higgins writes "The Wall Street Journal has the best story I've ever seen on the economics of spam. A self-described "spam queen" (Clean link; should work for non-subscribers) talks about not just the millions of emails she spews, but what it costs per mailing ($250 for 500k emails), what the response rates are (1-2 one-thousandths percent) and what she actually makes. (40% of each sale of one product: anti-spam software)."
The other day, I got spam via my 'windows messaging service' - someone on my cable modem subnet is sending me pop-up spam with the 'net send' command (Windows only). Obviously this is easy to disable (for someone who knows how to) but...
WTF?
I took a screen shot which indicated time/date AND IP but the cableco tech morons said that they couldn't do anything about it? Right... How about revoking access? Perhaps it was the cableco themselves selling this service?
I took a screen shot which indicated time/date AND IP but the cableco tech morons said that they couldn't do anything about it? Right... How about revoking access? Perhaps it was the cableco themselves selling this service?
Spam via SMB is quite the new thing, I gather. This has the potential to _really_ piss people off.
But it could turn out to be a good thing. The reason we can't stop spam by blocking port 25 is that we need to accept email from people who have legitimate reasons to send it. But who has a legitimate reason to connect to SMB on a desktop machine via the Internet? Nobody. Ever.
If this leads ISPs to block the ports involved, the world will be a better place, with no more script kiddies owning Win98 machines via smbclient.
No, ISPs should NOT be blocking ANY ports. I pay them for a connection. Perhaps email, news, etc. Securing my machine is my responsibility. If there is a machine on their net causing a problem, then yes, they should kill THAT machine's connection. Filtering anything is not the right thing for them to be doing.
I'm getting criticism like this from folks who don't read closely enough.
The poster said should not and not can not. In other words, this is the way the poster wants things to be, or thinks they ought to be, or hopes they will be, for the reasons given, but not the way they must be. That filtering is "not the right thing" is a policy assertion, and it is implicit the poster will switch ISP's if the current one downgrades its service. However, the supply of ISP's, esp. broadband, is not infinite, and if ISP's react in a kneejerk fashion the availability of alternative service could dry up quickly -- and unnecessarily.
Argh, I get people at work complaining about this. "I called Comcast, and they're not doing anything about it, those jerks!"
Your ISPs job is to provide you an internet connection that you pay for - it is NOT their job to secure your computer for you.
If you're getting Messenger spam, then you probably don't know how to protect your computer, which means if I were you, I'd be worrying about what else on your box is 0wned.
Actually, you're wrong. It's also their job to enforce their policies. Something like SPAM'ing other users (decreasing customer satisfaction) is covered under most ISP abuse policies.
It's also their responsibility to enforce abuse policies that they agree to with THEIR network provider (not necessarily being violated in this situation tho).
So, what I recommend is that people go read the abuse policy of their ISP, and see if it has anything that covers this kind of abuse. If the person sending you this SPAM over SMB (first turn off SMB messaging and get a Firewall), confirm that they are breaking their agreement, and then bitch to all high heaven. If the idiot on the phone says there's nothing they can do, ask for their manager. If they refuse, get their employee number and report them (then report the company to the appropriate agency [ie. BBB]). If that manager doesn't help, ask for his/her manager. It may not immediately solve the problem, but it will leave a big fat record of this being a problem.
If fewer people just sit on their ass, and say "It's my problem", nothing will get done on a more global level. And THAT is the only way crap like this really gets addressed. Be loud, be clear, be heard! Don't let a stupid company bully you.
And finally, even if they help you... if you feel they are a good company to you as the customer drop them. You pay them. If you are under contract, and they don't help you, accuse them of being in breach of their policies (if they are).
Not everyone knows how to protect their computer. And they shouldn't have to know how to. That's the point of computers, to make your lived easier not more of a headache.
So... in summary... I couldn't disagree more with reaper20. Don't just take it and get walked all over. Stand up, and fight for your right as a consumer and customer!
I got the exact same thing yesterday in my school lab. It is not ironic since the act is intentional. It is called targeted advertising.
The message is being listed as being sent from 'WEBPOPUP' since that is the name someone used for their system. Most of these diploma traces so far go to ev1.net, though after a lot of complaints they refuse to do anything. Check out a little information concerning this issue here:
The program being used is called "Direct Advertiser". If you have NetBIOS bound to your interface, someone using net send will, by default, pipe the message over SMB to TCP 139. But if NetBIOS is not bound to the interface, net send will use UDP 135 instead. It takes the "net" command a bit longer to figure this out, but it does work.
The Direct Advertiser product just skips the preliminaries, knowing that smart system administrators close TCP 139, and goes right for the undocumented back door.
The 'Direct Advertiser' web site even tells you how to not receive these kind of things any more.
How to set up your system not to receive netbios messages
To deliver the message our program uses a NetBios call built into the Windows API.
Click Start->Setings -> Control Panel->Administrative Tools->Services Scroll down and highlight "Messenger" Right-click the highlighted line and choose Properties. Click the STOP button. Select Disable or Manual in the Startup Type scroll bar Click OK
Windows XP
Click Start->Control Panel Click Performance and Maintenance Click Administrative Tools Double click Services Scroll down and highlight "Messenger" Right-click the highlighted line and choose Properties. Click the STOP button. Select Disable or Manual in the Startup Type scroll bar Click OK
Windows 98/ME
Remove or disable the file and printer sharing from your network configuration.
