EU

A new front opens in my war on spam

Spam seems to be in danger of being overtaken by multiple subscriptions to feeds I've never heard of.

Written in my Seattle hotel and despatched to Tech Republic via a 5.5Mbps free wifi service.

I seem to be in the midst of an 'unsubscribe war'. It's not that I join many groups, or  regularly sign up for news and information feeds, or indeed click or un-click without being careful, but I am watching a rising tide of junk fill my screen. Where is it all coming from?

Unwarranted and un-asked-for mailings from companies, groups and other bodies has overtaken the spam in my inbox.

Somewhere my email address is on a list that is doing the rounds and as a result I'm awash with irrelevant and irritating blurb trying to convince me to invest in, buy, use this and that product and service.

Each time I search for the hidden unsubscribe link. Sometimes it works and sometimes it doesn't. Most times it leads to mild amusement - or intense frustration. Last week I clicked unsubscribe and this week they start sending me the same bumf in paper format by surface mail.  Doh!

A few weeks ago I clicked unsubscribe and finished up with an enquiry as to why, only to be given another six boxes to click including, one that would give me another feed from another 'interesting' source!

Well I have tried to be reasonable, but I have now reached the end!  It is time to put 'shields up', report them for spam they are and divert them all to my first defensive junk filter so they never reach my laptop let alone my screen.

In something of of an ironic touch I now have to announce that this is my final regular blog for TechRepublic.  It has been fun writing for silicon.com and TechRepublic these past 10 years, but nothing lasts for ever and the world moves on.

I have enjoyed the dialogues, the challenges and the wonderful support of my editorial team over that time and I wish them all, and all of you, the best for the future. Keep well, be optimistic, and try to keep up with change...it isn't going away anytime soon!

But you can always find more about my work and publishing activities by clicking visiting:  www.cochrane.org.uk

About

Peter Cochrane is an engineer, scientist, entrepreneur, futurist and consultant. He is the former CTO and head of research at BT, with a career in telecoms and IT spanning more than 40 years.

34 comments
peter
peter

...I am talking conference and event organizers - both commercial and professional, of course all 'dangerous spam' goes to 1 of 3 concatenated spam filters :-) Peter Cochrane

Locrian_Lyric
Locrian_Lyric

...is to grab any 'contact us' email addys from the offending companies, and subscribe them to various services from other offending companies. I don't know if this actually DOES anything, but I can dream, can't I?

Ryaninve
Ryaninve

I don't know if this works but costs nothing.I was told to make my first Address AAAA@aaa.com and the malware trying to use your address book will try to send four or five times and then give up without searching the rest of your addresses,Neil RYAN

hunter003
hunter003

I gave up on spam filtering. It's not all that effective. I found a very effective tool for deleting spam at the server level. It's called MailPurge and can be found on Google Play. I use it on both my Android tablet and phone. It works great for me.

CalicoWolf
CalicoWolf

I must say that I was saddened to read this article where a very intelligent writer for such a well respected source of technical knowledge does not know that using the "unsubscribe" button only confirms that your e-mail address is valid and therefore game for other sites to use on their spam list. Never, never, never use the "unsubscribe" button in an e-mail. Rather mark the domain or address as a spam address and let your e-mail program or provider filter it out. Maybe time for another primer on lessening Spam and junk e-mail should be released here on TechRepublic

bero1
bero1

Hallo, I get even on spammers by throwing pebbles into their machine. I keep one message from each spammer, when I have time I do some research on each of them (the most frequent one gets the highest priority). I compile an excel sheet that contains whatever info (like phone number, VAT number, address, ....). Randomly I surf to the spammers site (not by clicking on the link in the mail, but by copying the url from my excel sheet) and place an order, pretending to be one of the spammers that are on my list. This way one spammer gets an invoice, order confirmation, or any other notification for an order he doesn't know about. There are two possibilities: - he pays for something he doesn't need - he starts actions to cancel the order (or even return the shipment) this is the ideal scenario because it causes both spammers to waste time to get the deal undone. I have "companies" where I placed over 100 orders (the ones where I can perform the order by a script (just a few keystrokes)). This makes them doubt every order they receive, because it could be a real order or just a fake order placed in the name of an other spammer.

mslizny
mslizny

The link tries to direct to an internal TechRepublic URL, not out to the Internet I get a "page not found" error.

