Educause Security Discussion mailing list archives
Re: Pointless email spam
From: "Scherck, Daniel" <scherckd () EVERGREEN EDU>
Date: Mon, 15 Apr 2013 17:14:42 +0000
AFAIK there are three potential uses for these types of spam: 1. Hidden images - If it's HTML it may contain a hidden image that causes your computer to contact a remote server upon reading it. This can be a vector for malware, or even just verifying that they got a hit. 2. Verify good emails via reply - Sometimes people reply to ask what the heck, and thereby verify that they are a good email address. 3. Spam Filter overload - Sometimes they just try to overload your filters with a bunch of nonsense, so that you end up trying to filter out all kinds of things, and increase your false-positives count. If they can get that high enough, they may force the admins to relax / rollback the filtering due to user outrage. Kind of a roundabout way of doing it, but I have heard of that being one of their methods. Dan Scherck The Evergreen State College From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Heath Barnhart Sent: Monday, April 15, 2013 10:09 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Pointless email spam A probe maybe? The messages don't contain anything a filter would jump on, like images or links. Just some random text. I'm not as familiar with SMTP headers as I probably should be, but would the response headers from a successful transaction glean any information about the receiving mail system? Heath Barnhart, CCNA ITS Network Administrator Washburn University Topeka, KS On 04/15/2013 10:46 AM, Dennis Bohn wrote: We have been seeing these sort-of literary ones, like your sample #2. No idea what purpose. best, Dennis Bohn Manager of Network and Systems Adelphi University bohn () adelphi edu<mailto:bohn () adelphi edu> 5168773327 On Mon, Apr 15, 2013 at 7:34 AM, Gary Warner <gar () cis uab edu<mailto:gar () cis uab edu>> wrote: Are other schools seeing a big uptick in "no purpose" spam messages? Wondering if this is an enormous email address list cleanse/harvest? or what other motives anyone might theorize on this? Here are three sample email bodies. No attachment, no links. Can't PROVE they are related, just coincidence of timing and pointlessness. ++++++++++++++++++++ (received from myschoolemail.net<http://myschoolemail.net> 173.246.104.97<tel:173.246.104.97>) (from: hilda.barrett () myschoolemail net<mailto:hilda.barrett () myschoolemail net>) Denise, I wanted to know if you understand that you can't come to the super deli next Friday. Cheers, H. ++++++++++++++++++++ (envelope from waggishy08 () acm org<mailto:waggishy08 () acm org>) (x-sender: ultrasug9 () gil com au<mailto:ultrasug9 () gil com au>) (X-PHP-Script indicates it was sent via "afes.com/sendmail.php<http://afes.com/sendmail.php>" at request of 186.87.28.58) (Return-Path: suicidaloa53 () afes com<mailto:suicidaloa53 () afes com>) CHAPTER XLI, Nor from ME, neither. Why HE? I stopped. +++++++++++++++++++++ (received from heattreatmentchina.ru<http://heattreatmentchina.ru> (37.255.60.4) (from: stonehengeqq40 () trinity edu<mailto:stonehengeqq40 () trinity edu>) Bofe un you claims it, But we didnt wait. So Tom was satisfied. ++++++++++++++++++++++ ---------------------------------------------------------- Gary Warner Director of Research in Computer Forensics The University of Alabama at Birmingham Center for Information Assurance and Joint Forensics Research 205.422.2113<tel:205.422.2113> gar () cis uab edu<mailto:gar () cis uab edu> -----------------------------------------------------------
Current thread:
- Pointless email spam Gary Warner (Apr 15)
- Re: Pointless email spam Roger A Safian (Apr 15)
- Re: Pointless email spam Dennis Bohn (Apr 15)
- Re: Pointless email spam Heath Barnhart (Apr 15)
- Re: Pointless email spam Scherck, Daniel (Apr 15)
- Re: Pointless email spam Curtis McNay (Apr 17)
- Re: Pointless email spam Heath Barnhart (Apr 15)
- Re: Pointless email spam Gade, Werner (Apr 15)
- Re: Pointless email spam Jacobson, Dick (Apr 15)
- Re: Pointless email spam Bob Bayn (Apr 15)
- Re: Pointless email spam Jeff Firestone (Apr 16)
- Re: Pointless email spam Jacobson, Dick (Apr 15)