Spam

[BigShed]

It appears that the IAP email address database has been used to send the following spam email, apparently from DCBluesman's (Lou Metcalf) Hotmail email address:

Dear sirs
Place you into my website mydosell.com we offer brand-name electronics at deep discounts and come with manufacturer warranties. Computers, Televisions, Call Phones, MP3/MP4 Players, Digital Cameras, Camcorders, Video Games Consoles, GPS and Motorcycles, most items are sold at wholesale prices, you will find lots of great bargains here. And we have a sales promotion from now on, buy more, save more and get more! When you have time, welcome to visit our website get more information. Thanks.Contact us through the following ways:
Website: www.mydosell.com
We look forward to your favourable and prompt reply.
Yours Faithfully,
Mail : mydesell@vip.188.com
MSN : mydosell@hotmail.com

 

[alphageek]

Me too... I don't know what it means, but I thought I'd comment to help trace it down.

 

[BigShed]

I did some further checking through my emails and I received a very similar spam email from Lou's hotmail account on 28 May 2008:frown:

You definitely have a problem here Lou.

 

[alphageek]

I did some further checking through my emails and I received a very similar spam email from Lou's hotmail account on 28 May 2008:frown:

You definitely have a problem here Lou.

And if you don't have a problem --- if you use this address for mailing, unfortunately it may get caught by spam filters now due to this.

 

[DCBluesman]

Yes, my account was spoofed, however, the IAP database was not hacked...just my directory. It has been taken care of at this point. Dang the b@st@rds!

 

[bitshird]

Bummer, I just replied to Lou's Hotmail address this morning. I guess we'll see how good my spam assassin works.

 

[BigShed]

Yes, my account was spoofed, however, the IAP database was not hacked...just my directory. It has been taken care of at this point. Dang the b@st@rds!

Not so sure about that Lou, prior to the 28thMay 2008 we had not exchanged emails, yet I got that spam email from your hotmail address, so that one could only have been obtained out of the IAP members database.

 

[DCBluesman]

Ken - You replied last night. And yes, I got it! And Fred, I would LOVE to think this is not my fault!

 

[BigShed]

Ken - You replied last night. And yes, I got it! And Fred, I would LOVE to think this is not my fault!

Lou, I don't think this is about whose fault it is, I think we are all vulnerable to a spam attack.

I think it is more about learning from past attacks and where the attacker got his/her information from.

I was merely pointing out that it appears the email addresses were obtained from the IAP members database, not pointing the finger of blame at either Lou Metcalfe or IAP.

As this has now happened twice in 1 year, and the source is a combination of Lou Metcalfe and IAP, I think it would be a good idea to put our collective thinking caps on and see how this can be avoided in the future, not being in denial.

 

[skywizzard]

Interesting, Lou has my email in his files, but I never received any of the spams. I even logged onto my domain email server to look in the "deep six" file there, I never see those on my computer unless I specifically look on my domain server site. Nothing....

 

[maxwell_smart007]

I used to eat spam all the time...with mustard on white bread. My favourite part was opening the can, then scraping off all of the white fat! MMMMmmm!


(oh, you all are talking about EMAIL spam...) :biggrin:

 

[Darley]

I receive the same email Fred it as been send today " Thu 4/06/2009 1:42 AM " but I know that Lou doen't sell push bike :biggrin: Lou check your security and firewall no harm on my side, just don't click on the web site link as it will show ( to the hacker ) that your email address is active.

 

[wolftat]

Come on everyone, let's dog pile on Lou for something he has no control over. Get the ropes, find the tree. This could be fun. We will ask questions later.:biggrin:

Disclaimer: This is meant as an attempt at humor, please do not pile on Lou or hang him for this.

 

[jeff]

The logs don't indicate any unusual activity.

I think if the DB had been compromised there'd be a lot more spam flying around than from just Lou's address.

 

[pipecrafter]

This is what's called a "joe job". The spammers use a fake email address, harvested from the address book of someone with a compromised computer, so that there's no direct link back to the spammers.

You can rest assured that it most certainly wasn't Lou sending the spam, and that the IAP database wasn't hacked. I can say with 100% certainty that the actual situation is that someone with a bunch of IAP member emails has been infected with a virus, and that virus has harvested that person's email address book and shared it with the spammers via a few thousand other virus-infected computers. This is very common, and is the SOP for spammers these days. They use the address book both for fake "from" addresses, as well as the addresses to send to.

The technical description gets pretty deep, and I've left out some big chunks of the process. If you want to know more about how this actually happens, feel free to PM me.

 

[GoodTurns]

I'm sure it wasn't Lou cause he talk much gooder then the spamer!