"I'm just trying to make a living like everyone else," says Ms. Betterly. Her e-mail marketing operation, she says, allows her to raise her children, Chris, 10, and Craig, 11, and to spend quality time with them. "You can call me spam queen, I don't really care. As long as I'm not breaking any laws, you don't have to love me or like what I do for a living."
Not breaking any laws. Riiiiiiiight. Nice values to instill in those kids, too.
And in the "breaking a law you didn't expect her to be breaking" category, I'll bet that the 6 bedroom house she operates her business from is not zoned for this kind of commercial activity.
We all knew that spammers weren't the brightest bulbs on the planet, but giving an interview with your real name and location to a national newspaper does seem a bit foolish, doesn't it?
"I'm just trying to make a living like everyone else," says Tony Soprano. His waste manangement operation, he says, allows hime to raise his children, and to spend quality time with them. "You can call a mob boss, I don't really care. As long as I don't get caught, you don't have to love me or like what I do for a living."
she doesn't pay for the open relays or open proxies that she abuses (if you don't use such tricks, you're terminated by pretty much every ISP faster than you can say SPEWS), while snail-mailers do pay for the postage. She also doesn't pay for the consumed bandwidth of your ISP nor for the storage of her junk in your inbox, which means that in the end it's you that pays part of her six-bedroom house with pool on her 5000 square-foot property.
Commercial speech has absolutely no freedom of speech protection
Since she makes a lot of money from selling anti-spam software, this is no better than mob gangs that demand protection money: she's asking you to pay for a "solution" to a problem she causes herself!
If such things are "the basics of business" for you, I feel sorry for all people that have to do business with you.
The Colombian drug lords just want to provide for their kids too.
Colombian drug lords make a living by selling a real product to a customer. It is very unfair of you to insult them by equating them with parasites like Ms Betterly.
But the other message was a complaint from WorldCom. A WorldCom customer had reported an "alleged violation" of the company's policy that prohibits spamming. "We request you take whatever measures you deem appropriate which will ensure no further violation will occur," the e-mail from WorldCom said.
WorldCom lets spammers get away with 'first offence'.
Mr. Connell typed a response: "Problem solved. This guy won't receive anything from us again." He flagged the name of the offended e-mail recipient on Ms. Betterly's list so that person wouldn't be contacted again.
WorldCom helps spammers listwash.
WorldCom says that if problems with a spammer persist, the company will send increasingly stern notices and eventually cut off service.
WorldCom will let spammers get away with spamming several times before actually doing anything about it.
Paging SPEWS. SPEWS to the white courtesy phone, please...
As for your illegal use of CDs, that's your lookout - you have chosen to put your family at legal risk just to save a couple of bucks on CDs. Or maybe you are taking a moral stand, but you are still choosing to take a risk. Mayhap that's an OK risk for you, but it's still there, don't pretend you aren't breaking a law for your own convenience.
As for the spammers, I have NEVER EVER EVER given "opt-in" permission on my tech contact Email to any business. It was stolen from the Internic "whois" database over ten years ago, and now receives thousands of spams (ironically, I maintain that address as a spam trap now to help me keep a strong access.db) from hundreds of spammers, all of whom make exactly the same claims as Betterly.
It should be obvious that with individuals rapidly and constantly trading lists of as many as 60 million addresses, it is effectively impossible to get "opted out" permanently once one is on such a list. It is equally obvious that there is tremendous financial incentive to create lists without any regard for the wishes of those on the lists, and to represent those lists as "opt-in" when trading with other spammers.
At least you are consistent; you, an admitted scofflaw, are defending other scofflaws. Kudos to you for that, I respect a consistent code of ethics.
Ms. Betterly says she refuses to send e-mails about adult fare, because it "disgraces society."
Yeah whatever - spammers claiming moral superiority over pornographers. What's next, the RIAA claiming it supports artists?
Thankfullly, Spamassassin [spamassassin.org] means I don't have to deal with her garbage. Unfortunately it just hides the problem, but at least I get the satisfaction of a "fuck you" when it redirects to/dev/null.
If you've got an unfortunate friend stuck in Outlook, Cloudmark [cloudmark.com] does a decent job of cleaning up the mess, and Mozilla's soon-to-be turned on anti-spam features are looking nice.
Set up a mail filter to bounce all spam you get to her address! Genius. Make sure you remember to check her website every so often though so she can't change her address.
If you're using the Razor you can change your mail filters file to do this. Make sure you bounce the messages as opposed to forwarding them, that way she can't block the addresses, bouncing also doesn't leave a record of where it came from afaik.
I dunno, if only 20 of us did this, that's 20x the normal amount of spam she's receiving. It'd be hard to find the genuine mail amongst all that. I think she'd get the message.
Before everyone launches a game of Internet doorbell-ditch: it is legitimate to send a real email or make a phone call criticizing what she does (politely -- remember, you're with the good guys). Collectively/. should be able to produce a lot of feedback, at one per person. If she just gets snowed by abuse, so you really think she'll going to think, golly, my ways are in error and I better change jobs? Or just, there are a lot of jerks out there and I better never give another interview?
Harassment is no better than spam. It's using illegitimate needs to get what you want. She is doing something wrong (ethically if not legally; and in many states, legally too) but that entitles us to complain, not retaliate. Two wrongs don't make a right, something like that.
