Skylarking

I received the following question just last night:

I received an email telling me that email petitions and chain letters use tracking software and cookies to collect email addresses from anyone who receives that email message. I was also told that email petitions aren’t acceptable by congress like a signed petition would be. Are both these items true?

Well, the first is false, and the second is true.

Tracking Emails and Tracking Software

The only way an email can be tracked is from one sender to the first recipient. If I send an email message to a friend, it is possible for me to be notified when they open the message. If my friend forwards the message to someone else, there is no way for me to tell that has happened; nor is there any way for me to receive the email address of that second recipient, or any recipient after that. So, no, there are no tracking programs of this sort.

BUT, Remember the concept “Six Degrees of Separation”? Erase email addresses before forwarding a message

The idea of “Six Degrees of Separation” says that everyone is 6 steps away from any other person on the planet. Which in my way of thinking means that we are all six steps or less away from a spammer. The problem here being that when people forward an email message they usually leave any previous email addresses in the message, too, plus most people add new addresses of their own when they forward the message. The best practice here is after you click FORWARD and before you click SEND make sure you erase/delete any email addresses that appear within the email message. That is, just before you click SEND, read through the message and erase any email addresses you find in the message. If you don’t, you never know who in the chain knows or is a spammer.

BCC: Blind Carbon Copy Hiding Email Addresses

When you are sending an email message to multiple recipients, use the BCC or Blind Carbon Copy feature to address your message. That is, use BCC instead of TO. An, if your email software says, “At least one recipient is required in the TO field”, then put your email address in the TO field, and everyone else in the BCC field. The BCC field hides the email addresses from the recipients. When the sender uses the BCC field to address an email message, the recipients of that message will see “undisclosed recipients” in the TO field or elsewhere in the message. If you can’t find the BCC feature in your email software, contact your email service provider and have them tell you how to access it. Or you can contact Skylarking and I will help you find the feature.

Email Petitions Don’t Work

That much is true. A genuine petition requires signatures and street addresses. Anyone can type a list of names and email addresses into a petition, but there is no way for the recipient to prove or disprove that those people participated in or knew about the petition. It is best that each individual person email or contact their representative directly, and not as part of some long list of names in an email message. Additionally, you wouldn’t want to include your street address in such a petition, since you never know if that message might eventually end up in the hands of a spammer or an identity thief. After all, most acts of identity theft are performed by the victims friends, co-workers, and family members.

Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.

You may or may not have heard the news last week, but spam traffic dropped by 50 to 70 percent last week after two Internet Service Providers (ISPs) cut off Internet access for hosting company McColo in California last week.

If you’re not familiar with these terms, a hosting company provides computer service and equipment for other companies and individuals. A hosting company typically offers storage service for email and web sites. An ISP provides companies and individuals with access to the Internet.

In last week’s case, McColo, a hosting company with locations in Delaware and California, was providing hosting services to several companies and individuals who used the McColo’s computers to distribute viruses and spyware via spam and harmful web sites. Many of the sites and messages dealt in pharmaceutical drug sales and child pornography. These companies were paying McColo for the use of their computers, and despite the illegal activity McColo ignored it.

McColo’s host computer center in San Jose, CA was connected to the Internet via several Internet Service Providers.  Two of the providers took it upon themselves to deprive McColo of Internet access and shutdown the Internet connection. Within seconds the level of spam traffic worldwide dropped by 50% to 75% according to several spam watchdog services such as Spamhaus.

Consumer Risks: “XP AntiVirus Protection” and “AntiVirus 2009″

If you downloaded either of these two programs then you can probably count yourself among the victims of this incident. “XP AntiVirus Protection” and “AntiVirus 2009″were fraudulent programs distributed by several companies and individuals who were provided hosting services by McColo.

Update Jan. 2010: As a computer service professional I receive two calls for help per week to remove spyware and fraudulent anti-spyware programs. Best Buy’s Geek Squad wants $200 — $300 to remove spyware and viruses. My recommendation, purchase Spyware Doctor(at right) for only $39.95 and protect up to 3 computers. It’s the real deal. It’s downloadable, and not available in stores. Only have one PC? Then ask a friend and/or relative if they’d like to split the cost with you.

Below are sample images of the two most common fraudlent (anti-)spyware programs circulating the web. The call them “spyware protectors” some times. Sadly what these  scammers are saying is they “protect the spyware” and not your computer.

AntiVirus 2009

XP AntiVirus

Help Yourself, Help Your Computer

If you downloaded either of these fraudulent programs you should remove them immediately. To do so:

1. Click Start > Conrol Panel
2. Click or double-click “Add/Remove Programs” (In Vista and Windows 7 its called “Programs and Features”)
3. Locate and click each of these programs on the list and click “Remove” or “Uninstall” for each one found.

After removing these programs, go purchase Spyware Doctorto remove any traces of these programs and the harmful software they may have added to your computer. I recommend Spyware Doctor from PC Tools—hands down—over any other antispyware software you’ll find.

Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.

Sort of….

The FTC (Federal trade Commission) won a preliminary legal victory against the world’s largest spam gang  by persuading a Chicago Federal court to freeze the gangs assets and to order their spam network shutdown.

The spam gang, known by spamfighting agencies as HerbalKIng, had a networks of 35,000 computers which which could send out 10 billion spam messages a day.  Many of these computers were owned by people who didn’t know their computers had been remotely commandeered to send email on behalf of the spammers.  The network had ties in the United States, China, India, New Zealand, and Australia. The network was referred to as the “Mega-D Botnet”.

If you’re unfamiliar with the term “botnet, here’s an explanationation from SearchSecurity.com:

A botnet (also known as a zombie army) is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie – in effect, a computer “robot” or “bot” that serves the wishes of some master spam or virus originator. Most computers compromised in this way are home-based. According to a report from Russian-based Kaspersky Labs, botnets — not spam, viruses, or worms — currently pose the biggest threat to the Internet. A report from Symantec came to a similar conclusion.

The network was purportedly responsible for a third of all spam at one point, and had been collecting $400,000 in Visa charges in one month.

The spammers had been sending messages hawking various pharmaceuticals and male-enhancement drugs. The charges brought against them are more than just spamming counts, but the charges also include making false claims about their product, selling pharmaceuticals without a prescriptions or doctor’s intructions, and selling drugs from countries such as Indie which aren’t regulated or approved for sale in the US.  Many of the drugs being sold had harmful side effects.

The FTC’s investigation aginst this organization had been ongoing for over 2 years.

Here’s a bio about HerbalKing from Spamhous spamfighting organization:

HerbalKing is a massive affiliate style spam program for snakeoil Body Part Enhancement scams (penis enlargement). It has also done spam campaigns for replica luxury goods, pharma (counterfeit pills) and porn. Spam arrives via botnets with spamvertised sites on “bulletproof” hosting offshore, particularly in China. The group also uses fast-flux hosting, running sites on hacked botnet PCs.

HerbalKing, with connections to India (possibly due to pharmaceutical supplies), rivals the traditional Eastern European spam gangs for volume and criminal botnet methods of its spam. “Tulip Labs” appears to be the source of HerbalKing’s herbal remedy products. The main operation may be run out of New Zealand or Australia by long-time spamming brothers Lance & Shane Atkinson. (see: http://www.geekzone.co.nz/juha/2237 )

There are hundreds of SBL listings related to HerbalKing but some may not be linked to this ROKSO due to the tremendous number of identities and domains used by the program. Lists of domains should be considered examples of that abuse of domain name space, not comprehensive lists of their registrations.

Read more at the FTC‘s web site; the NY Times; and the ars technica web site.

Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.