Author Topic: Spam on my email address soley used here.  (Read 22755 times)

0 Members and 1 Guest are viewing this topic.

Offline chocholo

  • Avast Blinking Boxes Crowd
  • Administrator
  • Poster
  • ***
  • Posts: 646
  • BSC, GSC, MCP
    • Avast
Re: Spam on my email address soley used here.
« Reply #15 on: March 30, 2012, 01:24:39 PM »
I can say on behalf of AVAST Software, that we are not selling any e-mail addresses and that we are running the latest available version of the forum software.

Offline exocet

  • Jr. Member
  • **
  • Posts: 21
Re: Spam on my email address soley used here.
« Reply #16 on: March 30, 2012, 03:25:20 PM »
I can say on behalf of AVAST Software, that we are not selling any e-mail addresses and that we are running the latest available version of the forum software.

1. Nice PR reply to something that was never stated (selling email addresses), it has been clearly stated Phishing and email harvesting is the cause,, if you care to read the original comments you would know this, or perhaps your reply is a deliberate deflection. If I sound hostile it is because of lack of care over this security issue.

2. My profile has been set to never show email or anyone to contact me except the admin.

3. The latest Version is far from immune form spammers and harvesters, it is the added security issues and diligence by the webmaster that prevents this. I have vast long term experience with Simple Machines Software. It would be safe to say I know this software inside out and to use the term "we are running the latest available version of the forum software" is no comfort as not only are you hiding the version number but the latest software is not safe enough on its own to combat Spam.

This is a subject I am passionate about, the security of my users on my forums (also the very latest available), but if you knew the additions put in place and the education the moderators have received, my users personal information is obviously more secure than here.


Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82277
  • No support PMs thanks
Re: Spam on my email address soley used here.
« Reply #17 on: March 30, 2012, 03:32:18 PM »
Re 1. you may not have mentioned it, but DPAvaster certainly did in Reply #8.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.544) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline exocet

  • Jr. Member
  • **
  • Posts: 21
Re: Spam on my email address soley used here.
« Reply #18 on: March 30, 2012, 04:08:20 PM »
One of the things my own company thrives on is, "what we do about your problem/query" what I have constantly said to others companies, "Its not the fact its broken that will impress or anger me, its what you do about it that will impress or anger me".

So far I'm not impressed.

As an aside

Me too, today.

I imagine the problem is nothing to do with Avast itself but with the forum software. Many forum coders (and CMS website coders) are ostriches with their heads firmly stuck in buckets of sand when it comes to the issue of address harvesting.

http://spamwise.org has some tools which can help locate such vulns.


The Spamwise site get a 403 from my website and an error 22 on their error system (whatever that is), I looked for their meaning of error 22 and gave up after a few clicks looking for its meaning. However http error code 403 is a "forbidden request", this means even if the request was a legitimate probe/request it was denied by the server (my domain).

Yes the software is responsible for the security issues, but Avast are responsible for the control and security of the software and the impact it has on its users. The blame and burden of responsibility falls firmly on their shoulder of Avast.

So perhaps I should have been clearer in the first instance, so here goes. You have a security breach on your forums, I and others are receiving Spam gleaned from addresses on these forums, what are you going to do about it?


Offline Gargamel360

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2347
  • Memento Mori
Re: Spam on my email address soley used here.
« Reply #19 on: March 30, 2012, 05:53:25 PM »
Hmmm, I just looked, and there is a "lonely girl" trying to contact me in my gmail SPAM folder.

It no 100% confirmation or anything, since I do not have a separate email for every purpose.   But the law of coincidence can only stretch so far.
"Its not the fact its broken that will impress or anger me, its what you do about it that will impress or anger me".
So far I'm not impressed.
  ::)   It has not even been 24 hours, did you expect a klaxon alarm, with a full armed response? 
Yes the software is responsible for the security issues, but Avast are responsible for the control and security of the software and the impact it has on its users. The blame and burden of responsibility falls firmly on their shoulder of Avast.
Avast! does not make SMF, so apart from the responsibility of running the latest version, how does the any blame fall to them?  Now, if this continues, then you might have something.
Signature?  But I gots no pen....

Offline curious!

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 531
Re: Spam on my email address soley used here.
« Reply #20 on: March 30, 2012, 07:13:41 PM »
"I happen to be hunting for a dude to hook up with!!! answer back for pic quickly!"

