News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • An unexpected surge in weird spam and, or phishing emails.

    Posted on OscarCP Comment on the AskWoody Lounge

    Home Forums Outside the box The Junk Drawer An unexpected surge in weird spam and, or phishing emails.

    Viewing 32 reply threads
    • Author
      Posts
      • #2305788 Reply
        OscarCP
        AskWoody Plus

        Suddenly and out of nowhere, starting last week, I have been receiving a much increased number of spam, or perhaps phishing, emails. I wonder if others have noticed the same thing.

        And some of that unasked for attention now being paid to me is truly peculiar: I am getting, for example, repeated mails from a place supposedly devoted to astrology that invites me to see my horoscope for the day. I have never visited any astrology site, astrology happens not to be one of my many superstitions, so that must be coming to me for some other reason.

        (I know that the standard and probably correct answer to my question: “Why?” is: “your email has been harvested and sold around, so OK, but is that the only valid answer?)

        Peeking at these emails in the review panel I can see they are totally irrelevant to me, or else seem relevant but come from weird email addresses. Some also end up in the “junk” folder. I delete all of them, each within the few seconds that takes glancing at what I can see in the panel. (In the case of the weird addresses, I don’t even look at them, I delete them outright.) Then I also delete the contents of the “Deleted” folder where these emails end up when I first ‘delete’ (or, more properly, ‘remove’) them from the “Junk” or “Inbox” folders. (By the way, my ISP is Verizon’s AOL and I am receiving my mail in a Mac using its OS (Mojave in my case) native email client called “Mail.”)

        I wonder if this is something happening to others, or just to me.

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

        2 users thanked author for this post.
      • #2305791 Reply
        cyberSAR
        AskWoody Plus

        I’ve noticed a marked increase in spam and contact form spam across many domains and servers we host ever since the pandemic began. Our domain registration email address has to be publicized and I’d guess the increase has been about 1000% if not more on some days.

        In your case it may be that your ISP’s filtering has failed. Most servers are set to bounce truly bad garbage even before it hits the client’s spam setup. Also, you may have some spam settings on your account that got reset due to an update or something. I’ve seen that before. May want to log a complaint and see what they have to say. Good luck!

        1 user thanked author for this post.
      • #2305859 Reply
        GoneToPlaid
        AskWoody Plus

        Start by checking your email address(es) on havibeenpowned.com for any recently reported incidents which are related to your email address(es).

        What AV program and software firewall are you using? Have you checked your router to see if it has been hacked?

         

         

        2 users thanked author for this post.
      • #2305868 Reply
        anonymous
        Guest

        ? says:

        oscar,
        my aolmail account has been in play for 16 plus years and i’ve been getting 30-50 phishing emails per 24 hours for a few months now. according to cello\oaf\beyond the blue verizon, they suggest i return to a paid golden”membership” so i can set my inbox to silently reject the garbage. already paying the consortium for phone and paid aol for the privilege of using said email address for years already. i just empty it out once in a while and move on…

        1 user thanked author for this post.
      • #2305880 Reply
        GoneToPlaid
        AskWoody Plus

        I don’t use any special techniques to prevent spam, other than to make sure that I use strong passwords on all websites, and that I never reuse any password — ever.

        1 user thanked author for this post.
      • #2305885 Reply
        Cybertooth
        AskWoody Plus

        @OscarCP, other than (1) your e-mail account getting hacked from Verizon directly, or (2) the address getting picked up from some other website account where you’d given your address upon registering, the most likely explanation that I can think of for such a sudden surge in spam would be (3) if you had visited some site that turned out to be dodgy. I’m uncertain as to the mechanics of how this is done, but I’ve heard from a couple of different people that they visited some dubious site (one of them for, umm, adult entertainment) and then they suddenly started getting hit with spam even though they hadn’t typed any information onto it.

         

        1 user thanked author for this post.
      • #2305888 Reply
        Myst
        AskWoody Plus

        Start by checking your email address(es) on havibeenpowned.com for any recently reported incidents which are related to your email address(es).

        I went to that same site https://haveibeenpwned.com/ and found out one of my email accounts had been involved in a White Pages hack. I was also notified by Lifelock about the incident. I took care of it by changing the password and sending all the garbage to the Junk folder.

        Win7 Home x64 MacOS Chromebook

        2 users thanked author for this post.
      • #2305889 Reply
        OscarCP
        AskWoody Plus

        GoneToPlaid: “Start by checking your email address(es) on havibeenpowned.com for any recently reported incidents which are related to your email address(es).”

        Unfortunately I was “powned” when, at least in one case I am painfully aware of, my personal info along with those of tens of thousands of other civil servants and government contractors got liberated from a government data base, sent there when we had to be checked by the FBI in order to comply with Real ID to get the badges needed to enter and move around the US federal government installations where we work. But that was a long time ago, so this might be one of those other things you and others have pointed out (except for those “adult content” site visits someone has sneakily mentioned, because I am not the type to go for that sort of thing: cross my heart and hope I die.)

        I am scanning at least once daily with Webroot SecureAnywhere, that is a fairly decent, real-time AV with the usual shields,  including a firewall.  I also run scans with Malwarebytes, the “for free” version, so it has no firewall or other real time shields that might cause conflicts with Webroot SA or something else in the Mac.

        My biggest concern is that I might not be handling those obnoxious emails properly (the way I have explained at the top of this thread) and some malware brought along by one of them might get through in spite of my being really quick to glimpse at them, decide they are most likely rubbish, and delete them. But seconds to me are millennia to a computer …

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

      • #2305893 Reply
        Paul T
        AskWoody MVP

        Spam is inevitably generated by bots from lists that are out in the open if you know where to look. Good ISPs stop most before it hits their mail servers so doesn’t even make it to your inbox.

