Categories
Burningbird

Variations on a nasty theme

Not long after I went to bed last night, my friendly neighborhood spammer changed the name he was using while sending his or her virus-laden emails and I woke this morning to 803 new emails with variations of failed delivery, thanks for signing up, and messages of rejection due to the presence of a virus.

I’ve pointed the new email address to the blackhole, but I’m now wondering whether this ‘attack’ is direct or indirect. Is the person using a program to generate new email addresses, while still using the same domain? Or did the person read that I had pointed the old address to blackhole, and change the name manually. There’s a world of difference between the two, and it’s bothersome not knowing which is the answer.

I guess we’ll see the ramifications from this one over time. There is a potential of the domain, yasd.com, being blacklisted though spam blacklists are usually based on IP address rather than domain names; those that operate spam blacklists know how easy it is to use someone else’s domain.

How easy is it? Go into your email and change the reply-to email address. That’s it. Of course, my kiddie hacker is also using open ports on people’s machines to send the emails so that they’re not traceable. Might even have used an open port on your machine ifyou don’t have firewall protection. How safe is your machine? How about your domain?

We talk about digital identify and protecting said identity from impersonation and theft, but I’m not sure those of you who talk about this added level of sophistication being layered on the existing infrastructure of the Net realize how problematical it is just to ensure the safety of our domains, much less our personal identification. I think in many ways that’s why I don’t join in the digital ID conversation, though it is a topic I was greatly interested in a few years back. When you realize how wide open the Internet is, and how many people connected to it have the barest understanding of what it is they’re connected to, you become amazed that the Internet is still operating.

The only reason you’re still able to read this weblog is redundancy.

My hope is that the hacker is using a generated email address and eventually, the program will move on from my domain. Or a meteor falls from the sky and lands on the hacker’s machine…and the hacker.