"i'm seeking a male to be able to hookup with!!!"

just arrived in my inbox. First mails to this address for about 9 months. Never use it for anything other than Avast!.

Just for your information.  :)


Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40632
  • Dragons by Sasha
    • Malware fixes
Re: Spam on my email address soley used here.
« Reply #21 on: March 30, 2012, 07:55:58 PM »
There may well be a security breach within the forum software, as I received 3 in my spam folder.  Didn't check the address though I just binned them

But the same starter "lonely girl"

I know they are using the same forum software at G2G and they are moving away from it as it is easily breached and is always getting  little bugs

Definitely require a review of the software

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Spam on my email address soley used here.
« Reply #22 on: March 30, 2012, 08:12:55 PM »
Hmmm....

Same here in my Hotmail spam tray today.

Quote
i'm just searching for a gentleman to hookup with!!! respond back for photo right now!‏

From:   Lonely Girl
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline penfold

  • Newbie
  • *
  • Posts: 2
Re: Spam on my email address soley used here.
« Reply #23 on: March 30, 2012, 11:15:40 PM »
I too received a "Lonely Girl" e-mail to an address that is specifically and only associated with this forum!!!!

I do hope that avast take this very seriously, identify the leak, correct the problem and notify all affected users as soon as possible - otherwise we are talking about huge amounts of credibility that is at stake (and a big customer loss)!!

mb

Offline exocet

  • Jr. Member
  • **
  • Posts: 21
Re: Spam on my email address soley used here.
« Reply #24 on: March 31, 2012, 01:04:49 AM »
Big customer loss is the order at my company for 10am meeting on Monday, if I have no reasonable response then we shall be not longer selling or supporting our customers using Avast internet security.

This may not be important to some people, but my company and gaming squad website are very serious about customer support and security.

My gaming squad website enjoys around 250 phishing, comment spamming, SQL injection, and dictionary attacks each week using exactly the same core software this forum uses. I am proud to say NO ONE GETS SPAMMED as a result of being registered on our site.

Looking at the trace form the Spam that seems to be hitting this forum it would have been stopped by our forums.

I have just logged into the gaming squad forums and its enjoyed 276 hack attempts since midnight Sunday 25th March GMT, this log is purged around midnight each Sunday (GMT)

So I know this software can be made far more secure than it apparently is here.

Time is running out AVAST, we sell approx 20 copies of your software a week and support it ourselves to our users.

http://tgsquad.com

Offline FlyingRobot

  • Full Member
  • ***
  • Posts: 105
Re: Spam on my email address soley used here.
« Reply #25 on: March 31, 2012, 07:56:16 AM »
FWIW, I had just two email addresses hit.  One was the email address I setup for my FlyingRobot account here, the other was an email address I setup just to register the avast program a long time ago.  This later one I *might* have used in this forum at one point a long time ago, I'm not sure.

Offline AdrianH

  • Advanced Poster
  • **
  • Posts: 854
Re: Spam on my email address soley used here.
« Reply #26 on: March 31, 2012, 08:21:29 AM »
Oh dear is this still winding people up? It is SPAM FLOODING and the addresses are just bot generated.

These messages are being received all over the net and are not restricted to users here.  I have seen this and other spam flooding to plenty of addresses. I know of a company system that is purley for internal use but the domains there are receiving this garbage to the catchall address.

My ISP provides a small hosting package for free, my domain there has seen spam , I have never set anything up using that domain, I have nothing  running there and have never set up an email account yet "Lonely Girl" has been sent to the catchall there.

I run a closed forum, not accessible to the public, no bots/crawlers ever get access and members need a 16 character password to enter, the control panel is locked down to one IP address and the server is drilled down and firewalled, the admin and bounce addresses have seen this message and members are seeing it arrive at various email addresses they have.

Over at vbulletin.com the members only forum is seeing the same "you have sold our email addresses /the server has been breached" complaints ( which it hasn't)  the same is happening elsewhere, there really is nothing unique here.
Win8.1 Pro 64Bit  : KIS2014 : CryptoPrevent : Privazer:

Offline tbessie

  • Jr. Member
  • **
  • Posts: 40
Re: Spam on my email address soley used here.
« Reply #27 on: March 31, 2012, 09:09:20 AM »
Oh dear is this still winding people up? It is SPAM FLOODING and the addresses are just bot generated.

