Hi Alex!
I don't know if I'm a target of some SPAM attack or if it is just
business as usual.
I think it's business as usual, on new millenium designer steroids. :)
First, I must say that I *never* even glance at headers any more. I don't
have the slightest interest or care where they came from, pro, amateur,
cracked box, whatever.
Second, I don't keep any kinds of recorded stats on anything, so
everything I talk about is based on constant monitoring and memory. Not
particularly reliable for hard number documentation, but I do have a good
feel for the general ebbs and flows.
But I do study spam *content* very intently. The purpose of course is to
either steal or sell stuff. The stealers are the 419/ID thefts/other
scams, and the sellers are the mortgage/pharm/porn vendors. (There are two
other kinds, viruses/malignant email (which return no profit except to
gain new spam broadcast machines,) and 'broken spam generators' (which are
simply faulty software,) and although there are *tons* of faulty spam
neither of those two are profit -generators- for the spammer so I tend to
discount them in importance.) (And whether a particular 'sell' spam really
is a scam in sheeps clothing is a separate but moot topic because it's
undetectable at the email level.)
I do notice a couple of things over the past week or so.
One is, yes, a drastic *spike* to a new higher plateau in sheer volume did
happen. I can't recall an exact date, but it did happen very suddenly. If
I did have to pin a date on it it would be 10/2 or 10/3. Normally spammers
'go to work' on Thursday, to hit the 'weekend surfers.' (Used to be Friday
but they moved it up earlier this year.) But it ocurred to me one day that
it was waaaaaay too early in the week for the usual weekend flood. And it
wasn't just a day earlier, Wednesday, which is why I think it was Monday
or Tuesday. Tuesday sticks in my head a little stronger but not sure.
The other thing I notice is that there was little *variation* in the
*kinds* of spam I get. No unusual increases in bounces, (joesjobs,) or
sellers or stealers, just a larger volume overall.
By spike --> new plateau, I mean I went from a usual 500/day to 700/800.
50% is a *ton* more to happen so suddenly.
I *think*, (that is, an intiutive guess,) that I've seen these kinds of
increases before. (Again, I don't keep any kinds of stats on this stuff
that would help to objectively demonstrate a theory.) I think it happens
generally early in the month. I *think* this happens actually for
*business* (the business of spam) reasons. I have a feeling that the
spammers tend to operate on a monthly cycle. They gather new orders during
the month, and start firing off their product at the start of the next
month. I'm guessing that it's probably simply easier to do things this
way, different process steps in order -during- the month, rather than to
do 'everything every day.' The weekly cycles certainly do exist, so
there's no reason that there aren't month;y cycles too. All businesses
work that way. Why Sept might have been a hot 'new orders' month that
leads to hotter than average Oct volume is another story. :)
There's another possibility, that you've finally gotten into the 'millions
of email addresses' lists that the spammers use. I sure remember when
*that* happened to me many years ago, when spam suddenly shot from 'a
couple' to 'dozens --> scores --> hundreds' a day. Once you're tagged as a
'reliable addess,' eventually they put you in the From: and other header
lines so you can collect the bounces as well as the original spam. I'm
particularly tickled by all the instances I get of 'receive several
bounces *before* the original spam' because that means I have a *very*
reliable address and am -highly- -regarded- by the spam software that
generates it. LOL!
Have a :) day!
jb
--
jim barchuk
[EMAIL PROTECTED]
------------------------------------------------------------------------------
This List Sponsored by: Black Hat
Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas.
World renowned security experts reveal tomorrow's threats today. Free of
vendor pitches, the Briefings are designed to be pragmatic regardless of your
security environment. Featuring 36 hands-on training courses and 10 conference
tracks, networking opportunities with over 2,500 delegates from 40+ nations.
http://www.blackhat.com
------------------------------------------------------------------------------
