Spamhuntress

I’ve strayed into Google Groups again, and happened to find a search term that gave me plenty of spam group hits:

pharmacy direct

I’m guessing there are hundreds of letter soup groups, but the MO has evolved since last time there was a cleanup over there (Google removed the groups I complained about last time).

This time many of the groups have several members. I’ve seen up to 14 members (presumably all alternate ID’s of spammers), but there’s no set number of members. It depends on how old the group is. For older groups, there are more members, and in addition to pages, that seem to be created as the group is new, the older the group is, the more likely it’s also got mail messages. Some of these groups have open membership, so it’s possible the mails are from spammers other than the one that started the group.
The groups now also often have a description. I’ve seen “Father Brown” several times, and many of the descriptions look like remixed text from a book, possibly about Father Brown? The text reads like gobbledygook: The sentences make sense when read by themselves, but it looks like sentences have been spliced together without any regard to context. Some groups also have lists of near identical spam terms.

There’s literally no end to the number of spam groups that have included those search terms in at least one message, so one Google technician will have a heck of a job removing all that crap!

There’s a discussion today in Norway about a website set up to funnel people to pay porn sites. The website itself is a discussion forum, where people routinely upload pornographic pictures. Many of those pictures are illegal, such as photos taken of unwitting girls on beaches. There’s also misuse of famous people’s pictures, stolen from various places.

They’ve managed to figure out who owns the website, but part of the discussion is what to do about the website - the server is in another country, and it might be extremely difficult to get it shut down.

I just wanted to suggest another solution:

Block it with DNS.

It’s doable on a national level. Italy did it with pirate bay. Of course, it won’t keep out the persistent pervs, but a DNS ban - after a court process of suitable nature - would at least make the domain less viable commercially - and that’s the point!

I got a spam e-mail today that piqued my interest. It was written in Danish, and the name on the account looked familiar. The text of the e-mail was also in Danish, but was pure spam. This surprised me, because there’s virtually no Norwegian language spam - we’ve got too tough laws for that to happen much. I assume the same is true of Denmark.

So I started investigating.

The whole list of addresses it was sent to was visible. Looking through it, I thought it looked like someone’s e-mail address book. And I recognized the name and where I’d seen it. A guy I met a little over a year ago. He wasn’t likely to have sent this. I’ve contacted him to tell him he’s been hacked.

The spam was directing people to a store registered with a Chinese name:

store-168.com

And it’s been named as one of the sites benefitting from stolen gmail account passwords before. McAfee also has a comment saying the site is puro phishing.