Spamwatch
A more serious tone to this month’s spamwatch: I’m wanting to share with you a very worthwhile site to help you identify scam and spam email, help you identify hoaxes, and share with you a security blog that I find to be of significant value. The best part is, they are all to be found on the same site.
If you’re worried about stealth viruses attacking your PC and hiding themselves away from your anti-virus software using what is called a “rootkit”, then you may be interested in downloading the Sophos Anti-Rootkit. You’ll need to give your name and address details however. On the other hand, if your anti-virus tools aren’t up to date in the first place anyway, you’re probably not going to take these additional steps to keep your PC secure (and you’re probably already infected anyway).
Of course, you may be asking:
What’s the point of me going to all this effort to try to keep my personal details secure, when the government manage to lose a CD with the bank details relating to 25 million UK residents…
…and I couldn’t deny you’d have a point, but there’s always the chance that the disks haven’t fallen into the hands of fraudsters (remember the rule of thumb: cock-up is always more likely than conspiracy), so it makes sense to try and keep your data secure at your end.
Anyway, I’ve scanned my PC with the Sophos anti-rootkit thingummy and it told me that I didn’t have any hidden items (and if I had, they might not necessarily have been malicious, given that Sony used a rootkit to intoduce copy-protection), so that’s good, and what you’d want to see. In my case, you can probably also put that down to a mixture of up-to-date virus protection and my paranoia about protecting my computer.
So that’s maybe worth checking out…
And then if you regularly get the sort of emails that exhort you to buy stock (spam), buy pharmaceutical products online (spam), claim that there’s a new really deadly virus about — usually using pseudo-technical language (spam), tell you that microsoft are going to pay some charity 0.001p for everyone who received the email (spam), or tell you that they are from the wife of the late whoever and that they need your help in moving £19.1 million out of some country for which they need the help of your bank account, and you can keep 10% (spam), then you need a fully-automated bullshit detector.
Many people come with one of these automatically built in: generally if you work in the field of IT — and particularly if you read up on spams and scams as I do — then it becomes more finely tuned, but if you feel your bullshit detector is not yet of sufficient quality, you might want to keep a close eye on Sophos’ list of hoaxes (the most recent and prevalent hoaxes is also available as a feed).
And remember, just because it’s not on the web, doesn’t mean it ain’t a scam. If you get a letter saying you’ve won a prize in the Spanish lottery, just *ahem* send us your bank details and *ahem* pay this advance fee of £7 grand and we’ll send you the half a million quid, it’s a scam. Ask yourself “did I enter the Spanish lottery?”. If you didn’t, and your bullshit detector still isn’t going off, then … well Viz (warning NSFW) spoofed the ad better than I could:
Fed up of being gullible? Send £1000 to PO Box …Viz
And, for the last part of the serious bit, if you want to find out what security researches do all day…
Hello…? Hello?
…oh well, if you do by any strange twist of fate have an interest in the latest security happenings, then you might want to pop over to the Sophos Security Blog, where you’ll get the latest web security information.
And without further ado, I’ll lead us through a mini-selection of comment spam (I do apologise, but the amount of amusing comment spam has declined recently — for the most part it’s just porn links and drug sites, so this is the best I could manage):
Hi All! Buy DRUGSBroNDDEXOR
See what I mean? Not particularly inventive, is it?
Respect you! Buy Louis Vuitton handbagJohn
Hmm. Sorry John, but if you did respect me, you’d know that I’m far too butch to be seen with a Louis Vuitton handbag. That and not being called Emily Howard.
Where to get bad rats?Bill
The sewer, I’d suspect. Next!
Nice article. I know you’ll like my site. Sayonara.Train Dolphins
Not a particularly original one either, but as I’d just been reading swimming with the dolphins (most definitely not safe for work) over at Screw Bronze!, this conjured up a somewhat unusual mental image…
Gear up for grub with a tripleheader of pigskin, including a meeting of brothers in Dallas. Everybody knows it’s been a rough year for her, but find out who else had issuesBetty
…um yes. Not entirely sure how that related to an article about web standards, and it’s got no links in it (not even a commenter link) so I think this one maybe goes down as the most bizarre spam of the month… or at least as the joint most bizarre spam of the month, as “James” wrote exactly the same comment on a different post.
But the comment that I feel most honoured about receiving must be this one:
It is a very interesting article I was amazed by reading your article and i got very important information about the interpretation of faith from this article. Thank you very much for such important information.Jesus Christ
What, the Jesus Christ? I’d not even realised he’d started his second coming, so to find that he has, and he’s chosen my site to help him understand and interpret faith is rather humbling. Assuming that he was of course the Jesus Christ, which I doubt… but now I’m running the risk of sounding like Thomas… so in order not to cause any offence I’d just like to say that if you actually were Him, then thanks very much for stopping by and feel free to ask whatever you like…
Hello. I am 
Best recommendation I could ever give for avoiding spam is to use GoogleMail (or GMail to our ‘friends’ over the pond).
In the last week alone, I have received 500+ spam emails and autoresponses from emails sent ‘on my behalf’ - NONE of which have made it into my inbox.