[Hidden-tech] Beware the Facebook - track them?

[Michael Billingsley]

Good to know, Jim...

I've been keeping the cybercrimes unit of the FBI in touch about this  
(which they are following, because this Facebook thing is acting in  
an unusual way).  The abrupt cutoff yesterday is interesting... may  
be that we are approaching the time when the actual "enslaved" PC's  
and Macs are to be used for their actual intended purpose.

Do you know how to do "long headers"?

If you can open long headers on your 50 Facebook mimic spams from  
that most recent day, it would be helpful to me and the FBI if you  
could copy out as a list of the source-server IP addresses (and send  
to me at michaelbix at gmail).  If you don't know what to look for, it  
will be a string of four double, triple, or single-digit numbers  
separated by periods.   Near the bottom of each of the long-headers  
listings you will see the prefix (hopefully) "X-CanIt-Geo: ip="  and  
what I'm looking for is the string that follows those words.

For instance, since you're on shaysnet, your server ip= 66.135.34.9

I (and the FBI) would benefit from knowing where the servers have  
proliferated.  You seem to be getting a damned good cross-section.

And I hope you know that Eudora or Apple Mail email apps (possibly  
Outlook as well) can be "trained" to separate junk/spam mail for you  
- and then do anything with the spam afterward that you request, ie.  
hold it in a separate folder for a week, and only then delete it (if  
you're nervous that some "real" email might be accidently swept out  
that should not have been... giving you the opportunity to briefly  
scan what's about to be trashed).

I get 300 spams a day and skim them off that way (and do have gmail  
as well) but I won't drop that account, as my sover.net account (and  
a cascade of other accounts which link to it) is important for a  
broad client-base.

Thanks
Michael

4
On  1 January 10, at 9:46 PM, ussailis at shaysnet.com wrote:

>    ** Be sure to fill out the survey/skills inventory in the  
> member's area.
>    ** If you did, we all thank you.
>
>
> An observation:
>
> I've been getting those "Facebook" emails for a while now into my  
> business
> acct. Because of the company URL 'nationalwireless.com,' and because
> anything comes thru the email address for  
> 'info at nationalwireless.com' I get
> a lot of spam. Much of this spam is the result of employees that  
> who went
> to work for another National Wireless in another state, or Canada,  
> and who
> used the wrong email address when they signed up for stuff.
>
> The good part is this causes the spam from each source to come in  
> waves. I
> often see 5 or 6 of the exact same headers, in order, at one time.  
> A flag
> to delete!
>
> The observation is the Facebook spam stopped yesterday. From 50 or  
> so a
> day, to zip today.
>
> Interesting
>
>
> Jim Ussailis
>
>
>
>
> Original Message:
> -----------------
> From: Michael Billingsley michaelb at sover.net
> Date: Fri, 1 Jan 2010 00:57:03 -0500
> To: rdmurray at bitdance.com, hidden-discuss at mm01.tnrnet.com
> Subject: Re: [Hidden-tech] Beware the Facebook thingy-dingy redux
>
>
>    ** Be sure to fill out the survey/skills inventory in the  
> member's area.
>    ** If you did, we all thank you.
>
>
>
>
> --------------------------------------------------------------------
> mail2web LIVE – Free email based on Microsoft® Exchange technology -
> http://link.mail2web.com/LIVE
>
>
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech  
> Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20100102/0163b62c/attachment.html