Bluefrog under attack?

[Johan]

i am subscribed to the bluesecurity antispam list
(http://www.bluesecurity.com)

i received this spammail from a bluefrog hater?
i did not notice a dramatic fall back of my received spammails yet
but it looks as Bluefrog succeeded at making some spammers really angry...

i am not even considering to give in

Johan


------------------------------------------
Hey,

You are receiving this email because you are a member of BlueSecurity
(http://www.bluesecurity.com).

You signed up because you were expecting to recieve a lesser amount of
spam, unfortunately, due to the tactics used by BlueSecurity, you will
end up recieving this message, or other nonsensical spams 20-40 times
more than you would normally.

How do you make it stop?

Simple, in 48 hours, and every 48 hours thereafter, we will run our
current list of BlueSecurity subscribers through BlueSecurity's
database, if you arent there.. you wont get this again.

We have devised a method to retrieve your address from their database,
so by signing up and remaining a BlueSecurity user not only are you
opening yourself up for this, you are also potentially verifying your
email address through them to even more spammers, and will end up
getting up even more spam as an end-result.

By signing up for bluesecurity, you are doing the exact opposite of what
you want, so delete your account, and you will stop recieving this.

Why are we doing this?

Its simple, we dont want to, but BlueSecurity is forcing us. We would
much rather not waste our resources and send you these useless mails.


Its simple, we dont want to, but BlueSecurity is forcing us. We would
much rather not waste our resources and send you these useless mails,
but do not believe for one second that we will stop this tirade of
emails if you choose to stay with BlueSecurity.
Just remember one thing when you read this, we didnt do this to you,
BlueSecurity did.

If BlueSecurity decides to play fair, we will do the same.

Just remove yourself from BlueSecurity, and make it easier on you.

Owen Wheeler

Now I must rinse.He could see it lying in there like the curved foot of
a rocking chair, pressing the tongue of the lock, holding it in place,
holding him in place.I hope she will be tried again on one of the other
counts.Chief MChibi "Beautiful One»was the Keeper of the Fire, and
inside his hut were better than a hundred torches, the head of each
coated with a thick, gummy resin..

------------------------------

 

[lennart]

The same here. The point of the message is: "you have to unsubscribe,
otherwise we will attack you ... bluesecurity.com is down." Yeah right,
how can i unsubscribe?

And yes, there are some people really mad on bluesecurity.com ...

 

[Daniel Mandic]

i am subscribed to the bluesecurity antispam list
(http://www.bluesecurity.com)

You never watched 'yellow submarine', from the Beatles?


Just believe, most of the spammers you cannot catch on the world. ;-)
At least not, with Earthly-methods (police, cops, judge, spies, hunter
and such else....)

And those who fights them all the time w/o effort (just read the above)
are also spammer for me.




Best Regards,

Daniel Mandic

 

[Ron May]

i am subscribed to the bluesecurity antispam list
(http://www.bluesecurity.com)

i received this spammail from a bluefrog hater?
i did not notice a dramatic fall back of my received spammails yet
but it looks as Bluefrog succeeded at making some spammers really angry...

i am not even considering to give in

It's probably too late to give in, so unsubscribing now is pointless.

The email you received just proves the point I raised about the flaw
with Bluefrog. Asking spammers to be nice and voluntarily remove you
from their mailing list (with a veiled threat of "Denial of Service"
attack) doesn't work, and, despite Bluefrog claims to the contrary,
your email address IS compromised in the process.

It doesn't matter HOW your email was extracted from Bluefrog lists.
The fact is it WAS extracted, and spammers can apparently tell when
you UNsubscribe (although that doesn't matter much once they have your
valid address in the first place.)

 

[Craig]

It's probably too late to give in, so unsubscribing now is pointless.

It doesn't matter HOW your email was extracted from Bluefrog lists.
The fact is it WAS extracted, and spammers can apparently tell when
you UNsubscribe

This could get exciting.

As of 9a35 PDT, bluesecurity.com is unreachable by ping, tracert, etc.
Now that "someone" has succeeded in taking them off line, it is a
federal offense. Maybe the feds won't find them but the stakes have
just been raised considerably.

<I'm popping the popcorn, pulling up a chair and waiting for round 2>

-Craig

 

[SPRThompson]

I am now also getting these emails - very regularly ! =(

It's obvious to me now how they do it - all the must do is create 2
lists, one with all their emails on, and another that is cleaned by
BlueFrog. Then all they do is spam the ones that are on the first list
but not the second.