        All you are seeing is your email in one of the many lists and the only solution, apart from junking the email address, is to mark them as spam on your mail client and hope it will deal with them for you.

        If you are really keen you can report one or two to your ISP or one of the spam lists like CleanTalk.

        cheers, Paul

        1 user thanked author for this post.
      • #2305897 Reply
        Cybertooth
        AskWoody Plus

        My biggest concern is that I might not be handling those obnoxious emails properly (the way I have explained at the top of this thread) and some malware brought along by one of them might get through in spite of my being really quick to glimpse at them, decide they are most likely rubbish, and delete them. But seconds to me are millennia to a computer …

        I remember reading somewhere that nowadays, even displaying a sketchy email in the preview pane can expose the recipient to nastiness. IIRC, the solution to that is to turn off HTML in your email so that you see only plain text.

        In the case of the person who suddenly started getting spam after visiting an adult site, the spam torrent continued for some months but eventually diminished to one or two a week. And then it shot up again after they returned to said site. (They claimed it was an “experiment” to confirm that the website in question was indeed the source of the problem.)

         

        • #2305900 Reply
          OscarCP
          AskWoody Plus

          Cybertooth: Thanks. As to my “experimenting” with visits to “adult sites”, well, I must say!

          The idea of having HTML turned off in the preview pane sounds like a good one, assuming I can figure out how to do this with my Mac’s email client, but there is something worth “experimenting” with, alright!

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

          1 user thanked author for this post.
      • #2305901 Reply
        Paul T
        AskWoody MVP

        I remember reading somewhere that nowadays, even displaying a sketchy email in the preview pane can expose the recipient to nastiness

        This is an issue in a recently discovered bug in Outlook (CVE-2020-16947) that doesn’t appear to have an active exploit yet, but hasn’t been an issue for a long time previous to that.

        it shot up again after they returned to said site

        Lots of data is given away by your browser, including IP address. If a scavenged list of email addresses also contains IP addresses, a simple comparison will identify live email addresses and therefore worth spamming.

        cheers, Paul

        2 users thanked author for this post.
        • #2305903 Reply
          mn–
          AskWoody Lounger

          but hasn’t been an issue for a long time previous to that.

          Not all that long, wasn’t there one last year at least? And there have been several of these over the years… of varying severity.

          And actually, I believe the S/MIME one was never completely patched out…? Because that’d require either rejecting valid mail in specific circumstances or deviating from the S/MIME spec… and there are large organizations that require S/MIME.

          • #2305909 Reply
            mn–
            AskWoody Lounger

            … well actually I found one from March this year, too – CVE-2020-0852, MS Word vulnerability that could be triggered from within the Outlook preview pane.

            Apparently you’re immune to that one if you don’t have Word installed, but since most of the people who have Outlook also have Word…

            1 user thanked author for this post.
      • #2305902 Reply
        OscarCP
        AskWoody Plus

        Paul_T: “Lots of data is given away by your browser, including IP address. If a scavenged list of email addresses also contains IP addresses, a simple comparison will identify live email addresses and therefore worth spamming.

        That is another thing I am worried about. Not much one can do about it, if one does want to do anything online, I imagine.

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

      • #2305905 Reply
        mn–
        AskWoody Lounger

        (I know that the standard and probably correct answer to my question: “Why?” is: “your email has been harvested and sold around, so OK, but is that the only valid answer?)

        Well that’ll be the direct reason why you get more spam.

        Avoiding getting your email address harvested means not telling it to other people, which is sort of counterproductive.

        Having your address and phone number in someone else’s contacts list means it can be lifted from there. And lots of messaging and other sorts of social media apps apparently leak those all over the place…

        (I’m also getting SMS spam into a number that was only ever told to the kids’ teachers.)

        1 user thanked author for this post.
        • #2305935 Reply
          Chris Greaves
          AskWoody Plus

          “Avoiding getting your email address harvested means not telling it to other people, which is sort of counterproductive.”

          I agree. Totally.

          Ten years ago I began dropping all internet/email communication with people who CCd me with twenty others on emails. I especially disowned folks who thought that BCC was pointless, silly, over-reacting.

          Two months ago my neighbour’s niece and husband came for a month-long visit. We chatted, agreed to exchange emails. We exchanged emails and the wave of spam hit.

          Odd!

          I retired 10 years ago and have greatly reduced email contacts, as you might imagine.

          The truth is that I have no idea what or who “Brian” contacts, and even though he hasn’t CCd me on anything, I know that I am effectively connected with whoever he has connected with over the past twenty years.

          Cheers

          Chris

          Moderator note: Edited for content

          "Almost works" means it doesn’t work.

          2 users thanked author for this post.
        • #2306085 Reply
          Charlie
          AskWoody Plus

          I made a BIG mistake recently by giving my email address to Walmart in order to place an online order.  The next day I was swamped with spam and have been since.  I keep deleting them but there’s new ones everyday.  My advice is to not give your email address to Walmart.

          Group L

          1 user thanked author for this post.
      • #2305908 Reply
        Alex5723
        AskWoody Plus

        That is another thing I am worried about. Not much one can do about it, if one does want to do anything online, I imagine.

        You can use a VPN.

        • #2305920 Reply
          OscarCP
          AskWoody Plus

          Alex, How would that work with general email and browsing around, unless it is emailing to a single destination or connecting to an specific Web site?

