Close
Close

What I learned Today about Being the Victim of Spam

SpamAfter being the victim of a Spammer hijacking my newsletter for their own purposes earlier today there are a few lessons that I’ve learned:

1. People Hate Spam

No really – they HATE it. The hatred and anger that has ended up in my inbox today from recipients of the email that the spammer sent out with my email as the reply address has been quite amazing.

While I ‘hate’ spam I realize that my own feelings toward it are mild in comparison to some.

I’ve been called some of the most despicable names and have been threatened in ways you can only imagine as a result of this attack.

I’ve never been tempted to be a spammer but this has given me a new insight into both the damage it can do, the anger that it causes and the things that it triggers in people.

2. Don’t do Nothing

As soon as I realized what was happening I posted a post to both of the blogs concerned (here at PB and at DPS) explaining the situation.

I also sent an email to each person who emailed me to complain about the spam – even to those who were most abusive (I’m up to 500 so far). The email quickly and politely explained the situation and empathized with them getting the email.

It turns out that it was lucky that I did as I’ve heard from a number of those who were spammed that they were reporting me to a variety of blacklist services until they saw my posts and emails.

A handful of those who emailed me continued to abuse me for it – but in the main the feedback from my explanations was positive.

3. Good Things Can Come from Bad Circumstances

– the irony is that because the spammer hijacked an email that actually contained good information about my site and because I acted quickly to explain the situation to those concerned that I’ve actually found a number of new readers for my blog at DPS. A number of those impacted have already contacted me to thank me for my response and tell me that they’ve subscribed to my newsletter (the one that was used by spammers).

I’m yet to see what damage was really done today – tomorrow will be yet another day of mopping up as the majority of those impacted will no doubt wake up to the email in their inbox – however it is sometimes through the times of trial that you learn most about yourself and what you do.

About Darren Rowse

Darren Rowse is the founder and editor of ProBlogger Blog Tips and Digital Photography School. Learn more about him here and connect with him on Twitter, Facebook, Google+ and LinkedIn.

Problogger.net runs on the Genesis Framework

Genesis Framework

The Genesis Framework empowers you to quickly and easily build incredible websites with WordPress. Genesis provides the secure and search-engine-optimized foundation that takes WordPress to places you never thought it could go.

Check out the incredible features and the selection of designs. It's that simple - start using Genesis now!

Comments

  1. You’re right. I have a couple of “Quote of the Day” mailing lists with about 40,000 subscribers total, and inevitably it gets mistaken for spam from time to time – for example, someone subscribes a company-wide address to the list and then I get angry comments from everyone else in the company.

    I’ve also had the pleasure of having two email spammers and one comment spammer use my URLs to try and appear legitimate.

    There’s not a single thing that seems to bring more anger – not even the most annoying ads on my sites, or a few hours downtime, or someone losing their forum account.

    I’ve even had a few people get abusive to the point where I reported them to their ISPs.

    Word to the wise: don’t be a spammer. Avoid even looking like one…

  2. Unfortunately, email spoofing is all too easy, as you found out. It is trivial for a spammer to fake sending emails from any email address, which is why we need cryptographic email authentication, and we need it now.

  3. Tim says:

    I agree Ilya, the Internet needs a solution to email spoofing asap.
    I’ve written an article on how we could rid the world of spam for good, although it relies on people not being able to spoof other peoples addresses:
    http://bla.st/site/blog/74/
    Any other ideas would be great!

  4. Heiner says:

    > Unfortunately, email spoofing is all too easy,

    Yes! I got about 5000 “DELIVERY FAILURE” , “Out of Office reply” and so on last week, because someone used my mail address for spam…

  5. Andy says:

    Why would people who have received an apology and an explanation direct from you, still continue to volley off abuse?

    Seriously – the mental health of these people has to be questioned.

