I just thought i would put this out there and i am not saying that any of the BOINC projects have done anything wrong, it is possible this address was found some other way....

but i got a phishing email today to the address that i used when signing up for seti, pirates, and CPDN (and the einstein pre-signup). this address has never been posted or used by me anywhere, it is a non-existing, simple forward address from my domain.

for those interested, it "appears" to be from Washington Mutual personalbanking@checking-02.wamu.com and tries to get you to "sign in" by clicking on https://login.personal.wamu.com/registration/CreateLogonEntry.asp that ACTUALLY goes to http://dawnstaley5.com/store/checking/.wamusk/index.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid=

hopefully no one else gets any of these, just be aware as always :)

---

S@h Berkeley's Staff Friends Club

> I just thought i would put this out there and i am not saying that any of the
> BOINC projects have done anything wrong, it is possible this addres was found
> some other way....
>

I also got 3 of those. Hmmm, hmmm....


Regards Hans

---

Boinc e-mail lists are not sold or otherwise given out. There are many ways that
spammers get e-mail addresses. One of the keys to screwing them up is putting
two or more symbols in your addy. Even then, nothings perfect.

---

Account frozen...

> I just thought i would put this out there and i am not saying that any of the
> BOINC projects have done anything wrong, it is possible this address was found
> some other way....
>
> but i got a phishing email today to the address that i used when signing up
> for seti, pirates, and CPDN (and the einstein pre-signup). this address has
> never been posted or used by me anywhere, it is a non-existing, simple forward
> address from my domain.
>
> for those interested, it "appears" to be from Washington Mutual
> personalbanking@checking-02.wamu.com and tries to get you to "sign in" by
> clicking on https://login.personal.wamu.com/registration/CreateLogonEntry.asp
> that ACTUALLY goes to
> http://dawnstaley5.com/store/checking/.wamusk/index.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid=
>
> hopefully no one else gets any of these, just be aware as always :)
>
I got one from a Bank I did not use a month or so ago, when I called they said that the people are emailing EVERYONE in the hopes that some are actual customers and that they will "respond" to the email.

---

It only takes one idiot to make me a millionaire.
Two makes Dogbytes a millionaire, too.
Three idiots - Berkeley buys Blue Gene/L.

The point is that this is a "snag the stupid" operation. John Q. Public doesn't question the internet - he accepts everything at face value. You were smart enough to stick to your intuition, and I applaud you for knowing better.

The rule of thumb is not to trust anyone online until you know that person and/or institution in real life. Therefore, don't trust me at all! :-D

---

> I just thought i would put this out there and i am not saying that any of the
> BOINC projects have done anything wrong, it is possible this address was found
> some other way....
>
> but i got a phishing email today to the address that i used when signing up
> for seti, pirates, and CPDN (and the einstein pre-signup). this address has
> never been posted or used by me anywhere, it is a non-existing, simple forward
> address from my domain.


Your address can even is a new one which you collected from your ISP today. And the minute it is active, can start receiving spam email. I'm sure you are going to ask, "How is that possible?". Well, spammers use many technics to get email addresses. And one is "username" generator. Example, they know of a domain, like say aol.com. So the program they use will try dictionary words as username@aol.com. They don't have to all correct. They can bounce for all the spammer cares, because his return address is fake anyway. This technic can return maybe 50-70% sucess rate. If you check the email headers, you can see this technic being used. You will see they this same email has also being cc copied to other people using the same username but with numbers behind, like username1 or username1958.

---

> They don't have to all correct. They can bounce for all the
> spammer cares, because his return address is fake anyway. This technic can
> return maybe 50-70% sucess rate.
>
I have had to live through being a faked return email address. Talk about a HUGE amount of email...

---

BOINC WIKI

> > They don't have to all correct. They can bounce for all the
> > spammer cares, because his return address is fake anyway. This technic
> can
> > return maybe 50-70% sucess rate.
> >
> I have had to live through being a faked return email address. Talk about a
> HUGE amount of email...

Actually, the typical phisher doesn't even try to send an actual message. The SMTP protocol goes through three steps to send a message -- the "to" address is in the second step.

Once they get a "250 ok" they know the address will be accepted. If they get "550 not valid" then the address is bad.

At that point, they can reset and never send a message body.

---

One of the engineering magazines I get did a test a couple of years ago. They created a new machine, put it on the net with a new e-mail accoiunt. They got the first piece of SPAM in 20 minutes of the first connect ...

---

> One of the engineering magazines I get did a test a couple of years ago. They
> created a new machine, put it on the net with a new e-mail accoiunt. They got
> the first piece of SPAM in 20 minutes of the first connect ...
>
>
>

When that Slammer worm first came out, an unsecured NT-based machine would be infected within 10 minutes of connecting to the internet. That's just pathetic. I never connect to the net without my trusty firewall / router in the way.

---

You will be assimilated...bunghole!

Check out SANS internet survival time history.

http://isc.sans.org/survivalhistory.php

---

I have guarded my school email address pretty well and I had not gotten more than a handfull of spam messages for over 3 years. Maybe one every 2 months. Then they gave us the option of changing our email address from their preassigned 3 letters/4 numbers (initials + 4 random numbers) to whatever we wanted. I changed mine to 'toby' and within a day I had 2 pieces of spam. At first I thought the new "eID" system as they call it now had been hacked but I quickly realized that it was just that my new address was more succeptible to a dictionary attack. I have managed to keep the flood under control (a couple per week maybe) by NEVER replying to any of them asking to be "taken off" the list (as we all know that only validates your address and allows them to charge double when selling it to other spammers).

I have actually gotten the same phishing email from "Washington Mutual" at this address.

---

A member of The Knights Who Say NI!
For rankings, history graphs and more, check out:
My BOINC stats site

> I have actually gotten the same phishing email from "Washington Mutual" at
> this address.

Yeah, I got that one too ... I sent it to WM so they could sic their lawyers on them ...

I forget what the statistic was, but it was 80-90% of the internet traffic is spam ...

The economics are wrong and that is causing the real problem. All they need to do is to start charging for e-mail above a limit per month ... all of a sudden, no more spam. I mean, lets say that there is a $20 charge, refunded at the end of a year, to set-up an account, plus normal monthly fee, AND 50 cents a message above, say, 400 ... unless you buy a more expensive account ...

Oh, close the account early, loose the $20 right away ...

Like I said, how many of us send more than 400 emails a month?

---

The problem is you don't need an email account to send email. I have sent email with nothing but telnet and an SMTP server. SMTP is what delivers the mail so you can't limit it there and the sending of email is completely uncontrolled. It is a major flaw in the system itself. No way to fix it except for designing a new system which would break all existing programs :)

The other major problem is that people actually respond to spam. Granted it may ony be 0.25% of those who recieve it but if you are sending out a million messages a day and get a 1% response rate with an average purchase of, say, $10 then you have made yourself $25,000 in a day. Not too shabby.

---

A member of The Knights Who Say NI!
For rankings, history graphs and more, check out:
My BOINC stats site

>
> Your address can even is a new one which you collected from your ISP today.
> And the minute it is active, can start receiving spam email. I'm sure you are
> going to ask, "How is that possible?". Well, spammers use many technics to get
> email addresses. And one is "username" generator. Example, they know of a
> domain, like say aol.com. So the program they use will try dictionary words as
> username@aol.com. They don't have to all correct. They can bounce for all the
> spammer cares, because his return address is fake anyway. This technic can
> return maybe 50-70% sucess rate. If you check the email headers, you can see
> this technic being used. You will see they this same email has also being cc
> copied to other people using the same username but with numbers behind, like
> username1 or username1958.
>

well, that was my point, and confirmed by others here, somehow, the person(s) behind this WAMU scam have gotten the seti list. the address they got is at my personal domain. absolutly anything sent to @{thatdomain}.com will get forward over to my main addresses. Therefore this wasn't a random or dictionary search. and thankfully no one has ever done that to my domain - i would have to take legal action..or something.

again, no blame being placed anywhere, just a heads up.

