Thanks Thanks:  0
Likes Likes:  0
Needs Pictures Needs Pictures:  0
Picture(s) thanks Picture(s) thanks:  0
Results 1 to 14 of 14
  1. #1
    FenceFurniture's Avatar
    FenceFurniture is offline The prize lies beneath - hidden in full view
    Join Date
    Oct 2010
    Location
    1017m up in Katoomba, NSW
    Posts
    10,651

    Default How to block these Bitcoin twats?

    I'm pretty good at blocking most spam, but this one keeps getting through. There is no text in the email, so I can't block it via that - they just use clickable jpegs. O'course the email addy and sender name is always on the move so it's pretty hard to block via * wildcard and I don't really want to block *.com

    Sent from:
    BitcoinCode [email protected] via stumblingly.weeamp.com


    Any clues from the Brains Trust?
    Regards, FenceFurniture

    COLT DRILLS GROUP BUY
    Jan-Feb 2019 Click to send me an email

  2. # ADS
    Google Adsense Advertisement
    Join Date
    Always
    Location
    Advertising world
    Posts
    Many





     
  3. #2
    Join Date
    Jan 2019
    Location
    Aus
    Posts
    118

    Default

    You may have thought of this, but if you can't get a better solution, you can always filter the word Bitcoin into Spam or at least a "Low Priority" email folder. Of course if you get lots of legitimate emails with the word Bitcoin then this won't work!

    I always wonder about who actually clicks on these things... someone must click through, otherwise the senders would give up (maybe)!

    Cheers

  4. #3
    FenceFurniture's Avatar
    FenceFurniture is offline The prize lies beneath - hidden in full view
    Join Date
    Oct 2010
    Location
    1017m up in Katoomba, NSW
    Posts
    10,651

    Default

    The problem is that there are no words in it, and the subject is just "Confirmation".
    Regards, FenceFurniture

    COLT DRILLS GROUP BUY
    Jan-Feb 2019 Click to send me an email

  5. #4
    Join Date
    Sep 2013
    Location
    Jarrahdale WA
    Posts
    370

    Default

    Gmail...!

  6. #5
    Join Date
    Nov 2018
    Location
    Newcastle
    Posts
    1,014

    Default

    I'd have a look at the link details for the image - right click/copy link location, and paste it into a text/word doc to examine. You might be able to find something in that that you can build a filter on.

    The best way to filter this sort of crap is at DNS level, but it's a fair amount of work to set up. And it may not stop the emails, but will block any attempt at opening the dodgyness if someone mistakenly clicks.

    I use a PFSense SG-1100 running PFBlocker (Here's a reasonably friendly guide to what it does and how to install - the official Netgate is a bit techie)

  7. #6
    FenceFurniture's Avatar
    FenceFurniture is offline The prize lies beneath - hidden in full view
    Join Date
    Oct 2010
    Location
    1017m up in Katoomba, NSW
    Posts
    10,651

    Default

    Quote Originally Posted by david.elliott View Post
    Gmail...!
    If you mean that is the solution.....that is what I use....
    Regards, FenceFurniture

    COLT DRILLS GROUP BUY
    Jan-Feb 2019 Click to send me an email

  8. #7
    FenceFurniture's Avatar
    FenceFurniture is offline The prize lies beneath - hidden in full view
    Join Date
    Oct 2010
    Location
    1017m up in Katoomba, NSW
    Posts
    10,651

    Default

    Quote Originally Posted by Bernmc View Post
    I'd have a look at the link details for the image - right click/copy link location, and paste it into a text/word doc to examine. You might be able to find something in that that you can build a filter on.

    The best way to filter this sort of crap is at DNS level, but it's a fair amount of work to set up. And it may not stop the emails, but will block any attempt at opening the dodgyness if someone mistakenly clicks.

    I use a PFSense SG-1100 running PFBlocker (Here's a reasonably friendly guide to what it does and how to install - the official Netgate is a bit techie)
    Thanks Bern, I'll have a look at that (but there's no way someone else can inadvertently open it on my computer. I don't use a mouse - a pen and tablet is far superior.....and nobody else can use them....gna gna gnaaaa!)

    I'm not getting email alerts to responses in this thread, which is why it looks like I'm inattentive.
    Regards, FenceFurniture

    COLT DRILLS GROUP BUY
    Jan-Feb 2019 Click to send me an email

  9. #8
    Join Date
    Apr 2010
    Location
    NSW, but near Canberra
    Posts
    418

    Default

    You could create a rule to move ALL emails to the spam folder, EXCEPT those which contain (one of) a/e/i/o/u in the body.

