Spambots Ahoy!

20071102.friday   comments=2   propeller_beanie  

Last I week I wrote about the hijacking of my e-mail domain by spammers. I happened to mention that the messages that were rejected by other e-mail recipients had been purportedly sent from the address qqxgobbledegook@yukondude.com. The “gobbledegook” that appeared in italics was meant to signify a random alphabet soup that followed the oddball “qqx” prefix.

Lo and behold, I received an e-mail this very morning addressed to a certain qqxgobbledegook@yukondude.com. It contained an offer of cheap replica diamonds and Rolexes.

Well that didn’t take long.

Obviously a spam harvester program — or, spambot — stumbled upon my posting and scooped up that address. Spambots are automated browsing programs that surf the web looking for anything resembling an e-mail address: this@that.theother. The addresses are collected and used to send enticements for the aforementioned ersatz diamonds, or other equally dubious products and services.

That’s why it’s never a good idea to publish your e-mail address on the web, at least in its unprotected form. Instead, websites that need to publish a contact address will use an image of the e-mail address, or a JavaScript-scrambled version, or a wacky spelled-out representation: for example, dave [strudel] whathesaid [full stop] ca. Eventually the spambots will grow smart enough to decipher those, but to date I haven’t received any spam addressed to my “strudel” account.

  1. Anthony   20071102.friday.1123  

    Or you just use gmail (or some equally good spam filter). I figure I’m getting maximum 2-3 out of every 100 spam messages in my inbox. I don’t get many e-mail messages a day, and it seems like I’m about 75% legitimate in my inbox, say six good ones and two bad ones on an average day.

    I’ve been freely posting my various e-mail addresses all over the web for years.

    I’m so fearless I’ll even post it here:
    anthony.delorenzo@gmail.com

    Nyah, nyah, come and get me!

    Regards,
    Anthony

  2. Dave   20071102.friday.1225  

    Gmail does have a very good spam filter. Unfortunately, their servers are located in the US which opens them up to Patriot Act and future south-of-the-border legislative abuse.

    I have three layers of spam filtering on my accounts, but occasionally I peek into the rejected bin to look for false positives, and that’s when I spotted the gobbledegook.

    But I don’t get any spam to the whathesaid account. I believe that’s because I don’t advertise it. Isn’t no spam always preferable to some spam?

reply