Steps you can take against spammers

Spam (or Unsolicited Commercial Email) is a very real problem in the world of electronic communications today.  Some reports claim business losses in the 10’s of Billions of dollars due to the use of internet connections, hardware capacity, employee time, and time and money spent on preventative measures.

Some spam emails are a one time thing; you see a particular advertisement one day and never hear any more from them again.  However, there are those unfortunate emails asking you to purchase watches, or gas masks, or telling you can make “5000 dollars a month” doing nothing but sitting on your rear…  and you get the same email every day.

The below steps are more time consuming than you may be interested in taking for every passing unsolicited advertisement, but these steps can work great for the persistent,  annoying spammer.

Stop and Think!

1. Don’t Populate Their Address Lists!
   1. Do NOT click the “Unsubscribe” link. Unless you know and trust the company, and you know that you signed up to receive email from them, and you don’t want to receive that email any longer… DO NOT CLICK THE UNSUBSCRIBE LINK! Many spam emails are sent out to totally random addresses, unsubscribing to these spams only informs the spammer they have an email address actually owned by someone. Simply clicking the link to unsubscribe can let the spammer know someone was there to read the unsolicited advertisement. They can do two things: they can continue to spam you, or they can sell your ‘known-good’ address to other spammers for quick cash!
   2. Do NOT reply to the email! This is the same as above: either wasting your time, or informing the spammer that they emailed a ‘live one’.
2. Carry through with the rest of the steps in an orderly fashion. The more collected you are the more effective attack you will be able to launch against the spam emailer.
   
   

---

</Spam>
Title Stopping Spam Publisher O'Reilly Description Discussion and answers about the Unsolicited Commercial Email epidemic. ISBN 156592388X Price Discount 50%	Title Safe & Secure: Secure Your Home Network, and Protect Your Privacy Publisher Sams Description What is necessary to secure your networked machine? Basic topics such as TCP/IP, cookies, firewalls, virus protection, reviews of current home security software and encryption. ISBN 0672322439 Price Discount 50%

Find out where this email came from

3. Find who owns the site
   1. Actually go to the website they want you to go to! Look for any “Contact” or “Contact Us” links. Take down any information they give you on how to contact them. Instead of actually clicking on the email, if the email is an HTML email (will contain pictures, colored text, and the like), you can right click on the email and “View Source”. This will allow you to see where you will be directed if you were to click on the email. You are looking for lines such as “<a href="http://www.spammers.com/SpamBiz/">Click here to buy our crap</a>”.. This will tell you the sender of the email wants you to go to www.spammers123.com and will be used next for our whois lookup.
   2. Do a WHOIS NAME Lookup. Go to www.DNSStuff.com and do a WHOIS Lookup of the website the email links to. This will tell you such information as who owns the website, where the owner is located, their phone number, and email address. Keep in mind, not all of this information may be present, and many spammers register domain names with incorrect information. Take note of this often valuable information if any is available, especially any email addresses (which we will use later).
4. Find Services the Spammer Uses
   1. Find who is hosting the web site.
      1. Go to VisualRoute’s visual traceroute server at VisualRoute.VisualWare.com (this is some very cool stuff!). Enter the name of the website found in the “Finding Who Owns the Site” step. This will tell you where in the world the server of this web site is located. You may also be lucky enough to find here: who the host is for this website, or who the ISP of the spammer is, if they are running the server locally (this information will be located in the last 1 or 2 ‘hops’ of the traceroute).
      2. Alternately, you can do a WHOIS IP ADDRESS Lookup. Do the same lookup on www.DNSStuff.com as you did with the name (www.spammers123.com), except this time, use the IP Address. Doing so will tell you who owns the IP Address and how to contact them
         
         Don't know how to find the address? Here's how (for Windows® machines):
         1. Go to Start > Run
         2. Type the word "command" (without the quotes) and press Enter
         3. At the DOS Prompt (black screen with white letters), type the command "ping" (without the quotes) and the name of the site you did the WHOIS Lookup on above (ex. "ping www.spammers123.com")
         4. This should give a Reply, and four sets of numbers separated my .'s (such as "256.242.120.231" *). Use that number and do a WHOIS Lookup the same as the www name. Hosts and ISP’s really tend to frown on sites based on spam as an advertisement vehicle. If you are able to ascertain this information from what you are presented with in the traceroute, go to the Host or ISP’s website. Look for any “Contact” or “Contact Us” links. Take down any information they give you on how to contact them, especially any email addresses.
      3. Act like you’re gonna buy something! On the advertiser’s website, click the ‘Buy’ or ‘Purchase’ or whatever link. Now check out the web site address listed in the address field at the top of your browser. If you were at www.spammer123.com/spambiz and, now that it’s time to put in your credit card number, you are at www.wetakecreditcards.net/spambiz then the owner of the website must use www.wetakecreditcards.net as their credit card merchant service. Such credit companies also frown on sites based on spam as an advertisement vehicle. Go to the credit company’s website. Look for any “Contact” or “Contact Us” links. Take down any information they give you on how to contact them, especially any email addresses.

Take Action! Send the email!

5. Send the email.
   1. BE CORDIAL! No one (not even spammers) likes to get a rude email or message. Write this email in a calm and collected matter stating exactly what you would like the spammer to do about this. Use an email similar to the following:
      
      To Whom It May Concern <or the person who owns the website's name>,
      
      It seems that I have been receiving spam email from someone affiliated with your company. I need to ensure that such unsolicited advertisements do not continue to be sent to my email address. I do not care to receive your advertisements. Please place on your do not contact list. Please reply ASAP as to how I may remove from the master list from which you originally obtained my email address.
      
      The Headers are listed below. **(We'll get to that part next)
      
      Thank you,
      
      <YourName>
      
      ** <Email Headers Go Here>
      
      
   2. **Place the "Full Headers" in your email. Headers are a (normally unseen) portion of an email that tells what computer the email was sent from, and how it got to your computer. The presence of headers is usually required if you want the parties you are contacting to take action. If you are unsure of how to obtain the headers of the spam email, check out SpamCop's Instructions for some ideas.
      Copy the Headers, and Paste them under you name in the email, noting that you put them there (as illustrated above).
      
      
   3. Sending an email to the appropriate contacts can make a great deal of headway in the pursuit of ‘despamming’ your inbox. Hopefully you have found the email addresses of some of the following contacts:
      1. Contacts on the actually website that you are directed to (from the Contacts page of the website)
      2. The owner of the website (from your whois search)
      3. The spammers site host, or ISP
      4. Contacts at the merchant credit services company
      5. ‘abuse’ at any of the domains found above (ex. abuse@wetakecreditcards.net), or the specified email address provided by the Abuse Lookup on www.DNSStuff.com
      6. And, if a spammer is really bugging you, the Federal Trade Commission (send Unsolicited Commercial Email to uce@ftc.gov).

The above steps are simply some of the ways spam can be dealt with. Two authorities on how to deal with unsolicited bulk email are www.spamhaus.org and SpamCop.net. Check them out for some alternate views and methods on how to handle spam.

If you have any other (working) methods of putting a stop to spam, please email them to computing@The13thOcean.com.