    That wouldn't block them, as such, but it would remove them from your inbox........

  10. #9
    Join Date
    Sep 2013
    Location
    Jarrahdale WA
    Posts
    370

    Default

    Quote Originally Posted by FenceFurniture View Post
    If you mean that is the solution.....that is what I use....
    Weird,
    I've been using Gmail for several years now and have not had a single spam email, not one, in all that time. We also use it as our side hustle email, and again there, nothing. Reporting the email to Google usually means they will get on it and block anything from that/those IP addresses

  11. #10
    Join Date
    Apr 2010
    Location
    NSW, but near Canberra
    Posts
    418

    Default

    Quote Originally Posted by david.elliott View Post
    Weird,
    I've been using Gmail for several years now and have not had a single spam email, not one, in all that time. We also use it as our side hustle email, and again there, nothing. Reporting the email to Google usually means they will get on it and block anything from that/those IP addresses
    If you run your own email server you can set up filters, and use commercial filtering systems, to fine tune your spam filters. Email providers like Gmail have such filters, but you're stuck within whatever degree of tuning (if any) they give you. Whether or not an email address is targeted by spammers is largely down to luck - if your address gets added to a list of known addresses, spam will arrive. Your address can become known to spammers by any numbers of means, but often it's because that address was recorded somewhere which was exposed (a hacked customer database, forum, someone else's email etc.). Depending on your browser security and what add-ons you have installed, it is also quite possible that email address data can be sucked out of your browser if you visit a website that is either designed, or has been hacked, to do so.

    Reporting email to Google may or may not have any impact. An email client gets it's IP address from the ISP, and mostly this is done on the fly so the client might get any of the tens of thousands addresses that are owned by that ISP, which makes "banning" that address pointless - the following day it may be given out to someone totally innocent of anything. Equally that spammer might use a completely different ISP the following day (hotspots etc.) so even warning the ISP is not too helpful. The email client connects to an email server to send email, but there are thousands of email servers, many of which do not require logins for "sending". Indeed whilst there is the ability to set up security on email transactions, many servers do not bother and simply allow anything to be sent and forwarded with minimal if any checking. Outgoing email address (sent from, reply to etc.) do not need "an account" unless the server in question has been set up specifically to check for one, and anyone can set up a server on their PC in minutes. The standards/rules around email and security are complex, but are often ignored simply because strict adherence creates too many problems. For example, technically (according to the rules/standards) Warb@blah is a different email address to warb@blah, because upper and lower case aren't the same. However most email systems are set to ignore that, because people write (and therefore type) names with a capital and it's painful for support staff to explain why that email got bounced or, worse still, silently dumped.........

    Another fascinating thing that happens is that non-existent email accounts get targeted. For example on a domain that I owned (lets call it zyx.com.au) I set up a catch-all mailbox, into which was dumped all the email to non-existent accounts at that domain. This is not standard, most email systems are set to silently dump messages to non-existent accounts, but I was testing something.... All of a sudden I noticed I was getting emails to "[email protected]", which didn't exist and had never existed. As far as I know, that domain name had never previously been registered so that address had never been a legitimate email address, yet the spam kept arriving. I can only assume that someone, somewhere, had faked that account name when they registered something and the spammers had got hold of it.... No other non-existent accounts were ever targeted, yet the mysterious "sarah" was bombarded daily!

    The reality of all this is that if by chance your email address is found and added to a list of known addresses (which are of course a tradable commodity, that's why everyone asks for your address - no-one ever reads the terms and conditions!) or by any other means becomes known to the spammers, it is very hard to stop them. Some filters block entire top level domains because they are rarely used for anything other than spamming, which is also why it's not wise to "buy" a domain name in one of the recent releases of top level domains - even the genuine users get filtered! But outgoing addresses, email addresses etc. constantly change and are often borrowed by the spammers from innocent users. If somebody starts sending spam "from" an innocent address they may have just faked it, but if all emails from that address are now blocked it's the innocent party that suffers.

    I have many email addresses at many domains. Some of them have never received spam, other get spammed all the time. It's just luck, BUT the chances of having bad luck are directly proportional to the degree of exposure of the address. An address that is never used on the 'net is very unlikely to be found, whilst one that is listed on web pages and used to register on hundreds of different services is almost certain to be found sooner or later..... Equally (from experience of fixing many peoples computers!) the more "dubious" the websites that are visited, the more likely it is that bad things will happen!