These messages are being received all over the net and are not restricted to users here.  I have seen this and other spam flooding to plenty of addresses. I know of a company system that is purley for internal use but the domains there are receiving this garbage to the catchall address.

...

That may well be, but, once again, we're not talking about random, Dictionary-attack style email addresses. We're talking about specific email addresses created for use for specific services we provide them to.  For example, if I give my email address to avast, I give them THIS_EMAIL_COMES_FROM_AVAST@mydomain.com.  If I give it to Best Buy, I give them BEST_BUY_SENT_ME@mydomain.com (or something along those lines).

For those SPECIFIC email addresses to be used as spamming address, a random, dictionary, or even educated-guess style email-address generating bot is VERY unlikely to come up with them, especially if the only time I get a given spam is to an address I specifically supplied to a service or forum, but I don't get those spams to any catchall on my domain.

I assure you that if an email makes it to THIS_EMAIL_COMES_FROM_AVAST@mydomain.com, then that same email will make it to ABCDEFG@mydomain.com, because by the time it reaches the step in email processing on my ISP's servers, it's already passed their spam filters and made it to my procmail filter.

So... are you claiming that the above sorts of email addresses are just randomly generated, or did you mean to say that these bots are using code injection, etc. to extract valid email addresses provided to the forums, for example, as has been suggested?

- Tim

Offline FlyingRobot

  • Full Member
  • ***
  • Posts: 105
Re: Spam on my email address soley used here.
« Reply #28 on: March 31, 2012, 09:18:47 AM »
Actually, it doesn't matter whether the same or similar spam is being delivered to other email addresses as it is more often than not a case of general spamming rather than a narrowly targeted type of spam or exploit aimed at a specific group of individuals.  What matters is things such as:

1) To whom the email address has been disclosed.  Those who give out different email addresses to different entities can recognize an email address leak when others cannot.
2) The uniqueness of the email address and how difficult it would be to guess.  Spammers will often try common names/terms and also the same less common ones at different domains.  So when giving out unique email addresses it is best to make them highly unique and ideally very obscure and random. 
3) Whether the email address was acquired before you created it.  Those who have controlled their own domain names and email servers for a very long time have an advantage in terms of knowing whether they are re-using an email address that was used before and thus possibly harvested by a spammer.
4) Whether the other user's systems used to store/process the email address in question have been kept secure including against fishing for valid email addresses.  Paying attention to which email addresses get hit, and which don't, can give you a clue as to whether that was the case.
5) Logs, logs, logs!  While those who don't have them will forever be left guessing, those who do have them turned on will be able to make rational calls.  Did the client connect to their mail server and initiate a dictionary attack?  Did the client only target one specific email address amongst very many?
6) Whether multiple, clueful parties are reporting evidence of an email address leak

Which is a brief educational snippet way of saying: someone should be taking these reports seriously and looking into ways in which our email addresses may have been compromised on their end.

« Last Edit: March 31, 2012, 09:25:40 AM by FlyingRobot »

Offline AdrianH

  • Advanced Poster
  • **
  • Posts: 854
Re: Spam on my email address soley used here.
« Reply #29 on: March 31, 2012, 10:25:36 AM »
Oh dear is this still winding people up? It is SPAM FLOODING and the addresses are just bot generated.

These messages are being received all over the net and are not restricted to users here.  I have seen this and other spam flooding to plenty of addresses. I know of a company system that is purley for internal use but the domains there are receiving this garbage to the catchall address.

...

That may well be, but, once again, we're not talking about random, Dictionary-attack style email addresses. We're talking about specific email addresses created for use for specific services we provide them to.  For example, if I give my email address to avast, I give them THIS_EMAIL_COMES_FROM_AVAST@mydomain.com.  If I give it to Best Buy, I give them BEST_BUY_SENT_ME@mydomain.com (or something along those lines).


- Tim

That is exactly what the bot programmers know and do. They find a domain and then try from a list of male then female names, then application lists, online seller lists etc.   So they look at avast@ domain.com then Avira/Eset/Commodo etc.etc.

I used to have a server where I had a different email address for every account I set up on the net and yes I got spam to specific addresses and have seen spam to my addresses where the company I had purchased from no longer existed .

Win8.1 Pro 64Bit  : KIS2014 : CryptoPrevent : Privazer: