Joe Wein
Fighting spam and scams
on the Internet

Home / Blog / About us
Spam
419/Nigeria
Online fraud
jwSpamSpy
Contact

Email Spam Filter:
jwSpamSpy
Try it for free!

Google
 
Frequently Asked Questions (Spam FAQ)
last updated 2007-04-26

General:

jwSpamSpy Frequently Asked Questions:
Other spam FAQs:


How did spammers get my address?

In one of several ways:
  • Stolen off a website: Spammers use address harvesting software to "spider" websites and extract any email addresses found in those pages. If you provide a contact address on your personal website or leave your address on the guestbook of a site, sooner or later it will end up on a spammer's list and you can't get off again. It will be resold to other spammers any number of times.
    If you want to prevent that, don't leave your address on other people's sites and don't provide a clickable link for mailing you on your own site. Instead, you can create a graphic representation (GIF, JPEG) of your email address such as this, which is fairly safe. A human can read it, a robot can not (hint: try cut & pasting it!):
  • Resold by another spammer: Many websites gather addresses for providing services, such as mailing you or another person some file. Be very careful with such sites. While many are reputable, others will collect all supplied addresses and use them for spamming or for sale to spammers.
  • They guessed it: Spammers combine common first names, surnames, initials and digits with mail domains. Often they will send millions of mails with such made-up names to a particular service provider, so that whatever names happen to be valid will make it through. This is called a dictionary attack. In other cases, spammers take the local part of known addresses (the part to the left of the '@' character) and combine it with another domain name (the part to the right of the '@'). If there is a janedoe42@msn.com, maybe there's also a janedoe42@aol.com?
  • Stolen off the usenet: If you use a newsreader to post in newsgroups, spammers may harvest the address you use there. Many people use non-replyable (fake) email addresses for usenet postings. A common trick is to insert "nospam" in the name (john.nospam@example.com intead of john@example.com). Spammers know this and often strip out the "nospam" part. Clever people have taken advantage of this by creating a valid address including nospam which they use for Newsgroup postings. Spammers strip out the nospam part, breaking the valid reply address :-)


Why does someone send me emails that I don't want?

Because spamming is profitable and too little is done to stop it. The costs of advertising a product via spam are so low that even if only a tiny fraction (say less than 0.01%) of the recipients buy the product, the spammer still stands to make money. Annoying the other more than 99.99% of recipients is of no concern him. Spammers often use resources stolen from other people (such as computers compromised by "trojan horse" type viruses) or get shielded by corrupt Internet service providers in foreign countries. That makes it very difficult to prosecute them.

In many countries there are no effective laws against spamming. US laws against spam are much weaker than laws passed in EU countries.


How can I unsubscribe from spam?

Many spam emails include a website or email address to unsubscribe, but that doesn't mean that you can really stop the spam that way. Legitimate companies that you are a customer of, or operators of mailing lists that you have in fact subscribed to at some time in the past will normally honor unsubscribe requests. Dealing with hardcore spammers is quite another story. Trying to unsubscribe from spam (such as mailing lists you have never subscribed to) will often invite even more spam, as it confirms to spammers that your particular email address is valid and active. If your address is confirmed active, it becomes a more valuable commodity for sale to other spammers. Therefore we don't recommend trying to "unsubscribe" from spam such as pharmaceutical / pornographic / fake Rolex etc. spam.

You can temporarily stop spam by changing email addresses, but that disrupts communication with everyone else who wants to send you legitimate mail, so it's not really a good solution.

The only feasible approach is to automatically filter all spam emails. Currently, about 600 spam messages per day are sent to several of our mailboxes. Our spamfilter, jwSpamSpy, automatically filters about 99.8% of those. That makes the problem quite manageable :-)

Read more about jwSpamSpy here.


I was defrauded by a website on your list. What can I do?

We sometimes receive mail from people who have done business with companies advertised via spam. Usually they contact us after a website, which has billed them for goods not delivered, or double billed for goods, has disappeared.

When you purchase online, it is a good idea to do your due dilligence checking *before* you place an order. At the very least, do a Google search. Don't buy from spammers. Spam is criminal in many countries and unethical in any case. Why should you entrust the content of your wallet or your credit card details to a company which, by virtue of spamming millions, has already displayed unscrupulous behaviour? Even if you ignore that the profits from your order will pay for more spam, you yourself can become a victim. Many websites advertised via spam are hosted in countries beyond the jurisdiction of the courts in your country. Many such websites disappear within days or weeks. What are you going to do when you have a problem?

