Entries tagged with spam/scams

Entry tags:

links,
spam/scams

Swiss-cheese security

Cory Doctorow's How I got scammed was a fascinating read. Phishing has gotten more sophisticated, but also, even people whose security practices are way above the norm can get hit when the stars (mis)align just so.

There's a name for this in security circles: "Swiss-cheese security." Imagine multiple slices of Swiss cheese all stacked up, the holes in one slice blocked by the slice below it. All the slices move around and every now and again, a hole opens up that goes all the way through the stack. Zap!

The fraudster who tricked me out of my credit card number had Swiss cheese security on his side. Yes, he spoofed my bank's caller ID, but that wouldn't have been enough to fool me if I hadn't been on vacation, having just used a pair of dodgy ATMs, in a hurry and distracted. If the 737 Max disaster hadn't happened that day and I'd had more time at the gate, I'd have called my bank back. If my bank didn't use a slightly crappy outsource/out-of-hours fraud center that I'd already had sub-par experiences with. If, if, if. [...]

The following Tuesday, I called my bank and spoke to their head of risk-management. I went through everything I'd figured out about the fraudsters, and she told me that credit unions across America were being hit by this scam, by fraudsters who somehow knew CU customers' phone numbers and names, and which CU they banked at. This was key: my phone number is a reasonably well-kept secret. You can get it by spending money with Equifax or another nonconsensual doxing giant, but you can't just google it or get it at any of the free services. The fact that the fraudsters knew where I banked, knew my name, and had my phone number had really caused me to let down my guard.

Years ago, I got a call on a weekend from someone claiming to be from my credit card and was just plausible enough for me to not hang up. (Also a claimed fraud alert.) But I got suspicious when the caller started asking me for private information and then claimed it was necessary to authenticate me (at my own phone number). So I said "I also need to authenticate you; what's my mother's maiden name?" Oh no, the caller said, we can't give you that information... but with all the data breaches we've seen, that technique is no longer safe. The phisher might have my mother's maiden name [1]. Doctorow's phisher had his unpublished phone number. Secrets aren't.

[1] Helpful tip: don't use the actual answers for security questions that people might be able to research or guess. As far as your bank is concerned, your mother's maiden name can be QjFVa6ufeqr_7.

Entry tags:

spam/scams

now pull the other one

There is an old joke about a man who is talking with his doctor after having surgery on his hands. He asks the doctor, "will I be able to play the piano when I recover?". The doctor says yes, he'll make a full recovery. "Great," the man says, "I've always wanted to know how to play".

This morning I got email -- sent through the contact form on my personal web site -- from someone with "hacker" in the address (yeah, right):

( Read more... )

<snark>

Gosh, I'd sure like to have that database full of employee and customer information. Wow, I have employees and customers! And a database! Maybe as a show of good faith you could tell me some of the information you "extracted"? Or if that's too hard, let's start with: what kind of database did you say that was? Surely you can tell me that.

I'm also curious about why you took the inefficient route here. Your email to webmaster got filtered as spam; I happened to notice it but could easily have missed it. Since you have my database full of contact information, why didn't you contact me directly? Just a helpful tip for reaching your future "customers" -- take the direct path.

Oh, and since you've got remote control of my server anyway, could you upgrade to the latest Emacs? I've been meaning to do that. You do want a good review for customer service, right?

Finally, since your proposal includes commitments to future actions on your part, please provide a verifiable contact address in case I need to make a claim.

</snark>

Entry tags:

user interfaces are hard, but this isn't even trying...

Wow, that was convoluted. Having solved the problem, I'm recording it here for future-me or anybody else out there who stumbles across this post when in need.

Like everybody else, I've been getting lots of spam calls on my cell phone, most of which use caller-ID to lie (no you are not local...) or mask their identities. I don't answer calls from numbers I don't recognize, but it's still annoying.

Sometime in the last several weeks, my phone (ZTE Axon 7 running Android Nougat) offered me some settings for dealing with incoming spam, including a shiny checkbox for blocking calls from private numbers. I've never gotten a legitimate call from a private number on my cell phone, so I checked it.

