Spam, Bots, what more

[Shadow1980]

Hey all,

For those who don't now me: I have little to nothing to do with electic guitar music, MAB or whatever more :-) I am however taking an open approach to this and learning more about it.
The reason I ended up here is Succubus, she is the lovely young woman that brings happyness into my life
I am a much worse spammer then she is, but fortunatly for most of you I don't have a lot to say about music because I simply don't know what your talking about half the time

In any case, I might not know much about music but I DO know a lot about websites, webdesign, hosting, coding, programming games, running servers and what more.
I also manage and managed a GREAT number of forums as Administrator and/or senior moderator so I guess you could call that an area of interest/expertise

What i'd like to enlighten you about are so called "bots". I will not go into too technical terms as there are many kinds of those but I want to keep this understandable for everybody.
We are all aware of the well-known concept of "spam" over email. I know a lot of people wonder why they are getting so much spam and often they make the assumption spam comes from places they sign up at with their email address.
For a lot of websites this is true, allways take care not to tick any boxes that say a company is allowed to sent you information. The small print will ALLWAYS read somewhere they can share your email with their affiliates.
More interesting for people here are messageboards/forums, like this one here.
Many people will notice an increase of spam when signing up to messageboards. This however 90% of the time has nothing to do with the messageboard itself, but with bots that exploit these messageboards.

Basically a "bot" will be an automated program running for a company or other organisation that scans the internet, websites and especially messageboards for email addresses and other details. When found they get stored in their email list and bugged forever. Even tho this is illegal there is little you can do once you are on such a list. (Put the sender in your spam filter)
You can VERY easely prevent bots from grabbing your email like that with the following steps:

1. NEVER set your email address to PUBLIC on forums. If people wish to contact you, they can allways sent you a PM first after which you give your email address!
2. Professional messageboards like PHPBB or Vbulletin have the option to set a fake email address. This will be displayed INSTEAD of your real email address, thereby tricking the bots.
3. Don't put your email address in your signature, posts etc. If somebody wants it, give it in a PM. You prevent a lot of viruses and other malicious files form entering your computer.
4. Note that a quite common new trend is the use of ICQ and MSN to spam. Especially ICQ is very prone to this. Putting your ICQ in your profile can again lead to these bots grabbing you. (I have about 10 messages from east european/south american "ladies" every day as well as german porn)

basically what I am trying to say, you don't need to be "paranoid" about security but if you wish to prevent a constant stream of spam and malicious files from entering your PC, it's very good to not throw out your details very easely.
To quote a police officer from the internet crime team: Putting your contact details all over the internet is like throwing sheets of paper on the street with the address and directions to your house.
It is easy enough handing your details to those who need them in any case :-)

Hope this helps some people in understanding why they are getting spam even tho they didnt sign up for any strange websites.

[Succubus]

I even knew this and I still had my email on public. Stupid. I've set it back to my hotmail address, I don't care about spam there ;D

[BKW]

I am also in the technology trade, and "The Shadow knows what he is talking about .

I am very careful about my e-mail address. I have noticed a number of members have there own web sites with there e-mail address on those. that is even easyer for the "bots" to harvest your e-mail address from. I have up I do a couple of tricks I have used to mess the bots up.

Number one, don't put your e-mail address on a web-site or message board/forum. If you need to, create it as a graphic file as the bots look for text. I have also used this
pages.hostedscripts.com/spamprotect.html when I need to have a linked e-mail address.

Finaly, I usualy put this link on my site (usualy in the links section).

www.hostedscripts.com/scripts/antispam.html When the bots hit this page, it gives them a hundreed randomly generated bad e-mail addresses, and then loads a hundreed more, and so on. Unless they have some bots that can tell good from bad addresses, it will fill up their DB with bogus addresses


I just read today of a new form of virus/spyware (this one is being called "Ransom-ware"). If you visit this website (it has already been shutdown) with an older browser, it encripts all of your word, excel, graphic, etc files. It then leaves a ransom note that you have to wire to bank $200 usd, and then they will send you a program to un-encript your files.

[Succubus]

BKW said:

I just read today of a new form of virus/spyware (this one is being called "Ransom-ware"). If you visit this website (it has already been shutdown) with an older browser, it encripts all of your word, excel, graphic, etc files. It then leaves a ransom note that you have to wire to bank $200 usd, and then they will send you a program to un-encript your files.