I'm so irritated now about bluefrog - i uninstalled it because it
sucked anyways.. now i'm paying the cost with more spam.

 

[Craig]

I am now also getting these emails - very regularly ! =(

It's obvious to me now how they do it - all the must do is create 2
lists, one with all their emails on, and another that is cleaned by
BlueFrog. Then all they do is spam the ones that are on the first list
but not the second.

I'm so irritated now about bluefrog - i uninstalled it because it
sucked anyways.. now i'm paying the cost with more spam.

Fwiw;

Keep us posted as to Bluefrog's response. I'd hate to see them get
swamped out of existence. Btw, if that's your un-munged email, get
ready to have it harvested by spammers.

<puts popcorn down>

-Craig

 

[Johan]

(e-mail address removed) schreef:

I am now also getting these emails - very regularly ! =(

It's obvious to me now how they do it - all the must do is create 2
lists, one with all their emails on, and another that is cleaned by
BlueFrog. Then all they do is spam the ones that are on the first list
but not the second.

I'm so irritated now about bluefrog - i uninstalled it because it
sucked anyways.. now i'm paying the cost with more spam.

doesn't matter to me
i like to get kicked around with this mailadress
exited to be midst of a war
see how it will be in the next round

johan

 

[bob]

I signed up multiple email addresses at bluesecurity to see if it would
work at all. So far I have seen only a small improvement. I have also
been receiving the threat mail, the only thing is that it is only going
to one of my listed addresses. If they were able to crack the DNIR at
BlueSecurity, wouldn't all of my listed addresses be getting this
threat mail? Yesterday when i was still able to read the forums at
bluesecurity, many other users also reported the same occurrence.

-Bob

 

[Morten Skarstad]

Craig skrev:

This could get exciting.

As of 9a35 PDT, bluesecurity.com is unreachable by ping, tracert, etc.

After multiple attempts I managed to get through. But even resolving the
IP address took ages, so something is obviously amiss.

 

[maverynthia]

After multiple attempts I managed to get through. But even resolving the

IP address took ages, so something is obviously amiss.

I hear that some people that have never heard of BlueSecurity and
BlueFrog are also getting hit....

 

[meet_raman]

Mr. Ron

You might be right that our emails have been compromised but just dont
be so sure of it

ever heard of websites being Joe-Jabbed?

read this:
http://www.belch.com/~blog/2006/05/02/blue-security-gets-joe-jobbed/

 

[meet_raman]

forgot to mention.. i am NOT recieving any such emails.

also, the person above me posts:
I hear that some people that have never heard of BlueSecurity and
BlueFrog are also getting hit...

dont give up so soon... thats what spammers want us to do!

if someone like bluesecurity has taken an initiative.. support them all
the way

someone is really pissed... their site is under attck for 5 days now...


also read:
http://www.belch.com/~blog/2006/05/02/the-blue-independence-war/

 

[lennart]

In the "hate"mails about bluefrog was written that i should get every
day tons of spam. The spammer made this true ... for only one day! I
now get a normal number of spam (ok, spam isn't normal, but anyway ;-)

 

[Bezzeb]

I think extraction and compromise are the wrong words when it comes to
the BF database Ron.

Verified would be accurate. I understood on day one when I signed up
at Blue Sec. that any numb nut out there who already had my e-mail
address could run the Blue Security list cleaner and do a difference
test to confirm if I'm a Blue Security member or not. It took the
spammers a YEAR to figure this out. A testament to their supreme
stupidity. I have done careful checks of my 500 spam per day - none of
the previously un-spammed accounts have been discovered by the
criminals. They are still clean and have not been compromised or
extracted. Period.

Besides - I've got nothing to hide. Even if they build quantum super
computers to factor the huge numbers required to crack the Blue
Security encrypted hash: I'm a proud Frog user and don't care if the
spammers know my affiliations - ultimately they will know not to mess
with us.

Also - please remember that each time you get a spam, you are being
INVITED to visit or call them via the advertised means!! Why does
everyone forget this??? If EVERYONE visited every site in every spam,
would that be a DDoS attack? No. It would be you exercising your
right to free communications and speech. Blue Froggers just have a
tool that allows us to automatically visit their sites as fast as they
can automatically send us solicitations. And jeeze. The Frog client
just enters polite text into their text fields. It doesn't hammer them
mercilessly all day and night.

If these opt-out requests crash their servers it's because of one of
two things.

A: They must scale their servers and ISP connections UP to be able to
handle the number of solicitations they send out. Duh. Market
economics here.
-or-
B: They must scale their solicitations (spam) down to be commensurate
with their ability to handle the traffic they generate.