Yesterday I was in a Google Hangout with somebody, which involved much audio fail that I will save for another time. Rather than continue to debug while the clock was ticking, I said "hey, how 'bout I join the hangout from my phone?" (so, using video and screen-sharing from my computer and phone for audio). I couldn't figure out how to join the hangout. No problem, someone on the other end said, I'll invite you by phone.

Except he blocks his phone number, so his calls were auto-rejected before I even had a chance to pick up. Bloody nuisance. Hey look -- my first legitimate private call!

We solved the hangout problem, but afterwards I wanted to turn off that setting. And could find nothing in my phone settings. That checkbox was nowhere to be found. I went to the rejected call in my call log, found a settings menu, and chose "unblock", but doing that has no effect. (Next time I looked, it was blocked again.)

Some googling told me that I was probably dealing with an app named Hiya, which ZTE apparently bundles with Android. The app doesn't show up in the usual place where you go to launch apps, though. Some more googling led me to Settings -> Apps -> System Apps, where I found it -- but my choices were force-stop and disable, but no "run" or "open".

Ok Hiya, you are -- somewhere! -- holding some configuration settings hostage. Out with it!

More googling led me to this comment explaining how to open the Hiya app: find a blocked-call notification in the log (an actual number, not "private") and open it, which brings up a "limited" part of the Hiya app. This limited app includes settings, so I was finally able to find my way to that checkbox and uncheck it.

Who thought that was a good idea? Un-freaking-believable. Is it so hard to include a hook for Hiya settings somewhere in the phone app (which it is obviously modifying already)?

It's possible I'll need this information again within the lifetime of this phone and I sure won't remember that. Hence this post.

Entry tags:

sock-puppets R us

I've been seeing more spam on my LJ entries than usual in recent weeks, but most of it is posted anonymously and gets auto-screened, so nobody else sees it. Two days ago I started getting the following message from LJ accounts that were presumably created just to post these comments (on, I assume, as many journals as possible as quickly as possible):

"Hey This is hard for me because I have never done anything like this.. but I have a huge crush on you. I have never been able to tell you for reasons which you would quickly identify as obvious if you knew who this was. I'm really attracted to you and I think you would be wanting to get with *Read FULL Card Here* [URL removed]"

These ones, coming from logged-in accounts, do show up (about 15 so far). I really don't want to have to start screening comments from people not on my subscription list; I prefer to be more open. (I didn't like having to screen the anonymous ones, but the spammers left me no choice.) I've been marking these as spam when I delete them, which blocks that particular LJ account from commenting on my journal again, but it would appear that creating bogus accounts is easy enough that the spammers don't care. This probably means that more-challenging captchas are in our future. (I struggle with them already.)

The pattern of attack is different, by the way. The anonymous spammers tend to latch onto the same three or four old posts to hit; this current wave is hitting random posts with, so far, no duplicates.

In semi-related news, I've seen no update on the journal-import problem over at Dreamwidth (entries come across fine, but comments don't). I've started to read regularly there in addition to here, so if you're there too and I haven't found you yet, please get in touch.

Update: I discovered that I can do something less severe than screening comments from non-friends: I can make them answer a captcha. Sorry, legitimate non-friends, but I'm going to see if this deters the bots.

Update #2: The captcha doesn't seem to be slowing them down, so either the spammers are humans, the spam-bots are good at captchas, or... the setting isn't working. Could somebody do me a favor? I'd like somebody who is not on my friends list to post a comment (while signed in, not anonymous) here and tell me if you got a captcha. Thanks!

Entry tags:

lj,
spam/scams

LJ: unintended consequences

I've discovered an unintended (I presume) consequence of LJ's changes to the default entry page: I can no longer report spam. Because of the new design I had to switch my style (because the font they chose is illegible to me). It turns out that this style does not show screened comments (annoying!). So to report spam I have to either unscreen and then report/delete, which makes the comment briefly visible, or I can just delete it from the "recent comments" page, which does not offer a "report as spam" option, or in principle I could invest a bunch of time trying to improve the style or find a new one (not gonna happen). So I will now just be deleting spam instead of reporting it. It's no skin off my nose -- I would have to handle each spam comment anyway -- but it reduces my ability to contribute to the public good, which makes me a little sad. Well, that'll have to be LJ's loss, not mine.

Entry tags:

spam/scams

spam levels significantly down?

