Spam Question

I get a lot of spam (150+ per day), mainly because my email addy is publicly available in a few places on the net. Now, I’ve noticed a few different levels of sophistication in the various spammers’ harvesting techniques (bear in mind that my user name [the bit before the @] is the same as my surname, and I have my full real name as the “sent by” name in my email client):

  1. The lowest level. No attempt to harvest my email program (Eudora) for info. Just something like SENDER: “Cindee” SUBJECT: “Co-ed Slutzzz”

  2. Use of info harvested from an online form (I submitted my first name fakely as “Carlos” once (to test this), and now get spam for that name). SENDER: “Joe” SUBJECT: “Hey Carlos! Pen1s enla R gement”

  3. Using my surname/user ID (as they are the same, I can’t be sure which). SENDER: “Natasha” SUBJECT “[Surname], instant credit pre-approved!”

  4. The email appears to be from me (Rare, and I haven’t seen it for a while) SENDER: “[My full name, or my email address]” SUBJECT: “Sick of Spam???”

  5. Email to my first name only (this one is the most convincing).
    SENDER: “Susan Nguyen” SUBJECT: “Hey, [my real first name], check my webcam”

Now, there is the sixth one, and this is the one about which I am confused and alarmed. I have been receiving spams from folks with the same names as those in my address book. Actually, they use partial names. So I get a legitimate email from a friend who has their full name listed in the “from” field, and the next day, I get a mail from somebody using their first name. So if Dave Robertson (for a fake example) sends me real mail, a couple days later “Dave” thinks I need a larger tadger, and could benefit from herbal supplements, and “Dave” has never spammed me before. Up until today, this has always happened with first names only, and they have been common names, so I’ve been only guessing that there may be a connection. Yesterday, I received an email from somebody who has their “sender” info as initials / surname. The surname is only marginally common, and is also a given name sometimes. Today, I was spammed by that name.

Are they reading my address book? If so, does this necessarily mean I have a virus, or spyware? I regularly run both AdAware and SpyBot, and I come up clean. Or is there a “legitimate” way they can do this? Or, am I imagining it, and it’s coincidence alone?

Your email flows thru dozens of machines on its way from point A to point B. Along the way, any machine can snag it, read it, save it, etc. While you can encrypt the message body, you can’t encrypt the “To” part (else it would never get there). The “From” is meaningless, unfortunately. But if you aren’t faking the “From”, any harvester program running on those machines can get the To/From info and use that.

If you are in the US using legitimate ISPs, there is little chance they are harvesting. But, machines could be hacked by outsiders who could be doing just that without the owner’s knowledge.

The most likely hacked machines are yours and the person on the other end.

There is a well known quasi-ISP that freely sells everything they can glean from their customers to anyone, regardless of ethics. They of course tout their anti-spam “features” in their ads.

We are on TPG ADSL at work and I don’t get much spam on my work PC - my email software is MS Outlook.

My boss uses Outlook Express and gets HEAPS of crap, so perhaps it is something to do with the filters.

However he gets no where near the amount you do.

At home we use TPG Dial Up and don’t get much spam at all - but Leechboy has installed a ton of software to stop spam and viruses. We use Outlook Express at home.

So if you are still with TPG I don’t think the problem is them.

Not much help but at least it is one possibility eliminated. Unless of course you are no longer with TPG.

Their help desk people are very good also, so you might be able to contact them for advice.

Don’t know how much of this is BS scare-language, but from here:

You may have been “scripted”, if so, TLD, some time back. Dunno.

If that was the case would they be sending the same emails to the people in his address book?

Perhaps a comparison of spam email recieved with others in your address book is called for.

Thanks guys. It may well be just a coincidence at this stage. I’ll keep monitoring it.