Yesterday afternoon I enabled display of my email address. This morning I receive 419er scam email to the same address, it could be a coincidence but somehow I doubt it.
Would it be possible to at least restrict email address availability to those who are paid up members, instead of any Joe Intarweb who signs on as a Guest?
Oh, and notifications of replies to subscribed threads are still rather flakey. ‘Instant’ seems to work just fine but I know for sure ‘Daily’ is not working at all for me. All emails sent by the board are whitelisted in my filters so I’m confident that the emails are just not being sent.
I don’t think vB restricts email availability in that fashion. I will look into it, though.
I do not believe the SDMB’s addresses are harvested for spam; it’s just too difficult to do easily.
As for the notification emails, I look to our continuing server woes. When the server is jammed up, as it is all too often these days, it drops tasks in progress, resets, and moves on. It appears that there is some sort of preference as to what it drops first and that’s emails. I don’t know what to do about that, except advice people once again to be judicious in their use of the system, especially in searches. Stuff that taxes the server (like big searches) screw things up for everybody.
I agree that harvesting email addresses for the type of large scale spam runs that advertise porn, pills and potions would not be very effective.
419ers seem to act on a smaller scale though, do they not? If you’re looking for a few suckers to bilk using lengthy conversations then I think it would be worth the scammer’s time to find some guaranteed working addresses.
It just seems too much of a coincidence that the very day I make my address visible is the same day I get a 419 scam email.
What makes me even more suspicious is that my address here is a forwarding one from www.sneakemail.com and is basically a string of random symbols@sneakemail.com; this makes dictionary attacks/guesswork nigh on impossible. Also, the address has never been used anywhere else, I have a unique address for each site I register with.
re: Notification emails:
Figures our troubles wouldn’t be over, although the boards have been markedly faster for me since pay-to-post.
It’s counterintuitive to me that it’s “cheaper” for the server to churn out over a dozen emails a day for a high traffic thread than just one at the end of the day.
Would it be possible to change the prioritisation of the tasks that get dropped?
Oh well, I guess we’ll have to consider the matter unresolvable until someone else comes forward to say they’ve received a 419 scam email purporting to be from “PHILLIPE ESCRUDIER from Philippines” who is apparently dying of cancer and wants to move large amounts of cash out of the country.
I occasionally receive 419 spams and display of my email addresss is not enabled. But of course, my situation isn’t a very good test of your hypothesis. I recognize that receiving 419 spam without displaying my email address says nothing about you receiving one with displaying it.
As an aside, I seem to recall a recent cancer related 419 scam email, but I don’t think it was from Phillipe in the Philippines.
To clarify, had you ever gotten any spam at all to that e-mail address? If you have, then the 419ers could very well have gotten it from other spammers, or from the same source as the other spammers. If you have not, however, then this starts to look significant. While vBulletin does make it more difficult to harvest e-mail addresses, it’s still not impossible, if you have the addresses displayed, and vBulletin is common enough now that it just might be worth a spammer’s while to write a spider capable of handling vBulletin’s barriers. I don’t think that vBulletin uses human-identification technology (was many moons ago that I registered, so I’m not sure), so it may even be possible to make such a spider which could automatically register at many boards.
I’ve only ever gotten one unsolicited message before at my SDMB address. That was another 419er and I think I mentioned it in a thread here at the time, it was shortly after we went to the new version of the board software.
It’s the classic Nigerian fund transfer scam (“419” from the section of the Nigerian Criminal Code that would apply to it if it were prosecuted sometime).
As to how many people on this Board would fall for it – well, the people who fall for it have made enough money for the scammers to be interested in taking it. Lots of smart people fall for stupid scams.
I got another one today at my SDMB address.
I’ve decided to do a test. I’ve changed my SDMB address to another randomly generated one. It is brand new and impossible to guess.
I’ve enabled the send me email option in the User CP to try to replicate what I did previously. If I get spam/419 mail again then either someone is scanning the board for addresses remotely or someone here is an agent for the 419ers.
Or you are the victim of a dictionary attack on your mailserver, especially if it is a large/popular one. I am the admin for a smallish (2000 messages a day) domain, and you would be amazed at how many times my logs show someone trying to send an email to aaaa@domain.com, then to aaab@domain.com, then to aaac@domain.com, etc. Most spammers are more sophisticated, and actually try real names/words, but not all. I personally have my mailserver suspend all communications from any IP that has more than 20 “unknown user” errors in less than 10 minutes, but not all admins do that.
No i don’t think a dictionary attack is feasible on addresses from www.sneakemail.com. (Not advertising, I promise)
They are basically random alphanumeric strings of varying lengths. The chances of hitting a valid address, let alone mine by chance in the way you describe is astronomical.
How long would it take to guess the address: fjfd83tdkf05604@sneakemail.com (not a real address as far as I know so) using a dictionary attack? Especially when you don’t know that there are 15 characters, there could be 8 or 20.
Just for the record, I’ve never gotten any spam on my yahoo account that I set up when I registered here, 419 or otherwise. Given the content of my posts, if someone where looking for dupes to send messages to, I think I would be high on their list.
I concur that dictionary attacks on sneakemail keys would be futile unless the spammer didn’t mind a huge percentage of bogus emails. This is different from Yahoo and GMail because in traditional servers, you try to pick a name that’s meaningful. A dictionary of common names, nicknames, and trivial permutations will catch the majority of those. Sneakemail and related services are as random as possible, giving a huge, nearly unpopulated (that is, very, very sparse) keyspace.
So it’s possible it was random. It’s possible that they don’t mind wasting their time with 99-99.9% bogus lists. But MSN, Hotmail, AOL, and Yahoo would seem to provide much more fertile grounds.
My email from the SDMB is on Hotmail, and I almost never get these emails any more. Just adjusted my spam filter to suit. And no, I don’t pay for Hotmail.