Why You Shouldn't Always Unsubscribe From Emails

**Anilrgowda** · 05-Dec-2006, 11:50 PM

Intro:

This all started from me being spammed by some "Online Adult Dating Service" spam email. Of course my Spam Assassin caught it, and labeled it appropriately though. I guess I just had some weird inclination to go look around. No, no, not at the dating service, but at the website. You see, the website was buried in some folders, and just seemed odd to me. It only took me a minute or two, and I then realized there was no index file on the root of the web server. You know what that means don't you?

The email:

I use MailWasher to preview my emails, so I have some extra protection from all that garbage that fills my inbox constantly. I might add as well, there was an unsubscribe link in the email as well. It's not visible there, but I viewed the complete header and saw it. I have included a slightly edited text version of the email which you can view right here if you would like.

(1) The email preview

The webpage:

Picture 1 is a picture of the website doing referrals to Sexsearchcom.com. Their affiliate program makes a webmaster $20 USD a pop, so I could see why webmasters would want to promote it. Big money! Against my better judgment, err, using my better judgment, I've edited the picture so you won't see anything explicit. Use your imagination of what nipples look like, or whatever. Also note the link in the address bar, as it is buried in a strange way to view a website in. Unless of course you publish content such as ours. And yes, I still use IE 6...cough...

(2) The webpage as viewed from the link in the email (3) The root!

Navigating to the homepage via my address bar, (onlinemeetandcheat.biz) you would see what is above. Really, go take a look now at picture 3 if you haven't already. The whole website is open. Ok, technically it's not really the "root" per say of the website, actually, it's the public html space of the website. Which is exactly where an index file is supposed to be. In other words, when you go to any website, your browser loads the index file. No matter if the page is html, php, or the likes. Without an index file, your browser just shows you the files and folders of the web space.

So, I then started probing around. The first thing was, what was in that remove.txt file? Much to my surprise, I wasn't really thinking then, it contained email addresses. LOTS OF THEM! I didn't really realize how many until later on.

The website files:

Since we already know what was in the remove.txt, lets probe around a bit more shall we? Next on the agenda was the nomore.htm and the remove.php. I downloaded the nomore.htm, and looked at the source. Basically what happens is the remove button (which does some simple verification to make sure it looks like an email address) sends your text you entered into the remove.php, which appends it to the end of the remove.txt file. The remove.txt file could be loaded into a mailer, to send or remove, the later being very doubtful, your address then.

(4) Remove

So what do we have then? Well, we have a spammer that sent emails without permission. Also, we have a remove option, that you never agreed to accept emails from, so if you did put your email address in the remove, you've just confirmed your email address for more spam. Which you can see below. I'll elaborate after the pictures.

(5) doo@aol.com (6) Shows in the text file

(7) made up email (8) Both are there

Pictures 5 and 7 show the confirmation that the script gives. Pictures 6 and 8 show that they have been added to the remove.txt file. I downloaded the text file after each submission to make sure it worked. I of course erased all the email addresses around the two that I entered for the privacy of other people. You will notice I did use my own domain for the last one. More on that in a bit.

Lastly for this section, I found a readme.txt in the "referral" website area. Interesting huh? Nothing we could use to get back at this loser. Or is there? I'm not going to go probing around with that ID#. Going further on my part would be illegal. As in posing as someone else to try and find out more information. I won't go there.

(9) Ok, this guy is a real moron

So who owns this website?:

Easily figured out by doing a whois is right? Unfortunately, all the info is bogus. Hmm, wonder who does the hosting? No real need to worry, and/or complain the the web host, this website has a limited lifespan. You can though...