aidemzo_adanac
aidemzo_adanac

If you read most privacy notices, they include accepting the sharing of your personal information ONLY WITH PARTNERS THAT HAVE RELEVANT INTERESTS. OF course that can include anyone, so by sharing your email address you are also accepting their desire to sell your name, and SELL they do, at very high costs. With a background in marketing, I have both bought and sold countless names and numbers over the last 15-20 years. Even most ISP's have a sharing disclaimer that APPEARS to be them saying they won't share your name or info, but if you read further it is often the absolute opposite. Most ISP's you sign with have you accept an agreement that gives them permission to openly sell or share your info with their selected partners too. News feeds are no different, it's just a marketing tool, not free info from wanna be reporters trying to make a name for themselves. Often the company or website they blog for will allow them AirTime because they generate followers and followers are marketing dollars.

rasilon
rasilon

I agree with the previous posts. "Unsubscribe" is nothing more than declaring "Hey, here's a live e-mail address that actually responds!!". I use the Junk Mail feature in Outlook to block the sender and put their mail in the "Junk E-mail" folder. I've also seen a significant increase in these kinds of e-mails.

Twilight23
Twilight23

Has anyone else experienced being subscribed to a ton of mailing lists by a seemingly real person using your email address? I'm assuming it was accidental (as I have no idea who this person is but the name is uniform across lists). I really wish sites would use verification emails before deluging you with unwanted list mail...

TRgscratch
TRgscratch

The volume of spam in my email has increased dramatically recently. My ISP has no idea - I don't think they are complicit, but I have no longer have any faith in their 'spam filters'

lkarnis
lkarnis

Peter - welcome to the wonderful world of Spamvertising (advertising using barely legal or possibly illegal e-mail strategies). Never unsubscribe from an unknown source - it simply indicates to the spammer that you are watching your inbasket. They may unsubscribe you but they will add/sell your e-mail address to dozens of other 'helpful' marketing entities and the cycle starts again. You have 2 choices... 1. Change your e-mail address to something new and tell your legit contacts, or 2. Enable spamvertising blocks or switch to a spam filter that is effective against spamvertising FYI, spamvertising is mostly image based marketing. Often the message is made up of many images (even the text) to defeat antispam content scanners. Spamvertisers buy, use and discard e-mail domains (once they are black listed) in their campaigns. They run professional marketing campaigns that track deliveries rates, open rates, click through rates, etc. - they are paid to pollute your in-basket. The good news is that their messages are detectable and blockable. Disclosure - I work for perfectmail.com and we stop spamvertising. If you run your own mail server, try our free edition (www.perfectmail.com). Otherwise, turn up the spam filters and never unsubscribe to an unfamiliar list. Now, for junk snail mail... look for junk advertising material that has a return envelope with pre-paid postage. If you get one, tape a brick to it and mail it back to the advertiser.

Quizmaster
Quizmaster

Soemhow my personal email address has ended up on a propert mailing list, and I get numerous emails from estate agents (real estate agents for teh USAians amongst you). After the first email from a new agency, I reply with an email stating that any further emails from them will invoke a £100 invoice for my time in having to deal with them. I explain that failure to pay said invoice will result in court action, using this case as precedent: http://www.bbc.co.uk/news/business-20068927 I am just about to send final reminders fro two subsequent emails to one agency, and will see if they pay up

JCitizen
JCitizen

From a few newsletter/advertisers - but then they were previously approved sources. A good rule of thumb, is to read the unsubscribe link at the bottom of each e-mail to see if it explains why you are getting it in the first place. If they are actually legit, the explanation will help rattle the memory for why there is a subscription. Many times I've wanted to unsubscribe from Cisco's emails - but I know I've been getting them every since I took my CCNA, so I put up with it. However, I thought everyone knew not to click "unsubscribe" to an illegitimate email spammer. That bit of advice has been around a while. I wish the author all the happiness in the world, it is always makes me pause to reflect when they leave the TR fold.

wizard57m-cnet
wizard57m-cnet

is click on one of those "unsubscribe" links...because now you've just told the spammer that your email address is indeed a "live one"! Just delete them and go about your day.

CharlieSpencer
CharlieSpencer

The malware is going to run through your entire address book without regard to the success or failure of any individual address. It doesn't 'give up', since it has no patience to lose or resources to expend.

JCitizen
JCitizen

and my ISP is on top of the list of junk email addresses that I use to redirect crappy spam. I actually need spam for malware testing anyway, as that seems to be the only reliable source of zero day threats now.

CharlieSpencer
CharlieSpencer

These scum change their sender and IP addresses frequently. Why bother blocking an address that's going to be abandoned by the sender anyway?

