Jump to content

Spam from Scouter.com . . . and yes, I can prove it!


Recommended Posts

Actually, that title is a bit misleading, but only a tiny bit.

 

I cannot prove that Scouter.com is DOING the spamming; only that they provided the email addresses to the spammers.

 

How could I possibly prove that?

 

By using a totally unique email address that has ONLY been given to Scouter.com, and never used or published any other way. The address is sufficiently unique so that there is NO chance of a spammer randomly, or accidentally stumbling across it. There's a little more to it than that, but the bottom line is . . . Scouter.com's sysadmins are feeding spam into my inbox, and probably into you yours as well.

 

And, it's not just me, either. McAfee's SiteAdvisor service flags Scouter.com as a suspect domain, due to the results of their automated (and anonymous) testing:

http://www.siteadvisor.com/sites/scouter.com

 

I'd like to know why!

 

After all, a "Scout is trustworthy" and spamming is not.

 

GaHillBilly

Link to comment
Share on other sites

That only happens when the address is guess-able or randomly testable. Spammers broadcast to millions of possible addresses, and note which ones do not "bounce".

 

For example, "johnsmith AT aol.com" will be spammed, even if it's never published. So will "SamanthaTurner AT aol.com". But, "GustavusTurnipseed AT aol.com" probably will not, because it's too uncommon.

 

And, "QWEVsd23AXXdfj2sx AT aol.com" will never be spammed, unless it's published.

 

There's another way this applies, too. "johnsmith@somewierddomain.com" will might be test-spammed, shortly after the domain is registered (I checked - it's currently available), but not "SamanthaTurner@somewierddomain.com"

 

In my case, the email address I used to register is something like "MailfromScouter.com@somewierddomain.com", but at a domain I actually control. It's not impossible for such an address to be test-spammed, but the likelihood is lower than your chance of being hit by lightning twice in one day!

 

So, yes, my experiment is conclusive!

 

 

GaHillBilly(This message has been edited by GaHillBilly)

Link to comment
Share on other sites

Did you list your unit in the net roster? If you put an e-mail address in there, it will be searchable by spambots.

 

I used an e-mail address there that is not used anywhere else in machine readable form, and I've been getting spam that I never got before I listed it. After I added my unit, I realized that the address was openly readable, but I couldn't figure out how to edit my listing and remove it.

 

Link to comment
Share on other sites

I'm sorry, but you're theory is working under false assumptions. Relying on obfuscation is no guarantee of preventing randomly generated spam. Once email harvesters find a domain with a working MX entry, they will find a way to discover valid email addresses on the domain.(This message has been edited by nolesrule)

Link to comment
Share on other sites

I'm sorry, but you're theory is working under false assumptions. Relying on obfuscation is no guarantee of preventing randomly generated spam. Once email harvesters find a domain with a working MX entry, they will find a way to discover valid email addresses on the domain.

 

Well, I'm not that sorry, but you are the one with false assumptions.

 

I know what the mail-bombings from random email address searches look like, and have seen them on some of my better known domains. While it's true that a random address search might not be visible to all owners of wierd and random email addresses, it's also true that such searches will be HIGHLY VISIBLE to an admin who owns ALL of the random addresses associated with a given MX.

 

I'm just such an admin. And, the spam using Scouter.com sourced info is not random, but targeted.

 

And, if you'll take the time to check, you can verify that there are problems SiteAdvisor has ID'd that have absolutely nothing to do with me. There's also other evidence, I'm not ready to share.

 

Also, I've never enabled ANY profile info, nor listed any unit info.

 

So, again I'm asking why Scouter.com is (a) spamming me, or (b) letting someone else do so?

 

GaHillBilly

 

 

Link to comment
Share on other sites

Another possiblility that you have failed to consider is a security vulnerability in the forum/registration software, which may or may not be scouter.com's fault.

 

Never attribute to maliciousness what can be caused by incompetence.(This message has been edited by nolesrule)

Link to comment
Share on other sites

I didn't attribute maliciousness. I only described what was happening. And as a sysadmin myself, I'm well aware that there may be a security problem.

 

But, if there's been a security breach, there's also a duty to inform. And, if there's been a security breach that they don't yet know about, they need to start looking, post-haste!

 

So, yet again, why is this spam happening?

 

GaHillBilly

Link to comment
Share on other sites

Guest OldGreyEagle

Hey, I resemble that comment

 

besides I am more of a Python Spamophile

 

Spam spam spam spam. Lovely spam! Wonderful spam! Spam spa-a-a-a-a-am spam spa-a-a-a-a-am spam. Lovely spam! Lovely spam! Lovely spam! Lovely spam! Lovely spam! Spam spam spam spam!

Link to comment
Share on other sites

  • Administrators

For the record, we have not provided any email addresses to any third party. More than two years ago (before GaHillBilly registered) we did make our lists available for very rare mailings from specific advertisers. And I would certainly do so again (though frankly don't have the time to bother) if I thought a good advertiser had a good product that would be of interests. Though if we ever DID resume renting our registration list, it would be under similar terms we followed years ago.

 

Whatever "message" you received GAHillBilly was not a result of us providing your address to anyone. As for the McCafee report... it shows after registering for free web hosting on our site, it received an average of 1.1 messages a month (including the "Welcome to free web hosting" message we sent to confirm account creation.

 

If you think there's a security flaw, I'm happy to listen. But if all you want to do is rant about a random spam message ending up in your mailbox, I'd offer you a job filtering one of the 1,500 such messages I received every day, and assure you that SCOUTER had nothing to do with sending you a message. ;-)

 

 

 

 

TERRY HOWERTON

 

Link to comment
Share on other sites

"And, "QWEVsd23AXXdfj2sx AT aol.com" will never be spammed, unless it's published."

 

Nahhhhhh. They don't do addresses that make sense. They star with A then B and so on and so on and eventually they get to Zasrbedsm12832782@aol.com"

 

I have about 20 email addresses including ones that I use only to send mail to myself, even those eventually get some spam.

 

 

Link to comment
Share on other sites

SCOUTER-Terry, PM me, and I'll show you the raw headers from the emails I've received. I think the problem will be clear when I do so.

 

If you are not providing email addresses to others, then someone has gained access to your user info.

 

Sincerely,

 

GaHillBilly

 

PS: the domain associated with the address used to register here receives less than 30 total spams per month.

 

EDITED ADDITION: Scouter-Terry, if you'll look at the source addresses SiteAdvisor reports:

Your New Web Hosting Account at SCOUTER.com

inf...@scouter.com 2008 May

 

Dear Friend,

sof...@hotmail.com 2008 June

 

Dear Friend,

ain...@hotmail.com 2008 June

 

Dear Friend,

pai...@hotmail.com 2008 July

 

Dear Sir/Lady:

uli...@hotmail.com 2008 August

 

you can see that some of these emails are NOT notification emails from Scouter.com. Actually, the dates, source and greeting are consistent with the spams I've received.(This message has been edited by GaHillBilly)

Link to comment
Share on other sites

Goldwinger, you posted before you did the math. If you've been spammed on an address like "Zasrbedsm12832782@aol.com", it did NOT happen randomly. Either you exposed that address somewhere, or someone you gave it to did so.

 

In order to randomly spam an address like that, the spammer would have to walk through each possible address. The NUMERIC portion of that address allows for 100 million possible variations. But the ALPHABETIC portion allows for over 5 QUADRILLION variations. If a spammer started spamming in 1974, when Intel's 8080 cpu was released, and was able to spam at the rate of 1,000,000 emails per second (which is STILL not an possible sustained rate for spammers!), your spammer would get around to the "Z" addresses, like yours after about 16 QUADRILLION years from now.

 

Given that our sun will become a red giant some 5 BILLION years from now, I don't think you need to worry about being RANDOMLY spammed on an address like you posted.

 

So . . . NO, you have not been randomly spammed on such addresses. Either you screwed up, or someone else did.

 

For the record, I caught Wells-Fargo Bank in a security mess about 6 years ago, precisely this way. When their VP-InfoSystems called (Their repeated denials had gotten me pretty PO'd at that point, and I had threatened to pass info on to a couple of IT industry trade magazines) he acknowledged the problem, but wouldn't say what it was. But, I suspect it was an IT employee supplementing his income by selling addresses. Over the years, I've caught 4 other companies, from large to small, with similar problems! One employee ended up in prison, because he was selling more than email addresses.

 

GaHillBilly.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...