  6. EelKat says:

    On January 16, 2007… a spam hacker got into my eBay account, and proceeded to list dozens of items for sale. He than bought over $2,000 worth of items and attempted to have them shipped to Nigeria. From eBay he was able to find out my email address and my credit card inforrmation. The next thing I knew all hell had broken lose while he hacked everything in sight, and made a mess of my online life, pretending to be me. All of this he did in a period of 6 short hours. Luckily for my PayPal noticed the suspicious activity on my accounts and closed my PayPal account thus cancleing out all of the transactions.

    I know this is not the same thing that happened to you, but it is almost the same, so I understand your frustration at these criminals that have nothing better to do than destroy the hard work and reputation of others, via hacking. I am so sorry that this happened to you. I hope you can track down the guy who did it and put him behind bars where he belongs.

    ~~EK

  7. Chris G says:

    Thanks for the instructive lesson here. I think a serious and in depth follow up discussion on what one can do to attempt to ward off this happening is past due. While I haven’t looked into this issue much as I have no list as of yet, I would like to learn all I can before it becomes an issue. With 30 domains, many of which I intend to launch in somewhat rapid succession (thumbs crossed here :p) I am very interested in doing all I can to avoid this situation.

    I’ve seen spam with obvious phoney return addresses myself, and that brings up another question I’ve been meaning to ask someone as well.

    I’ve gotten spam :to me …. FROM ME!! What the heck? and also I’ve gotten some of those ‘failed transmission’ daemon bouncebacks for emails I never sent as well. Luckily it was never on a mass scale nor did it get me in any trouble.
    Any additional feedback would be appreciated. I can be reached at cmgwebz – at – gmail as I’m pretty unreliable to check back on individual posts.

    Thanks,
    cmgweb

  8. Chad says:

    It’s a shame people get so worked up over a few spam emails with threats and abuse. Like Andy said, these people are probably a few bricks shy of a load to begin with.

    First and foremost, they should use free email addresses to sign up for newsletters and the like to begin with. I could care less who spams my throw away accounts.

  9. security says:

    sec.gov/news/press/2007/2007-34.htm

    Interesting that the topic of Spam came up – the SEC just halted trading on 35 Companies because of their extremely aggressive Spam emails

    and tonight 20 -20 just did an 23 minute interview with a Successful Nigerian Scam Artist who came clean and revealed secrets after being exposed in a sting operation

  10. Steven Noble says:

    Hi Darren,

    Just letting you know the owners of SPAM (the tinned meat) have no objection to spam (junk email) being called “spam”, but they ask that it be no likened to SPAM (the tinned meat) through the use of their logos or images of their products in discussion of spam.

    Of course they’re fighting a losing battle, but in principles it’s not an unreasonable request.

  11. markowe says:

    I get pretty angry about spam, and would be tempted to fire off an angry email, if I wasn’t aware that there is no point, and that return addresses are often spoofed. Spammers do NOT have a customer service department, in fact do not generally read their return email (think how many bounced mails they get)!

    Why the anger? I think that we feel it is an invasion of our privacy, of our personal space and in that respect, people who get livid about spam are the same personality types (like me) who get “the rage” when they are cut up in traffic or made to wait in queues… GRRRR…!

  12. MJ Ray says:

    I suspect the only things you can do against spammers which will have any effect are:

    1. shop them to the authorities: if you are in the same jurisdiction and have competent e-fraud police, then this is worthwhile and most other businesses will thank you for it – if they are distant, it’s probably difficult, but maybe you can feed their telephone numbers and mailing addresses to their local authorities.

    2. name and shame them: particularly if you have a high search engine placement or relevant audience, you can make their misdeeds widely known. However, be careful to check it was really them. I’ve once seen people dirtying rivals’ names by impersonation-spamming, but I think it’s pretty rare.

    The problem is not technology (authenticated email, sender verification, SPF, Sender-ID, or any other FUSSP) but legality: fraud and advertising criminal codes.

    Any more?

  13. William says:

    From the point of view somebody who wasn’t affected, all I can say is goodjob. You’ve handled yourself well, takes a special person to look for the silver lining in every situation.

