Monday the 13th. October, 2008. I get into work and my boss calls me wondering why there are some many emails flooding his Inbox informing him that the emails he has sent can't be delivered to the recipient. I take a look at his screen via mRemote and UltraVNC to check out what he's talking about. WOW! He's receiving dozens of emails per minute.
I call an IT consulting company to see if they know what is going on. I send them some emails that my boss is receiving and wait for their answer, which I think I know but want a confirmation from an outside source.
A spammer had gotten a hold of my boss's email address and was using it as the "from" address in all his spams. Of course a ton of the spammer's "to" addresses are bogus due to directory harvesting and are bounced back to the sender...MY BOSS.
How did this happen?
There is more than one reason for this. I will explain 2 of them that are relevant to my boss and his company.
Spammers need legitimate email addresses. One way to get good email addresses in large amounts is to hack a site that allows a person to subscribe to a newsletter. There's tons of good email addresses in those databases which can be as simple as a text file.
Another great way to get a good email address is to post code in your web site such as "mailto:email-address". Spammers run custom software called crawlers to search web sites for such code and glean the email addresses found therein. This can happen when you decide to ignore the IT Guy for several years to change your web site to NOT have this code because he knows about crawlers and what can happen with your email address.
So how did we stop the emails from coming in?
We did nothing. Absolutely nothing. See, spammers know that the emails they send out will be blocked or put on a custom blacklist by the recipient's spam filters. So they don't use them for long. By the end of the day the barrage of emails had stopped.
No comments:
Post a Comment