Option B is their only viable choice since their profits only exists
because their costs are so damn low. (Using stolen resources most
often.) Also they are advertising to a demographic which will NEVER
give them anything but a headache. Any business man who was interested
in making money wouldn't behave as they are. They are doing these
attacks against us because they enjoy doing wicked and destructive
deeds. It's their high. They feel powerful when they cost innocent
people time, money and nuisance.

So to conclude: BF doesn't employ DDoS attacks. We don't want them to
shut down their pill, porn, mortgage, fill-in-the-blank selling sites -
we just want them to take us off their list. Is that so bad?

All the best guys, keep up the fun discussions!
Bezzeb.

 

[Ron May]

I think extraction and compromise are the wrong words when it comes to
the BF database Ron.

Verified would be accurate.

If "verified" suits you, so be it. At the end of the day, WHICHEVER
word you use, the result is the same: Spammers have your email
address and a pretty good idea that it's active, no mateer what method
they use to collect/harvest/compile/copy/sort.... pick one. It's a
distinction with no meaningful difference.

(...)

I have done careful checks of my 500 spam per day - none of
the previously un-spammed accounts have been discovered by the
criminals. They are still clean and have not been compromised or
extracted. Period.

I want to make sure about the claim you're making. If you're saying
that you subscribed some "pristine" (un-spammed) accounts that NEVER
got much spam in the first place, then a spammer running their
original "bulk" list head-to-head against a "cleaned" Bluefrog list
for differences probably WOULDN'T contain many "un-spammed" (or
pristine) addresses and I wouldn't expect it to. They weren't on the
original "bulk" list to begin with.

The REAL question is whether or not using Bluefrog results in a
considerable and measurable REDUCTION in spam on an existing account
that's already being spammed. That's a result thay CLAIM can be
achieved by getting spammers to cleanse/remove/filter/opt-out (again,
pick your word) Bluefrog members from their lists. I think the jury
is still out on whether it makes a difference or not.

You say you're getting 500 spams a day. How does that compare with
what you were getting BEFORE Bluefrog on the same accounts? And if
there is a decrease, can you honestly attribute it to Bluefrog and not
any other measures you might also have taken during the same time
frame?

(...)

If these opt-out requests crash their servers it's because of one of
two things.

A: They must scale their servers and ISP connections UP to be able to
handle the number of solicitations they send out. Duh. Market
economics here.
-or-
B: They must scale their solicitations (spam) down to be commensurate
with their ability to handle the traffic they generate.

Option B is their only viable choice since their profits only exists
because their costs are so damn low. (Using stolen resources most
often.) Also they are advertising to a demographic which will NEVER
give them anything but a headache. Any business man who was interested
in making money wouldn't behave as they are. They are doing these
attacks against us because they enjoy doing wicked and destructive
deeds. It's their high. They feel powerful when they cost innocent
people time, money and nuisance.

So to conclude: BF doesn't employ DDoS attacks. We don't want them to
shut down their pill, porn, mortgage, fill-in-the-blank selling sites -
we just want them to take us off their list. Is that so bad?

Quite honestly I wouldn't care if someone found a way to turn spammer
servers into a pile of molten metal and silicon, but your "option A/B"
business plan assumes spammers OWN the hardware and have a capital
investment involved, instead of using someone ELSE'S hardware to host
throwaway domains for a few days (or even hours) before they expect to
get shut down anyway. Spammers aren't concerned about building
product identification, long term customer loyalty and repeat
business. They're out to scam whatever bucks they can in whatever WAY
they can as FAST as they can in "hit and run" fashion.

My summary reads like this:

It's ALWAYS a bad idea to provide a way for spammers to (pick a word)
your email address. Your VERIFIED (using your opening term) email
address is their most valuable commodity, and it's highly portable. To
me, using Bluefrog is on a par with responding to an "unsubscribe"
link. Best NOT to do it.

I could be wrong, but there doesn't appear to be credible evidence (as
opposed to marketing hype, wishful thinking and a barely disguised
desire to "stick it" to spammers) that the concept works IRL. It
reminds me of the "bounce" feature in mailwasher. Great concept, a
lot of people initially liked it, but they later found out it just
doesn't do any real good.

If you think Bluefrog is great, then, as the song goes "If you're
happy and you know it, clap your hands." I won't use it, and I can't
in good conscience recommend it to somebody whose thinking about it
but hasn't decided to make the leap (no frog pun intended.)

--
Ron M.