I've been noticing for a while that my spam traps are identifying less spam but this is not due to any ineffectiveness on their part -- the amount of spam that gets through has not increased. To check my memory I drilled some core samples in my reports from pobox.com. In spring 2008 I was routinely receiving 500-600 pieces of spam a day; over the next year it seems to have averaged closer to 350-400, still high, with a brief rise to 500-600 in April/May 2009. Then, starting in May 2009, the volume started to drop to about 250/day over the course of a month. Over the next year (to May 2010) it dropped to about 150. It has continued to drop slowly and now hovers around 100, but I've gotten several daily reports with two-digit numbers in them in recent days. Last night I was comparing notes with somebody else who has data available, and it's not just me.

This sent me to Google. I couldn't find the motherlode -- a graph of global daily spam levels over a 3-year period (or more; I'd take more :-) ), but I did find some reports from Symantec suggesting that there is something big going on. this announcement from Dec 2010 links to a report (PDF) that suggests a two-thirds drop in spam between August and December of last year, and this report for February-March 2011 shows a big drop just in that time. According to Symantec, in August 2010 the global spam level was about 220 billion messages per day; a month and a half ago it was about 30 billion. (I'm eyeballing charts, so some approximation has occurred. But you get the idea.)

Really? Wow. They attribute this to the shutdown of major botnets, and I saw other articles making that claim too (without citing data). Sure, there have been some big hits that evn made the mainstream news, but I didn't realize the effect of multiple counter-attacks on the spammers had been so strong. I feel kind of bummed that I didn't really notice a 90% drop in spam, but that's because the filters were doing their jobs and the volume was too high to make review practical.

Former email spammers have moved on to other venues, I'm sure. I assume that Facebook and Twitter get a fair bit. (I'm not on either, so have no direct observations.) We've all seen LJ comment-spam; I assume it happens to other blogging sites too. So it's still out there, but less of it is being aimed at our individual inboxes, it appears. Neat.

Entry tags:

lj,
spam/scams

LJ spam

In the last month or so I've seen a large increase in the number of spam comments I get. (That's why I had to set anonymous comments to be screened, though it delays some legitimate comments.) I understand that this has been happening all over LJ. What puzzles me is why a majority of my spam comments have targeted this short, older entry on an obscure topic -- but an entry that is not so complete or keyword-laden to be clearly the definitive web page on the topic or anything like that. I mean, what search produces that page as a top candidate, and why would spammers selling dating services and shoes and Viagra care about those search terms? I just don't get it; what's so special about that one among my 3000+ journal entries?

lj bug

Entry tags:

random bits

It's entertaining when malware distributors are both bold and stupid, like with this email I got today: "Dear customer, we have disabled your email account because we believe it has been compromised. To restore, run the attached executable and use the following password: 12345". (Yes, it was sent in the clear.) How many things are wrong with that ploy? Sheesh.

Serendipitiously, 15 minutes after seeing that scam I saw this excellent tutorial on password management by vonstrassburg. No, not the "how to choose a good password" hints you already know, but, rather, how to deal with the fact that that doesn't really work. I particularly like his suggestions for managing the database file.

From browngirl: Mordor or Iceland? Match the pictures to the source.

I have recently been participating in a small discussion of renaissance music notation... on a mailing list for Jewish worship. No, I didn't start it, but I could hardly let those comments just sit there... And now I have pointers to other editions of Salamone Rossi's music that seem worth investigating (Don Harran in particular). The edition I have is funky; the music is fine, but it's a transcription of a 19th-century French edition and Hebrew transliterated into French phonemes breaks my brain. I transcribe pieces from this book if our choir is going to do them. (What I really want to see is a facsimile edition...)

This tiny horse (link from anastasiav) gave me a serious case of the "aww, cute!"s.

Some iGoogle plug-in served me this cat picture, and all I could think was "yeah, I've had days like that". It's tempting to turn it into a userpic, but I don't know whose property it is.

Erik sometimes makes a squeaking sound now where I would have expected a meow to come out. He still has a full-voiced meow, so it's not like he's caught kitty laryngitis or something, but it's still odd. Embla's normal mode is a sort of chirp (I've only heard her actually meow two or three times), but this sort of thing is new for Erik. Weird.

