Category: "Spammers"

11/16/14

  23:51:00 by Joe, Categories: General, Spammers , Tags: namecheap, registrar, spam

For a few years, I have been registering my domains with Namecheap, a reseller of eNom.
I came to them from GoDaddy, back when GoDaddy supported the SOPA/PIPA legislation in the US Congress, which would have crippled the Internet. Namecheap was an outspoken opponent of that legislation.
Until a few months ago, I was pretty happy with Namecheap.

But then...
Starting about 2 months back, a significant amount of spam made it through my spam filters. There were a few common threads to that spam, mainly non-sensical headers that the spam filter had a hard time associating with spam.
The other common thread was that pretty much all this spam referenced websites hosted and administered by Namecheap, in particular their namecheaphosting.com domain.
I reported the spam that made it through my filters to Namecheap, through Spamcop. However, nothing happened. The spam kept coming.
I complained on Namecheap's Twitter and Facebook accounts.

And then something actually DID happen: Namecheap blocked me from their Facebook account.
That made clear that Namecheap is now a supporter of spam. They have turned to the dark side.
Time to find another registrar.

Update, 11/17: Posting a link to this blog post on Twitter certainly got somebody's attention at Namecheap.
Lets hope they improve their actions on spam reports. I've reported 15 or so spam mails to them just this morning. And these were only the spam mails that made it through my filters...

Update, 11/18: So far, nothing has changed. Except that Namecheap's Twitter person has gone silent. So, a reaction similar to their Facebook account.
In other words, an acknowledgement that they indeed support spammers, are in bed with spammers, profit from spammers and don't want to lose that unethical income.

Update 12/4: I have now initiated the transfer of my domain registrations to French registrar Gandi.net.

Update 12/10: All my domains are now transferred out of Namecheap. This spam-supporter doesn't get any money from me anymore.
It isn't surprising that Namecheap did not allow expediting some of the transfers out, but just waited out the default time. Bad customer service to the end.

Last Update, 1/2/2015: The spam with the spamvertised domains registered through Namecheap continues, but the spam filters have caught up with it, so it at least doesn't litter my inbox with this filth.
My last remaining tie to this spam-supporting organization is now cut: The SSL wildcard certificate for this domain that I bought through Namecheap expired today, and I got a new one somewhere else.
Good riddance. May Namecheap rot in hell!

Another update, 4/7/2015: It seems that these spammers have now asked Spamcop to no longer send spam reports to them. They obviously got inundated with reports, and want to just spam people without the constant reminder of them being the scum of the earth. Disgusting spammers! They are the lowest lifeform on Earth.

02/06/13

  20:36:00 by Joe, Categories: General, Spammers

Symantec and Microsoft killed another spam Botnet.
That explains why my weekly received spam count went from over 600 to 100 in the last 2 weeks...
I suspected a shutdown of some botnet. This is the confirmation.
I have seen more blog spam recently, though, that's why I set this blog to require approval of comments.

Update: Unfortunately, my weekly spam count is slowly creeping back up, now at 250.

10/22/12

  19:11:00 by Joe, Categories: General, Spammers

Since I last wrote about Facebook's lack of an abuse address, there seems to have been a significant development.
Last Friday, yet another idiot signed up with the Brazilian Facebook site, and immediately went to send out friend requests to some 80 people. Facebook stopped access to that account on Sunday, as has become obvious by the fact that the person couldn't log in to his account anymore and asked for a password reset (all of this came to my domain, of course, so his password never got reset.)

Olá Gabriell,
Você solicitou a redefinição da sua senha do Facebook recentemente. Entre aqui para redefini-la: https://www.facebook.com/recover/code?[redacted]
Ou, você pode inserir o código de redefinição da senha a seguir: [redacted]

Translation via Google Translate:

Hello Gabriell,
You asked to reset your Facebook password lately. Go here to reset it: https://www.facebook.com/recover/code?[redacted]
Or, you can enter the password reset code below: [redacted]

So, being locked out of his account, this idiot creates a new FB account today.
This time, Facebook apparently required him to confirm registration before allowing him in:

Olá Gabriell,
Para concluir o processo de cadastro, clique no seguinte link:
http://s.fb.com/[redacted]
Pode ser que você seja solicitado a inserir este código de confirmação: [redacted]

Translation:

Hello Gabriell,
To complete the registration process, please click the following link:
http://s.fb.com/[redacted]
You may be prompted to enter this verification code: [redacted]

I have no idea why these idiots in Brazil think my domain is their playground...