Unbelievable. I guess it was only a matter of time before they came up with this. It can't be too difficult for the Fibbies or whoever to trace them if they give you bank details to wire to though? Still, unbelievably lame.

[Shadow1980]

BKW: Your absolutely right there.

I have an extremely large dislike of people writing these kind of programs, from the smallest most innocent adware to the more malicious forms like the ransom one you mentioned.
And let's not forget the browser hijack ones, especially the more persistant ones which edit your registry, win.ini etc and automatically re-install themselves upon deletion.
In contrary to popular believe, just a virus scanner/firewall isnt going to help you. I in fact don't like running those as they give you a false sense of security and in my case prevent me from doing the things I want to do with my PC.
99% of your computers security is related to the USER. Surf and email with a little bit of care, and you will mostly be fine. Keep windows updated at all costs and run a virus scan every now and then. You don't even need to buy and install one, you can use free services such as: www.pandasoftware.com/activescan/activescan.asp?Language=2&Country=63&Partner=1&Ref=EN-PR-AS-107


In addition a good spyware removal program is very important these days. Spyware can not only slow your computer down, but also sent personal data about you to third parties.
A very commonly used program is Ad-Aware, which you can download for free: www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=top5

Note this thread was purely informative, people should do whatever they feel like. But being aware of what your doing and where is very important if you want to protect the data on your computer.

[Shadow1980]

Succubus said:

Unbelievable. I guess it was only a matter of time before they came up with this. It can't be too difficult for the Fibbies or whoever to trace them if they give you bank details to wire to though? Still, unbelievably lame.

The FBI has a department dealing with these kind of issues, as does my government. I believe most countries have a department setup in their national security agency or police force which deals with these treaths, because they are no less then that: treaths to national and global security.
Unfortunatly these departments are rather unpopular among internet users as their favorite warez sites get closed down as well ;-)

[Succubus]

Yeah... there's always a downside!

[BKW]

I end up going into a lot of businesses and they end up paying a lot of money to have me de-infect there computers from hijack and spyware. It sometimes takes hours to clear these things completely, as there is usualy more than one. (worst I have seen is 800+ infections on one machine)

You mentioned ad-aware; I also use spybot seek and destroy in concert with ad-aware. Also Microsoft is beta-ing there ad/spyware blocker that you can currently download for free.

I have also started to use firefox as my browser, it's not fool proof, but does add another layer of protection.

When it comes down to it, as my father always says "A lock is only to keep an honest man honest"

To quote hill street blues "Be carefull out there!"

[Shadow1980]

It's a shame indeed that IE/Outlook are so vulnerable but most people should realise this is relative only. The only reason those microsoft products are the ones with the most security flaws (seemingly) is because they are the most widespread used programs and therefore the most interesting target for people with ill intend.
As other browsers will start getting used more and more, they will sooner or later become a more interesting target too.

The main thing to do really, like BKW also stated: be careful. It's like crossing a street, you look left and right and left again before you do it rathen then just running across the street like a headless chicken. Unless your from the UK, they do it the opposide way I think ;-) (How often Succubus has pulled my shirt to prevent me from getting overrun by a car at her place I cant even count anymore)

[Succubus]

Shadow1980 said:

(How often Succubus has pulled my shirt to prevent me from getting overrun by a car at her place I cant even count anymore)

You're not kidding. I'll really worry about you going out on your own once you move here... let's not even think about you learning to drive ;D

[Shadow1980]

It'll be ok. I have enough reason to keep living to prevent myself from getting hit by a car. *gives Succubus a loving look*

[Ryan]

I use AVG anti-virus, ad-aware , spybot search and destroy and PeerGuardian Firewall.

And shadow i didnt read all your posts, so, im not one for long posts, can you tell people about how a normal re-format of your computer wont get rid of some viruses?

[Shadow1980]

Ryan said:

I use AVG anti-virus, ad-aware , spybot search and destroy and PeerGuardian Firewall.

And shadow i didnt read all your posts, so, im not one for long posts, can you tell people about how a normal re-format of your computer wont get rid of some viruses?

Some of the more sophisticated viruses can reside in your RAM , BIOS etc. And people often forget the stuff they write to floppy discs, or even CD's/DVD's can contain their virus as well. So when running those again they could be reinstalling their old viruses.

The main problem with 'deleting' things is the common misunderstanding that data is actually being erased. It AINT. Data is merely being scrambled to be "unusable". People who used MSDOS in the past will know there was an undelete command, and those knowing that will realise data isn't actually properly erased.
The only reason undelete/recover doesn't allways work is because if you install programs after you erased something, the new files can be placed right over the scrambled data of the old program(s).

To make it easier to visualise: think back when we still used cassette tapes to record music. Erasing the data left fragments of the music, and sometimes when recording over and over you could spot the odd glitch or even a sound fragment of previously recording things.
Now even tho this is technically not the best comparison, it does make it easier to understand for those who can't visualise what happends ;-)

Ryan: Your right tho, a reformat is NOT a proper solution to get rid of a virus Tho it can work against some of them

[Ryan]

Yup, only way to fully get rid of those viruses which stay on your hard drive is to recalibrate your discs in the hard drive or something like that. Resets the magnetic field or something wipes EVERYTHING.

[BKW]

Shadow1980 said:

To make it easier to visualise: think back when we still used cassette tapes to record music. Erasing the data left fragments of the music, and sometimes when recording over and over you could spot the odd glitch or even a sound fragment of previously recording things.
Now even tho this is technically not the best comparison, it does make it easier to understand for those who can't visualise what happends ;-)

A better way to think about it is that your files are like books in a library.

When you "erase" the file it is like putting an X on the card from the card cataloge in the old days, or marking it permanently out in a DB style library cataloge . The book may still there, but you now don't know for sure (on a hard drive, the computer will not display the file anymore) . When the library needs to add a new book and there is not enough space on the shelf; it will see if there are books marked for removal that are still on the shelf and then replace it with the new book.

[dangerousdave]

I have absolutely no idea what you guys are on about ;D

[DarkMusicAngel]

dangerousdave said:

I have absolutely no idea what you guys are on about ;D

You took the words RIGHT out of my mouth... ;D I think I'll just stick with music...

[BKW]

Actualy what happens is that in the File Allocation Table the first letter of the file name is changed to a '~' when you delete a file. The file itself still resides on the hard drive.

The OS then ignores any files that start with a '~' when displaying a list of file. The OS can also use any of the sectors for other files it writes as those sectors are considered available even though data resides on them.

does that clear it up ;D

[DarkMusicAngel]

BKW said:

Actualy what happens is that in the File Allocation Table the first letter of the file name is changed to a '~' when you delete a file. The file itself still resides on the hard drive.

The OS then ignores any files that start with a '~' when displaying a list of file. The OS can also use any of the sectors for other files it writes as those sectors are considered available even though data resides on them.

does that clear it up ;D

*scratches head* You lost me with the whole OS thing...man I'm dumb lmao

[BKW]

darkmusicangel said:

*scratches head* You lost me with the whole OS thing...man I'm dumb lmao

OS = Operating System. Dos, Windows, Unix, etc..

[Danatello58]

Hey, I think I learned something...somewhere....I hope...

[Hew]

But if you do set your email on private you don't get any emails from those lovely people in nigeria!

[Aku]

Shadow1980 said:

Some of the more sophisticated viruses can reside in your RAM , BIOS etc. And people often forget the stuff they write to floppy discs, or even CD's/DVD's can contain their virus as well. So when running those again they could be reinstalling their old viruses.

To my knowledge, RAM gets erased on every reboot.
Are you sure that a virus can be stored there?

I'm using Linux, so I don't have any problems with viruses or spyware.
Sure it's more difficult than Windows, but it's definitely more secure too.

[Shadow1980]

There are so many loopholes in Windows that it wont ever be the most secure OS around.
It's a shame that Linux isn't more accesible for 'common' users, a proper choice in OS would be very good for the market.
Right now there really isn't much of a choice for most computer owners.

[Shadow1980]

Hew said:

But if you do set your email on private you don't get any emails from those lovely people in nigeria!

Heh, I think most people will know the very common email, where you get a semi-sad story and then a request for help with securing funds. Your allways promised a part of the funds :-) These letters allways come from countries like Nigeria, or other countries in africa and the middle east.
I really wonder sometimes how some people can be stupid enough to fall for these things and actually give out their details and sometimes even credit card numbers...