Anyone notice an explosion in email spam?

R

Red Squirrel

[H]F Junkie
Joined
Nov 29, 2009
Messages
9,211
I've always had robust filters and while I get a few thousand spam emails per day I rarely get one that gets past the filters.

Recently I am getting like 10 per day, and it's all the same spam. Medicare enrollment, window replacement seem to be the ones that keep coming back. They all have the same layout but all come from completely different sources so very hard to block. They change the wording enough that I can't just outright block the titles. Been using bayse but it does not seem to be working.

Is it just me, or has anyone else notice this too? What are some good RBLs to use these days? Maybe I need to update my list.
 
I had an odd spam get through yesterday and still don't really know how.
It shows I was the sender and it was received by me, but it shows I also sent the email to like 15 people in my address book. Most of which I've only emailed once in my life and are laregely unrelated with each other. I havent used my desktop for anything other than starcraft2 in months and never visit unfamiliar sites when i do. No virus or spyware keylogging or anything is showing when scanning.
99% of the time I do my surfing and email from my Samsung s3 phone. Its stock not rooted and didn't think there was keylogging spyware that could be on these phones. Maybe I'm wrong and got something on it. I don't know how else they could have seen my address book and spoofed my name as sender to me and underlying email address is a physicians office in the UK. Nothing even slightly sketchy turns up when googling their address. Looks like a legit place and email and no reports of spam found googling them. I changed my password on gmail. Kinda wondering if a server somewhere was compromised. Seems more likely to me. But that's just a guess.
This is the only spam that's gotten through in a long time. Guess ill see if I get more like you have been.
Lots of times it blocks stuff I don't want it to and sends to spam folder, but not usually a big deal to look in there if I'm expecting an email and dont see it in regular inbox.
 
Last edited by a moderator:
We've had a run of new stuff getting through the filters here as well. Haven't noticed so much with my webmail accounts as I have with our corp users, but that may be because those are all either nearly-unused to the point of being on no lists, or have so many years of spam-marking that the filters are well-trained by now.
 
Over the last 60 days we've had a sizable increase in both spam and spam getting through the filtering. I would estimate that I was averaging 10-15 getting through the filter and 200+ being filtered. Both of those numbers have more than doubled.

The funniest is that one of the executives at my company has been getting about two dozen "cure your herpes" messages every day.
 
Last edited:
Doesn't seem abnormal over the last month.

K8SohDW.png
 
Good to know it's not just me. This is the typical format I seem to get:

Code: 
Re: Your New windows From HomeDepot.
---------------------------------------
Ref. #15228668
---------------------------------------
 
*************,


Amazing news, you have been selected to receive a complimentary-quote for windows from Home Depot.

This customer loyalty program can help prepare your home for the cold.

 
Go here today to find fantastic top-quality windows:  

************* [scammy url] *************
 
 






No longer receive this solitation here: ************* [scammy url] *************
************* [scammy url] *************- 804 Congress Ave., Austin, Texas 78701

To manage email preferences, visit here:  ************* [scammy url] *************
853-6814 Elit. St. Auckland 4402 New Zealand


They change the format slightly though but it's pretty much that but different subjects and addresses each time.

I've actually gone as far as making an email filter for ------------------- and the word window, medicare and other single words that I keep getting in spam. The window one is the one I get the most, like 5 per day.

I need to setup alias email addresses so that when I have to put my email somewhere I can track down how I got put in the list. It's the first time in at least 10 years that I get this much spam making it through my filters.
 
I had a spare email just for that reason, but the more I used it the more It became my main account. Would be a hassle to have to always check 4 every day incuding my enail at work.
Might be a good idea tho like you said to find out who is giving out your info
 
I had a huge increase, but only at 1 client location, 5 other clients with the same spam filter didn't see any noticeable increase. Seems to be somewhat targeted. Also seemed to be coming from a pretty small group of IP's that I eventually blocked. (rental VPS seemed to be a big part of it)
 
HUGE increase in the past 2 weeks. Similar messages as well (medicare, windows, stock tips, and weight loss). The problem now is that they are opening up in US datacenters, so I can't just block large subnets. It's much easier when this shit comes from china/Russia/Ukraine/iran/Africa etc because I just block all traffic from the subnets as the first rule of the firewall. I've been reporting them to the datacenters, which shut them down only so they can open up at another DC in the US. It's a shitty game of whack-a-mole, and management keeps getting pissed at me that I can't stop it.

I've also been getting a ton of email that has the spam portion in linked image, then it has quotes from books or whatever in white text at the bottom. So the message has content and gets by the filter, which can't block keywords that are on the image itself.
 
I have...thought it was just me. Checked my spam filters and they were working fine.
 
Biznatch said:
HUGE increase in the past 2 weeks. Similar messages as well (medicare, windows, stock tips, and weight loss). The problem now is that they are opening up in US datacenters, so I can't just block large subnets. It's much easier when this shit comes from china/Russia/Ukraine/iran/Africa etc because I just block all traffic from the subnets as the first rule of the firewall. I've been reporting them to the datacenters, which shut them down only so they can open up at another DC in the US. It's a shitty game of whack-a-mole, and management keeps getting pissed at me that I can't stop it.

I've also been getting a ton of email that has the spam portion in linked image, then it has quotes from books or whatever in white text at the bottom. So the message has content and gets by the filter, which can't block keywords that are on the image itself.
Click to expand...

Yep those are all the ones I'm getting. That and Ford clearance event. Tons of those too.

Just got bombarded again today. It's odd, it seems to come in waves since I thought I was doing good for a few days as I did not see any but now today I got like 10.

Not sure why my filters arn't getting these. Probably because it's not hitting keywords like viagra and stuff. I keep having to go tweak the filters, as the bayse is not cutting it.
 
I've been getting them too on my Yahoo account. Lots of the spam with the random numbers on the end.
 
You must log in or register to reply here.
Back
Top