Anyway, the barrage of friend emails for the fake account that my Procmail recipe dumped into FB's mailboxes seems to have had some effect.

Somebody may ask, why not just report the person through the Facebook website? The problem is that with 1 billion or so Facebook accounts, there are usually several people with the same name, sometimes 10 or more. Which one is the person with the fake account? That's why a way to report an email address is required, and a real abuse@ address would provide that, since the emails in question, including email addresses, can be reported that way.
I really hope that there are some people with a clue about the Internet employed at FB who can push for FB following established Internet practice.

Update: What I now do is to change the password on these accounts (the guys gave me the implicit permission to do that by using my email), and then I deactivate the accounts... Since I started that, there hasn't been any new such fake Facebook account with email addresses in my domain...

08/20/12

  18:55:00 by Joe, Categories: General, Spammers

Facebook doesn't like to receive emails.
They have an abuse@facebook.com address, but to actual abuse complaints, they respond with a completely idiotic boilerplate response:

Thanks for your email. We're streamlining how we receive feedback to be able to better assist you. The links below will take you to more information to help you solve and report your problem.

Common issues
[references to some Facebook pages]

What complete and utter BS about "streamlining." This is just a code word for "we don't want to hear from you", "we don't care about killing the Internet."
If the complaint doesn't fit into the "categories" of their unhelpful pages, they just ignore it.

In my case, there are some people on Facebook who use fake email addresses. For some reason, these idiots decided to use my domain name. So, whenever these idiots are getting a friend request, or some other insignificant event happened, Facebook sends the notifications to my domain. Since all email to my domain ends up in my inbox, I get flooded with this BS.
Some examples (in Portuguese, since these idiots use the Portuguese-language version of Facebook, they are probably from Brazil):

========================================
Confirmar solicitação
http://www.facebook.com/n/?reqs.php&type=1&fcode=[redacted]

Exibir todas as solicitações
http://www.facebook.com/n/?reqs.php&type=1[redacted]
========================================

Olá Jose Diogo,

Gilvaneide Cordeiro quer ser seu amigo no Facebook.
...

========================================
Localizar amigos
http://www.facebook.com/n/?find-friends%2Fbrowser%2F[redacted]

Ir para o Facebook
http://www.facebook.com/n/?home.php[redacted]
========================================

Olá Cristiellen,

Localize mais amigos.
...

I now have a Procmail recipe set up to send these turds back to every corporate Facebook email address I could find.
Still looking for more corporate FB addresses...

Update 9-6-2012: It seems as if I have gotten the attention of some Facebook people with a clue.
They still don't have a working abuse@ address, but at least they now seem to require email confirmation, and deny access if that's not forthcoming.
One of these emails (again in Portuguese):

Olá Cristiellen,

Você entrou no Facebook em 21 de Outubro de 2011, mas ainda não confirmou sua conta.

Para confirmar, basta clicar no link a seguir:
http://www.facebook.com/n/?confirmemail.php&[redacted]

E é isso! Após fazer isso, você terá acesso a todos os recursos do Facebook - comentários, compartilhamento de fotos, planejamento de eventos e mais.

Importante: a partir de hoje, você não conseguirá conectar-se a sua conta do Facebook sem concluir esta etapa.

The important part (fed through Google Translate):

Important: starting today, you can not connect to your Facebook account without completing this step.

And I got this kind of email even for a few email addresses that weren't on my radar, because they hadn't shown up in my inbox yet. FB didn't get any complaint about them from me yet, because they hadn't triggered my Procmail recipe. So, somebody at FB apparently is checking the email domains in their database.
About time that they fix this crap...
If FB personnel would actually contact me, I could give them a list of all the fake email addresses in my Procmail recipe.