Results:
Domain Name: ONLINEMEETANDCHEAT.BIZ
Domain ID: D7910532-BIZ
Sponsoring Registrar: INTERCOSMOS MEDIA GROUP, INC. D.B.A. DIRECTNIC.COM
Sponsoring Registrar IANA ID: 291
Domain Status: ok
Registrant ID: IMG-630230
Registrant Name: harold wellthtoptonony 3rd
Registrant Organization: batemna preservation society L
Registrant Address1: 25323 soth bendhethat rd
Registrant Address2: suite 1100
Registrant City: Dannmatt
Registrant State/Province: not applicable
Registrant Postal Code: 92939-0982
Registrant Country: Argentina
Registrant Country Code: AR
Registrant Phone Number: +54.166798074865
Registrant Facsimile Number: +54.289
Registrant Email: myhommietbone@yahoo.com
Administrative Contact ID: IMG-630230
Administrative Contact Name: harold wellthtoptonony 3rd
Administrative Contact Organization: batemna preservation society L
Administrative Contact Address1: 25323 soth bendhethat rd
Administrative Contact Address2: suite 1100
Administrative Contact City: Dannmatt
Administrative Contact State/Province: not applicable
Administrative Contact Postal Code: 92939-0982
Administrative Contact Country: Argentina
Administrative Contact Country Code: AR
Administrative Contact Phone Number: +54.166798074865
Administrative Contact Facsimile Number: +54.289
Administrative Contact Email: myhommietbone@yahoo.com Results:
inetnum: 222.32.0.0 - 222.63.255.255
netname: CRTC
descr: CHINA RAILWAY TELECOMMUNICATIONS CENTER
descr: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China
country: CN
admin-c: LQ112-AP
tech-c: LM273-AP
status: ALLOCATED PORTABLE
changed: edited@edited.net 20030902
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CN-CRTC
mnt-routes: MAINT-CN-CRTC
source: APNIC

route: 222.32.0.0/11
descr: CHINA RAILWAY TELECOMMUNICATIONS
country: CN
origin: AS9394
mnt-by: MAINT-CN-CRTC
changed: edited@edited.net 20040402
source: APNIC

person: LV QIANG
nic-hdl: LQ112-AP
e-mail: crnet_mgr@chinatietong.com
address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China
phone: +86-10-51890499
fax-no: +86-10-51890674
country: CN
changed: edited@edited.net 20041208
mnt-by: MAINT-CNNIC-AP
source: APNIC

person: liu min
nic-hdl: LM273-AP
e-mail: edited@edited.net
address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China
phone: +86-10-51848796
fax-no: +86-10-51842426
country: CN
changed: edited@edited.net 20041208
mnt-by: MAINT-CNNIC-AP
source: APNIC whois web host

Wait, didn't you create an email address on your own domain?:

Why yes, answering my own question. And yes, I edited the pictures so it is missing one number, or letter. I'm the only one that knows what that email address is, and it is unpublished anywhere. I'll let you know at the end of this write up, if anything became of it.

(10) Account created

Back to the remove.txt:

Loading up the email address file in M$ Word 2003, I can find out a bit more info on it. The below picture about sums it up. The final text file that I grabbed was on May 1st. It was 487kb. Yes, that is 390 pages. The 22,171 words, well, that is 22,171 email addresses. I'd like to note that some of them are doubled up. Probably a duplicate every page or so, and some are obviously random typing to make it look like an email address. Regardless, a great deal of them appear to be legitimate. Think about how scary that is? Especially because anyone could have gotten that list as easily as I have been for about a month.

(11) Word 2003 word count

How about some domain analysis on who unsubscribed. I picked 6 domains off the top of my head, and did a search. They are, Excite, Hotmail, Netzero, Netscape, AOL, and Yahoo. My immediate guess would be AOL for the most submitted. Well, that wasn't the case though. I mean, who knows where this bozo got his list from to begin with. Many places actually sell email addresses, and there are plenty of spiders that scour the web harvesting email addresses too.

Excite Hotmail Netzero

Netscape AOL Yahoo

Ok, I'll tell you the winner. It's Yahoo, with 1,538 entries. AOHELL only had 378. Sorry, I couldn't hold back anymore poking one at AOL24218. Heh, sorry again. So, the rest are miniscule, but feel free to click the thumbnails to get a look if you are curious. And hmm, what does that mean? Well, it means there is a tremendous amount of other domains listed in the text file. As aforementioned, a great many look legit.

One more reason not to unsubscribe from some websites:

I found this online pharmacy. Yeah, go figure. While I probed around, I didn't really find anything other than the site was obviously a freaking scam. I did go grab their remove html. Just look at what the remove button (form) is called. Now that can't be ok, uh, good I mean.

(12) Ok then....

So what happened to that site?:

Spamming eventually catches up to the spammers. Somehow I seriously doubt you'll see a website back online at onlinemeetandcheat.biz. Well, until it gets gobbled up by some lame domain squatters that put up cool web search sites.

Results:
Domain Name: ONLINEMEETANDCHEAT.BIZ
Domain ID: D7910532-BIZ
Sponsoring Registrar: INTERCOSMOS MEDIA GROUP, INC. D.B.A. DIRECTNIC.COM
Sponsoring Registrar IANA ID: 291
Domain Status: clientHold
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Registrant ID: IMG-408577
Registrant Name: ICANN for invalid WHOIS info. This domain was reported to
Registrant Organization: This domain is not active.
Registrant Address1: invalid WHOIS, domain disabled
Registrant Address2: invalid WHOIS, domain disabled
Registrant Address3: invalid WHOIS, domain disabled
Registrant City: invalid WHOIS domain disabled
Registrant State/Province: WY
Registrant Postal Code: 99999
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +1.9990000000
Registrant Facsimile Number: +1.9980000000
Registrant Email: customer-must-correct-the-info@or-th...be-deleted.com
Administrative Contact ID: IMG-630230
Administrative Contact Name: harold wellthtoptonony 3rd
Administrative Contact Organization: batemna preservation society L
Administrative Contact Address1: 25323 soth bendhethat rd
Administrative Contact Address2: suite 1100
Administrative Contact City: Dannmatt
Administrative Contact State/Province: not applicable
Administrative Contact Postal Code: 92939-0982
Administrative Contact Country: Argentina
Administrative Contact Country Code: AR
Administrative Contact Phone Number: +54.166798074865
Administrative Contact Facsimile Number: +54.289
Administrative Contact Email: myhommietbone@yahoo.com
Administrative Contact ID: IMG-408577
Administrative Contact Name: ICANN for invalid WHOIS info. This domain was reported to
Administrative Contact Organization: This domain is not active.
Administrative Contact Address1: invalid WHOIS, domain disabled
Administrative Contact Address2: invalid WHOIS, domain disabled
Administrative Contact Address3: invalid WHOIS, domain disabled
Administrative Contact City: invalid WHOIS domain disabled
Administrative Contact State/Province: WY
Administrative Contact Postal Code: 99999
Administrative Contact Country: United States
Administrative Contact Country Code: US
Administrative Contact Phone Number: +1.9990000000
Administrative Contact Facsimile Number: +1.9980000000
Administrative Contact Email: customer-must-correct-the-info@or-th...be-deleted.com
Created by Registrar: INTERCOSMOS MEDIA GROUP, INC. D.B.A. DIRECTNIC.COM
Last Updated by Registrar: INTERCOSMOS MEDIA GROUP, INC. D.B.A. DIRECTNIC.COM
Domain Registration Date: Thu Oct 07 21:23:27 GMT 2004
Domain Expiration Date: Thu Oct 06 23:59:59 GMT 2005
Domain Last Updated Date: Tue May 03 19:27:35 GMT 2005

Whois updated May 3rd

Of course somehow I think that this isn't the last we'll see of this particular spammer. He probably has many other websites, and loads of unsolicited email going out all the time. Especially with all those fresh email addresses harvested from unsubscribing.

The email address I created:

Nearly a month later, I still haven't received any spam into that account that I set up just to see if I would get some spam sent to it. I'm not saying it won't happen, but I'm fairly confident it will. Unless by chance the domain got shut down before whoever could get the file off of it. Doubtful though. I'll update this article if needs to be in the future. So if you did learn something about spam emails, great. If anything, think about the security of some websites, and who you can trust with your information. A simple email address can be revealing if there is enough information about you on the web. Identity theft is at an all time high at the moment, so try and be safe online.

Closing:

So let that be a lesson, or a heads up, about unsubscribing from anything you never agreed to receive. Not that there aren't legitimate websites that you get newsletters, or special offers from, say, Newegg, or the likes. Even if someone else signed you up for something as perhaps a joke or whatever, make sure the company is reputable before giving away any information. Even if they aren't on the ResellerRatings site, that doesn't mean they aren't legit. Google stuff about companies, offers, and you'll find the truth eventually. Or just plain delete them.

Some emails even have unsubscribe options that appear to be legitimate, like emails that said you agreed to receive offers, and you signed up on such and such a date/time, and even has a bogus IP address to make it look like you went somewhere and entered your email address. My advice, keep the delete button handy. That sort of stuff could be considered bulk email. I've seen a lot of emails that even say they confirm to the CAN-SPAM Act, but aren't legit.

There are many ways to control the amount of spam you receive in your inbox. A lot of your ISP side stuff works phenomenally. While this isn't the time and place to let you know of some of your options for spam control, I'll probably do an article about that in the future.

Closed:

NO! I will not send you the text file. Don't ask. I'm deleting it now to protect the privacy of others. Which is much more than you could say for one such so called webmaster. On that sour note, here's an uplift. I hope you enjoyed this write up. Thanks for coming by! Until next time...

Update 06/16/05:

Due to some lack of time, and lack of checking the email that I setup to see if my email would be used or not to receive spam, well, I checked my email. You may or may not have noticed, that I didn't disclose that email address anywhere. I edited the pictures to not show the first letter of the email address. The missing letter was "o". Go check again above if you want. With that being said...

(Spammed!)

Yes indeed. I received two emails in my on9421 account. And like I said, that wasn't disclosed anywhere, it wasn't used anywhere. No web spider crawled my site and got the email, it wasn't published. Unless these spammers are really hitting everything on a domain, which I don't think is the case, but seriously though...on9421, boy that's sure easy to guess. So for the other 22,000+ people that were on that list, luckily it has only been two emails so far. I can go delete my account. It was worthless to me other than this test.

I may keep the on**** email addie going for a while longer. I don't think any account crawler can really pick it up with the info here, in the context it was published in. So in this case, proof positive that some sites are just plain out there to give you more spam...Ugly isn't it?

