Criminals Using Commercial Spamflooding Services
Cybercriminals are using commercial spamflooding services to distract their victims during key moments of a cyberattack.
Clever, but in retrospect kind of obvious.
Comments
Curby • July 27, 2012 10:31 AM
Flooding with false positives or red herrings is not new either. It attacks the human element, which is always the weakest. Tools like Mucus, made to flood Snort with misleading, useless traffic, are at least a decade old.
Peter A. • July 30, 2012 4:40 AM
@Joe: for my private purposes I construct a new email address (user part) for each new service (web site, online store, forum, etc.) that wants one. I have one DNS domain set aside just for that. It helps a lot in separating spammers – if one of the services starts spamming I can just disable that address.
So far, I have not implemented any quotas for these disposable addresses. Maybe I should – so they won’t fill up my mail drop suddenly.
bill • July 30, 2012 5:51 AM
‘Chaff, is a radar countermeasure in which aircraft spread a cloud of small, thin pieces of aluminium, which swamps the radar screen with multiple returns.’
— credit Wikipedia (heavily edited)
Developed in 1942. I wonder how far we could step back through history with this sort of tactic.
bill • July 30, 2012 5:58 AM
@Peter A
With gmail you used to be able to suffix with a + which is received by your main account. Might still be, don’t know.
e.g.
my.email@gmail.com is primary mbox, but my.email+shop1@gmail.com is on-the-fly and emails received to it, are put into the primary inbox.
The problem I found with it was many shopping sites required an email address as an identifier (so far so good) they rejected the ‘+’ character.
So I gave it up and use mailinator for disposables.
“So I gave it up and use mailinator for disposables.”
Right tool for the job.
Subscribe to comments on this entry
Leave a comment
← Police Sting Operation Yields No Mobile Phone Thefts Liars and Outliers Summed Up in Two Comic Strips →
Sidebar photo of Bruce Schneier by Joe MacInnis.
Joe • July 27, 2012 10:02 AM
Another reason to use a disposable email account whenever possible and only use your real one when absolutely necessary. Might not always stop this, but it reduces the number of places they could find your real email.
I use a separate email for my bank and some other important stuff. The rest is a Gmail account that just lets me login to stuff but doesn’t expose my everyday one.