my email got hijacked by spammers :-(

Yesterday I noticed that some spammers had stolen my email address
(info(at)aguntherphotography(dot)com) and used as a return address for
spam emails. Now i got all these people upset at me.
What can I do? How can i prevent this from ever happen again?
The SPAM point to these two addresses:
http://psnfjtrsk3e.urchoise.com/
http://zndtelbywo.urchoise.com/
urchoise.com is registerd to a guy in rotterdam.
I hope they rott in hell for soiling my reputation.


--
----------------------------------
http://www.aguntherphotography.com

andre

On Sun, 19 Jun 2005 20:02:18 GMT, andre wrote:
> Yesterday I noticed that some spammers had stolen my email address
> (info(at)aguntherphotography(dot)com) and used as a return address for
> spam emails. Now i got all these people upset at me.
> What can I do?

You stop spam emails by deleting the email account. email_usage_search_tag

> How can i prevent this from ever happen again?

1. Don't use it in web pages or a junk contact email address.

2. Munge it on Usenet where it shows up in the header of your post.

3. Tell everyone you give it to, to not store it in their address book
where viruses/malware can steal it.

4. Tell them to never send you a card/joke/info from a web site.
Just cut/paste and email it or just send the url to you.

5. Tell them not to give the email address to anyone and if anyone
wants it, to send their address to you and you will send them the
address with the usage rules.

6. Use different browser for surfing and verify your email address
is not in the browser config settings.

7. Use a search engine to verify something like andri_gunthr@ is not
already used by someone at anytime when picking an email name.

8. Get throwaway email addresses for any online ebusiness

9. Use different semi-permanent email addy for each bank you do business with.

10. Different addy for friends and family. That way you a chance to
figure out who let the address out.

11. I got rid of the Microsoft OS so half of the problem of leaks goes
away and I will not catch malware to compromise someone elses address.

12. Check if your ISP account/profile to see if there is a check box
about sharing your info amoung their business partners.

13. Use a seperate email application where you can turn off java and
javascript and email client does not call other apps based on what
might be in an html email.

Bit Twister

andre wrote:

> Yesterday I noticed that some spammers had stolen my email address
> (info(at)aguntherphotography(dot)com) and used as a return address
> for spam emails.

It's a troll. If it knows how to crosspost and to munge, then the
question is bullshit.

--
Jack.

Jack

Jack wrote:
> andre wrote:
>
>> Yesterday I noticed that some spammers had stolen my email address
>> (info(at)aguntherphotography(dot)com) and used as a return address
>> for spam emails.
>
>
> It's a troll. If it knows how to crosspost and to munge, then the
> question is bullshit.
>
No Troll no BS. Crossposting is easy with thunderbird. I am just
dissapointed that my ISP and webhosting provider (both yahoo) doesn't
care. They don't seem to be interested. I deleted the email account
immidiately, but I am afraid the damage to my reputation has been done
already. It is very frustrating. I had my contacts page blocked from
search engines and somehow I was not counting on people being such
A**H**ES. Its just frustrating.

Andre

--
----------------------------------
http://www.aguntherphotography.com

andre

In <> andre <> writes:

>No Troll no BS. Crossposting is easy with thunderbird. I am just
>dissapointed that my ISP and webhosting provider (both yahoo) doesn't
>care. They don't seem to be interested.

Unfortunately there's not a thing the ISPs can do. It's just as easy for
someone to forge a return address on e-mail (in this case, yours...) as it
is to scribble your ex-girfriend's name on an envelope you drop in a
mailbox.

In other words, the fake mail doesn't come from their servers. The most
they can do for you is, if anyone complains, is send back a note saying
that you're not guilty of spamming and that some [expletive deleted] typed
in your username/domain.

Even though (in many of these cases) forging a return address or faking
the identity is a crime, none of the law enforcement types will usually
care about backtracking.

Rest assured that almost, almost, everyone out there understands about
this faked return-address issue, so while you may see some atutomated
bounceback, no one's going to attack you in return.

(well, there's probably some idiot or another somewhere).
--
__________________________________________________ ___
Knowledge may be power, but communications is the key

[to foil spammers, my address has been double rot-13 encoded]

danny burstein

andre <> writes:

>Yesterday I noticed that some spammers had stolen my email address
>(info(at)aguntherphotography(dot)com) and used as a return address for
>spam emails. Now i got all these people upset at me.

It happens to everyone. The problem is that one of the people you have sent
email to allowed themselves to hacked. Many viruses send out emails by
randomly selecting two email addresses from the addressbook of the hacked
machines-- using one as the To: and teh other as the From:

>What can I do? How can i prevent this from ever happen again?

Get better friends/aquaintances who do not allow themselves to be hacked

>The SPAM point to these two addresses:
>http://psnfjtrsk3e.urchoise.com/
>http://zndtelbywo.urchoise.com/
>urchoise.com is registerd to a guy in rotterdam.
>I hope they rott in hell for soiling my reputation.