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

          • #2305933 Reply
            mn–
            AskWoody Lounger

            Actually, IP and email are only very loosely connected.

            If you properly turn off autofollowing external links in email (AKA “viewing remote content”), you don’t get found by the regular URL trackers. And also would’ve been immune to at least some of those “preview pane” attacks in the past, but not all… and if you have a metered connection, doing this reduces your bills too.

            And even so, at least I’m not paying for static IP in my home broadband, nor with the phones. So whatever IP I have today may belong to another customer of the same ISP tomorrow… or even just a few hours from now.

            1 user thanked author for this post.
      • #2305936 Reply
        Alex5723
        AskWoody Plus

        My biggest concern is that I might not be handling those obnoxious emails properly

        You just have to mark them, once, as spam, and your mail software should do the rest in the future (if you use a capable mail like Gmail..).
        I rarely get a new spam mail, maybe once in a month.
        Mod Edit: Fixed misquote

        1 user thanked author for this post.
        • #2306074 Reply
          OscarCP
          AskWoody Plus

          Alex, wouldn’t marking those emails as “Junk” do just as well?

          (Actually that quote is of something I wrote, Cybertooth is quite blameless for that.)

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

          1 user thanked author for this post.
          • #2306079 Reply
            Microfix
            AskWoody MVP

            FTFY – misquote

            No problem can be solved from the same level of consciousness that created IT - AE
            2 users thanked author for this post.
      • #2305968 Reply
        Kathy Stevens
        AskWoody Plus

        Some quick observations:

        • There are several websites where you can enter someone’s email address and the site will then sign them up to to receive email from hundreds of organizations thereby flooding the the recipient’s mailbox with emails.
        • Our security software will allow us to mark spam and then redirect email from the address to the junk email directory in Microsoft Outlook going forward.
        • Our email service provider allows us to mark spam and then the organization does analysis of the site where the email originated and, if appropriate, block future email from the IP address.
      • #2305980 Reply
        anonymous
        Guest

        I’ve noticed the same thing since stay at home began, seems to be accelerating as time goes on, not surprising given the economic effects of the pandemic.  There are so many ways, even with good security applied to emails, for spam to be made, users alone have little control over its generation.  We can block it, tag it and report it and if we’re lucky the bots and scammers sending it will target someone else.  One of the downsides to Internet freedom is the ability of bad players taken down to rise again elsewhere.  Again and again and again, the Infinity Lazarus effect.  Profit lies in volume.

        All of my spam is sent through Gmail which is still horrible about spam no matter what settings I’ve changed.  I use mailbox dot org which is excellent about spam; can be set to send none to me.  It’s an inexpensive subscription service but worth it; many others like it exist and they’re all a joy to use compared to freebies.

        Using an email client with adaptive spam filtering helps a lot.   You can set up rules to delete spam at the server (IMAP) before delivering it, sending to spam folder, whatever.  We use Thunderbird which is highly configurable in the Options and about:config settings.  Outlook is OK, seems like it can’t be immune from MS’s recurring idiocy tangles, though.

        AOL is owned by Verizon now, the corp that bought Yahoo during its data breach of the day period, to get their user base, Yahoo itself was worth exactly zero at the time.  Verizon makes tons of money selling user data for advertising; don’t expect AOL to be much different from Gmail;  big companies’ tentacles reach far and wide.  Clamp down on it at the client level.

        1 user thanked author for this post.
        • #2306078 Reply
          OscarCP
          AskWoody Plus

          Anonymous, I am glad you have found a solution that works for you by choosing your current ISP. Unfortunately, my email address is with Verizon’s AOL. If I changed to another ISP my email address would change as well and then I would be missing on a lot of valid correspondence I cannot afford to go on without reading and answering it as it comes and soon after it is sent. I could email to those I can think of, letting them know of the address change, but I’m likely to miss alerting of it more than a few valid correspondents I’d like, or need to hear from, this way.

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

          • #2306736 Reply
            anonymous
            Guest

            Yeah, I know.  Beyond putting up every defense and filter you can without disabling your Inbox completely, not much else you can do with free accounts.  My suggestions are geared toward gradually moving to a more private provider; a guillotine approach one’s current provider should be well thought out.

            I began transitioning from Gmail a year ago and am still “transitioning.”  Even deleted two secondary Gmail accounts.  My fault entirely, the initial account moves reduced spam significantly, then I got lazy.  Really should finish what I started…

            Strongly considering axing my Amazon account; I’ll pay a bit more elsewhere, support different merchants and not have pics of my front door emailed wherever something is delivered.  If some of those Prime trucks constantly going up and down my street with radios blaring and “beep beep beep” when they start, stop and turn around in driveways, disappear, it’s a good thing.

      • #2306018 Reply
        anonymous
        Guest

        Do you know if other associates of yours have had their contact list harvested because of malware infection or information service providers who think that behavior is okay?

        1 user thanked author for this post.
        • #2306093 Reply
          OscarCP
          AskWoody Plus

          Not really, but from what has been posted here by Charlie ( #2306085  ) I am inclined to think this might be coming because of some of the online vendors who deliver at home I have recently open accounts with so as not have to go shopping around while trying to keep safe from catching COVID-19. But those accounts have been opened for more than a couple of months already, while the spam surge is about one week old.

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

        • #2306095 Reply
          mn–
          AskWoody Lounger

          Do you know if other associates of yours have had their contact list harvested because of malware infection

          Once helped someone who’d fallen for a phishing scam. The usual drill of authentication and authorization resets and then rescan everything (it was a 365 account with SharePoint Online access and all), analyze all logs, and send copies of anything relevant to the local cyberpolice and… well.