She honestly appears not to get it, or is in serious denial. (By contrast, some spammers do appear to have struck a deal with the Dark Prince.) Explain to her, and everyone else, that spam is a serious problem and not just another form of junk mail.
And most important of all, support laws to regulate spam at the national level, as was done for junk faxes. Make it unquestionable that this hijacking of our tiem and resources is illegal.
(I do detest spam. When email arrives, half the time I switch apps over it's for junk. Currently 2/3 of my unfiltered inbox is spam, and the number keeps growing. I don't even want to think of the theoretical maximum to daily spam.)
"I hate spam," he [the spammer, "Steve"] says. "I've gotten death threats. People have threatened to kill my dog. . . . But when you make a thousand bucks in one day, you could care less."
With only 65 people filling out a survey to enter a contest, that's not a unreasonably bad chance of winning. Of course, that's assuming the prizes are bone fide...
That is not a nice thing to do, calling someone just to bug them.
When you call her be sure to ask her to take your name off her list, and please recall to verify that it has happened.
C'mon, we can't be hypocritical here. You can't call someone up in the middle of the night unless you have an existing business relationship with them.
That's right, no calls unless you've been the recipient of her SPAM.
[Checking inbox... "You Have 362 Unread Messages"]
Well, guess that's taken care of... What was Ms. Betterly's phone number again?
No wonder she chose an 'occupation' that doesn't require interaction with others. She looks [wsj.com] like a smacked ass!
Blah. It's even a Photoshop filtered black & white picture, which is usually done to make someone look good. They had to do it to her just to upgrade her face to hideous.
Ms. Betterly says she refuses to send e-mails about adult fare, because it "disgraces society."
Pornography is bad.
But sending people emails about a free Lexus, and then quietly signing them up on additional mailing lists (i.e. deception). . . And abusing ISP bandwidth under a trivial 'opt-in' technicality . . . this is OK?
What are the costs of this. Let's ignore the cost of infrastructure, wase of bandwidth etc and just assume that each computer user gets 2 spams aday (a low figure, I know).
We have a group of 1k users, each user makes $25 an hour (or atleast that's the cost the employer sees). If each user spends one minute to remove spam a day, 20 days a month, 12 months per year => 240 minutes = 4 hours = $100 per user and year.
For this small group (1k users) the cost is $100k per year. Sue her and let her pay!
Spam is theft, plain and simple. Spammers need to be punished.
You know who else needs to be punished? Mainline companies like Symantec who hire obvious fly-by-night spammers to slosh crap ads for Noron SystemWorks all over email, and then deny that Norton has anything to do with it.
About twice a week for the last 6 or 8 months I get the same ad from some theiving yellowbellies. I used to send the ads to piracy@symantec.com. After 10 increasingly strident emails, the neanderthal Symantec hired to insult people who write to piracy@symantec.com finally wrote me back, using both fingers, only to deny the obvious connections between Symantec and the spammers. Hey, unibrow! Do you think I was born yesterday?
I have sworn NEVER to buy a Symantec product because of this spamming.
Well, I also use Linux and NetBSD so it's very unlikely I will ever need Symantec's to fix up a crap Windows installation, but still, I've taken the oath.
I have a solution for you.... make a mailer filter that forewards every symantic email to sales@symantic.com abuse.symantic.com piracy@symantic.com etc....
they will eventually stop.... it worked for me.... No more microsoft spam.... I just have an autoforeward to about 7 of their email addresses whenever a microsoft spam hits.... they stopped sending to me over a month ago...
dont bug the spammer, bug the company listed in the spam... make their spam bite them in the arse.
Her name: Laura Betterly Her kids names: Chris, 10, and Craig, 11 The city she lives in: DUNEDIN, Fla What her house is like: 5,000-square-foot home, with a pool And it even had a picture of her.
A quick Google turns up:
Betterly, Laura 717 Weathersfield Dr. Dunedin, FL 34698-7437 United States (1) 727-447-2037 (1) 727-468-2037
----------- How about someone in Florida drive over there and tell her that the other 99.999% of her email recipients are wishing her bodily harm, and also that they know where she lives.
There is a tree line there just BEGGING for geeks in black suits to sneak up thru carrying the worlds worst paintball guns and waterballoon launchers (waterballoons filled with permanent red paint of course).
The waterline is a river you can canal-boat thru, giving you a stealthy getaway, and quiet access.
I cant imagine a much easier target for a full-on paint demolition.
To the poster who located this, that's just beautiful! I particularly love the crosshair right over her home. You can almost see the smartbomb falling down her chimney in the next instant...
Note to John Ashcroft and freinds: I'm just kidding with the part about the bomb. Really. I'm a pacifist. It's a JOKE.
The article showed a pie chart detailing the things spam was selling, and it only indicated "scams" as being 4%.
I'd have to say that only 4% of the spam I get (when I review my spamassassin mailbox for false positives..) to be anything approaching legitimate products and services.
Almost all of it is for penis enhancers (surely fraudulent), fake viagra (ditto), stock schemes (pump 'n' dumps), "financial offers" which are surely either pump-n-dumps or deals so loaded with fees they stretch the definition of legitimate, bogus health products (HGH and the like), and porn, which is far higher than the 12% indicated.
