General Question

kneesox's avatar

If I wanted to spam people the way I get spammed, how would I do it?

Asked by kneesox (3636points) 2 months ago

I don’t want to. I’m just wondering how it’s done.

How do you get hold of a million active e-mail addresses and send messages to them all, at the same time?

One time I had to send out a group newsletter, and my account got suspended for suspicious activity because I sent out more than 50 messages at once.

How in particular do foreign spammers get all these U.S. addresses?

And if we know how it’s done, why can’t we shut them off?

Observing members: 0 Composing members: 0

18 Answers

gorillapaws's avatar

There are publicly available username/password lists from hacked websites. Since many of them require email addresses, you could write some code to extract them into a separate file. You could also write code that combines dictionary words with common email providers, any that bounce could be deleted. You can also buy lists from the dark web.

As far as sending the mails, you would have an email server running, and you’d spoof the from address.

zenvelo's avatar

^^^^^. You don’t have to buy a list from the dark web. There are commercially available sources to buy mailing lists. That’s why I still get emails at an address at a company that was bought by another company in 2005.

zenvelo's avatar

@kneesox The first step is to lose all self respect.

Zaku's avatar

Depends on who you mean.

The GOP spams me as if I were a deranged Trump supporter, I think because my email address was the only thing they read when I signed petitions telling them to stop being evil.

The Dems spam me because I gave money to support Bernie Sanders, and they stole that and my email, and handed it to every Dem money-soliciting candidate or group in the country.

Non-profits spam me because I sign petitions and have donated once in a blue moon.

Car warranty scum spam me because I registered an automobile with the government, who betrayed my trust by making it available to such scum.

And random other scumbags spam me from whatever other lists they have bought, stolen, or otherwise found. Some companies share or sell their lists. The big social media sites are rich because they sell info about people all the time. So have other companies, for a long time.

Email addresses can also be found by writing a computer program that trawls all the web sites it can find, automatically snatching anything that looks like an email address. They also automatically try inputting spam on everything that looks like a web form – and if they then receive an email in reply, they add it to their list of active email addresses, and sell them to other scumbag companies.

And yes, email addresses can also be stolen, by gaining access to a company’s email lists, or to users’ email address books, or by listening-in to email traffic and recording all of the email addresses listed.

To then send to those email addresses, there are also many ways, either by using a server that does allow mass emails, or setting up one’s own servers to do that, or by writing programs that go create free disposable email accounts on other servers automatically, and/or by putting inaccurate information in the FROM field, or other techniques. Such software and services are sold, so the scumbags who want to spam don’t really need to figure out much in order to do it.

The Internet connects most of the planet, and mostly doesn’t have national boundaries, except occasionally for some types of web requests to some sites, or when some government like China goes full-asshole censorship or something, and that doesn’t tend to stop the sort of activity spammers are doing.

“And if we know how it’s done, why can’t we shut them off?”
– Because “we” (the people who care and would really like it shut off) don’t have the resources, power, and legal authority to do what it would take, and the people who do have those things, don’t care enough about it, and/or have other priorities.

Also, it’s a bit tricky in many cases to find the spammers, particularly the sleaziest ones who leave the least followable clues. We know where the GOP and companies are, and could shut them down if we had enough power, but the countless scammers and sleazebags, especially the ones who only temporarily use others’ machines and services, are harder to find, and may be in other countries who would object to our kill teams, cruise missile attacks on the best Hyderabad appliance repair centers, etc.

RocketGuy's avatar

Good point – Dems spam me because I used to respond to their surveys. Took me months to unsubscribe from all of their spam lists.

Response moderated (Unhelpful)
YARNLADY's avatar

Why on earth would anyone want to be as bad as or worse than someone else?

kneesox's avatar

@YARNLADY, if you mean me, did you read the details or not?

Forever_Free's avatar

lists are available. If you want me to get some, i will hack in and harvest some for you.
Spammers do get shutdown. Firms like Constant Contact are in the business to do this and have high reputation scores, but every now and then some Tier 1, 2 or 3 ISP will blacklist you.

The next part is to find a site that has a good reputation score hack in and blast away.
There are plenty of tools out there to help you.
This sending site will soon be blacklisted from sending email traffic.
find another site, wash, rinse, repeat

C=Client
S=Server Response

C: HELO client.example.com
S: 250 Hello client.example.com
C: MAIL FROM:<mail@samlogic.com>
S: 250 OK
C: RCPT TO:<john@mail.com>
S: 250 OK
C: DATA
S: 354 Send message content; end with <CRLF>.<CRLF>
C: <The message data (body text, subject, e-mail header, attachments etc) is sent>
C: .
S: 250 OK, message accepted for delivery: queued as 12345
C: QUIT
S: 221 Bye

Dutchess_III's avatar

She said she didn’t want to @YARNLADY. She just wanted to know how they do it.

Buying things online is one huge way they get your info. I have a throw away email account specifically for online purchases.

kneesox's avatar

@Dutchess_III Thanks. Does your throwaway account get bombarded with spam?

Dutchess_III's avatar

Oh gosh yes. I think I have over 10,000 unread messages. None of my friends or acquaintances even have it, so it’s all spam.

KRD's avatar

How email spammers work is they copy a email for example lets say you receive emails from pay pal the scammers will get an email that looks like a pay pal email that says that there is something wrong with your account and you need to click a link but once you click the link it will automatically download something on your computer that will give the scammers all your personal information and all you passwords and know they can access your bank account and they will bankrupt you.

kneesox's avatar

@Dutchess_III, do you keep them? If so, what for?

Dutchess_III's avatar

No I don’t keep them. I only get into the account to check shipping info on an order. Sometimes I start deleting everything else like crazy. It’s like pouring water into a bucket with a hole.in it.

kneesox's avatar

If you don’t keep them, how do you have 10,000 unread messages? Why not delete them all?

Dutchess_III's avatar

I have. More than once. It just fills up that quick.
I don’t check the account that often.

Answer this question

Login

or

Join

to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
or
Knowledge Networking @ Fluther