Phishing for Bitcoin with fake 0-days


Arriving in my inbox at a steady clip this morning: a series of phishing emails aimed at Bitcoiners, promising that the sender has found a bug in "the Bitcoin client" and promising "Pay 0.07 BTC today, get 10 BTC for 15 hours." Read the rest

'Spam King' Sanford Wallace gets 2.5 years in prison for 27 million Facebook scam messages

A hacker who called himself 'Spam King' and sent 27 million unsolicited Facebook messages for a variety of scams has been sentenced to 30 months in jail.

Read the rest

Microsoft spams corporate users with messages denigrating their IT departments

gwx-for-admins-100649333-large.idge (1)

If your company hasn't "upgraded" your computer to Windows 10 -- a tendril of what Shoshana Zuboff calls surveillance capitalism masquerading as a "free OS" -- you may start receiving messages from Microsoft telling you that your IT department is holding you back: "Your system administrator has blocked upgrades on this PC. Check with your system administrator about upgrading this PC to Windows 10." Read the rest

19th century spam came by post, prefigured modern spam in so many ways


In the 19th century, the nascent advertising industry took notice of the fact that postmasters could send each other letters for free, and bribed them to forward packets of mail to one another to pass on to townspeople ("To Superintendent Sunday School OR ANY ONE INTERESTED IN MUSIC"). Read the rest

Snowshoeing: small-batch spam that's less targeted than spear-phishing


Snowshoe spam has a "small footprint" -- it is sent is small, semi-targeted batches intended to sit below the trigger threshold for cloud-email spam filters, which treat floods of identical (or near-identical) messages as a solid indicator of spam. Read the rest

Spam-fighting mail-rule


If body contains "unsubscribe" and From: is not any of my addressbooks, then move message to folder "Spam." You're welcome. Read the rest

Turns out that "unsubscribing" from spam actually works


After my spam hit a point where I couldn't actually download my email faster than it was arriving, I spent a month clicking the unsubscribe links in all the spams in my inbox. Weirdly, it worked. Read the rest

Video perfectly captures CAPTCHA anxiety

If you've ever stressed out about the new batch of timed CAPTCHAs that involve math equations, games, or inaudable audio, this video on CAPTCHA anxiety by videogamedunkey may feel all too familiar.

Read the rest

FCC takes aim at spam texts and robocalls


Telecoms will be given wider latitude to block nuisance messages to their customers, reports the Wall Street Journal. Read the rest

Clinton's sensitive email was passed through a third-party spam filtering service

It's been years since the spam wars were at the front of the debate, but all the salient points from then remain salient today: when you let unaccountable third parties see your mail and decide which messages you can see, the potential for mischief is unlimited. Read the rest

Social graph of mysterious twitterbots

Terence Eden has mined the social graphs of thousands of mysterious, spammy twitterbots, which may or may not be the same larval spambots I wrote about. Read the rest

Brian Krebs's "Spam Nation"

In Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door, Brian Krebs offers a fascinating look at the mass-scale cybercrime that underpins the spam in your inbox and provides an inside peek at a violent fight among its principle players. Cory Doctorow reviews.

Google Maps' enduring security holes put businesses at risk

It's been more than a year since a series of high-profile articles demonstrated that Google Maps' crowdsourcing function can be used create new listings, alter existing business listings, and even create fake Secret Service offices that real-life cops end up calling. Read the rest

Russia's army of paid astroturfers message-bomb western coverage of Ukraine

A set of documents leaked by a group identifying itself as Russian hackers purports to be training materials for Russian psyops agents who were paid to make favorable comments about Russia's position in Ukraine on western media websites. The group of fake commenters, called the Internet Research Agency, is based in Saint Petersburg, and its operatives were ordered to maintain multiple commenter identities based on certain archetypes, and to post a minimum quota of pro-Russia messages every day. Included in the documents are per-site strategy notes for preventing moderators from erasing messages (for example, on Worldnetdaily, do not use "vulgar reactions to the political work of Barack Obama.")

These tactics are familiar ones. Rebecca MacKinnon's indispensable book Consent of the Networked describes the Chinese government's "Fifty Cent Army," each paid 0.5RMB per message pro-government postings. And of course, the 2011 HB Gary leak revealed the existence of a US Air Force RFP seeking "persona management" software that would let US psyops operatives maintain up to 20 fake identities from which to post pro-US messages on Arab-world websites. Read the rest

Comment-spammers threaten to sabotage their victims through Google Disavow if the evidence of their vandalism isn't removed

Tim got an email from someone trying to get rid of comment spams -- ever since Google started punishing sites that left comment spam on blogs, this has been going on a lot. When Tim told the guy to buzz off, he threatened Tim with sabotage by means of Google's "Disavow" tool, growing progressively more abusive as Tim stood his ground. Read the rest

Orange UK plumbs the depths of insulting, stupid marketing, finds a new low

I had the above-reproduced SMS exchange with a bot from my horrible mobile phone carrier, Orange UK (now called "EE" after the high-pitched noise my incipient aneurysm makes whenever I have to deal with them, and because vowels) today. They have "good news" -- I have been subscribed to "special offers" from "great brands" via SMS. And I can opt out. Except, surprise, it takes three weeks to process these opt-outs.

Not sure what I should do apropos of any "great brands" who pay Orange to spam me in the runup to Christmas: maybe just name-and-shame them here? Any other ideas? Read the rest

Rise of predatory, parasitic spambooks

Charlie Stross considers the confluence of bookspam; Turing-complete, Javascript enabled ebooks, and auctorial disappointment and posits a hostile ecosystem of parasitic ebooks who go around devouring the competition. Read the rest

More posts