it was tame.) Quote:
Once upon a time, 15 years ago, a real "missilemike" did exist: http://www.dslreports.com/forum/r865...ate-~start=120. He wrote coherent English back then! But that email account was likely abandoned, and a spammer nabbed it from a brute force. Conclusion When it comes to spam threats, you have 3 choices. 1. Delete it. 2. Reply with facts and questions, and stay professional/business-like, as I did here. 3. Reply with sarcasm, and even insults. (Since the spammer wasted your time, you're allowed to make it worth your while.) I also learned not to trust @comcast.net addresses. Apparently spammers (ab)use those too, just like the freemails. |
Your "Administration Department"? :rolleyes:
I would be curious to see what exactly these "impressive credentials" are....... But I found it's best not to feed the spammers, if they know the sender's email. |
One word: SpamExperts. :cool:
A spammer getting your email address is no longer the end of the world. If you use freemail, like Gmail or Yahoo, maybe there is a slight cause for concern, as those free mail services have lousy spam filters. So you're at their mercy. But if you have your own mail domain, then you can filter out junk in several ways. The first defense is SpamExperts, which has a 99%+ effectiveness rate of preventing junk from hitting your server AND in preventing false positives. We use this, and get the $4 monthly license from Veerotech. It's just one aspect of running a popular site, along with DDoS protection, security audits, etc. |
Thanks, I could redirect my mail to a webpage address and then redirect it back to my freemail, but for now I'll have to pray to the spam Gods...
|
Site design, images and content © 2002-2024 The Digital FAQ, www.digitalFAQ.com
Forum Software by vBulletin · Copyright © 2024 Jelsoft Enterprises Ltd.