          The very first thing the perps did after getting access, was that they copied the contacts. Then they apparently machine-scanned mail headers for any correspondents that weren’t listed.

          If it’d been a targeted attack they’d probably have gone for something else instead… likely harder to detect too.

      • #2306090 Reply
        cyberSAR
        AskWoody Plus

        What I suggest to my clients is to setup a couple aliases or forwarders for display on websites (obfuscate the address as well), purchases, newsletters etc. If one of them gets overrun with spam you can kill it and keep your real address clean. Fortunately I can setup as many as needed and it helps me track who sells my address. I kill the forward and never deal with that company again.

        1 user thanked author for this post.
        • #2306098 Reply
          OscarCP
          AskWoody Plus

          Cybersar: “What I suggest to my clients is to setup a couple aliases or forwarders for display on websites (obfuscate the address as well), purchases, newsletters etc.

          Would you recommend some Web site with the necessary information on how to do as you do? Thanks.

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

          • #2306108 Reply
            cyberSAR
            AskWoody Plus

            Not sure with verizon/aol. Look for something called alias or forwarder after logging in via webmail or control panel. What I do is setup generic ones such as forums@mydomain.com to deliver to myrealaddress@mydomain.com for my forums that I belong to, reg@mydomain.com for my software registrations and then if I have to register somewhere I’m skittish about I set up something strictly for them such as disney@mydomain.com. Then I know if I get emails to disney they sold my address.

            Wish I could be more help but I don’t use any ISP or public email providers.

            1 user thanked author for this post.
          • #2306742 Reply
            anonymous
            Guest

            The concept of an alias takes a bit to understand but is simple once you do.  The subscription services I mention below all explain it well.  As cyberSAR mentioned, an alias is a good way to see who is initiating a spam chain.

            To be effective, it has to be done with a subscription email service; free ones, at a minimum, harvest contact lists.  Another AOL account, for example won’t do much beside giving you another user name, one that’s linked to the original account through AOL.  There are some good private subscription services, look into these:

            https://www.privacytools.io/providers/email/

            some overlap, some new ones:

            Secure Email Services That Respect Your Privacy

            I use mailbox, tutanota and ctemplar.  Mailbox is subscription for me, the others, free.  Zero spam from Mailbox, very little from the others.  Prices are all over the map, some have support for clients, some don’t.  Enjoy!  🙂

            1 user thanked author for this post.
        • #2306151 Reply
          Kathy Stevens
          AskWoody Plus

          We use a secure email service that allows us to have up to 100 aliases to use with each of our email accounts at a nominal cost per account.

          Our service also provides end to end encryption, servers that are difficult to access by government agencies, cloud storage, and domain hosting

          Do an internet search for “best secure email service” to find a service that may fit your needs.

          1 user thanked author for this post.
      • #2306113 Reply
        anonymous
        Guest

        ? says:

        well, i plugged the old aol mail address into have i been pwned and he came back with 2. River City Media:

        https://www.askwoody.com/forums/topic/world-class-spamming-operation-river-city-media-exposes-their-own-data-with-bad-backups/ and:

        Trik Spam Botnet:

        https://www.askwoody.com/forums/search/trik+spam+botnet/

        so i called aol’s offshore phone and asked if they could fix the problem…

        went back to have i been pwned and used his “opt-out,” tab. hopefully the spamming\phishing tide will subside.

        1 user thanked author for this post.
        • #2306152 Reply
          Paul T
          AskWoody MVP

          Spammers do take notice do not take notice of opt out or any other notification and attempting to block them by telling then to stop is likely to result in more spam – you have confirmed the email is valid.

          Mark it as spam in your client and learn to live with it.

          cheers, Paul

          • This reply was modified 1 month ago by Paul T.
          • This reply was modified 1 month ago by Paul T.
          2 users thanked author for this post.
          • #2306153 Reply
            OscarCP
            AskWoody Plus

            Paul_T wrote: “you have confirmed the email is valid.

            That refers to the email address of the recipient.

            Yes, one should never reply or give away any sign that one has received the emails send from a particular suspicious sender and done something with them: using “opt out” in the received email sends a message back to the malicious sender confirming your address belongs to someone’s warm body.

            However, what anonymous (  #2306113 ) has been referring to is the “OptOut” tool available in the  haveibeenpawed Web site:  https://haveibeenpwned.com/OptOut  Any thoughts on this?

            Screen-Shot-2020-10-22-at-1.02.28-AM

            Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

            Attachments:
            • #2306267 Reply
              anonymous
              Guest

              ? says:

              hi again oscar. i guess time will tell if the have i been pwned opt-out has any effect. i believe most if not all of the bogus emails i’ve been getting are of the “spray-and-pray,” variety especially after running the headers through the different header readers. you probably already have a good understanding of what to look for in the headers; however, i found an alternate way to look into them on how to geek:

              https://www.howtogeek.com/58642/online-security-breaking-down-the-anatomy-of-a-phishing-email/

              and another recent avast blog which includes an outline on reading the headers:

              https://blog.avast.com/the-anatomy-of-a-phish-avast

              and thanks for another fun topic!

               

              1 user thanked author for this post.
              • #2306329 Reply
                OscarCP
                AskWoody Plus

                Anonymous #2306267  : I think you are referring to the option to look at the full headers of an email, to see where it originates from and which servers it has been shunted around on its way to one’s ISP — and thence to one’s mailbox. An option that is available in all email clients I know of.

                Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

          • #2306159 Reply
            anonymous
            Guest

            ? says:

            thank you Paul for the information on “opting out,” so it is similar to reporting the junk phone calls for “car warranties” and such then. good to know. aol was putting them in the spam folder anyway so i’ll gladly allow the miscreants to stuff it full on aol’s dime. the account is a throw away anyhow. a few years ago i let it languish for a time and went back in to find over 500 emails in the spam bucket after aol took away the free auto bounce option. no worries since i still have 4 viable email accounts from three other providers that know how to properly run a business. kinda reminds me of the winders telemetry problems that motivated me to learn how to get along in a different fashion.

            • #2306169 Reply
              Paul T
              AskWoody MVP

              Sorry, my post implied spammers honour opt out requests. They do not and I’ve edited my original post to say so.

              cheers, Paul

              2 users thanked author for this post.
            • #2306190 Reply
              mn–
              AskWoody Lounger

              went back in to find over 500 emails in the spam bucket after aol took away the free auto bounce option.

              … yeah, for various reasons an auto bounce isn’t very useful with spammers… because the sender address is often faked or belongs to someone else, in those cases the bounces then either bounce again or clog some unrelated person’s mailbox.

              • #2306198 Reply
                Paul T
                AskWoody MVP

                And they add to the spam load – which we don’t need.

                cheers, Paul

      • #2306295 Reply
        Charlie
        AskWoody Plus

        Verizon/Oath/AOL’s web based email handler is able to recognize certain emails as spam and sends them to a special Spam place separate from my “New Mail”.  It’s relatively easy to look down the spams and make sure there’s nothing good, then check the box to delete all and they’re gone.  It’s one of the nice features AOL has carried over from previous versions of their program.  I haven’t seen more than 21 spam emails in there so far and most times it’s less.

        Group L

        • #2306304 Reply
          anonymous
          Guest

          ? says:

          yes, thanks Charlie that is generally the way it works. once in a while they load a bad phish in the “New Mail,” slot. in the last couple of weeks i have received a couple of emails in the “New Mail,”  slot which goes to a pop-up if i select it and try to mark it as spam and move it. the pop-up insists that i  must wish to unsubscribe and doesn’t allow me to move it directly to the spam slot, so i delete it w\o opening and then move it to the spam folder and then delete it. i tire of playing with spam and just want the lever replaced that automatically deletes any email other than that which i wish to view. not rocket science?

          • #2306319 Reply
            Charlie
            AskWoody Plus

            not rocket science?

            No, it sounds like a job for AI.

            Group L

            1 user thanked author for this post.
            • #2306331 Reply
              mn–
              AskWoody Lounger

              No, it sounds like a job for AI.

              And a really demanding one at that.

              I’ve mentioned scenarios like “first contact in years from foreign relatives who we don’t actually share a single fluent language with” … as an example of one of the harder examples for an AI to determine whether it’s spam.

              • #2306332 Reply
                anonymous
                Guest

                ? says:

                please excuse\indulge me mn, is that X’s and O’s or zeros and ones for the long lost relatives?

              • #2306419 Reply
                mn–
                AskWoody Lounger

                Huh?

                I don’t quite understand this question.

                Haven’t actually had to verify completely unknown relatives yet, just some who we only had baby pictures of.

      • #2306382 Reply
        Cybertooth
        AskWoody Plus

        Verizon/Oath/AOL’s web based email handler is able to recognize certain emails as spam and sends them to a special Spam place separate from my “New Mail”.  It’s relatively easy to look down the spams and make sure there’s nothing good, then check the box to delete all and they’re gone.  It’s one of the nice features AOL has carried over from previous versions of their program.  I haven’t seen more than 21 spam emails in there so far and most times it’s less.

        We are very unhappy with the Verizon/AOL spam filter. On most days, it catches email from vendors, public officials and others that we do want to hear from… and AOL has removed the ability to tweak the spam filter to whitelist welcome addresses that get intercepted. Pain in the neck–we have to sign in frequently just to see what desired mail we haven’t been sent because AOL somehow decided that it was “spam.”

        And it’s inconsistent about this: sometimes the email from these sources makes it through, and sometimes not.

         

        • This reply was modified 1 month ago by Cybertooth.
        1 user thanked author for this post.
        • #2306389 Reply
          OscarCP
          AskWoody Plus

          Something like Cybertooth’s problem ( #2306382  ) although less serious, if still annoying, also happens to me, but very systematically when some people I know write from abroad: one that is now an emeritus professor with his email address still at his German university, and another person I know at the German Space Agency; also a Japanese friend at a university in Japan, and a couple of professors in Spain, at a university in Barcelona. Their mails invariably end up in my “Junk” folder. But at least they get to me, however maligned by AOL.

          It looks like here, in the USA, Verizon/AOL has a thing against foreign professors and professionals. It is all very strange.

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

          1 user thanked author for this post.
        • #2306514 Reply
          Charlie
          AskWoody Plus

          Cybertooth, I click on the “Not Spam” icon and that puts good, wanted emails back into the New Mail.  Sometimes I have to do it twice but it works for me on the web based AOL email service.  I can’t speak for the AOL computer program, I don’t and won’t have that.

          Group L

          1 user thanked author for this post.
          • #2306524 Reply
            Cybertooth
            AskWoody Plus

            Yeah, it’s the AOL Web-based email service that we keep having to sign in into, to find out what desired email their spam filter intercepted.