05-Dec-2006, 11:50 PM	#1 (permalink)
Anilrgowda Administrator Posts: 18,715 Join Date: Jan 2006 Rep Power: 10 IM:	Why You Shouldn't Always Unsubscribe From Emails Intro: This all started from me being spammed by some "Online Adult Dating Service" spam email. Of course my Spam Assassin caught it, and labeled it appropriately though. I guess I just had some weird inclination to go look around. No, no, not at the dating service, but at the website. You see, the website was buried in some folders, and just seemed odd to me. It only took me a minute or two, and I then realized there was no index file on the root of the web server. You know what that means don't you? The email: I use MailWasher to preview my emails, so I have some extra protection from all that garbage that fills my inbox constantly. I might add as well, there was an unsubscribe link in the email as well. It's not visible there, but I viewed the complete header and saw it. I have included a slightly edited text version of the email which you can view right here if you would like. (1) The email preview The webpage: Picture 1 is a picture of the website doing referrals to Sexsearchcom.com. Their affiliate program makes a webmaster $20 USD a pop, so I could see why webmasters would want to promote it. Big money! Against my better judgment, err, using my better judgment, I've edited the picture so you won't see anything explicit. Use your imagination of what nipples look like, or whatever. Also note the link in the address bar, as it is buried in a strange way to view a website in. Unless of course you publish content such as ours. And yes, I still use IE 6...cough... (2) The webpage as viewed from the link in the email (3) The root! Navigating to the homepage via my address bar, (onlinemeetandcheat.biz) you would see what is above. Really, go take a look now at picture 3 if you haven't already. The whole website is open. Ok, technically it's not really the "root" per say of the website, actually, it's the public html space of the website. Which is exactly where an index file is supposed to be. In other words, when you go to any website, your browser loads the index file. No matter if the page is html, php, or the likes. Without an index file, your browser just shows you the files and folders of the web space. So, I then started probing around. The first thing was, what was in that remove.txt file? Much to my surprise, I wasn't really thinking then, it contained email addresses. LOTS OF THEM! I didn't really realize how many until later on. The website files: Since we already know what was in the remove.txt, lets probe around a bit more shall we? Next on the agenda was the nomore.htm and the remove.php. I downloaded the nomore.htm, and looked at the source. Basically what happens is the remove button (which does some simple verification to make sure it looks like an email address) sends your text you entered into the remove.php, which appends it to the end of the remove.txt file. The remove.txt file could be loaded into a mailer, to send or remove, the later being very doubtful, your address then. (4) Remove So what do we have then? Well, we have a spammer that sent emails without permission. Also, we have a remove option, that you never agreed to accept emails from, so if you did put your email address in the remove, you've just confirmed your email address for more spam. Which you can see below. I'll elaborate after the pictures. (5) doo@aol.com (6) Shows in the text file (7) made up email (8) Both are there Pictures 5 and 7 show the confirmation that the script gives. Pictures 6 and 8 show that they have been added to the remove.txt file. I downloaded the text file after each submission to make sure it worked. I of course erased all the email addresses around the two that I entered for the privacy of other people. You will notice I did use my own domain for the last one. More on that in a bit. Lastly for this section, I found a readme.txt in the "referral" website area. Interesting huh? Nothing we could use to get back at this loser. Or is there? I'm not going to go probing around with that ID#. Going further on my part would be illegal. As in posing as someone else to try and find out more information. I won't go there. (9) Ok, this guy is a real moron So who owns this website?: Easily figured out by doing a whois is right? Unfortunately, all the info is bogus. Hmm, wonder who does the hosting? No real need to worry, and/or complain the the web host, this website has a limited lifespan. You can though... Results: Domain Name: ONLINEMEETANDCHEAT.BIZ Domain ID: D7910532-BIZ Sponsoring Registrar: INTERCOSMOS MEDIA GROUP, INC. D.B.A. DIRECTNIC.COM Sponsoring Registrar IANA ID: 291 Domain Status: ok Registrant ID: IMG-630230 Registrant Name: harold wellthtoptonony 3rd Registrant Organization: batemna preservation society L Registrant Address1: 25323 soth bendhethat rd Registrant Address2: suite 1100 Registrant City: Dannmatt Registrant State/Province: not applicable Registrant Postal Code: 92939-0982 Registrant Country: Argentina Registrant Country Code: AR Registrant Phone Number: +54.166798074865 Registrant Facsimile Number: +54.289 Registrant Email: myhommietbone@yahoo.com Administrative Contact ID: IMG-630230 Administrative Contact Name: harold wellthtoptonony 3rd Administrative Contact Organization: batemna preservation society L Administrative Contact Address1: 25323 soth bendhethat rd Administrative Contact Address2: suite 1100 Administrative