Since this is the WSJ we're talking about, I wonder if this isn't some editorial attempt to de-marginalize spammers and the borderline legal crap they push, with the goal of ultimately softening the opposition so that the big-name direct marketers can start in on this too. Claiming only 4% fraudulent content is stretching the imagination pretty thin.
This asshole says she doesn't do anything dishonest. In particular:
She doesn't forge or falsify the message headers;
But at the far end of the article we read about her computer guy:
...he's found people are more likely to open e-mail if it appears to be from a real person, so he types his friends' names on "from" lines. "The trick is to make it look personal," he said as he tapped out commands on his computer. "You want to make it look like it comes from the guy in the cubicle down the hall."
Ok, so isn't the "from" line in in some narrow, literal, technical sense, part of the message header?
--Tom
Being fed up with the amount of spam that I receive, I took preventative measures. I was up to about 150 spam each day. I tried filters, the best I could do was get rid of about half of it. Too many false positives. I lost email from friends. I thought about switching to the new bayesian filters I'd read about on Slashdot, but they don't seem that mature yet and anyway, I thought of a better solution.
First I bought my own domain name. This allows me to enable new email addresses at any point. I have an unlimited supply. I can create a new email address for anything that I want. Anytime I buy something, I enable an email address with some number and the name of the company in it. Anytime I post to usenet or ask somebody for help from somebody I create a new email address for that purpose. I give all my friends a private email address and ask them to be careful with it.
This means that I can also disable email addresses. I send an autoreponse to any disabled email address saying, "You attempted to send deadsea email, but you used an address that gets too much spam". I then can give them a URL for a contact form if they really need to contact me.
The contact form is the best part though. If you go to my website, the contact form lets you send me email but never reveals my address. It uses an alias system. That means that my addresses won't be harvested to begin with. I made the contact form available under the GPL [ostermiller.org] so you can use it too.
So people can email me, but if I start getting spammed, I can disable an address and people can still contact me. Sure its a pain to have to use the contact form, but it doesn't happen that often. When it does happen, I reply with an email address that can actually be used to contact me.
Absolutely the best way to handle these people is to consume their resources. The most easily diminished is time.
Visit a spammer's website and gather some contact information, then fire off an email. Don't be shy about including your phone number, suggesting you might be interested in mass mailing.
A couple minutes with pen and paper and you can probably come up with enough questions to keep them busy for an hour, asking about the effectiveness of their marketing technique, options, haggling on payment, so on and so on. If this type thinks there's any chance of completing the transaction, they will stay on the line for a long time. Never tell them off, leave them constantly wondering if you're another perspective client.
It's not dull. You learn quite a few things about the type of person who will do something like this. It's an insight into a pretty twisted world, and it's several million spams they won't get out.
Well, I could "make a living" selling small boys to pedophiles, or gassing kittens or beating up people on the street for gangsters, but that doesn't make it right.
Finally someone on the point. If someone spams me they no longer get any business from my household. Ever.
Just a few names off the list:
AmEx: Anytime you write to their security and privacy people you are automatically included into a SPAM mailing list and not removed ever after. I tried to get them to stop and ended cancelling the account. As a result they wrote me back telling me that they authorise themselves to use my phone to call me with new offers. If you have an AmEx card and use it you are supporting a spammer outfit.
Play.com: Similar story. Canceled the account and blacklisted them on every server I maintain a blacklist for. Does not help. They are still trying to send.
I'd wholeheartedly support a 1 cent/email fee to be imposed across the board, by law, everywhere. Would you?
Nope. Then people who run legitimate email lists (hobbyists, listservs, PTA, whatever) would be out of luck. A 1000 family PTA group could incur almost $5k/year with a once a week mailing.
Let's not screw the honest person to block the dishonest.
...who actually reads the emails ? Even if I was so oblivious that I didn't filter my emails, I would never dream of supporting the spammer. Even if I accidently read a spam and then amazingly found the product/service interesting, I would not respond to anything in the spam.
Last time I commented on this, I got accused by some idiot of being a troll. Interestingly enough it was still modded to 5 and considered "Insightful".
The biggest problem with spam is... the response rates. That is users who actually are dumb enough to open up the email and then reply to it.
If everyone in the whole world suddenly got a clue (and it won't happen) then the response rate for junk emails would be nothing, nada, zip, 0 people and 0%.
Exactly how long would a spamming organisation be able to stay in business if they couldn't even guarantee that in a 6 million mailout, they could not get one sale?
With a response rate as low as 0.002%, do they expect that the people that install and run spam filters are the most likely to respond to spam ?
No, because if you've installed it yourself you're too tech savvy and very very unlikely to buy anything from them. They're gunning for the uneducated masses. Those that do reply.
A 0.002% response rate for 3 million emails is 6 thousand responses. Despite the low percentage, that bold figure is enough for many unscrupulus companies to go "hell yeah!".
Email spamming is quick, cheap and it's easy. So quick, so cheap and so easy that it's seen as worthwhile even if you only get 50 responses. Until that number drops to 1 or 2 then we'll all have to look at other ways of stopping the menace.
Ah even better the double reply CC trick.... 2 computers with forwarders set up and one attempts to wangle them to fire an email back and fwd to each other, while cc'ing each time to that email. In about ten minutes she should receive about 1000 emails saying "Your a bad lady, but I forgive you, so I've attached a core dump file to this email as a present". Catch... May kill your own mailer machines too.