            Marking it as “not junk” does move it to their inbox and then we can download it onto Outlook. But it would be nice if marking mail this way as “not junk” were to also tag the address as a good one for future reference, but it doesn’t–the AOL spam filter keeps catching mail from that address and so we have to keep going in to see what it didn’t let through that we did want.

            Nor is there any way, as there used to be, to whitelist an address by hand so that their spam filter stops catching it. The AOL settings allow you to blacklist an address, but this is little help because spammers are constantly changing their addresses.

             

            • #2306531 Reply
              Charlie
              AskWoody Plus

              Yeah, the new AOL web based service is just adequate.  I’ve been with AOL for a long time and installed their 9.5 program back in 2012.  They pretty much had gotten it together back then.  Things really went haywire when Verizon bought them and really messed up the new software “AOL Gold”.  I read many bad comments about it.

              Group L

              1 user thanked author for this post.
      • #2306536 Reply
        OscarCP
        AskWoody Plus

        Cybertooth: Have you tried using an email client other than Outlook?

        I have had Verizon’s AOL and been using Windows Live Mail in the Windows 7 PC until EOL in January and its final disconnection from the Internet, and from mid 2017 to this day also Mail, the native client in the Mac and, in both cases, other than some mail being junked (and the very recent burst of spam I described when starting this thread), but still available for reading if so desired, I have never had any indication that any mail from people I correspond with, or places I have some business with, whether labelled “Junk” or otherwise, has not been delivered to me, without the need to go and dig it up from some AOL server.

        By the way, my spam deluge has subsided to a fine and patchy drizzle over the last two days. Maybe it will stay like that… And my thanks to the many of you that have answered the call and took the time to give some good advice.

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

        • #2306674 Reply
          Cybertooth
          AskWoody Plus

          Yes, I have a separate Verizon email address sending incoming mail to Thunderbird on Kubuntu Linux. It, too, periodically requires my signing into AOL webmail to view the wanted mail that AOL’s spam filter intercepted.

          Sounds like you’ve been fortunate in this regard, that AOL in its infinite wisdom hasn’t seen fit to interdict mail from acceptable addresses. Me, I’d be happy if AOL allowed me to just turn off its sorry excuse for a spam filter and let a combination of Norton and my own eyes make the decisions.

          It’s good to hear that the spam flood has slowed to a trickle!

           

          1 user thanked author for this post.
      • #2307016 Reply
        anonymous
        Guest

        I use Mailwasher to “preview” my emails and with it I can selectively bounce, blacklist and delete any that I do not want. It does not prevent junk emails from coming in but it does give me some peace-of-mind that I am alerting their email provider of their abuse. I may also save someone from getting one of the Nigerian scam emails.

        https://www.mailwasher.net/ (free version)

        https://www.firetrust.com/products/mailwasher-pro

        • #2307284 Reply
          Pierre77
          AskWoody Plus

          I have used Mailwasher since I helped to develop it. A great piece of software – also my ISP has free filters installed. So that means double protection.

           

          1 user thanked author for this post.
      • #2307052 Reply
        chaloots
        AskWoody Plus

        I had been fortunate in that both of my two main accounts, Yahoo/Oath and Gmail have  done a pretty good job of segregating spam into their intended folders. Only once in a while was there a need to purposefully designate the odd, errant Yahoo email from inbox as spam.

        For years I’ve had a credit score lower than whale spit. Back in Jan 2020 I applied for one of those secured credit cards from Capital One, and not too long afterwards noticed a marked increase in delivered spam. I should also add that the majority of this borscht was delivered to the appropriate spam folder. A few month later I applied for and received a cash-back PayPal Mastercard.

        Point being, at least from my perspective, is that in an attempt to reestablish my credit these two ventures  greatly contributed to the amount of unsolicited emails.

        The duration of a minute depends on which side of the bathroom door you're on.

        1 user thanked author for this post.
      • #2307098 Reply
        Northwest Rick
        AskWoody Plus

        As I mentioned to chaloots, I suddenly got slammed by 30-50 junk emails per day (I kid you not!) about a year ago, pre-COVID. I thought it might be Amazon, so I changed my account email to a spare I rarely use. So far, that one has not been hit, so either my hypothesis was wrong or not enough time has passed, and it may yet happen.

        Meanwhile, I did not wait:  I immediately created an entirely new email address on Hotmail, and migrated all of my CLEAN data to it.  Yeah, it took about 30 days to COMPLETELY sever the connection, but I immediately deleted the infected account, which took 90 days to finalize.  During that “death watch” I kept an eye on the terminal address to make sure I hadn’t overlooked anything, and saw the junk emails accumulate at the previous rate (if anything, it got worse) until the auto-delete feature started lopping off those that were more than 30 days old.

        AAAH!  My new address remains squeaky clean a year (or so) later.  Fingers crossed…  but if it DOES happen again, I will not hesitate to migrate to YET ANOTHER new email address and lop off the gangrenous one.  My determination to fight off the barbarians FAR exceeds my distaste for the headache or the inconvenience!

        2 users thanked author for this post.
      • #2307129 Reply
        anonymous
        Guest

        I did a little research several months ago, and found what may be useful to people who do not already know this:  it appears that many “unsubscribe” links actually broadcast your valid email address to dozens of destination sites.  We confirmed this by opening a SPAM message in Windows NOTEPAD, and searching for “@” and “mailto:” text.

        Another variation on that same theme is a SPAM message that tries to tell you that you need to “CLICK HERE” in order to stop receiving future SPAM.

