Maybe you have not noticed an increase in e-mail spam over the last week or two because you get so much of it under normal circumstances, but I can tell you that there has been a virtual storm of e-mail spam going on.
I can always tell when this happens because a few spam messages manage to reach my e-mail in-box, which is unusual. My ISP actually does a very good job filtering spam and I don’t get much of it at all. Maybe one every few days under normal circumstances, but lately I have been getting about 10 per day and that tells me something is going on.
Sure enough, I just read an article that confirms my suspicions. A major spam-sending operation was launched by Russian hackers recently and unless you are using white-listing (more on that later) or just happen to be very fortunate, you have been on the receiving end of some of this penny stock or “male enhancement” spam.
I was simply amazed to read some of the details of this effort that has been uncovered by researchers. The spam “industry” is huge and they are using the very latest techniques to defeat anti-spam filters and get their messages into millions of e-mail in-boxes around the world.
What makes these spammers so effective is their use of bot nets. These bot nets are groups of computers from all over the world that have been hijacked by these spam-sending hackers.
Bot nets are created when internet users manage to somehow download a program that has a hidden payload in it that installs special remote-control software on their computer. This software runs quietly in the background whenever the user turns on their computer and allows the hackers to make all the infected computers carry out specific tasks while the computer’s owners remain blissfully aware of what’s going on.
You can probably guess what these hackers are doing with all the computers in their bot nets that they have control of. Yes, sending billions of spam messages for one thing!
Some of the numbers I read about in this article were just amazing. It claims that the hackers have control of about 70,000 computers that are members of their various bot nets. Most, or all, of these compromised computers are PC’s that have Microsoft Windows installed.
Amazingly, some of the remote control software that is downloaded by unsuspecting computer users comes with it’s own anti-virus program which it uses to remove other nasty programs that might compete with it!
Most of the spam I have been receiving lately is of the “male enhancement” variety, although I did see at least one penny stock spam message as well. What’s interesting about this is another technique these sophisticated hackers are using to harvest names for their mailing lists.
They have managed to break into a number of web sites that host information and forums related to investing. Once they break in, they steal lists of users with e-mail addresses and then use those e-mail addresses as targets for their penny stock spam messages! They are actually doing market “research” in order to better target the people they want to reach!
And here’s the part that really set off the light bulb above my rather dense noggin: The bot net remote control software also scours the contents of every PC it is installed on and ferrets out e-mail addresses to send back to the hackers that control the bot net!
I’ve just recently begun to suspect that there is virtually no way to avoid spam and this confirms it! You can have the most closely-guarded e-mail address in the world and never enter it in on any website anywhere, ever. However, all you need to do is have a contact out there somewhere who knows your e-mail address and ends up with a nasty program on their PC and there goes your e-mail address into the hands of the spammers!
This kind of thing has actually happened to me. I have created e-mail addresses with the idea of keeping them spam-free. Even when I use the address sparingly to communicate with just a few people and never enter it on any web site anywhere, I always end up getting spam sent to it after a while. It never fails and it was driving me crazy trying to figure out how it happened. Now I know.
OK, you may have noticed that I said that there was “virtually” no way to avoid spam. I left a little loophole there because there actually is a way to avoid it with almost 100% certainty. It’s called “white-listing,” and it is a method I will be returning to very soon.
When I had an account with Mindsping (now called EarthLink) back in the dial-up days, the e-mail accounts that they provided included a white-listing feature and it worked fabulously and was never defeated by the spammers. Ever.
A white list is a list of e-mail addresses that you are willing to accept e-mail messages from. When an e-mail message arrives in your in-box it is compared to your white-list and if that address is not on your white list, it is rejected and you never see it. I simply loved it because it meant no spam.
It is a bit of a pain to have to add the e-mail address of everyone you ever want to receive e-mail from to your list, but for me it is worth it. That’s how much I hate spam.
I have not used white-listing for a while now since my ISP has not offered it and I have not taken the time to look for alternative solutions. With my ISP now being taken over by another one, I may have the opportunity to use white-listing once again since I have heard that it is a feature that my new ISP offers to their customers.
The biggest problem I see with white-listing is when I visit a web site and want to make a purchase or sign up for a newsletter or something. Since you usually don’t know the e-mail address of the sender, you will not be able to white list their address in order to receive any messages from them.
Here’s how I plan to handle it: I will set up a “dummy” e-mail account for use when I purchase something from a web site or want to sign up for a newsletter. When I receive the first e-mail message in my dummy account, I will then know the e-mail address of the sender which I will add the the white list of my “real” e-mail account.
I will then log into the web site where I purchased something or signed up for a newsletter and change my e-mail address to reflect my real e-mail address that is protected by the white list.
When my dummy account receives it’s very first spam message, it gets deleted and I then create a brand-new dummy account to use.
Yeah, sounds like it might be a pain, but for me it will be worth it. If only for the feeling I get from truly defeating the spammers! Did I mention that I really hate spam?
These bot nets are the weapons that are allowing the spammers to be so effective these days and somebody must figure out a way to stop them from building these bot nets. It’s got to me something Microsoft is working on. Let’s hope so anyway!
Is your PC a slave in a bot net? Unless you are quite computer savvy and know exactly what’s running on your PC at all times, the answer could very well be “yes.”
Here are a few tips to avoid having your PC become part of a bot net:
Get the latest anti-virus and firewall software and install it.
Don’t download software from sites you don’t trust. A lot of this stuff gets onto people’s PC’s when they download free programs that are offered on various web sites. Things like free screen savers, free backgrounds and free games.
Make sure your PC has all the latest updates from Microsoft installed.
The last thing I want to do here is make people afraid to use the internet. Especially when it comes to buying stuff online. Heck, I have a site or two where I sell things and I sure don’t want to make people think they cannot purchase things online!
You are certainly not going to get any nasty software by making a purchase on Amazon.com or any other well-known site. Trust your gut. If a site seems suspicious, stay away.
There are new services popping up on the net now that monitor various web sites for nasty stuff. You can go to these sites and type in the name of the site you want to check out for a report on whether or not the site seems harmful or not. Here is one you might want to check out (it’s free to use):
More resources like this should be popping up on the net as the fight against spammers and hackers continues. Please do what you can to prevent becoming a victim of these scumbags and follow the tips I provided above. If we all do our part, maybe we can prevent the low-life from ruining the internet for the rest of us.
Leave a Reply