I once sent a 'Get fcked' email to a spammer once and copped an autoreply... So I sent another one, with the header forged so that it said it came from the machine account autoresponding.(Causing autoresponder loop death) The machine responded to pings for about 2 minutes, and then fell off the earth. Infinite loop email death. THAT'L LEARN YA , YA NUTTY SPAMMER!!!!!!!!
New spam... (Score:5, Interesting)
The other day, I got spam via my 'windows messaging service' - someone on my cable modem subnet is sending me pop-up spam with the 'net send' command (Windows only). Obviously this is easy to disable (for someone who knows how to) but...
WTF?
I took a screen shot which indicated time/date AND IP but the cableco tech morons said that they couldn't do anything about it? Right... How about revoking access? Perhaps it was the cableco themselves selling this service?
Re:New spam... (Score:5, Insightful)
Spam via SMB is quite the new thing, I gather. This has the potential to _really_ piss people off.
But it could turn out to be a good thing. The reason we can't stop spam by blocking port 25 is that we need to accept email from people who have legitimate reasons to send it. But who has a legitimate reason to connect to SMB on a desktop machine via the Internet? Nobody. Ever.
If this leads ISPs to block the ports involved, the world will be a better place, with no more script kiddies owning Win98 machines via smbclient.
Parent
Re:New spam... (Score:5, Insightful)
Parent
Re:New spam... (Score:5, Interesting)
Why not have the ISP block the ports by default and give you an option to enable them via web interface?
Let the ISP be the firewall...
Parent
Re:ISPs have rights too (Score:5, Insightful)
The poster said should not and not can not. In other words, this is the way the poster wants things to be, or thinks they ought to be, or hopes they will be, for the reasons given, but not the way they must be. That filtering is "not the right thing" is a policy assertion, and it is implicit the poster will switch ISP's if the current one downgrades its service. However, the supply of ISP's, esp. broadband, is not infinite, and if ISP's react in a kneejerk fashion the availability of alternative service could dry up quickly -- and unnecessarily.
Parent
Re:New spam... (Score:5, Insightful)
Your ISPs job is to provide you an internet connection that you pay for - it is NOT their job to secure your computer for you.
If you're getting Messenger spam, then you probably don't know how to protect your computer, which means if I were you, I'd be worrying about what else on your box is 0wned.
Parent
Re:New spam... (Score:5, Insightful)
It is their job to enforce their TOS--which most likely perclude spamming.
And if the IP is off-network, simply contacting whomever owns it would work.
Parent
Re:New spam... (Score:5, Interesting)
It's also their responsibility to enforce abuse policies that they agree to with THEIR network provider (not necessarily being violated in this situation tho).
So, what I recommend is that people go read the abuse policy of their ISP, and see if it has anything that covers this kind of abuse. If the person sending you this SPAM over SMB (first turn off SMB messaging and get a Firewall), confirm that they are breaking their agreement, and then bitch to all high heaven. If the idiot on the phone says there's nothing they can do, ask for their manager. If they refuse, get their employee number and report them (then report the company to the appropriate agency [ie. BBB]). If that manager doesn't help, ask for his/her manager. It may not immediately solve the problem, but it will leave a big fat record of this being a problem.
If fewer people just sit on their ass, and say "It's my problem", nothing will get done on a more global level. And THAT is the only way crap like this really gets addressed. Be loud, be clear, be heard! Don't let a stupid company bully you.
And finally, even if they help you... if you feel they are a good company to you as the customer drop them. You pay them. If you are under contract, and they don't help you, accuse them of being in breach of their policies (if they are).
Not everyone knows how to protect their computer. And they shouldn't have to know how to. That's the point of computers, to make your lived easier not more of a headache.
So... in summary... I couldn't disagree more with reaper20. Don't just take it and get walked all over. Stand up, and fight for your right as a consumer and customer!
Just my $0.02!
-Alex
Parent
Here is the method to disable windows messenger: (Score:5, Informative)
This is really useful, just do it once and no more problems with messenger spam.
Parent
Ironic..not really..here is how it works (Score:5, Informative)
The message is being listed as being sent from 'WEBPOPUP' since that is the name someone used for their system. Most of these diploma traces so far go to ev1.net, though after a lot of complaints they refuse to do anything. Check out a little information concerning this issue here:
http://www.mynetwatchman.com/kb/security/articl
The program being used is called "Direct Advertiser". If you have NetBIOS bound to your interface, someone using net send will, by default, pipe the message over SMB to TCP 139. But if NetBIOS is not bound to the interface, net send will use UDP 135 instead. It takes the "net" command a bit longer to figure this out, but it does work.
The Direct Advertiser product just skips the preliminaries, knowing that smart system administrators close TCP 139, and goes right for the undocumented back door.
The 'Direct Advertiser' web site even tells you how to not receive these kind of things any more.
How to set up your system not to receive netbios messages
To deliver the message our program uses a NetBios call built into the Windows API.
Click Start->Setings -> Control Panel->Administrative Tools->Services
Scroll down and highlight "Messenger"
Right-click the highlighted line and choose Properties.
Click the STOP button.
Select Disable or Manual in the Startup Type scroll bar
Click OK
Windows XP
Click Start->Control Panel
Click Performance and Maintenance
Click Administrative Tools
Double click Services
Scroll down and highlight "Messenger"
Right-click the highlighted line and choose Properties.