        In our spare moments, we try to save the original SPAM message in .txt format (plain ASCII text), and forward that .txt file to the domain registrar for any given SPAM domain.  This often results in triggering an AUTORESPONDER with specific directions for submitting a formal SPAM complaint to the domain registrar.  Typically, the domain registrar can be located in the WHOIS record for any given domain.

        Hope this helps.

        1 user thanked author for this post.
        • #2307153 Reply
          anonymous
          Guest

          p.s.  FYI: quite a few SPAM messages that we have examined contain evidence of hosting and/or routing by “amazonaws.com”.
          the latter is the primary domain name that can be located
          in some very long URLs containing what appears to be long sequences
          of random letters and numbers i.e. nested sub-domains.
          “AWS” = Amazon Web Services.
          At aws.amazon.com see this summary description:
          “Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 175 fully featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.”
          I interpret the latter to imply that artificial intelligence techniques
          are now being used to “harvest” valid email addresses;  and, in turn,
          lists of valid email addresses are being assembled with AI technologies
          and then sold to SPAM providers and consultants.
          If you are lodging a formal SPAM complaint with a domain registrar, and
          if you can confirm the presence of “amazonaws.com” in the text of a SPAM message,
          we recommend that you also Cc: Amazon with your SPAM complaint.
          Lastly, you should become familiar with applicable Federal laws
          such as the CAN-SPAM law.  Demonstrating your knowledge of that law
          in your formal SPAM complaint may inspire the domain registrarto enforce their written Terms of Service (“TOS”).  The fines authorized by that CAN-SPAM law are pretty stiff (last time we looked).

          2 users thanked author for this post.
          • #2307314 Reply
            ScotchJohn
            AskWoody Plus

            p.s. FYI: quite a few SPAM messages that we have examined contain evidence of hosting and/or routing by “amazonaws.com”. the latter is the primary domain name that can be located in some very long URLs containing what appears to be long sequences of random letters and numbers i.e. nested sub-domains. “AWS” = Amazon Web Services.

            I was getting fed up with spam that SpamCop analysed as originating from AmazonAWS.  It seemed that SpamCop would not report these direct to the origin, marked them instead as “@devnull.spamcop.net”, which I understand adds the spam to a list “for statistical purposes”, but does not report it to the originating ISP.  I was having five or six a day, all quite obviously similar in style, the same “unsubscribe” address, the same design of mail.

            After a bit, I started reporting these direct to Amazon, taking care to replace my own address with a row of Xs in the header report.  (I use NirSoft’s IP NetInfo to analyse headers).  It’s taken a while, but the flow of these spam mails has slowed to a trickle, from half-a-dozen a day, to one in two or three weeks.  Some might say this is coincidence, but I choose to believe the reduction may just be the result of involving Amazon in policing their own networks.  SpamCop’s user forum is worth reading, pointing the way towards some ISPs who are reported as willing to take action, others that WILL NOT take any action.

            Dell E5570 Latitude, Intel Core i5 6440@2.60 GHz, 8.00 GB - Win 10 Pro

          • #2307330 Reply
            Paul T
            AskWoody MVP

            FYI: quite a few SPAM messages that we have examined contain evidence of hosting and/or routing by “amazonaws.com”

            AmazonAWS is just their hosting service. The problem will be insecure servers hosted by Amazon, not Amazon itself.

            There is little chance of fixing this as anyone dumb enough to have an insecure server is not going to be interested in helping with your spam problem.

            Mark the mail as spam and let your mail client do the work.

            cheers, Paul

            2 users thanked author for this post.
          • #2307361 Reply
            Microfix
            AskWoody MVP

            ..and news in that Amazon sacks insiders. May well be attributed to the recent s p @ m

            No problem can be solved from the same level of consciousness that created IT - AE
            • #2307386 Reply
              OscarCP
              AskWoody Plus

              Thanks for circulating this alarming information.

              This might be, just might be, one reason for the surge in the spam and or phishing emails landing on my AOL account. I have checked some days ago and it looked like I was “pwned” just once, so that has not changed in over a year since I first checked, and I already knew then when and how it had happened.

              I have an account with Amazon and my email is in my profile there, as well as being part of my login sequence. Whatever the reason for the surge, it is likely it has been because of a very recent big data breach somewhere, one that has not been known for some time already. The Amazon revelation is “fresh”, it’s extent not yet disclosed, so it might not have been added to the data bases of the services that let people check for “pwned” email addresses.

              But all this I am writing here is just my own best speculation. Too early to be sure.

              Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

              1 user thanked author for this post.
              • #2307391 Reply
                Paul T
                AskWoody MVP

                As you haven’t received the Amazon email, the cause of your spam increase is elsewhere.

                cheers, Paul

                1 user thanked author for this post.
              • #2307481 Reply
                OscarCP
                AskWoody Plus

                Paul_T: “As you haven’t received the Amazon email, the cause of your spam increase is elsewhere.

                That, to me, is unclear, because it is not known if at Amazon they have figured out already everyone that is affected and sent them emails, or even how big this problem is, how many people are affected and how long it will take Amazon to email everyone who should be told the bad news …

                I find it somewhat reassuring that I have not yet received an email from Amazon, but don’t know enough about what is going on to come to a firm conclusion. I don’t think that Amazon already has said enough to clarify the situation.

                Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

      • #2307283 Reply
        Fred
        AskWoody Plus

        Unhappyly you get the these nonsence emails too. There was a time that I tried to fight this. I used the program Mailwasher and had an account with Spamcop, so I easily could mark mail as being spam, and report it to one of the proper channels. The result sould have been, that once several people had marked such email, these sender addresses were put on the international blacklists. Now it’s a long time already that I stopped doing this. It never got me free of this spams**t . Now I just examine the senders address, and is it  peculiar one than I just delete this mail.