Having said that, when you've made the mistake of giving money to spammers, all may not be lost. If you've paid by credit card, contact your credit card company and tell them what happened. Provide details from your credit card statement. Depending on the circumstances you may still be able to get a refund from your credit card company. If the company is based in the United States you can take them to court. The FTC has a complaint form available at its website where consumers can report problems they've encountered with businesses.


Help! A spammer is sending spam with my email address!

Unfortunately there are no technical means to stop third parties from using your domain or email address in a fake sender address. There are only limited legal means for fighting back. Nevertheless there are some steps you can take.

Sending spam with a fake sender address is a felony under US Federal Law (CAN SPAM ACT of 2003). Many of the spams sent with fake sender addresses involve other illegal activity, such as credit card fraud, intellectual property or trademark violations (software piracy, fake luxury watches, etc), illegal pornography, etc.

In such cases the domains advertised in the spam emails tend to be registered using fake postal addresses and often are paid using stolen credit card data. Servers tend to be hosted overseas, such as in Korea or China and often the spam is sent via trojaned third party computers.

In other words, you're dealing with professional criminals who are very good at concealing their identity. You will not be able to sue them. You won't even know where or who they are. But here is what you can do:

  1. If your email domain has "catch all" enabled (ask your webmaster or provider if you don't know what this is), turn it off. This reduces the number of bounced spams that will hit your mail server.
  2. Contact the office of the Attorney General in your state (assuming you're in the US), because only Internet Service providers and the Attorney Generals can sue spammers.
  3. If you control your own Domain Name Service (DNS) or if your webhoster is cooperative, set up a Sender Policy Framework (SPF) entry for your domain that designates which IP addresses are allowed to send email with your domain name as a sender address. Having this entry will ensure that many mail servers will discard spam that pretends to be from you but is sent from other sources (see http://www.openspf.org/ for details).
  4. Our spam filter jwSpamSpy will filter bounces that contain attachments which are spam and treats them just like spam itself, on the basis that such bounces are most likely spew-back from spam runs with fake sender addresses. This can at least ameliorate the problem a bit.
  5. If you are concerned about your reputation, add a link to your homepage that refers to a notice explaining the situation.
  6. Use the Domain blacklist checking tool to make sure your domain did not get listed for spam; this doesn't normally happen for innocent domain, but it's better to make sure.


I received an email promising millions of dollars / euros / pounds. Is this a scam?

If you received an email telling you you've won millions in a lottery or asks for help moving millions of dollars to another country, don't let greed get the better of common sense. These letters are frauds, even if the sender email address doesn't appear on my list yet. No lottery notifies winners by email. Even if they did, they certainly wouldn't be using accounts at free email services to do so. Former dictators, their family members, African bankers, etc do not need to contact total strangers to move money around. The people who operate the "419" scam are hoping to find victims who are greedy or desperate for money more than they have common sense, so they can take thousands of dollars in advance fees for fortune that doesn't exist.


I have a scam email from an address that's not on your list. Can I send it?

We welcome message submissions for addition to the list. Please forward the original message, ideally as an attachment. In any case we need both the sender address of the spam and the message body. In Outlook Express the command to forward the complete message is: Message | Forward as Attachment. Please make sure to include the string [419] (including the square brackets) in the subject line.


Where can I submit a domain name advertised in spam that I received?

If you have received spam that advertises a website and you would like the spam domain listed on public blacklist, you can use the following for to check if it is already listed. If it isn't listed yet, you can submit a report to get it listed:


Anti-Spam Resources:
jwSpamSpy is our spam filter for Windows email clients
Anti-spam domain blacklist – list of domains that I refuse to receive mail from
Recent additions to domain blacklist (with whois details)
"419" scam sender/contact addresses ("Nigeria connection" address book)
DNS-based IP and domain name blacklists
Dynamic IP addresses (700 KB!)
Free email providers

How to trace senders of spam
Link exchange offer spam
Getting creative with spam
Clueless virus filters spam innocent third parties
Smyrnagroup spammers (in German)

Lookup an IP address on blacklists (http://dnsbl.net.au/lookup/)
AOL dial-up address ranges and mail servers