Click the STOP button.
Select Disable or Manual in the Startup Type scroll bar
Click OK
Windows 98/ME
Remove or disable the file and printer sharing from your network configuration.
Parent
$5 to anyone who proves this statement wrong- (Score:4, Insightful)
Not breaking any laws. Riiiiiiiight. Nice values to instill in those kids, too.
Re:$5 to anyone who proves this statement wrong- (Score:5, Funny)
We all knew that spammers weren't the brightest bulbs on the planet, but giving an interview with your real name and location to a national newspaper does seem a bit foolish, doesn't it?
Parent
Re:$5 to anyone who proves this statement wrong- (Score:5, Funny)
"I'm just trying to make a living like everyone else," says Tony Soprano. His waste manangement operation, he says, allows hime to raise his children, and to spend quality time with them. "You can call a mob boss, I don't really care. As long as I don't get caught, you don't have to love me or like what I do for a living."
Parent
Re:$5 to anyone who proves this statement wrong- (Score:5, Insightful)
If such things are "the basics of business" for you, I feel sorry for all people that have to do business with you.
Parent
Now, Now... (Score:5, Funny)
Colombian drug lords make a living by selling a real product to a customer. It is very unfair of you to insult them by equating them with parasites like Ms Betterly.
Parent
Substitute crack (Score:5, Funny)
Worldcom = Spamhaus (Score:5, Insightful)
WorldCom lets spammers get away with 'first offence'.
Mr. Connell typed a response: "Problem solved. This guy won't receive anything from us again." He flagged the name of the offended e-mail recipient on Ms. Betterly's list so that person wouldn't be contacted again.
WorldCom helps spammers listwash.
WorldCom says that if problems with a spammer persist, the company will send increasingly stern notices and eventually cut off service.
WorldCom will let spammers get away with spamming several times before actually doing anything about it.
Paging SPEWS. SPEWS to the white courtesy phone, please...
Re:Mod that shit down - NOT (Score:5, Insightful)
As for the spammers, I have NEVER EVER EVER given "opt-in" permission on my tech contact Email to any business. It was stolen from the Internic "whois" database over ten years ago, and now receives thousands of spams (ironically, I maintain that address as a spam trap now to help me keep a strong access.db) from hundreds of spammers, all of whom make exactly the same claims as Betterly.
It should be obvious that with individuals rapidly and constantly trading lists of as many as 60 million addresses, it is effectively impossible to get "opted out" permanently once one is on such a list. It is equally obvious that there is tremendous financial incentive to create lists without any regard for the wishes of those on the lists, and to represent those lists as "opt-in" when trading with other spammers.
At least you are consistent; you, an admitted scofflaw, are defending other scofflaws. Kudos to you for that, I respect a consistent code of ethics.
Parent
You disgrace society. (Score:5, Informative)
Yeah whatever - spammers claiming moral superiority over pornographers. What's next, the RIAA claiming it supports artists?
Thankfullly, Spamassassin [spamassassin.org] means I don't have to deal with her garbage. Unfortunately it just hides the problem, but at least I get the satisfaction of a "fuck you" when it redirects to
If you've got an unfortunate friend stuck in Outlook, Cloudmark [cloudmark.com] does a decent job of cleaning up the mess, and Mozilla's soon-to-be turned on anti-spam features are looking nice.
Time for a slashdot effect... (Score:5, Informative)
http://www.dataresourceconsulting.com [dataresour...ulting.com]
And her email:
laura@dataresourceconsulting.com [mailto]
You may fire when ready.
Re:Time for a slashdot effect... (Score:5, Funny)
laura@dataresourceconsulting.com
laura@dataresourceconsulting.com
laura@dataresourceconsulting.com
laura@dataresourceconsulting.com
laura@dataresourceconsulting.com
laura@dataresourceconsulting.com
laura@dataresourceconsulting.com
laura@dataresourceconsulting.com
laura@dataresourceconsulting.com
laura@dataresourceconsulting.com
Just as well you didn't post her her phone number [wordsinarow.com]
Parent
Better idea (Score:5, Interesting)
If you're using the Razor you can change your mail filters file to do this. Make sure you bounce the messages as opposed to forwarding them, that way she can't block the addresses, bouncing also doesn't leave a record of where it came from afaik.
I dunno, if only 20 of us did this, that's 20x the normal amount of spam she's receiving. It'd be hard to find the genuine mail amongst all that. I think she'd get the message.
Parent
LEGITIMATE protest (Score:5, Insightful)
Harassment is no better than spam. It's using illegitimate needs to get what you want. She is doing something wrong (ethically if not legally; and in many states, legally too) but that entitles us to complain, not retaliate. Two wrongs don't make a right, something like that.
She honestly appears not to get it, or is in serious denial. (By contrast, some spammers do appear to have struck a deal with the Dark Prince.) Explain to her, and everyone else, that spam is a serious problem and not just another form of junk mail.
And most important of all, support laws to regulate spam at the national level, as was done for junk faxes. Make it unquestionable that this hijacking of our tiem and resources is illegal.
(I do detest spam. When email arrives, half the time I switch apps over it's for junk. Currently 2/3 of my unfiltered inbox is spam, and the number keeps growing. I don't even want to think of the theoretical maximum to daily spam.)