        In my humble opinion providers are not doing anough to combine forces and fight these crooked and bad mails. To me Gmail is having good spamfilters, but still there are coming plenty of them too.  If anyone knows an effective way to call these mail in somewhere than I will start over to report them.

        Now it’s just paying attention and deleting, hoping for the best. It seems one of the things there is no solution for it.. Take care and only dele the right ones.

        ~ ~ ~
        1 user thanked author for this post.
      • #2307300 Reply
        Bundaburra
        AskWoody Plus

        If you have Mailwasher, you can set up filters such that identified emails are deleted automatically (i.e dropped straight into the recycle bin), so that you don’t even see them.  An occasional check of the recycle bin will indicate if legitimate mail is also being dropped, in which case fine-tune the filter and restore the message.

        Windows 10 Pro 64 bit 20H2

        • This reply was modified 4 weeks ago by Bundaburra.
      • #2307453 Reply
        Kathy Stevens
        AskWoody Plus

        As I mentioned earlier, we use Outlook 2016 and a secure email service that respects our privacy. A list of such email service providers can be found at   https://restoreprivacy.com/email/secure/  .

        In our case, for less than two dollars per month per account our email service provides: the ability to filter out spam, end to end encryption, strips the IP addresses from our outgoing messages, synchronizes with Outlook and Thunderbird, as well as allowing us to set up 100 email aliases per mailbox.

        In addition, our security software has an anti-spam feature that works within Outlook.

        Through the email alias feature, we have set up separate aliases for each of our vendors as well as our data/news sources. We have also set up a unique alias for sites such as AskWoody, Facebook, LinkedIn, Amazon, etc.

        Now when we receive a spam message that carries one of our aliases, we immediately know the origin of the email and can take immediate steps to correct the problem including activating both of our spam filters.

        Between the two spam filters we have all but eliminated the delivery of spam into our mailboxes.

        • #2307719 Reply
          anonymous
          Guest

          Kathy – would you feel comfortable telling us which email service you use?  I’m interested in the aliases feature.  I’ve read and re-read the email reviews in restoreprivacy but it’s hard to choose.

          • #2307722 Reply
            Kathy Stevens
            AskWoody Plus

            Runbox   https://runbox.com/

            • #2307746 Reply
              OscarCP
              AskWoody Plus

              Kathy Stevens: In your experience, is using an online spam filtering service, such as the ones you have mentioned, likely to cause problems with the user’s ISP?

              Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

              • #2307788 Reply
                Kathy Stevens
                AskWoody Plus

                OscarCP

                We have had no problems with spam filtering and Xfinity (our ISP) using Norton Security Suite and Runbox.

                The Runbox filtering occurs on the Runbox servers and I am not sure how Norton deals with spam filtering.

                In addition, all of our Internet traffic is encrypted prior to leaving our PCs by our VPM so I doubt that our ISP is aware of the spam filtering.

                1 user thanked author for this post.
      • #2307667 Reply
        anonymous
        Guest

        ? says:

        oscar,

        i just paid aol 9.99 to reset my password and opened the aol mail crypt. from 10-20 or 10-21 since i was last able to log in there are (now were) exactly 200 spams in the spam folder. after i deleted them a pop-up is now offering to block up to 80% of “junk mail,” if i click the red “Yes, block junk mail now,” button. humm…

        ps whomever erased a couple of my questionable posts here two nights ago, thank you because i was in a sour mood over my 18 year long with AOL mail. all i really wanted to do is draw a line from the owner of the washington post and his cousin because i have connections in the same area. sorry, my left-handed old brain works that way. what?

        please let me say: “Easy Come Easy Go,” and i promise to leave this alone this topic, i mean

        thanks from ? ps i had to give out a credit card number in order to unlock the aol mail account

        1 user thanked author for this post.
      • #2307795 Reply
        anonymous
        Guest

        ? says:

        oscar,
        i went back to have i been pwned just now after getting back into my aol mail and changing the password. i ran the old password through his passwoard checker and it came back clean so maybe the whole exercise was pointless? while on the phone with aol security we went to myaccount.aol.com and cleaned up three subdomains that my daughter had added in 2002 and later i turned off all the marketing i could find within after looking around myaccount.aol.com. still getting spam in the spambox though.

        • #2307798 Reply
          OscarCP
          AskWoody Plus

          Anonymous, As Bill C. would say: I feel your pain. I m still getting between 3  and 7 recognizable spam emails a day, including some possible toxic nasties that promise to get me over my (non-existing) financial troubles one way or another that always boils down to they helping me to get free money from the Federal, State, or County government. So I am become my own spam filter and delete the sad daily pile of …. without even looking in detail at it anymore.

          Maybe you and I should declare this state of things the new normal and embrace it as our ineluctable destiny already happening to us?

          Or maybe I’ll try first what some people have been recommending here, Kathy Stevens, for example.

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

      • #2307799 Reply
        anonymous
        Guest

        ? says:

        agreed, sir! i have often thought about adding a vpn and whatever else could help to secure my online travels but alas, i tire of the endless rabbit holes. i came to realize years ago using wireshark that i was way out of my league and the safest way to traverse the internet was to push the power button. thanks for listening and enjoy the rest od your day…

    Viewing 32 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: An unexpected surge in weird spam and, or phishing emails.

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.