Entry tags:

money,
spam/scams

the phishers are getting bold (a cautionary tale)

I got a surprisingly-slick call this weekend. The caller said he was from my credit-card company (which he named) and proceeded to offer me a deal intended for people who don't do math. I interrupted him to say no. He kept talking and used the phrase "opt-out", implying that this unrequested service (with accompanying monthly fee) was going to start unless I took steps. That sure didn't sound like my credit-card company, which has treated me well for something over 15 years. I interrupted him again and played along:

Me: Ok, what do I need to do to opt out?
Him: I just need your city of birth.
Me: Whatever for?
Him: To verify that you're the account holder.
Me: You called me; don't you know who you called?
Him: I'm sorry, I need that to continue.
Me: I understand. It's important to protect customers from identity theft. Speaking of which, what's my mother's maiden name?
Him: Oh, I'm not allowed to reveal confidential information to strangers.
Me: You called me, remember?
Him: (babble)
Me: Ok. Topeka.
Him: Thank you. You've been opted out.

(No, I was not born in Topeka, nor have I used that response for any account.)

After I hung up on him I called my credit-card company. They do offer such an insurance plan (through a third party), but I was not scheduled to be called. I said I couldn't remember -- do they use my city of birth for a challenge question? No, they don't. The rep gave me the phone number of the company they use (which doesn't answer the phone on weekends), so tomorrow I will attempt to find out what they know about this. (Either they have an employee who stepped way out of bounds or it wasn't them.) Meanwhile, my company says they have noted that I declined this offer and if anything shows up on my account it will be squashed. Is there any place else I should report this? I don't have caller ID so we can't track the caller, but I'd kind of like to record somewhere that if someone tries to use my name plus a birth city of Topeka to open an account, it's fraud.

By the way, at no point in the conversation with the caller was my credit-card number mentioned. Hmm. (My company offered to change my card number, but that's a big hassle because of automated payments and they advised waiting to see if any suspicious charges show up. I am already in the habit of reading my statement carefully, so we'll catch it.)

I'm a little creeped out by this. It would have been pretty easy to be fooled, I think -- you can't "read back" on phone calls the way you can on suspicious email and the call went on for a while, so it would have been easy, I think, for people not especially fluent in phishing schemes to forget that credentials had not been established. This is not the Nigeria-style scam that plays on the stupidly greedy; this one could easily catch smart people who just aren't up on this stuff, I think.

Entry tags:

rants,
spam/scams

an open letter to Habitat for Humanity

Dear Habitat for Humanity,

I helped you build a house once, and later gave you money. You spent far in excess of that donation sending me solicitations, making me less inclined to send you more. (I know other charities that use their money more wisely.) Then you started sending me spam and ignored cease-and-desist notices. I used your next postage-paid envelope to send a final cease-and-desist on the spam thing, and that didn't work either. You went onto my "do not donate, ever" list.

And today you called and were irritated that I considered this a problem. The proper response to "your policies have led me to re-evaluate and I do not want to hear from you" is not "but we do all this good work!" but, rather, "I'm sorry" followed by either "I'll take you off all our lists" or "how can we make things right?". I have now directed you not to call me and I'm sure it's been 18 months since I sent you any money (which is the timeout on the do-not-call law). If you call me again I will invoke the attorney general. If you want to set matters right, you must send me a physical letter (not email, not a phone call) actually addressing my complaints. Have a nice day.

Entry tags:

rants,
spam/scams

chutzpah or cluelessness?

An open letter to the Pittsburgh UJF:

When you called me a few weeks ago looking for money, I told you that: (1) I do not approve of telephone solicitations so put me on your do-not-call list, and (2) I would consider a written request along with all my other requests for charitable donations. I would have just told you to go away, but -- even though, like the United Way, you impose an overhead surcharge -- you do help some worthy local organizations that I don't already support directly. So I'm willing to consider a donation, but on my terms, not yours.

Sending me a letter thanking me for my pledge of $X was not the correct next move on your part.

Now that I think about it, you did the same thing last year. I called you and you apologized, saying it would not happen again. I eventually made a small donation. $X, in fact.

This year I'm not buying that explanation. If you had requested my help in an appropriate way I would have given, and probably more than $X. But you didn't ask; you presumed. Later this year you will send me a "bill" for a pledge I never made. Unless you convince me that you have taken corrective action, I won't be sending you anything this year other than this letter. And if you do convince me but your phone-spammers call next year, we're done forever.

You might decide that my donation is too small to be worth the effort of setting this right. That's fine too. If I don't hear from you, I'll assume that's what happened.

I've also posted this letter to my blog. If there's any followup, I'll share that with my readers too. I'm not unfair, just unimpressed.

Edit 2-12 21:30: Today I came home to a polite message on the answering machine from the campaign manager, along with email saying she would like to speak with me. It was too late to catch her today, but I will call tomorrow morning.

Edit 2-13 17:15: I spoke with the campaign manager today. She is very apologetic, said she would put me on the do-not-call list, and offered to just send me a letter once a year and otherwise not bother me, which is perfect. She also wants to meet me for coffee (or equivalent in my case), even after I pointed out that I'm not one of their big-time donors.

Entry tags:

bad form

About a week ago I started receiving spam ("that you signed up for" -- um, no) from the Obama campaign. Complaints to their postmaster have gone unheeded (and have not bounced). My first letter took the tone of "this must be a mistake" and I commended them on the otherwise good experiences I've had with their campaign while asking them to correct this error; the second was closer to "you are reflecting poorly on your candidate". Still nada. As a matter of security I do not follow "unsubscribe" links in unsolicited email (who knows what they'll really do?), though I did go to their site (through the front door) and leave feedback reporting this problem.

The problem is not only continuing but escalating. I can set my spam filters to take care of this, but it's bad manners on their part and seems unwise when they want my vote.

If anyone reading this has ties to this campaign, you might want to tell them to knock it off. I would point out that the opposition has not stooped to spamming me so far. (If I'm really lucky, perhaps this post will snare a campaign person following referrer links.)

Entry tags:

short takes

On Christmas, it is customary for Jews to go out for Chinese food and a movie. I'll have you know that Dani and I are not so stereotypical: this year we are going out for Japanese food and a movie. So there. :-) (Tomorrow should be a glorious day for getting work done. There were only about six people in the office today.)

This discussion of teaching INTJs resonates in many ways. Speaking of siderea, check out her surrealistic junk mail. (I have had similar "WTF?" reactions to some of the junk mail I get, but she articulates it better.)

With spammers lately trying the "random sequence of 4-8 letters in the subject line" gambit, it was only a matter of time before a Viagra ad was cloakced in coherence. The one that got me had a subject line of "junit" and was sent to my work address.

This eBay auction (link from _subdivisions_) takes an old prank to a new level:

I will be spending the Christmas holiday in Poland in a tiny village that has one church with no bell because angry Germans stole it. Aside from vodka, there is not a lot for me to do. During the course of my holiday I will send three postcards to one person of your choosing. These postcards will be rant-ravingly insane, yet they will be peppered with unmistakable personal details about the addressee. Details you will provide me.

I am not especially surprised that he was able to find a market for this. I am surprised by the winning bid!

A coworker passed along this XP review. Fun stuff:

I have finally decided to take the plunge. Last night I upgraded my Vista desktop machine to Windows XP, and this afternoon I will be doing the same to my laptop. [...] All I can say is "wow!" You can see that a lot of work has gone into making XP more reliable than its predecessor. The random program crashes, and hangs appear to be a thing of the past.

It's snarky and over the top, but I got some giggles from it. (I have never used Vista.)

Entry tags:

caching the browser tabs

Aside: LJ has been really crawling for me for the last several days. Is this happening to other people too, or do I have a local problem? (LJ is blocked at work, so I can't collect that data point.)

I've got a lot of stuff accumulating in browser tabs on a wide variety of topics, so...

The (spam)bot wars heat up, by jducoeur.

I'm a little behind in my tech news. siderea posted a helpful summary of the news about cracking the DRM code on DVDs and the subsequent firestorm on Digg.

merle_ on the true reasons behind the bee population problem.

Why programmers should never become ministers, link from aliza250. Satan is a MIS director who takes credit for more powers than he actually possesses, so people who aren't programmers are scared of him. God thinks of him as irritating but irrelevant.

insomnia on the new military rules that significantly limit participation in blogs, mailing lists, and so on. I saw an article that quoted an anonymous military source saying "we didn't mean that; use common sense". I don't know enough yet to have a handle on what's really going on, but it bears watching.

South Park Mac vs. PC, link from bkdelong.

Unconventional greeting cards, like "your painful breakup has made me feel less alone" and "your cell phone ringtone is damaging your career". Link from thatcrazycajun.

In light of my recent post about kippot in synagogues and elsewhere, I found this post on hair-covering by katanah interesting.

Cached for later reading: Clay Shirky: A group is its own worst enemy. (He's talking about online fora.) Link from Geek Etiquette.

And, for those in the SCA, what looks like a thoughtful and fascinating conversation about staying in-period at events versus talking about your computer, and why people go to events anyway, and what changes we might want to make. This post by msmemory has an overview and links to several other posts I would have mentioned here but now don't have to.

Entry tags:

spam/scams,
tech

technological disappointments

I don't care about iPhone at all, but the announcement of AppleTV caught my interest. I'd probably pay $300 for a device that lets me dump the cable service (depending on what content costs). I don't watch a lot of TV but I don't want to watch what I do watch on my computer; this fills a real need for me. Alas, it appears (from Apple's site) that my plain old TV, bought about five years ago, can't talk to this new box; they use the words "widescreen" and "enhanced definition", neither of which I think applies to my TV (assuming "widescreen" means 16:9 instead of the standard 4:3 aspect ratio -- why that should make a difference when they could just letterbox is beyond me). They can make an allowance for wired networks but not for recent-but-not-current TVs? Bummer.

Spam subject line of the day: "mollusk suffrage". On consideration, giving them the vote probably wouldn't make things worse.

I cleaned out my spam traps last night; the problem has definitely gotten worse recently. There's more spam and the distribution (or performance of various filters) has changed:

( Read more... )

Entry tags:

short takes

"The NSA would like to remind everyone to call their mothers this Sunday. They need to calibrate their system." (Seen here and passed on by

sui66iy.)

That poll I posted on Friday got 15 responses in the first 20 minutes, three of them from people who don't openly subscribe to my journal. *boggle*

SCA: Woo hoo! A local clue-enabled couple won Crown Tourney yesterday. Nice folks; I'm really happy for them. The next 11 months should be lots of fun. (As ariannawyn pointed out, this might be the first queen who's won one of Yama Kaminari's fundoshi oil-wrestling contests, which, yes, is as strange as it sounds.)

Quoth some recent spam: "your woman wants a replica". Really? I have a woman? Please give her two messages, then: (1) she's late with her share of the mortgage, and (2) she can buy her own damn replica.

Around 6:00 tonight I got a phone solicitation from someone claiming to be calling from Jerusalem. So that would have been, what, 1:00 AM? That seems like a lot of effort to catch people at dinner time -- and that's just eastern time. (Though I'm told that Californians eat late compared to midwesterners, so maybe they just call them first thing in the caller's morning.)

Trope geekery: the torah portion I'm currently learning (fourth aliya of Bamidbar) has four munachs in a row (followed by pazeir, which itself is pretty unusual). I occasionally see two munachs in a row; I think I've seen three. Four? Weird. I had to look up what to do with that. (Munach is one of those symbols that has different melodies depending on local context.)

For the bar mitzvah I'm conducting in July, I've decided to read rather than chant the portion up to where the student takes over. I figure that this way I won't be upstaging the kid; while in many congregations it wouldn't be perceived that way, I'm not sure about ours and that family is already having to deal with deviation from the norm because they won't get a rabbi. I asked my rabbi if this seemed appropriate to him (and explained my reasoning) and he concurred. Reading without chanting is going to take some getting used to, though!

Hebrew class tomorrow night. I'm considering asking the teacher to move me to the next section for the ulpan (that is, one ahead of where the group I'm now with will be going). It's possible that this will also get me a different teacher, which is not a change I'd frown on. But mainly, I figure that if it's too advanced we can fix it on the first night, but if the class is too basic I'll never be able to jump up.

Entry tags:

quote, link, spam

Quote of the day: "[Pushing data from Perl to Excel is] sort of like when you've been trying to get two acquaintances to meet and talk to each other, but there's all these mishaps that occur, and finally, they talk, and get along pretty well, until one day one realizes that the other one talks too fucking much and segfaults in their face." (

dr4b, here)

ISN: Clark defends domestic psi-surveilance program (by osewalrus).