Parent
Wotta Rip! (Score:5, Informative)
Fun quote:
"I hate spam," he [the spammer, "Steve"] says. "I've gotten death threats. People have threatened to kill my dog. . . . But when you make a thousand bucks in one day, you could care less."
<sarcasm>Hard to argue with that!</sarcasm>
actually.. (Score:4, Interesting)
Oh no (Score:5, Informative)
Laura Betterly
717 Weathersfield Dr
Dunedin, FL 34698-7437
(727)733-5335
Re:Oh no (Score:5, Funny)
When you call her be sure to ask her to take your name off her list, and please recall to verify that it has happened.
Parent
Re:Oh no (Score:5, Funny)
After all, as long as you are not breaking any laws, she doesn't have to love you or like what I do for a living.
Parent
Alright, you know that's not fair, unless... (Score:5, Funny)
That's right, no calls unless you've been the recipient of her SPAM.
[Checking inbox... "You Have 362 Unread Messages"]
Well, guess that's taken care of... What was Ms. Betterly's phone number again?
Parent
OMG her FACE?!? (Score:5, Funny)
No wonder she chose an 'occupation' that doesn't require interaction with others. She looks [wsj.com] like a smacked ass!
Blah. It's even a Photoshop filtered black & white picture, which is usually done to make someone look good. They had to do it to her just to upgrade her face to hideous.
I always figured spammers were ugly.
Knunov
People r dumb (Score:5, Insightful)
Pornography is bad.
But sending people emails about a free Lexus, and then quietly signing them up on additional mailing lists (i.e. deception). . . And abusing ISP bandwidth under a trivial 'opt-in' technicality . . . this is OK?
Costs? (Score:5, Insightful)
What are the costs of this. Let's ignore the cost of infrastructure, wase of bandwidth etc and just assume that each computer user gets 2 spams aday (a low figure, I know).
We have a group of 1k users, each user makes $25 an hour (or atleast that's the cost the employer sees). If each user spends one minute to remove spam a day, 20 days a month, 12 months per year => 240 minutes = 4 hours = $100 per user and year.
For this small group (1k users) the cost is $100k per year. Sue her and let her pay!
How to stop SPAMMERS (Score:5, Interesting)
"Mainline" companies who spam (Score:5, Interesting)
Spam is theft, plain and simple. Spammers need to be punished.
You know who else needs to be punished? Mainline companies like Symantec who hire obvious fly-by-night spammers to slosh crap ads for Noron SystemWorks all over email, and then deny that Norton has anything to do with it.
About twice a week for the last 6 or 8 months I get the same ad from some theiving yellowbellies. I used to send the ads to piracy@symantec.com. After 10 increasingly strident emails, the neanderthal Symantec hired to insult people who write to piracy@symantec.com finally wrote me back, using both fingers, only to deny the obvious connections between Symantec and the spammers. Hey, unibrow! Do you think I was born yesterday?
I have sworn NEVER to buy a Symantec product because of this spamming.
Well, I also use Linux and NetBSD so it's very unlikely I will ever need Symantec's to fix up a crap Windows installation, but still, I've taken the oath.
Re:"Mainline" companies who spam (Score:5, Insightful)
they will eventually stop.... it worked for me.... No more microsoft spam.... I just have an autoforeward to about 7 of their email addresses whenever a microsoft spam hits.... they stopped sending to me over a month ago...
dont bug the spammer, bug the company listed in the spam... make their spam bite them in the arse.
Parent
Lets Here It For Indepth Reporting (Score:5, Informative)
Her name: Laura Betterly
Her kids names: Chris, 10, and Craig, 11
The city she lives in: DUNEDIN, Fla
What her house is like: 5,000-square-foot home, with a pool
And it even had a picture of her.
A quick Google turns up:
Betterly, Laura
717 Weathersfield Dr.
Dunedin, FL 34698-7437
United States
(1) 727-447-2037
(1) 727-468-2037
-----------
How about someone in Florida drive over there and tell her that the other 99.999% of her email recipients are wishing her bodily harm, and also that they know where she lives.
Hell, why don't we all call her?
Re:Lets Here It For Indepth Reporting (Score:5, Informative)
Parent
Re:Lets Here It For Indepth Reporting (Score:5, Funny)
The waterline is a river you can canal-boat thru, giving you a stealthy getaway, and quiet access.
I cant imagine a much easier target for a full-on paint demolition.
Should do wonders for her house value.
Parent
mirror of aerial photo (Score:5, Informative)
To the poster who located this, that's just beautiful! I particularly love the crosshair right over her home. You can almost see the smartbomb falling down her chimney in the next instant...
Note to John Ashcroft and freinds: I'm just kidding with the part about the bomb. Really. I'm a pacifist. It's a JOKE.
Parent
A $cientology spammer? (Score:5, Interesting)
Refs at Here [whyaretheydead.net] and and here [whyaretheydead.net] as well as a Laura Betterly on the 1997 WISE list. (Co$ organization.)
Yet another scientology spammer, what a surprise!
Parent
The Pie Chart about Spam sales content (Score:5, Insightful)
I'd have to say that only 4% of the spam I get (when I review my spamassassin mailbox for false positives..) to be anything approaching legitimate products and services.
