Ed Brill

August 9, 2008

I saw your profile today

New spammer approach:

How are you today .my name is miss Juliet from Africa i saw your profile today(www.edbrill.com) and become very interested .so please it is urgent that you have to contact me immediately through above email id so that i will tell you my mind and give you my picture.

Congratulations to all the edbrill.com readers who interested miss Juliet today.

Posted by Ed Brill at 04:02:38 PM | 12 Comments
Location: Highland Park, IL USA

Comments

1) I saw your profile today
Nathan T. Freeman on 8/9/2008 5:02:50 PM - http://nathan.lotus911.com

Can she tell me her picture and give me her mind instead?

2) I saw your profile today
Andy Donaldson on 8/9/2008 5:06:35 PM - http://blog.macian.net

That tramp! I thought what we had was special!

3) I saw your profile today
Ian White on 8/9/2008 5:07:55 PM - http://www.computerweekly.com/blogs/IT-collaboration-technology-blog/

Dear mr BRILL

I have 1myllion dollars(US) and you only need to give me your banks details,logon detail and pass-words and you can have it all.

I am an orfan

Dr Ignasius Loopaper (miss)

4) I saw your profile today
Curt Carlson on 8/9/2008 5:10:07 PM -

Snooze you lose Suckers, I already sent her $4000 and she will soon be my wife!

Curt

5) I saw your profile today
Ed Brill on 8/10/2008 9:48:17 AM - http://www.edbrill.com

After thinking about this overnight, I am somewhat concerned...because the Dominoblog template is supposed to obscure e-mail addresses of commenters. Obviously, someone was able to harvest at least some of them. May have to rethink template or design here.

6) It’s Easy
Bruce Elgort on 8/10/2008 10:13:13 AM - http://elguji.com

Simply look at the source.

____javascript:dxMail('nathan.freeman','lotus911.com')______

7) I saw your profile today
Steve Castledine on 8/10/2008 2:02:07 PM - http://www.stevecastledine.com

Hi Ed - maybe just don't include them on the site (email links) - do you need to publish them? After all, if you do link to the email addresses the data has to be present in some form (even in the template obscured fashion - which just stops obvious harvesting but does not stop people manually looking). Will talk to you monday if you are around - its only configuration to include/exclude this.

8) I saw your profile today
Steven Kennett on 8/11/2008 6:37:05 AM -

She is real she was temping in our offices a few weeks ago, we had to get security to remove her after she started going a bit weird and getting too personal, I was scared !

Be on the lookout, your department might be next.........

9) I saw your profile today
Irv Schor on 8/11/2008 8:06:17 AM -

@2 - Does she have a twin sister?

10) I saw your profile today
Kerr on 8/11/2008 8:48:50 AM -

@ed, Have you changed your opinion since Jan 2007 { Link } ?

My recollection from that time was that you thought that spam was inevitable, so there's no point trying to hide addresses.

11) I saw your profile today
Ed Brill on 8/11/2008 9:42:00 AM - http://www.edbrill.com

@10 I still believe that, but I don't think I should force my opinion onto edbrill.com readers. I've had the e-mail addresses removed from public view... they will still be required for a valid comment post.

12) I saw your profile today
Bill Brown on 8/11/2008 11:11:58 AM -

I think the algorithm for breaking the addresses up into chunks was a little simplistic. The parts should have been swapped around, and perhaps randomized, with a key to the correct order. Something like

javascript:HideMail(3124,'own','e1b','wbr','org')

where the digits tell the script which order to assemble the parts in.

None of this does any good against paying people is developing online nations pennies per address manually harvested, much like they are doing with CAPTCHAs.

Since I haven't seen this, I wonder if "Juliet" is harvesting from the comments. I'm not you top commenter, but I do so fairly often. Either that, or the spam is getting blocked by the Spamhaus Zen RBL. Anything else would end up in my spam filter and I haven't seen it.