Taken Identity

Written by Chris Caines

March 15, 2004 | 00:00

Tags: #419 #blacklist #email #hijack #phishing #scam #spamcop #spews #virus #whitelist

I sat down today to begin writing my article (late as always, I’ve never much been one for preparation!) and hit a mental block. I had all these articles buzzing about in the back of my head and couldn’t swat one quickly enough to bring it into the foreground. To try to stimulate an idea, I checked my Email.

I should have known something was up when Outlook showed it had only downloaded 2% of my Email. I had initially put this down to my uninstallation of Service Pack 2 Beta which I stupidly put on my machine after receiving it in TechNet. As an aside, I should really had known better than to even consider putting on a beta patch (incidentally is it me, or does the thought of releasing a BUG FIX into beta seem a little unusual to you?) Anyway, suffice to say SP2 killed my machine, but luckily was able to be taken off. Unfortunately, it’s never been right since and loading apps has been really slow.

I soon realised it wasn’t the forcible removal of Bram Stokers Service Pack which was slowing down my mail; it was the fact I had just received 130 new Emails. Now I’m a popular guy, but I never get that amount in 3 hours. Then I realised they were all Undeliverable messages and whilst my heart was sinking, in the words of Mr Furious, my only power was becoming my boundless rage.

My obvious assumption that this was yet another party trick of the obnoxious MyDoom or NetSky variant, however these certainly weren’t indicative of its payload. No, I had fallen foul to an even more sinister practice - my Email address had been hijacked to send spam. I was no longer the poor unwitting victim of some innocent’s stupidity; I had been selectively harvested and used as a disguise for an underhand trader.

A little research shows I was the unwilling proponent of someone trying to sell flats in Russia. Wonderful, at least if I was selling something utterly futile like Viagra or Human Growth Hormone then people would treat it as the fake that it is, but this actually seems legitimate, which suprised me even more by not using their real Email address. This little episode does highlight the point of this article however, and that is to explain how very fragile your Email address is these days on the Internet.

"No, I had fallen foul to an even more sinister practice - my Email address had been hijacked to send spam"

In one fell swoop, I can be branded by millions as a spammer by someone I’ve never met before and (up until this point in time) held no ill feeling against. Conversely, the thoughtless actions of someone too timid to actually bear the courage of their mass mailing convictions could put my Email account, possibly even my internet access in jeopardy. Spammers are going to prison right now for offences; I wouldn’t want to have to talk my way out of a custodial sentence just because my digital persona has been cloned like a sheep.

I was initially compelled to write this story because of someone (I do pick on people don’t I?) whose Email address had recently been published on a web page, which would obviously open it up to harvesters picking addresses off of pages. I do agree that this could have sped up the spamming likelihood in his mailbox, however the bottom line is that your Email is no longer safe even if you never use it at all! Having registered a new domain recently and setting up a catch all Email account for it I was utterly delighted at the fact that I was receiving spam in it already (For delighted read: wetting myself with anger). You see, my friends, spammers the world over will stop at NOTHING to ensure you try to buy their 100% Herbal Penis Enlargement technology in the short 24 hours their randomly generated site name stays up before it’s canned by their ISP.

Right now, having a classy Email address which is memorable and you may have had for years means nothing because sooner or later, you WILL be targeted for Spam attacks, whether that be due to a negligent virus checker allowing your Email into the public domain or simple guesswork on the part of a dictionary based mass mailer. A personalised number plate, a monogram on a tie or your name engraved on a watch may all still be signs of individuality, but a clever Email address these days is just a hindrance because to the faceless automatons of Spam, you are simply a mailbox to receive their wares (oft with a Z).

[separator]

Your Email address is now no longer your digital presence on the web, it’s nothing more than a Post Office box which, if you’re lucky, you don’t have to change very often. Not through my own choice I’m now on my fifth Email address in as many years, and on the rare occasions I can bear to check the mailbox of the early ones I have literally thousands of Spam Emails in there, some seemingly from me and from people I know. To compound it all, I have almost as many Undeliverable messages in there from hijackers as I have Spam. The Email account is useless, probably on every list imaginable and has obviously been used countless times anyway in other people’s mass mailing attempts.

"Right now, having a classy Email address which is memorable and you may have had for years means nothing because sooner or later, you WILL be targeted for Spam attacks"

I’ve managed to curb my Spam problem somewhat by setting up a Spamcop Email account which, for $30 a year is an absolute bargain given that I can actually maintain a manageable Inbox. Whilst it works, it’s not infallible and I still receive about 5-10 spam Emails a day through it, that said I dread to think how many I’d get otherwise.

For the moment I’ll be kna@spamcop.net but no doubt in a short while I won’t be, when it either gets too much for them to handle or my account is shut down because I’ve been accused of something I didn’t do. Does it bother me? Not particularly, Email has now become a complete joke to use anyway because no-one has been capable of coming up with a better solution. Some rely on it, I’ve trained myself not to, after all I’ll only end up getting disappointed.

Oh, do I have a solution you ask? For all my ranting, do I have some wonderful idea which will curb the Spam problem forever? Well, yes I have one idea… DITCH IT! Trying to fix problems with Email is like watching a tired old mongrel being taken to the Vets for yet another quick fix to the issue of old age; face it, it’s over and it’s beyond help. The sooner we let it go for new and more secure technology the better. Someone, (Hell even Microsoft), just needs to go ‘balls out’ and say ‘This is it, this is the way it’s going to be and it’s going to work’. I don’t know the technical issues involved, that’s not what I’m paid for, but I guarantee you now there’s a boffin sat somewhere being paid an inordinate salary who knows exactly how to rid the world of Spam and create a decent Email system.

Unfortunately there’s likely a money grabbing suit not listening to him and that’s why we’ve been in this situation for so long.

So, if you have a beef (or indeed a Pork) with Spam, I wouldn’t go too far with the one man crusade. This is one of those unique battles where the best defence is actually a good defence, so keep changing your address and let the Spamcops and the Spamassassins do their job until someone, one day, pulls their finger out.

Until that day, if you rely on Email, don’t. I wouldn’t bother mailing me regarding this article either, by the time you’ve read this I’ll probably have a different address again.
Discuss this in the forums
YouTube logo
MSI MPG Velox 100R Chassis Review

October 14 2021 | 15:04