Don't worry, most people know about From: address spoofing. ie, they do not
believe the From address on spams. Some have not heard about it yet. Tell
them what happened.

>--
>----------------------------------
>http://www.aguntherphotography.com

Unruh

[proper followup set]

In alt.spam - article <ebkte.993$>,
on Sun, 19 Jun 2005 20:02:18 GMT, andre says...
> Yesterday I noticed that some spammers had stolen my email address
> (info(at)aguntherphotography(dot)com) and used as a return address for
> spam emails. Now i got all these people upset at me.
> What can I do? How can i prevent this from ever happen again?
> The SPAM point to these two addresses:
> http://psnfjtrsk3e.urchoise.com/
> http://zndtelbywo.urchoise.com/
> urchoise.com is registerd to a guy in rotterdam.
> I hope they rott in hell for soiling my reputation.

The first step towards reducing domain forging is to establish an SPF
record in DNS for your domain.

http://spf.pobox.com

It's extremely simple and is only a single TXT line in DNS.

Any email admin accepting email with a "From:" domain that has a
restrictive SPF record is contributory in the amount of spam they
receive, their servers should reject it if it doesn't come from the
specified IPs.

When I say restrictive, I mean one ending with "-all". You'll
understand after reading "Mechanism Syntax" at
http://spf.pobox.com/mechanisms.html

Yahoo may give you a hard time, they're promoting a different, more
complicated mechanism. SPF is the way to go, if Yahoo won't do it,
move.

With a restrictive SPF record, you wouldn't get angry responses from
AOL users.
http://postmaster.aol.com/spf/

--
Listed by SPEWS, the answer is quite simple, read :
http://spews.org/bounce.html, follow the link to :
http://spews.org then follow the link to :
http://spews.org/faq.html then contact your provider.

Murray Watson

On 20 Jun 2005 06:19:44 GMT, Unruh <unruh-> wrote:

>andre <> writes:
>
>>Yesterday I noticed that some spammers had stolen my email address
>>(info(at)aguntherphotography(dot)com) and used as a return address for
>>spam emails. Now i got all these people upset at me.
>
>It happens to everyone. The problem is that one of the people you have sent
>email to allowed themselves to hacked. Many viruses send out emails by
>randomly selecting two email addresses from the addressbook of the hacked
>machines-- using one as the To: and teh other as the From:

Somebody could have gotten his email address from almost anywhere -
usenet,

Somebody could have gotten his email address from anywhere, ie usenet,
web page, a business card or where ever.

Telling someone that "one of the people you have sent email to allowed
themselves to be hacked" is nonsense.

While it *is* possible, it's decidedly more unlikely then finding the
email address on the op's website.

>>What can I do? How can i prevent this from ever happen again?
>
>Get better friends/aquaintances who do not allow themselves to be hacked

<cough> Crap </cough>

>>The SPAM point to these two addresses:
>>http://psnfjtrsk3e.urchoise.com/
>>http://zndtelbywo.urchoise.com/
>>urchoise.com is registerd to a guy in rotterdam.
>>I hope they rott in hell for soiling my reputation.
>
>
>Don't worry, most people know about From: address spoofing. ie, they do not
>believe the From address on spams. Some have not heard about it yet. Tell
>them what happened.

Agreed.

Dazz

>>--
>>----------------------------------
>>http://www.aguntherphotography.com

Dazz

On Mon, 20 Jun 2005 17:58:17 +1000, Dazz <> wrote:

<snipped>

>Somebody could have gotten his email address from almost anywhere -
>usenet,
>
>Somebody could have gotten his email address from anywhere, ie usenet,
>web page, a business card or where ever.

There's nothing quite like writing *almost* the same thing twice.

Dazz

Dazz

On Sun, 19 Jun 2005 20:02:18 +0000, andre wrote:

> Yesterday I noticed that some spammers had stolen my email address
> (info(at)aguntherphotography(dot)com) and used as a return address for
> spam emails. Now i got all these people upset at me.
> What can I do? How can i prevent this from ever happen again?
> The SPAM point to these two addresses:
> http://psnfjtrsk3e.urchoise.com/
> http://zndtelbywo.urchoise.com/
> urchoise.com is registerd to a guy in rotterdam.
> I hope they rott in hell for soiling my reputation.

First, put a statement on your home page explaining what has been done to
you. Tell your visitors that someone is forging the return address with
your email address. You may also want to set up an autoresponder to do
the same. It would also be a good idea for you to inform your ISP or
upstream provider about what is happening.

I also recommend visiting http://www.plaza1.net/SpammerSlapper and telling
people you know to do the same. The certificate presenteed is just to
give the applet the ability to visit websites advertised in spam. Just
set your browser to not accept cookies and then minimize the window.
Let the spammers catch hell for a change.

local