Might I have spyware on FC6? This is very suspicious.

Dotan Cohen dotancohen at gmail.com
Mon Apr 16 07:14:05 UTC 2007 

On 15/04/07, Eric J. Feldhusen <efeldhusen.lists at gmail.com> wrote:
> Dotan Cohen wrote:
> > For my personal email contacts I use disposable email addresses to
> > control spam. The result is that I have literally hundreds of email
> > addresses at the same domain, caught by a catch all and sorted from
> > there. Very effective in identifying the source(s) of spam.
> >
> > Today, I received 9 very similar spam messages to 9 different email
> > addresses. These addresses have absolutely nothing in common, other
> > than the fact that they are all in To addresses in email in my Kmail
> > folders. The only way that an entity would find these addresses
> > together would be if it had access to my ~/.kde folders, in other
> > words read access to my computer.
>
> On mail filters I have across 34 domains, it's pretty common to see
> dictionary and even random email address generation into the tens of
> thousands.
>
> So, email addresses like bob at foo.com and steve at foo.com will get spammed,
> you'll see sfasdfasd at foo.com and sasdf43 at foo.com.
>
> Also, if any of those addresses have been used to send email to other
> people, there's a ton of windows virii that upon infecting a windows
> box, will scan for email addresses, then send themself to all of those
> addresses.
>

Yes, with over 400 junk emails a day (sometimes over 1000) I see lots
of random words, dictionary words, wild guesses and the like. But here
is how the suspicious emails of yesterday (all very, very similar)
were, by hour received:

15:32:11 address of random characters that gets regular spam, was
never actually used by me.
15:32:12 address that was used to mail a friend 4 years ago. Never
used since, and has never received spam.
15:32:13 old address of mine that I stopped using because of large
amounts of spam going to it.
15:32:15 old address of mine that I stopped using because of large
amounts of spam going to it.
15:32:17 address of random characters that I've never seen before.
15:32:18 address that was last used 3 years ago on a mailing list.
Gets regular spam
15:32:19 address that was used to sign up for domain parking 2 years
ago. Never used since, and has never received spam.
15:32:20 address of random characters that I've never seen before.
15:32:21 address of random characters that I've never seen before.

It's the 2nd and 7th ones that are very unusual. The only place those
2 addresses are in the same place are on my own computer. And neither
of them have ever received spam in the past. One is 4 years retired
and the other 2 years retired.

Dotan Cohen

http://chat-message-boards.com
http://what-is-what.com/what_is/spam.html

More information about the fedora-list mailing list