Several of the email groups I read have recently been hit with bouts of spam. No, not the kind that comes in a can that you buy in the grocery; the type that arrives in your email inbox and can carry all sorts of nastiness with it.
What was unsettling about these recent bouts were that they all came from members of the list. A number of the lists members were concerned that their ISP accounts had been hacked. While that is always a possibility, especially with hack groups targeting the larger application as a service providers, Google, Yahoo, Hotmail and others, it was more likely that the user’s email address was hijacked, rather than the account itself being broken into.
Spammers love valid e-mail addresses. One way that they gather valid email addresses is sit in groups like the ones I receive and harvest valid addresses. The larger the groups, the more addresses they get. They also launch spiders onto the web to read web pages and gather the contact addresses of webmasters and the like. It’s a big reason why you see more and more sites using fill in the blank web forms to contact the owners/support staff rather than just a simple email address.
Once a spammer gets your address, they use a simple mailing program to launch mail out into the internet. Electronic mail is not secure, so there is no checking to ensure that the address the spammer is using actually belongs to him or her. As long as it’s a valid format it flies down the wires just like normal mail into the recipient’s mailbox.
The spammer is hoping that if the recipient sees an address they are familiar with, they are more likely to open the message, click on the link or open the attachment. Sometimes that will get you an advertisement to make a body part larger, or for cheap drugs from Canada or Mexico. A lot of times now that link or attachment will compromise your computer, connecting you to a botnet or worst.
Protection isn’t that hard, but you do have to be vigilant. If you don’t have an anti-virus product on your computers, get one. Scan your machine on a regular basis, once a week at least. Good AV programs have a scheduler for this that will kick off a scan during your down hours. Your Internet Service Provider may have excellent software from brand name providers available as part of your subscription to their service. Check out the ISP’s website for more information.
Look at the email you’re receiving. If it looks suspicious, hit the delete key. If sweet Auntie May is sending you a link for a drug that supposed to make body parts that neither of you have, BIGGER STRONGER AND LAST LONGER hit the delete key. If hubbie/boyfriend/guy next door is sending you an attachment that promises “hunky guys and beautiful beach babes for your wallpaper” Do Not Touch the attachment. Hit the delete key.
The bottom line on all of this is, get protected, use the protection and if it’s unexpected, be suspicious.
Practice safe hex, it’s a dangerous world online.