    It’s a shame that this hasn’t been solved yet, why not just make a seperate website for your newsletter then get people to subscribe to that instead? (I know, some folks don’t use RSS yet.)

  14. DaEMoN says:

    Yeah, you really handled the situation well, Darren

  15. Remon Talks says:

    Spammers using forged email addresses is a big problem nowadays. I believe the use of an SPF record should fight this, but unfortunately SPF record usage is not very widespread at the moment.

    For more info about SPF records google it or see http://www.openspf.org

  16. Those who hate spam are apparently not enough. The sad truth is that, if we have so much junk in our inboxes, it because it works, it makes spammers earn a ton of money. The number of gullible people who make spam work is disturbingly large. Spam is a scary window on human gullibility.

  17. Teresa says:

    500 emails..wow. I know how it feels. My husband and I once had it happen through a system we were using to build a website. The people who hosted us apparently were sending us warnings about it all, but we got nothing in our inbox about it. So, needless to say we were banned from it. It actually was affecting everyone else’s website that was using the hosting. It was pretty bad. So, I know how you feel when someone uses your website to send spam.

  18. Kimber says:

    There are two issues here…theft of an email address and the use of spam.

    Fraud and theft is unfortunately a part of doing business. I’m currently working with a company that had to change its main bank account twice last year due to excessive fraud. Heck, in accounting, we even have a “kinder” word for it…shrinkage (like that’s fooling anyone).

    Spam…well…spam, like direct mail and telemarketing, works. The biggest issue with spam is that its so blasted inexpensive to use. You want to limit spam? Put a cost on sending emails.

    Sending cyber hugs your way Darren and great job on using your experience to bring attention to the subject.

  19. jhay says:

    The only ones who love spam are the ones who make money out of it. We really need to do something to get rid of spam.

    Charges for sending e-mails is quite tempting, I wonder how would everyone else react to it?

  20. Chris says:

    No comment, but sorry you had to unfairly take all that abuse from people. That just sucks and it couldn’t have brightened your day.

  21. If people have any sense, they’ll realize that there is more value in a targeted list than just blatant crap-spam.

  22. James says:

    There are somethings much worse than email spam:

    Fax spam – we waste more paper on fax spam than we use for real faxes.

    SMS spam. I have to pay for messages to my phone. Plus, the annoying beep that should only be something from someone I know. I now have the service blocked completely so now I cannot use it even if I want to.

    Email spam does not seem so bad – still don’t like it.

    James

  23. Karen says:

    I recently experienced something very similar. In fact, I wouldn’t be surprised if it were the same spammer in both incidents. {Darren, I sent you a separate email just now about this.}

    I have received emails from the recipients of this spoof email that used my email address and included the full content of one of my newsletters as distributed through aweber (so the spammer subscribed to my list to get it and then unsubscribed when they were done).

    The spammer pasted their ad in the bottom of the spam email after my newsletter and changed the subject line of the email. In return I’ve had emails from the recipients using the F word, the B word and a lot of other offensive words. They’ve reported me and my domain as spam, etc. I’m still cleaning up the damage (and hoping none of these unhappy people come to visit me in person one day). The spammer pasted an ad about weight loss and apparently this is a very touchy personal subject with people who receive such ads.

  24. Ashish Mohta says:

    wow…that s**** ….we can understand darren but dont worry we all trust you and we know u wont spam with stupid stuff just spam us with blogging lol

  25. Nicholas says:

    I’m a firm believer that whatever you do unto others, will also be done unto you.

    Spammers are a disease of the internet. They will get their reward soon enough…

  26. Reggie says:

    I notice from dnsreport.com that you are not using the SPF records (sender policy framework). Many ISP mailservers will reject spam from unauthorised IPs by checking the SPF records. Using SPF might have prevented many of these angry people from receiving the spam in the first place. For this reason, I would recommend that you SPF records.

Trackbacks

  1. [...] What I learned Today about Being the Victim of Spam [...]