I keep getting spam claiming to be my "last chance" for the offer du jour. I don't think that phrase means what they think it means. The amount of spam reaching my mailbox has gone down, but the amount that's trying to get there is up again after a dip for a few weeks. I have four layers of protection; since the beginning of Shabbat (two days) the statistics are:

Bounced by pobox.com on my behalf: about 475
Held by pobox.com as suspicious (all actual spam): about 60
Caught by SpamAssassin as almost certainsly spam (score 7+): about 120
Caught by SpamAssassin as probably spam but worth looking 'cause sometimes it catches legitimate mail (score 5+): about 40
Made it to my inbox: about 50

Currently I skim the pobox bounce reports every few days because I toughened the rules a week or so ago, but obviously that's not viable long-term. (I check the "held" pile every couple days; that catches legitimate mail occasionally, but then I can whitelist those senders.) Some of the obvious spam that gets all the way through has low SpamAssassin scores (2 or 3); I'm not sure how they're pulling that off, but dropping the threshold that low would catch way too much legitimate mail. I don't know if better tuning of all the parameters is possible, but so far pobox is doing the bulk of the work and only rarely catching legitimate mail (in the "held" pile, where I can get it back).

Entry tags:

spam/scams

spam filtering

I use SpamAssassin scores and procmail to cut the flow of spam to my inbox, but more and more spam has been getting through in the last couple months as -- I guess -- the spammers get more crafty. I haven't invested effort in examining what's going on; I'm using the lowest SpamAssassin thresholds I can without generating too many false positives.

But I use pobox.com (a permanent forwarding address), and a week or so ago they turned on spam filtering at their end. They don't throw suspected spam away (at least not right away); they buffer it and give you the chance to look at headers and decide what to send through. They also offer a whitelist, so if they tag something as spam that wasn't you can at least flag that sender as being ok. I haven't looked to see if I can make it interact with mailing lists.

In the last few days Pobox has caught about 200 messages for me. Three of them weren't spam. All three were from Yahoo mailing lists. (Yahoo adds ads to messages.) I think this is great! I don't know what rules Pobox is using to identify spam, and I assume that most of that spam would have been flagged as spam by my direct provider if it had gotten that far, but maybe not all of it would have. And I'm all for dealing with the problem at the earliest available step in the delivery process. It saves wear and tear on my provider, after all. (Providers, actually; I mirror my mail stream against the possibility of outages.)

Pobox was already worth the (roughly) dollar a month I pay for a permanent address, but this makes it even more worthwhile.

Entry tags:

spam/scams

mail surprise

The certified letter from the attorney general (that I had to pick up in person, grumble grumble) did not exactly inspire warm fuzzy thoughts, though I couldn't imagine anything I'd done to prompt scrutiny.

The first thing I pulled out of the envelope was a check for $20. The second thing was a letter thanking me for my help in nailing the telemarketing scum that ignored the do-not-call list. (Ok, the letter didn't say "scum".) The check is my share of the fine.

Wow, who knew? First that the do-not-call list would actually be enforced, and second, that people who report violations might get something out of doing so?

Entry tags:

short takes

I have half a large cantaloupe and more than enough fruit salad. So far, it appears my other options are blender drinks and sweet cold soups. I guess that shouldn't surprise me too much, but I wonder if I can do better.

Today's mail brought a membership appeal from "Toys for Tots Christmas Club". Oh, let me count the ways in which they have missed their mark... no, on second thought, let's not. :-)

I've spent the last month being a registered Democrat for tax purposes. (I'll fix it after the mayoral election -- err, "primary".) It should be fascinating to see what that does to the makeup of my junk mail.

A question occurred to me while contemplating a conference in England that ends on a Friday (not that I'm expecting to be allowed to go, but): If I get onto a west-bound plane shortly before Shabbat, and at no point during the trip am I in an area where it is already Shabbat, is that kosher? (It might not be smart, of course, as one delayed connection can ruin one's whole day.)

Note to anonymous coworker: if you only get the error after you've edited the code, and you can't produce it from the checked-in version, it is not my bug. :-)