Tuesday, November 07, 2006

 

what does really bad targetting tell us?

The spam to my main RFC2142 role address is getting as varied as the rest of the junk. So it seems it's just another stoopid dictionary attack type address.

How dumb is that? They're spamming the address at this domain that's most likely to generate a correctly targetted and adequately detailed spam report. And least likely to fall for a phish or buy fake pills. The address is most likely to exist (and work) at well run domains and unlikely to exist at amateur domains. Anybody smart enough to put together a bot-net can remove all of the role addresses from any list with about five seconds' work. Obviously they just can't be bothered.

Meanwhile, a test address I named after my old cat and stopped using eleven years ago is still getting spam.

What's it mean?
  1. The major spammers are not concerned about complaints. They're sending through disposable trojan-infected PCs, and there's an unlimited supply of those. They're hosted on corrupt and incompetent networks connected to the world by giant backbone carriers like AT&T and Sprint and Level3 and the spammers are quite sure those giants can't be bothered to enforce their harmful traffic language.
  2. The people paying the major spammers either don't know how bad the lists they're using are, or they don't care either. I suspect it's some of each. Some spam runs are commissioned by clueless boobs who think they're gonna get rich selling sugar pills out of a multilevel marketing "company." They don't know. Other spam runs are by the spam gangs themselves. They don't care.

Comments: Post a Comment



<< Home

This page is powered by Blogger. Isn't yours?