cancel
Showing results for 
Search instead for 
Did you mean: 

Overwhelmed with Spam in the last three days!

Highlighted
Freshman

Overwhelmed with Spam in the last three days!

Wow, what is going on?  In the last three days, I have gotten over 70 spam emails, some purporting to come from me!  Bad spelling, phony gift cards, **bleep** enhancement, sexual positions, you name it.

 

It had been bad about 2 months ago, and then everything cleared up.  Now spam has come back with a vengeance - and in huge quantities.

 

Has HughesNet turned off its spam filters?  These last three days have been horrible!  All the emails go to my spam folder, but why can't HughesNet reject them before they are delivered to me at all?

 

Frustrated in Alabama

22 REPLIES 22
Assistant Professor

Re: Overwhelmed with Spam in the last three days!

Only 70?

 

Chances are you've used your email to sign up for something and they've sold their email list, you've posted it somewhere on an open message board and it was scraped, or it was obtained by some other means.

 

Sometimes all of the spam sources go into overdrive, and they have been ramping up for about a week now, but nothing like the zombie spam storm at the end of July/beginning of August.

 

I can tell you that the majority of it is coming from unsecured servers in China, Vietnam, Brazil (Claro), Russia (lucky.net), Germany (MyLoc) and the US (Nexeon Tech, Eonix, Interserver). Blocking anything coming from those IP groups kills about 90% of it. The rest (mostly the drug and sex ones) come from people with infected phones and computers that are spamming unbeknownst to them upon command, hence the term 'zombie spam'.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
Distinguished Professor IV

Re: Overwhelmed with Spam in the last three days!

@MarkJFine

 

I get so much spam it's ridiculous.  And, unfortunately, I had my main email account hacked a few years back, and ever since then I receive spam email that looks like it came from my own email address.  It's ludicrous.  Every day I get about ten or fifteen emails from my own address, yet not actually sent from my account (though about five or six were when it was hacked).  It's awful.  

 

If my main email wasn't the first email account I ever opened (mid/late 90s), I would simply change it.   I'm too sentimental to do that.  LOL.  


AMD Ryzen 5 3400G | XPG SX8200 Pro 500GB M.2 NVMe SSD | Western Digital Blue 500GB HDD | 16GB Corsair DDR4-3000 | Windows 10 Pro 64-bit
Assistant Professor

Re: Overwhelmed with Spam in the last three days!

@GabeU

There are several spam types that use valid emails that were scraped from web sites or web sites that have used a script to obtain your addressbook. They do this so they can be used in phishing emails as well as to get you to click some other site or open some attachment that infects you with something really nasty.

 

Sometimes this is to make you one of the zombie horde, other times it's to install a keystroke stealer for when you login to your bank. Incidentally, your phone is not exempt either, as I see a tremendous amount of zombie spam coming from mobile phone systems.

 

I have had my own server and associated email addresses for several decades as I used to have a shortwave radio-related shareware business. The server has spamassassin, but it is sometimes very ineffective in what it ultimately does with it. As a result I've had to modify their spamassassin script to perform a multi-level spam protection based on whitelisting known email addresses, then determining whether anything else should go to the junk box or directly to /dev/nul. I still want things going to the junk box in case it's something valid that I later need to add to the whitelist.

 

Been working on collecting spam samples since April developing this (~4600 samples to date), and can safely say that in the past 7 days, after nearly 400 spams, I've had zero (0) spams leak into my inbox or junk box. 400 is actually a moderate level - I was getting close to 900 during a spamstorm in the last week of July.

 

After saying all that, I can say that I've never received any spam in my hughes.net account, since I never use it as a username for anything other than my Hughes account(s). If you're going to use it as a honeypot, expect to get stung.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
Distinguished Professor IV

Re: Overwhelmed with Spam in the last three days!