 

[meet_raman]

hmmmmm... @ron

if it doesnt work, why
1> was the site attacked? apprently it did do "something"
2> you did not respond to my earliar post. plz do have a look
3> i again ask you to read something (if i may!):
http://www.realtechnews.com/posts/3011

from this very page:

This sounds scary, but it's not as bad as it sounds. Blue
Security's email address registry remains secure contrary to what
this spammer would have you believe. The way subscribers' emails were
obtained was by checking the spammer's own list of emails against the
Do Not Intrude registry. Normally spammers will get the emails of those
who subscribe returned to them and will then remove those emails from
their spamming lists. This one, however, has taken another approach.
Instead of taking those hits off of his spam lists, he is sending them
these intimidating emails.

What's so funny about this approach is that if you do remove yourself
from the Blue Security registry, you'll still receive normal spam
from this spammer. He has no intention of taking your email address off
of his spam list, he just wants you to stop fighting back against the
spam you already receive from him (Blue Security only goes after
spammers who send spam emails with no opt-outs to its members). Emails
like this are proof that Blue Security is getting noticed by these
spammers by making it unprofitable for them to continue sending their
unsolicited mail to unwilling recipients. Recently Blue Security has
made great strides toward its goal of eliminating spam for its users.
On the account where I received this email, I used to receive over a
dozen spams every day. Recently, within the past two weeks, I have seen
spam to this address slow and almost halt. Today I'm averaging just
one or two spam emails daily.

 

[nanas]

Good decision ,,, not to cave in

If the spammers are motivated to use this sort of tactic I think it is
reasonable to assume that BlueSecurity has had some effect on their
invasive spamming activity, This looks more like a good reason to use
BlueSecurity than it looks like a reason to bail out.

 

[nanas]

Strangely enough after posting my last reply a received spam with the
following text. I am not a Blue Frog user, so these spamming jerks
apparently are trying to run a bluff.

===
The Blue Frog member email database has been compromised, and is
currently being distributed worldwide to spammers and to the public.
Attached to this email, you will find a zip file of the Blue Frog
database, which includes your own personal or business email
address(es). If you have not uninstalled Blue Frog yet, we highly
suggest you do so now in order to avoid your involvement in this war
any further.

 

[meet_raman]

^^ to the last poster ^^

yea, apprently they have been Joe-Jabbed..

i again point you people to:
http://www.belch.com/~blog/2006/05/02/blue-security-gets-joe-jobbed/

and yea, i too got this email today that the last poster pointed out...

and yea, there was no attachment, lol!

here is the complete text and some easy to observe things that point
out that it is indeed an attack against Blue Security
---------
X-Apparently-To: (e-mail address removed) via 68.142.199.192; Sun, 07 May
2006 01:24:38 -0700
X-YahooFilteredBulk: 80.140.227.14
X-Originating-IP: [80.140.227.14]
Return-Path: <7mnyhm-AT-vista.com>
Authentication-Results: mta353.mail.scd.yahoo.com from=vista.com;
domainkeys=neutral (no sig)
Received: from 80.140.227.14 (HELO p508CE30E.dip.t-dialin.net)
(80.140.227.14) by mta353.mail.scd.yahoo.com with SMTP; Sun, 07 May
2006 01:24:37 -0700
Message-ID: <[email protected]>
Location: 745 congestion hare
Reply-to: "Jeanie Cornelius" <7mnyhm-AT-vista.com>
From: "Jeanie Cornelius" <[email protected]> Add to Address BookAdd to
Address Book Add Mobile Alert
Content-Class: urn:content-classes:notice
Content-Class: urn:content-classes:appointment
To: Send an Instant Message "Plankeye2001" <[email protected]>
Subject: http://www.bluesecurity.com
Date: Sun, 07 May 2006 05:18:28 -0400
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="--0904020922281559"
Content-Length: 649

Dear Blue Frog Member,

As a follow-up to our previous emails, and, as promised, we are
stepping up in the fight against Blue Security.

The Blue Frog member email database has been compromised, and is
currently being distributed worldwide to spammers and to the public.
Attached
to this email, you will find a zip file of the Blue Frog database,
which includes your own personal or business email address(es). If you
have
not uninstalled Blue Frog yet, we highly suggest you do so now in order

to avoid your involvement in this war any further.

Leaving your email address on the Blue Frog list is a risky choice, as
we will uphold our promise not only to increase your spam by 20 times
the amount you are receiving now, but to continue to make this list
publically available as well. Also, as the Blue Frog member database is

updated, we will find more creative ways in which to use it, and
frequently release it to whomever we wish.

Blue Security, Inc