Almost all of it is for penis enhancers (surely fraudulent), fake viagra (ditto), stock schemes (pump 'n' dumps), "financial offers" which are surely either pump-n-dumps or deals so loaded with fees they stretch the definition of legitimate, bogus health products (HGH and the like), and porn, which is far higher than the 12% indicated.
Since this is the WSJ we're talking about, I wonder if this isn't some editorial attempt to de-marginalize spammers and the borderline legal crap they push, with the goal of ultimately softening the opposition so that the big-name direct marketers can start in on this too. Claiming only 4% fraudulent content is stretching the imagination pretty thin.
Forging Headers... (Score:5, Insightful)
She doesn't forge or falsify the message headers;
But at the far end of the article we read about her computer guy:
Ok, so isn't the "from" line in in some narrow, literal, technical sense, part of the message header? --Tom
Anti-spam system (Score:5, Interesting)
First I bought my own domain name. This allows me to enable new email addresses at any point. I have an unlimited supply. I can create a new email address for anything that I want. Anytime I buy something, I enable an email address with some number and the name of the company in it. Anytime I post to usenet or ask somebody for help from somebody I create a new email address for that purpose. I give all my friends a private email address and ask them to be careful with it.
This means that I can also disable email addresses. I send an autoreponse to any disabled email address saying, "You attempted to send deadsea email, but you used an address that gets too much spam". I then can give them a URL for a contact form if they really need to contact me.
The contact form is the best part though. If you go to my website, the contact form lets you send me email but never reveals my address. It uses an alias system. That means that my addresses won't be harvested to begin with. I made the contact form available under the GPL [ostermiller.org] so you can use it too.
So people can email me, but if I start getting spammed, I can disable an address and people can still contact me. Sure its a pain to have to use the contact form, but it doesn't happen that often. When it does happen, I reply with an email address that can actually be used to contact me.
The best way to handle these people... (Score:5, Insightful)
Visit a spammer's website and gather some contact information, then fire off an email. Don't be shy about including your phone number, suggesting you might be interested in mass mailing.
A couple minutes with pen and paper and you can probably come up with enough questions to keep them busy for an hour, asking about the effectiveness of their marketing technique, options, haggling on payment, so on and so on. If this type thinks there's any chance of completing the transaction, they will stay on the line for a long time. Never tell them off, leave them constantly wondering if you're another perspective client.
It's not dull. You learn quite a few things about the type of person who will do something like this. It's an insight into a pretty twisted world, and it's several million spams they won't get out.
"just trying to make a living" (Score:5, Insightful)
Re:Hrmm (Score:5, Interesting)
Finally someone on the point. If someone spams me they no longer get any business from my household. Ever.
Just a few names off the list:
AmEx: Anytime you write to their security and privacy people you are automatically included into a SPAM mailing list and not removed ever after. I tried to get them to stop and ended cancelling the account. As a result they wrote me back telling me that they authorise themselves to use my phone to call me with new offers. If you have an AmEx card and use it you are supporting a spammer outfit.
Play.com: Similar story. Canceled the account and blacklisted them on every server I maintain a blacklist for. Does not help. They are still trying to send.
To ve continued ad naseum...
Parent
Re:Hrmm (Score:5, Funny)
Yes, but not just for that reason.
Parent
Re:Why not just charge to send email? (Score:5, Insightful)
Nope. Then people who run legitimate email lists (hobbyists, listservs, PTA, whatever) would be out of luck. A 1000 family PTA group could incur almost $5k/year with a once a week mailing.
Let's not screw the honest person to block the dishonest.
Parent
Re:Very interesting, but I still don't understand. (Score:5, Informative)
Last time I commented on this, I got accused by some idiot of being a troll. Interestingly enough it was still modded to 5 and considered "Insightful".
The biggest problem with spam is ... the response rates. That is users who actually are dumb enough to open up the email and then reply to it.
If everyone in the whole world suddenly got a clue (and it won't happen) then the response rate for junk emails would be nothing, nada, zip, 0 people and 0%.
Exactly how long would a spamming organisation be able to stay in business if they couldn't even guarantee that in a 6 million mailout, they could not get one sale?
With a response rate as low as 0.002%, do they expect that the people that install and run spam filters are the most likely to respond to spam ?
No, because if you've installed it yourself you're too tech savvy and very very unlikely to buy anything from them. They're gunning for the uneducated masses. Those that do reply.
A 0.002% response rate for 3 million emails is 6 thousand responses. Despite the low percentage, that bold figure is enough for many unscrupulus companies to go "hell yeah!".
Email spamming is quick, cheap and it's easy. So quick, so cheap and so easy that it's seen as worthwhile even if you only get 50 responses. Until that number drops to 1 or 2 then we'll all have to look at other ways of stopping the menace.
Parent
Re:backfire? (Score:5, Funny)
2 computers with forwarders set up and one attempts to wangle them to fire an email back and fwd to each other, while cc'ing each time to that email.
In about ten minutes she should receive about 1000 emails saying "Your a bad lady, but I forgive you, so I've attached a core dump file to this email as a present". Catch... May kill your own mailer machines too.
I once sent a 'Get fcked' email to a spammer once and copped an autoreply...
So I sent another one, with the header forged so that it said it came from the machine account autoresponding.(Causing autoresponder loop death) The machine responded to pings for about 2 minutes, and then fell off the earth. Infinite loop email death. THAT'L LEARN YA , YA NUTTY SPAMMER!!!!!!!!
Parent