Contact City: Dannmatt Administrative Contact State/Province: not applicable Administrative Contact Postal Code: 92939-0982 Administrative Contact Country: Argentina Administrative Contact Country Code: AR Administrative Contact Phone Number: +54.166798074865 Administrative Contact Facsimile Number: +54.289 Administrative Contact Email: myhommietbone@yahoo.com Results: inetnum: 222.32.0.0 - 222.63.255.255 netname: CRTC descr: CHINA RAILWAY TELECOMMUNICATIONS CENTER descr: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China country: CN admin-c: LQ112-AP tech-c: LM273-AP status: ALLOCATED PORTABLE changed: edited@edited.net 20030902 mnt-by: MAINT-CNNIC-AP mnt-lower: MAINT-CN-CRTC mnt-routes: MAINT-CN-CRTC source: APNIC route: 222.32.0.0/11 descr: CHINA RAILWAY TELECOMMUNICATIONS country: CN origin: AS9394 mnt-by: MAINT-CN-CRTC changed: edited@edited.net 20040402 source: APNIC person: LV QIANG nic-hdl: LQ112-AP e-mail: crnet_mgr@chinatietong.com address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China phone: +86-10-51890499 fax-no: +86-10-51890674 country: CN changed: edited@edited.net 20041208 mnt-by: MAINT-CNNIC-AP source: APNIC person: liu min nic-hdl: LM273-AP e-mail: edited@edited.net address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China phone: +86-10-51848796 fax-no: +86-10-51842426 country: CN changed: edited@edited.net 20041208 mnt-by: MAINT-CNNIC-AP source: APNIC whois web host Wait, didn't you create an email address on your own domain?: Why yes, answering my own question. And yes, I edited the pictures so it is missing one number, or letter. I'm the only one that knows what that email address is, and it is unpublished anywhere. I'll let you know at the end of this write up, if anything became of it. (10) Account created Back to the remove.txt: Loading up the email address file in M$ Word 2003, I can find out a bit more info on it. The below picture about sums it up. The final text file that I grabbed was on May 1st. It was 487kb. Yes, that is 390 pages. The 22,171 words, well, that is 22,171 email addresses. I'd like to note that some of them are doubled up. Probably a duplicate every page or so, and some are obviously random typing to make it look like an email address. Regardless, a great deal of them appear to be legitimate. Think about how scary that is? Especially because anyone could have gotten that list as easily as I have been for about a month. (11) Word 2003 word count How about some domain analysis on who unsubscribed. I picked 6 domains off the top of my head, and did a search. They are, Excite, Hotmail, Netzero, Netscape, AOL, and Yahoo. My immediate guess would be AOL for the most submitted. Well, that wasn't the case though. I mean, who knows where this bozo got his list from to begin with. Many places actually sell email addresses, and there are plenty of spiders that scour the web harvesting email addresses too. Excite Hotmail Netzero Netscape AOL Yahoo Ok, I'll tell you the winner. It's Yahoo, with 1,538 entries. AOHELL only had 378. Sorry, I couldn't hold back anymore poking one at AOL24218. Heh, sorry again. So, the rest are miniscule, but feel free to click the thumbnails to get a look if you are curious. And hmm, what does that mean? Well, it means there is a tremendous amount of other domains listed in the text file. As aforementioned, a great many look legit. One more reason not to unsubscribe from some websites: I found this online pharmacy. Yeah, go figure. While I probed around, I didn't really find anything other than the site was obviously a freaking scam. I did go grab their remove html. Just look at what the remove button (form) is called. Now that can't be ok, uh, good I mean. (12) Ok then.... So what happened to that site?: Spamming eventually catches up to the spammers. Somehow I seriously doubt you'll see a website back online at onlinemeetandcheat.biz. Well, until it gets gobbled up by some lame domain squatters that put up cool web search sites. Results: Domain Name: ONLINEMEETANDCHEAT.BIZ Domain ID: D7910532-BIZ Sponsoring Registrar: INTERCOSMOS MEDIA GROUP, INC. D.B.A. DIRECTNIC.COM Sponsoring Registrar IANA ID: 291 Domain Status: clientHold Domain Status: clientTransferProhibited Domain Status: clientUpdateProhibited Registrant ID: IMG-408577 Registrant Name: ICANN for invalid WHOIS info. This domain was reported to Registrant Organization: This domain is not active. Registrant Address1: invalid WHOIS, domain disabled Registrant Address2: invalid WHOIS, domain disabled Registrant Address3: invalid WHOIS, domain disabled Registrant City: invalid WHOIS domain disabled Registrant State/Province: WY Registrant Postal Code: 99999 Registrant Country: United States Registrant Country Code: US Registrant Phone Number: +1.9990000000 Registrant Facsimile Number: +1.9980000000 Registrant Email: customer-must-correct-the-info@or-th...be-deleted.com Administrative Contact ID: IMG-630230 Administrative Contact Name: harold wellthtoptonony 3rd Administrative Contact Organization: batemna preservation society L Administrative Contact Address1: 25323 soth bendhethat rd Administrative Contact Address2: suite 1100 Administrative Contact City: Dannmatt Administrative Contact State/Province: not applicable Administrative Contact Postal Code: 92939-0982 Administrative Contact Country: Argentina Administrative Contact Country Code: AR Administrative Contact Phone Number: +54.166798074865 Administrative Contact Facsimile Number: +54.289 