@MarkJFine

 

When the hack happened, I immediately wiped the drive (I actually wrote three passes of zeroes) and reinstalled Windows (I think I had 8.1 at the time), and I changed my password on another computer, as well as changing all of my passwords for the other sites I frequent, especially those that have personal info.  I now use passwords at least 16 characters long (where allowed) and with no discernible pattern.  I have to keep them all written down as there is NO way I could ever remember types of passwords I use, and it would take hackers quite some time, even with a great program, to decipher them.  It was a hard lesson learned.  And what's really frustrating is that I still know some people that use single word passwords, and when I tell them how important indecipherable passwords are, they do something ridiculous like adding a # sign to the end.  Sure, adding a # sign makes it uncrackable.  SMH.  Derp!    

 

I had occasional spam, but it wasn't until this incident that I started getting bombarded with it.  And, unfortunately, even with blocking the domains it doesn't help much.  I could spend a few hours each week blocking the domains, and the next week there would be just as many to block again.  It's tedious, to say the least, and quite frustrating.  Luckily, Outlook has a great spam filter, so that makes it so it's not quite on the level of wanting to pull my hair out.  Smiley Tongue  

 

As for my Hughes email, I only use it for the forwarding of notifications from the HughesNet Community, and the first time I signed into my Hughes email was shortly before this new Community started.  I actually still had my original HughesNet welcome email from 2004 in the inbox.  It was sitting there, unread, for over 12 years.  LOL.    


AMD Ryzen 5 3400G | XPG SX8200 Pro 500GB M.2 NVMe SSD | Western Digital Blue 500GB HDD | 16GB Corsair DDR4-3000 | Windows 10 Pro 64-bit
Assistant Professor

Re: Overwhelmed with Spam in the last three days!

@GabeU

The trick is not to block the domain of the email address, those are forged anyway. The trick is to block the domain of the IP that the email came from. I'm building a pseudo-mini-DNS to do this that comprises a regex of the full range of IPs for that domain, a username for the abuse address (bfore the "@"), and the domain itself (after the "@")...

 

Eventually I wanted this system to return the favor by auto-spamming their abuse address with a forward of each one I get. That kind of backfired, since there are truly foul email servers that collect received emails to... you can guess the rest.

 

That's how I knew Comcast was hacked to do that some time back. I was getting ten+ back for every one I sent. You can see how that escalates exponentially if I'm "returning the favor".


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
Distinguished Professor IV

Re: Overwhelmed with Spam in the last three days!


@MarkJFine wrote:

@GabeU

The trick is not to block the domain of the email address, those are forged anyway. The trick is to block the domain of the IP that the email came from. I'm building a pseudo-mini-DNS to do this that comprises a regex of the full range of IPs for that domain, a username for the abuse address (bfore the "@"), and the domain itself (after the "@")...

 


I have no clue how to do any of that, so, for the interim, the best I can do is block the domain and hope for the best.  Again, though, due to Outlook having a great spam filter, it doesn't really affect me any more than being an annoyance.  


AMD Ryzen 5 3400G | XPG SX8200 Pro 500GB M.2 NVMe SSD | Western Digital Blue 500GB HDD | 16GB Corsair DDR4-3000 | Windows 10 Pro 64-bit
Assistant Professor

Re: Overwhelmed with Spam in the last three days!

@GabeU

For all I know they do that, but I can tell you that 90% of the spam you get comes from only a handful of server domains.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
Freshman

Re: Overwhelmed with Spam in the last three days!

All the spam is coming from <random>@<random>.nelottery.com

 

Since the parameter after the "@" appears to be randomly generated, I don't know how to shut it out.  Outlook, indeed, is sweeping all of these to the Junk Folder, but boy, I would love to be able to get to Hughes so that THEIR master spam blocker would stop these in their tracks.

 

And, it is totally possible that nothing can do this.  I am SOOOOO darned careful online, so I get really pissed when someone gets my email address and either spams me or spoofs me.

 

I'll have to see if I can find the IP addresses - but I don't know how to filter those, unfortunately.

 

 

Assistant Professor

Re: Overwhelmed with Spam in the last three days!

*.nelottery.com? Sounds like one I haven't seen yet.

 

Chances are that someone that does have your email address got their address book lifted. The only way to ensure that doesn't happen is not to use email at all, and that kind of defeats the purpose of having it.

 

Only thing you can realistically do to stop it, and have some control over it, is the kind of system I'm currently setting up (why I'm doing it actually). This is after tons of research on the subject.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.