A while back, there were some big takedowns of a couple very large spam sources, which caused an enormous drop in the amount of spam worldwide. It appears that other parties have recently picked up the slack.
There has been a marked increase in the amount of email spam firing around over the last week or two. I’ve been seeing a few hundred showing up in my filters daily, and the number seems to be growing. There are a couple of things that can be done to protect yourself and others.
Luckily, these new attempts are pretty clumsy (eg emails claiming to be from MySpace containing warnings about bank accounts), but these new spammers won’t stay clumsy forever.
Also, because so many people are depending more on “private” messaging services (Facebook, Skype, etc), and/or have got new devices that use mail apps with limited or hard-to-find controls, a lot of folks simply aren’t aware of what spam is and how to deal with it.
There are lots and lot of resources on the Weebs to help you find out if a message is spam. Here’s an old one that is still pretty good, and here is one more with more detail and a charmingly naive opening sentence. I recommend you learn more about this stuff, but the most basic way to protect yourself is simply not click on anything–either a link or an attachment–unless you know FOR SURE that it is OK. This applies even if the message has made it past your spam filters. You can always send a reply to whomever sent you the message and ask if it is legit.
Oh, and spam occurs–and usually looks similar, on all them fancy chip jewelries you kids spend all day rubbing as well.
A quick and simple way to identify spam is copy a couple of sentences from the message and then paste them into a Google search, surrounded by quotes. It doesn’t always work, but if the spam has been around for a day or two, you’ll usually see search results about it. This also works quite well with heartwarming stories and pithy quotes that have political overtones, talk about “a local [profession]” or use the term “studies have shown” but don’t cite any ACTUAL studies.
Some basic mail account maintenance would also go a long way in slowing this stuff down.
A lot of people have moved to newer email providers (Gmail being the most common) over the last two or three years, and just abandoned their old accounts without emptying or deleting them. This provides a great hunting ground for bad guys, because:
- Those old addresses still seem legit to the people who used to receive mail from them
- A lot of those old accounts were started back before people learned to use stronger passwords
- Those old accounts are full of email addresses that are probably exploitable as well
If you have old accounts out there that you no longer use–especially if they are web mail accounts (like yahoo.com or whatever MS is calling hotmail this week), please take a moment to shut them down.
If the mail provider is foolish enough NOT to provide means to delete your old account, you can do the following:
- Log into the old account
- Send a message to all your contacts telling them that you are no longer using that address, won’t be receiving messages sent to it, and that they are free to block it.
You should probably include something that makes it obvious that you are you, such as your current email address, in case they have questions.
- Delete everything in the account, including all sent messages and especially all contact/address book entries.
- When you are sure that you will never need to get back into the account, reset the password to a very long string of gibberish with capital letters and numbers. At that point, you can just mash the keys at random, using caps and numbers and stuff, and make as long a password as the thing will accept.
Spamming asshats will always be with us, but we don’t have to make it easy for them.