CharlieSpencer
CharlieSpencer

That name you see as common across the spam could be someone with a malware infected computer. His or her address book (or that of someone else they know) has probably been forwarded to the malware originator, who then sells the addresses to spammers.

CharlieSpencer
CharlieSpencer

The amount you see will increase as spammers change their technologies and decrease as spam blockers respond. We saw a rash of closely related spam messages in November and December, but I haven't seen any of those types this year. It also varies in response to social trends. Natural disasters will often bring messages soliciting contributions or offering assistance.

fiosdave
fiosdave

Part of the problem is that the domain issuing companies allow for the purchase of large blocks of addresses and then allow the purchaser to cancel their orders without being charged. Even if they only allow them to claim a refund within 24 hours, by then they have sent millions of spam messages using those addresses! Maybe they should charge a few cents per address, just for them being assigned. This would be a minor burden for the legitimate businesses, but would start to put a dent in the spammer's piggy banks...

fiosdave
fiosdave

One of my favorite features in Outlook is the "Sweep" function. I usually go through a whole page of Junk and either delete legit items or mark them as Not Junk. Then I Select All, click on Sweep and send them into oblivion, (hopefully) never to be seen again!

JCitizen
JCitizen

here lately Hotmail's filters are under attack by a new spam reality. They are getting through somehow - I'm guessing because they actually finally have legitimate product names in the subject line. Surely it isn't that simple to blow through their filters! In the distant past, I've actually signed up to known spammers just to test Live.com's filter ability, and was surprised at how well it held up to spam, despite this. For some reason both Yahoo and Live! have met with a certain amount of failure in filtering lately.

CharlieSpencer
CharlieSpencer

I only bother with the 'Unsubscribe' option if I'm reasonably certain the sender is a legitimate business that probably follows acceptable practices. If you haven't heard of them, don't bother replying. Set the filter and move on.

fiosdave
fiosdave

What we need is the ability to use wildcards when blocking addresses. You would have to be extra careful not to block legitimate addresses, but you would then have the power to block large segments en masse. Dave

TRgscratch
TRgscratch

marking a message as 'junk' makes your ISP do anything. the posts here about the formats that defeat spam blockers makes a little less annoyed with my ISP

JCitizen
JCitizen

After marking enough of them junk, the filters at Microsoft get better and better - usually over a span of a few weeks; but this new "campaign" is taking longer. However, this is the first time, I've seen legitimate product names in the subject line, even though the blocked content always has the same pattern. Maybe MS will realize the body content will be a match, so they can adjust filtering to that. I assume they use some kind of auto intelligence for their filters; they used to be the best. As far as Outlook goes - I use Avast's spam filter, and it has been one of the best I've used in years.

JCitizen
JCitizen

I always erase all previous email addresses/URLs before forwarding any messages. Even though not all correspondents will do this, I will do it anyway out of principle. I also always use Bcc: for forwarding addressing, so this can be minimized.

fiosdave
fiosdave

I suspect that the spammers are imbedding non-printing characters in their text. This would allow them to bypass filtering. Microsoft should disallow ALL non-printing characters, as well as Wingdings, etc. They may be cute, but could be a way to bypass the filters. Dave

JCitizen
JCitizen

for legal reasons. If you do online firearms transactions, it is a requirement. Nobody will interact with you unless you have a verifiable address. I didn't notice you had any mistaken perceptions Palmy! ?:| I'm just trying to offer alternate data to the problem, I guess. Yes the spammers use obfuscation, but with the right tools, my position is that you can minimize the volume of junk.

CharlieSpencer
CharlieSpencer

I keep forgetting I'm one of the few who doesn't use a web-based e-mail client, one of the few who still downloads his messages from the ISP's server directly into a local client.

JCitizen
JCitizen

marking the email as junk DOES make a difference - however in the case if my ISP - they are switching to GMAIL server now, so they now have that option to mark as junk on the server based email. So if marking junk works in GMAIL, then it will for my ISP as well. We just got this service, so it will be a while before I can pass judgment. We still have Postini which was probably one of the worst filters ever, but I noticed it slowly inexorably got better and better at filtering spam, fortunately the GMAIL filter does double duty after that, and then when I download the messages using Outlook for archival reasons, Avast does another spam filter job, that is probably better than those other two.

JCitizen
JCitizen

that in the blocked portions of the body - the block diagram is the same; perhaps that indicates a pattern they could use also. I mean, if you have all these reports of junk on what looks like a legit header, I'd think the body of the email would make a difference. Perhaps it is because they only look at the header information. You post leads me to believe this is so. Thanks for you input to the discussion! :)

Editor's Picks