07/22/11

  23:17:00 by Joe, Categories: Politics, Spammers , Tags: massachusetts, niki tsongas, spam

I have posted about this stupid Congressperson from Massachusetts before.
She is back at it again, sending her stupid political spam messages to somebody in California, when her district is on the other side of the country...
What an idiot. Why did the people in Massachusetts vote for such a clue-resistant person who obviously wasted money on some spammer list? :crazy:
And her website is equally stupid, not even allowing me to unsubscribe or send her any other email, since I am not in her district...
People in her district who are reading this are invited to send her a link to this blog entry...
It is mind-boggling that such an idiot spammer sits in Congress! XX(

The turd, with web-bugs removed:

If you are having trouble viewing this E-newsletter, please visit
[http://tsongas.congressnewsletter.net/mail/util.cfm?[redacted]] for the Web Version.
Congresswoman
Niki Tsongas, Serving the Fifth Congressional District of
Massachusetts

Dear Friends,

As I am sure you know, negotiations are ongoing
between President Obama and Congressional leaders on a meaningful
deficit reduction package. As part of the deficit reduction package, the
statutory debt limit, or amount of money the country can legally
borrow, would be increased so that the country can pay its bills. Should
Congress fail to increase the debt limit by August 2nd the country
would default on our debt.

I recently wrote a letter [link 1] to
President Barack Obama outlining my priorities for legislation that would
raise the debt ceiling and which would be accompanied by a larger
deficit reduction package. I would also like to get your perspective on
the debt limit issue and hope that you will take a moment to weigh in
below.

Also, please feel free to expand on your responses in the
large text boxes below, or to email me [link 2] your thoughts
directly.

Sincerely,

[image =
http://tsongas.congressnewsletter.net//images/user_images/Tsongas_Signature.gif]

Niki
Tsongas

Survey/Question [survey]

[image =
http://tsongas.congressnewsletter.net//images/user_images/facebook-button.jpg] [link 3]

[image =
http://tsongas.congressnewsletter.net//images/user_images/button_twitterfollowus.jpg]
[link 4]

[image =
http://tsongas.congressnewsletter.net/images/enews_contact_us.jpg] [link 5]

Survey/Question [survey]

*E-MAIL
UPDATES*

*Yes, please periodically send me e-mail updates.**

Click
Here [link 6]

*By subscribing to my

e-mail updates, you are
authorizing me to send regular e-mail updates from my office to your
e-mail
account.

----------------------
footnotes
----------------------
[survey] http://tsongas.congressnewsletter.net/mail/util.cfm?[redacted]
[link 1]
http://tsongas.house.gov/uploads/7_20_11_Deficit_Letter.pdf
[link 2]
https://tsongas.house.gov/index.cfm?sectionid=117&sectiontree=116,117
[link 3]
https://www.facebook.com/RepTsongas
[link 4]
https://twitter.com/#!/nikiinthehouse
[link 5]
http://tsongas.house.gov/index.cfm?sectionid=116&sectiontree=116
[link 6]
http://tsongas.congressnewsletter.net/mail/util.cfm?mailaction=subscribe&[redacted]

Website
Address:
http://tsongas.house.gov/

Office Location:
Washington DC Office
1607 Longworth House Office
Building | Washington, DC 20515
Phone: (202) 225-3411 | Fax: (202)
226-0771

Acton Office
492 Main Street
Acton MA
Phone: (978)
263-1951
Tuesday, Wednesday, Friday
9:00 AM - 2:00 PM

Lowell MA Office
11
Kearney Square, 3rd Floor
Lowell, MA 01852
Phone: (978)
459-0101
Fax: (978) 459-1907

Lawrence MA Office
305 Essex Street, 4th
Floor
Lawrence, MA 01840
Phone: (978) 681-6200
Fax: (978) 682-6070

Haverhill Office
Haverhill Citizens Center
10 Welcome
Street
Tuesdays & Thursdays
9:00 AM- 11:00 AM

Privacy
Policy:
http://www.house.gov/house/privacy.shtml

Unsubscribe:
http://tsongas.congressnewsletter.net/mail/util.cfm?mailaction=unsubscribe&[redacted]

::

Posts about whatever I find worthy of posting...
October 2024
Mon Tue Wed Thu Fri Sat Sun
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      
 << <   > >>

Search

  XML Feeds

powered by b2evolution free blog software