Re: To moderators please help
- From: Don Levey <Don_SCJM@xxxxxxxxxxxxx>
- Date: Mon, 12 Jan 2009 16:22:34 +0000 (UTC)
ShalomfromDvora@xxxxxxxxx (Dvora) writes:
since i came back from ohio and found my entire contents othis machine
blank --- i have had a problem each day of havind a mailbox FULL with
spam using MY ---shalomfromdvora -- address --
-
i am confused by this and worried if someone has stolen my address could
they be sending bad mail to others using my name ?
-
Thank you for your help --- Dvora
If I understand correctly, WebTV is a system wherein all your data is
really on their main server, and your interface is via a terminal
(basically a screen and keyboard connected via network to that server).
if this is the case, I can think of three possibilities, in increasing
order of likelihood:
1) The main WebTV server has been compromised. From what I've heard,
WebTV is a Microsoft entity. That would strongly suggest that they run
Windows on the back end, which would increase the possibility, but even
still Microsoft is a large company with many layers of security on their
networks, which makes this the least likely scenario, from my point of
view.
2) Often, viruses will scan the computer they're infecting for email
addresses. They use these addresses in two ways:
a. They send copies of themselves (usually using spam email messages)
to every address on that list.
b. They pick one of the addresses to use as a "From:" address, often
tricking the recipients into thinking that the infected spam is
coming from a person that they know.
When this happens, often the innocent "From:" address owner will receive
many "bounce" messages, complaints, and the like, because all responses
from the infected spam will go to them. Analysis of the infected
messages can determine the true origin, most of the time. This is more
likely than the WebTV explanation above, but requires that someone you
know be infected by one of the viruses that will do this.
3) Newsgroups, especially ones which can be "controversial" or sensitive,
are often "harvested" for email addresses. A spammer (or their software
program) will scan through all the messages in a newsgroup and pick out
everything that looks like an email address. They will then spam all
those addresses, and often use one of them as the "From:" address (as
above). This happens a LOT. You'll notice that there are two addresses
I use in this post - the "From:" address (Don_SCJM) and the one in my
signature (salearn). I get spam to both of them, and that second address
is one that _no_ _one_ ever uses for legitimate mail; the only way a
spammer would get it is by harvesting the newsgroup.
Using a false "From:" address with intent, by the way, is called a "Joe
Job". Choosing a random address for this purpose is called "backscatter".
I'll be happy to answer further questions, but this is probably not the
best place for me to do so.
--
Don Levey, Framingam MA If knowledge is power,
(email address in header works) and power corrupts, then...
NOTE: Don't send mail to to salearn@xxxxxxxxxxxxx
GnuPG public key: http://www.the-leveys.us:6080/keys/don-dsakey.asc
.
- Follow-Ups:
- Re: To moderators please help
- From: Nancy
- Re: To moderators please help
- From: Dvora
- Re: To moderators please help
- References:
- To moderators please help
- From: Dvora
- To moderators please help
- Prev by Date: To moderators please help
- Next by Date: Re: War crimes in Gaza
- Previous by thread: To moderators please help
- Next by thread: Re: To moderators please help
- Index(es):
Relevant Pages
|
Loading
