Date: Thu, 17 Jun 2004 10:18:47 -0400
From: Chuck Divine <chuck.divine at att.net>
To: WSFA members <WSFAlist at WSFA.org>
Subject: [WSFA] Re: Spam Observation
Reply-To: WSFA members <WSFAlist at WSFA.org>

Keith F. Lynch wrote:
> This isn't new.  Spammers started doing so called "dictionary attacks"
> about six years ago.  It's called this in an analogy with the older
> trick of trying to break into a computer account by automatically
> trying every word in the dictionary as a password.
>
> Typically the dictionary-attacking spammer combines the several
> hundred most common first names (together with all possible initials),
> with the several hundred most common last names (together with all
> possible initials), and prepends each of these in turn to the same
> domain name.  Fortunately for us, they usually choose aol.com,
> msn.com, or earthlink.net as the targeted domain name, rather than
> ashcomp.com, keithlynch.net, or wsfa.org.

Interesting.  I don't know if this is a data point of note or not.  My
last name, Divine, while obviously in the dictionary, is a fairly
uncommon last name.  When I lived in New York, there were two Divines in
the Manhattan phone directory.  There was me -- and the Divine Light
Seminary -- obviously not a relative. I still get spams that seem to be
dictionary type spams.  There's my name -- and a multitude of other
"chuck."s.

What filtering do the various ISPs do?  I use AT&T.  I don't seem to get
too much spam, even though I post my e-mail address on my home page.
I'm also posted on the Rutgers Club of DC web pages
(www.rutgersclubdc.org) because I'm a club leader (webmaster). Last
weekend a friend who use's Erol's was complaining about getting 85-90
spams a day.

Best,

Chuck Divine