---

S@h Berkeley's Staff Friends Club

> >
> > Your address can even is a new one which you collected from your ISP
> today.
> > And the minute it is active, can start receiving spam email. I'm sure you
> are
> > going to ask, "How is that possible?". Well, spammers use many technics
> to get
> > email addresses. And one is "username" generator. Example, they know of
> a
> > domain, like say aol.com. So the program they use will try dictionary
> words as
> > username@aol.com. They don't have to all correct. They can bounce for all
> the
> > spammer cares, because his return address is fake anyway. This technic
> can
> > return maybe 50-70% sucess rate. If you check the email headers, you can
> see
> > this technic being used. You will see they this same email has also being
> cc
> > copied to other people using the same username but with numbers behind,
> like
> > username1 or username1958.
> >
>
> well, that was my point, and confirmed by others here, somehow, the person(s)
> behind this WAMU scam have gotten the seti list. the address they got is at my
> personal domain. absolutly anything sent to @{thatdomain}.com will get forward
> over to my main addresses. Therefore this wasn't a random or dictionary
> search. and thankfully no one has ever done that to my domain - i would have
> to take legal action..or something.
>
> again, no blame being placed anywhere, just a heads up.
>
>
I have a number of domains with a few 'actual' e-mail addresses in use, and with catch-all e-mail addresses incase somebody does a typo. I get sent junk e-mail to all sorts of people at my domains that do not exist. These are random peoples names, and random combinations of letters and numbers etc.. Also I think some people enter false e-mail addresses in some forms etc..

A domain is on public record so it is no problem to find it, and then start spamming e-mail addresses at it.

Dunc

---

Dunc is right. All domain information is publicly available and it's not hard to find that out - especially if you have the resources available to you that spammers most likely have. Sounds like this is just a case of bad luck that they caught up to you. Sorry to hear about it, and best of luck dealing with it.

---

<br><img src="http://www.boincstats.com/stats/banner.php?cpid=aadc795585d9c7d1e719648a8cfd7007">
<a href="http://clintcollins.org">www.clintcollins.org</a> - spouting off at the speed of site

> Dunc is right.

oh i know, as always :) i lost my hacking-type skills a decade ago.

and yes, anyone here with 2 seconds of time can find my domain. i don't keep it very secret. and the registration info on it and arin's owner ip, yes, EXTREMELY simple *smiles*

but thankfully i haven't had anyone spam the catchall addresses, there are a few that get spammed horribly - you can learn interesting things that way. everywhere i signup for something i use a specific address for that place - i then found out that when i gave eckerd an email for my prescription refill that they sold my address - and lost my business forever.

but spamming my domain would not be cost effective since i am the only user there, and if it happens enough, gets the first step of a legal response (again thankfully, it has never had to go beyond that).

---

S@h Berkeley's Staff Friends Club

> >....
>
>
> Your address can even is a new one which you collected from your ISP today.
> And the minute it is active, can start receiving spam email. I'm sure you are
> going to ask, "How is that possible?".
>....
>

I have had one new e-mail address for 7 weeks and a different new one for about 3 or 4 weeks. One from my ISP, the other, an online e-mail. To date, neither has had a single piece of spam sent to it.

L8R....

---

My Time: Saturday, 22 January 2005 - 09:56 AM --800 (Pacific Standard Time)

---

CAPT Siran d'Vel'nahr - L L & P _\\//
Winders 11 OS? "What a piece of junk!" - L. Skywalker
"Logic is the cement of our civilization with which we ascend from chaos using reason as our guide." - T'Plana-hath

>
> I have had one new e-mail address for 7 weeks and a different new one for
> about 3 or 4 weeks. One from my ISP, the other, an online e-mail. To date,
> neither has had a single piece of spam sent to it.
>
> L8R....
>
> ---
>
> My Time: Saturday, 22 January 2005 - 09:56 AM --800 (Pacific Standard Time)
>
>
Quite a lot of ISPs and online e-mail accounts have built in spam blockers which block known spammers. When it is your own domain the level of spam protection is not always as good. Some domain hosting companies provide this service, not all do. Therefore with your own domain you usually get a lot more spam!

Dunc

---