  12. #11
    Join Date
    Jan 2014
    Location
    Sydney Upper North Shore
    Posts
    4,464

    Default

    I have two email addresses. One is a Gmail account that gets no spam and the other is an Outlook account ( set up when I went with my current service provider) which I rarely use ( set up as a back up email address) and it gets hammered with spam. Heaps of Bitcoin spam. Following advice here and a bit if googling, I set up a rule to put anything with “itcoin” in the subject line in the trash folder. Works like a charm!! I couldn’t use the term “Bitcoin” as the “B” is in a different font or an ASCII character to the rest of the text and I couldn’t be bothered searching for it to include it.

  13. #12
    Join Date
    Apr 2010
    Location
    NSW, but near Canberra
    Posts
    418

    Default

    Something else I forgot to mention. Email processing rules and filters can be applied at the server or at the client. As I mentioned in my previous post, rules applied at the server are often not under the control of the email account holder, they are configured by the server admin. Such rules are used to process email before the client downloads them, so for example emails can be deleted without the client ever knowing they existed, or moved to a "spam" folder etc. Server based rules are applied when the email arrives at the server, whether or not the user has connected to their mailbox.

    Client based rules are (usually) configured and controlled by the user, and are applied when the emails are collected from the server. The exact way these work varies with the software involved, but the process is normally carried out by the client computer. This is important because if more than one email client is used (for example a PC and an iPhone) they may show different results if the process doesn't push those results back to the server. Some environments allow for the client to configure rules that are applied on the server whether or not the client is connected, but these are normally "corporate" style systems rather than generic, free mailboxes.

    I mention this because, by coincidence, I was just reminded of an interesting situation a few months ago. I was asked to investigate a "weird error" that someone was seeing on their laptop. They kept getting "bounce" messages telling them that a mailbox to which they were sending was full, but they weren't sending anything to that address. After some investigation I discovered that they had a couple of rules configured that silently forwarded EVERYTHING they sent or received to a third party email address. I'll say that again - EVERYTHING THEY SENT OR RECEIVED WAS BEING COPIED TO AN EMAIL ADDRESS THEY KNEW NOTHING ABOUT. They were only alerted to the fact that something was wrong because the email account in question had filled up its mailbox and its server was bouncing the messages. I have no idea how those rules came to be, I can only assume that they had clicked on something that had quietly set them up in the background. I also have no idea how long those rules had been there, so I could only advise the person in question that anything and everything they had communicated through email should now be considered "compromised". On the basis that it seemed likely that this had been done for "evil purposes", I suggested that they should change all their passwords ASAP, and at very least monitor their credit cards etc. (if not cancel them entirely) and take any other precautions that might be required given that someone somewhere had been getting copies of all their emails for lord knows how long! Then I cleaned up their machine and sent them on their way with advice to install Malwarebytes and be more careful in the future. They told me that they WERE careful and it had probably been done by some hacker on the free wifi in an airport somewhere. Hmm.

    Before anyone asks, I got no response from the company that provided the unknown mailbox.

    So rules can be good AND bad, and it's wise to check them sometimes!!

  14. #13
    Join Date
    Jan 2003
    Location
    Osaka
    Posts
    909

    Default

    Quote Originally Posted by FenceFurniture View Post
    If you mean that is the solution.....that is what I use....
    Then when you are logged in to gmail, find the offending message(s), hit Report Spam, do this whenever they turn up, and in short order gmail will figure it out after that.
    Semtex fixes all

  15. #14
    FenceFurniture's Avatar
    FenceFurniture is offline The prize lies beneath - hidden in full view
    Join Date
    Oct 2010
    Location
    1017m up in Katoomba, NSW
    Posts
    10,651

    Default

    I was away for a few days, and didn't see these posts. Thanks for all the info - I will read and digest a little later.
    Regards, FenceFurniture

    COLT DRILLS GROUP BUY
    Jan-Feb 2019 Click to send me an email

Similar Threads

  1. Bitcoin, or Bitcon
    By Grumpy John in forum NOTHING AT ALL TO DO WITH WOODWORK
    Replies: 132
    Last Post: 26th April 2021, 12:11 PM
  2. New boy on the block.
    By antonio in forum G'day mate - THE WELCOME WAGON -Introduce yourself
    Replies: 11
    Last Post: 27th May 2011, 07:35 PM
  3. New Block
    By itsposs in forum SMALL TIMBER MILLING
    Replies: 22
    Last Post: 2nd September 2010, 10:28 PM
  4. A Compendium of Block Planes: The HNT Gordon Block Plane
    By derekcohen in forum HAND TOOLS - UNPOWERED
    Replies: 8
    Last Post: 16th August 2008, 09:54 PM
  5. New Kid on the Block
    By Afric-arn-a in forum HAND TOOLS - POWERED
    Replies: 11
    Last Post: 2nd September 2006, 07:48 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •