I just received a mail in which I was thanked for my interest in staying in Bombay and requesting the accompaniment of some Indish girls (read: prostitutes), along with a list of the rates per hour etc.
Attached to it was the original message that was sent in my name. Needless to say, this was one of the many worm mails.
What intriguises me is this: Spammers are always looking for verified email addresses. Often an address is verified once an email is received by the spammer. Nowadays however, receiving a mail is no longer an indication for anything as they are sent out randomly from one point to the other. Maybe this has some bearing on the value of verified email address databases that can be bought in order to spam more effectively. With all those worms, many bogus addresses (obsolete and non-existing ones) will end up in such databases. This clearly decreases their value to spammers.
Oh, how I hope that this is so!
Re:I don't get it...
ethan on 2004-03-07T23:28:38
They don't only scan address books. Some also look at the browser's cache files (for instance).
Another good measure of the increasing use of bogus address is the count of bounces one receives nowadays because a mail was sent in one's name to a no longer existing email address. I assume that these addresses are also used as forged from-addresses.Re:I don't get it...
vsergu on 2004-03-10T12:37:37
And nowadays some of the worms are grabbing message IDs and thinking they're addresses. I know they've have been trying to deliver mail to addresses like 20040304003305.51802.qmail@[one of our domains]. Even worse, they're sometimes chopping off bits from the front of valid addresses and from message IDs, so they're using all kinds of invalid fragments. And MyDoom makes up addresses for domains it finds by adding common first names (joe, mary, adam, and many more) as users.