Administrative Contact Email: myhommietbone@yahoo.com Administrative Contact ID: IMG-408577 Administrative Contact Name: ICANN for invalid WHOIS info. This domain was reported to Administrative Contact Organization: This domain is not active. Administrative Contact Address1: invalid WHOIS, domain disabled Administrative Contact Address2: invalid WHOIS, domain disabled Administrative Contact Address3: invalid WHOIS, domain disabled Administrative Contact City: invalid WHOIS domain disabled Administrative Contact State/Province: WY Administrative Contact Postal Code: 99999 Administrative Contact Country: United States Administrative Contact Country Code: US Administrative Contact Phone Number: +1.9990000000 Administrative Contact Facsimile Number: +1.9980000000 Administrative Contact Email: customer-must-correct-the-info@or-th...be-deleted.com Created by Registrar: INTERCOSMOS MEDIA GROUP, INC. D.B.A. DIRECTNIC.COM Last Updated by Registrar: INTERCOSMOS MEDIA GROUP, INC. D.B.A. DIRECTNIC.COM Domain Registration Date: Thu Oct 07 21:23:27 GMT 2004 Domain Expiration Date: Thu Oct 06 23:59:59 GMT 2005 Domain Last Updated Date: Tue May 03 19:27:35 GMT 2005 Whois updated May 3rd Of course somehow I think that this isn't the last we'll see of this particular spammer. He probably has many other websites, and loads of unsolicited email going out all the time. Especially with all those fresh email addresses harvested from unsubscribing. The email address I created: Nearly a month later, I still haven't received any spam into that account that I set up just to see if I would get some spam sent to it. I'm not saying it won't happen, but I'm fairly confident it will. Unless by chance the domain got shut down before whoever could get the file off of it. Doubtful though. I'll update this article if needs to be in the future. So if you did learn something about spam emails, great. If anything, think about the security of some websites, and who you can trust with your information. A simple email address can be revealing if there is enough information about you on the web. Identity theft is at an all time high at the moment, so try and be safe online. Closing: So let that be a lesson, or a heads up, about unsubscribing from anything you never agreed to receive. Not that there aren't legitimate websites that you get newsletters, or special offers from, say, Newegg, or the likes. Even if someone else signed you up for something as perhaps a joke or whatever, make sure the company is reputable before giving away any information. Even if they aren't on the ResellerRatings site, that doesn't mean they aren't legit. Google stuff about companies, offers, and you'll find the truth eventually. Or just plain delete them. Some emails even have unsubscribe options that appear to be legitimate, like emails that said you agreed to receive offers, and you signed up on such and such a date/time, and even has a bogus IP address to make it look like you went somewhere and entered your email address. My advice, keep the delete button handy. That sort of stuff could be considered bulk email. I've seen a lot of emails that even say they confirm to the CAN-SPAM Act, but aren't legit. There are many ways to control the amount of spam you receive in your inbox. A lot of your ISP side stuff works phenomenally. While this isn't the time and place to let you know of some of your options for spam control, I'll probably do an article about that in the future. Closed: NO! I will not send you the text file. Don't ask. I'm deleting it now to protect the privacy of others. Which is much more than you could say for one such so called webmaster. On that sour note, here's an uplift. I hope you enjoyed this write up. Thanks for coming by! Until next time... Update 06/16/05: Due to some lack of time, and lack of checking the email that I setup to see if my email would be used or not to receive spam, well, I checked my email. You may or may not have noticed, that I didn't disclose that email address anywhere. I edited the pictures to not show the first letter of the email address. The missing letter was "o". Go check again above if you want. With that being said... (Spammed!) Yes indeed. I received two emails in my on9421 account. And like I said, that wasn't disclosed anywhere, it wasn't used anywhere. No web spider crawled my site and got the email, it wasn't published. Unless these spammers are really hitting everything on a domain, which I don't think is the case, but seriously though...on9421, boy that's sure easy to guess. So for the other 22,000+ people that were on that list, luckily it has only been two emails so far. I can go delete my account. It was worthless to me other than this test. I may keep the on**** email addie going for a while longer. I don't think any account crawler can really pick it up with the info here, in the context it was published in. So in this case, proof positive that some sites are just plain out there to give you more spam...Ugly isn't it?

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Subscribe Emails 2.42	Cybershot	Application Downloads	0	27-Feb-2008 09:12 PM
Printing emails	Anilrgowda	Microsoft office error	0	31-Jul-2007 04:02 AM
Emails being Rejected with 550 Error	Anilrgowda	Microsoft windows 2003 error	1	05-Jun-2007 04:13 AM
Emails	Iphone	Knowledge Base	0	29-Mar-2007 06:20 AM
Not able to receive emails with images	Anilrgowda	Wii error	0	20-Dec-2006 11:12 AM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)