 |
 |
LinkBack URL
About LinkBacks
Is That Better?
Achievements:
I would like to give my sincere Thank You to all the posters in this very informative thread. I appreciate being given the opportunity to learn more about this frustrating problem that attacks everyone with an e-mail addy and an "internet life".
I also hope that we will receive some reasonable responses from the casino reps to help us feel more secure about this important issue.
Many Thanks People. Keep this info coming!!
Jod
Full Member
Originally Posted by lots0
That's something I hadn't thought of. It's possible that they're sniffing packets near the casino's and getting addresses that way, which obviously isn't the fault of the casinos at all.
It's unlikely in totesport's case as they don't sent me email generally, and I don't send them any either, but it's certainly one of the best explainations so far.
Ueber Meister
Achievements:
The "To" address is unencrypted even if you encrypt the body of your e-mail otherwise the mail servers along the route would not know where to forward the e-mail. Nervertheless, if you can sniff network traffic, you can probably get lot more valuable information than e-mail addresses.
"The voice of reason"
http://mb.winneronline.com moderator
Full Member
I use several email addresses for gambling as well and I can confirm that I did also receive the "Gold VIP Club" casino spam in my inbox of the email address which is registered with Totesport...
cyprean (11th December 2007)
Ueber Meister
Achievements:
Awards:
I had a look at that packet sniffer article, and it makes it clear that a spammer can't just sit at home and log into another network and sniff the packets. This means that in order to capture the packets, the sniffer must be either running within the casinos own networks, or on your home PC.
If a majority of totesport users are getting this spam to the E-mail registered there, but not to other E-mail addresses, then this points to a security breach at the Totesport end. In this case, either an employee has harvested the E-mail addresses, or the packet sniffer is operating within the Totesport network, having been planted maliciously - perhaps by a trojan application. The article also shows how hard it can be to trace.
It is also possible that only the E-mails are being targeted, and the packet sniffer could be on one or more of the mailservers that route the E-mails.
Other articles I looked at last night assert that the random generation of large numbers of possible addresses is not that common, and spammers prefer to have an idea that their targets are genuine recipients. Also, this problem can explain why sent E-mails are never received by the recipient. There are industry wide blocklists that can block whole domains, meaning legitimate users on that domain can find people claiming never to have received their E-mails. I am interested in that because of the number of times I have E-mailed casinos who then claim not to have received it, even though they have received other messages - this can be down to routeing, sometimes E-mails appear to come from a spammers domain, and at other times not.
Empty Fruities Astern Capt'n
Back to port for unloading.
Full Sails - before we get raided ourselves.
Experienced Member
This bit of information makes the "sniffing packets" stuff really go out of the window when Totesport is concerned. I don't see how "Gold Vip Club" spammers only buy information from packet sniffer who only target Totesport-emails.
[wild guesses]
It could be one of their employees or not. Totesport is a Playtech, but perhaps they have outsourced some of their casino operations, and the e-mail lists have leaked to an evil employee.
[/wild guesses]
.
PAB guy at Casinomeister
Achievements:
I just wanted to say that the gist of this is that the sniffers are an invasive thing: they must have access to the traffic in order to do their work. It's somewhat similar to having your phone bugged.
Useful links: Accredited Casinos & Poker Rooms ~ Casino Reps ~ Warnings ~ Rogue Pit ~ "No Can Do" ~ Forum Rules
NEW! CM's Annual Awards: Best and Worst in Online Gambling for 2011
Pitch-A-Bitch Stuff: read the PAB FAQ, Submit a PAB (don't forget to read the FAQ!), or dig around in the PAB Archives.
Other stuff: Max's Blog (ICE reports, editorials, et al). Feeling generous? ... Max's Wish List at Amazon!
Not a Damn Huggin Bear
Achievements:
lol... an expert after one article.I had a look at that packet sniffer article, and it makes it clear that a spammer can't just sit at home and log into another network and sniff the packets.
A packet sniffer can be run from anywhere, just like any program.
The real good ones (actually, the only ones that the real spammers use) are run remotely from a botnet.
Please note, I did NOT say that some casino employee did not sell a list of email addresses to some spammer, that very well could have happened.
However,
I am saying, that if your into odds... The odds are far far better that your email address got picked up by a packet sniffer, than it got sold to a spammer by some casino employee.
@GrandMaster, most packet sniffers will drop the packet if any part of it is encrypted. Of course, that can be changed by a tweak of the code. But then you have to compile and scan all the encrypted packets for unencrypted data, a massive task... So using encrypted email will still protect your email address better than not using encryption.
An evil email spammer is going to throw away good email addresses, because he got a few passwords... I don't think so... lolNervertheless, if you can sniff network traffic, you can probably get lot more valuable information than e-mail addresses.
Beware... Killer Teddy in the house...
Cheermeister
Achievements:
Just out of curiosity, I checked a hotmail account that I use only for testing purposes. No one has this address, and it is a VERY obscure address with a ficticious name, number combination, and dashes. This morning there were three spams in my inbox - and copied on were a few more email addresses like mine but a number or two off. Of course these were all generated by some spam random email generator. So this happens.
None of the spams were casino related.
@ lifechooser - who did you receive the spam emails from? Were these directly from the casino or were they from affiliates. If you can't tell, feel free to post them here with full headers.
Beer is living proof that God loves us and wants us to be happy
~Ben Franklin
Useful links: ~ Accredited Casinos ~ I-Gaming Representatives ~ Evil Section ~ My Wish List ~ Donate Now!
Full Member
I've answered both of those points before.
Hotmail is different, as so many people use the hotmail domain, it's worth spamming every permutation of name @hotmail.com as most of them will turn out to be valid addresses. This isn't the case with my own domain.
Also, when I named names, I gave the names of all the senders of the spam too. Since then I've had one to totesport from 'spin palace' (though the link points to http://www.bigspinwinners158.com/1/a320623/index.asp).
Here's some partial headers;
Totesport #3;
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple;
s=s512; d=vivayouarelucky.com;
b=H7yLbS4SOk6eBRm/hCJNdMiA3dzeuIuFI5O4Z268ProsLjcN3OXBwGpQ87l5agCi7w enSLcsbcb1i7f8JwD9jQ==;
Received: from mx56.vivayouarelucky.com [216.10.15.56] by vivayouarelucky.com [216.10.15.56];
Mon, 10 Dec 2007 14:02:56 EST
-------
Totesport #2;
DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=itsforyougetitnow.com;
h=from:to:subject:date:message-id:content-type;
q=dns/txt; s=s512; bh=ulzAB3gYJXNqsiMhkbPZi5xMNhE=;
b=V24d+pSJ76WXPvg/NQANCs0IS4ZBetA1+EXgAEDz9mWn0cMGTwj3yFB5w5FyD3U3m/pB9nVWp6iuGFI81BvIjw==;
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple;
s=s512; d=itsforyougetitnow.com;
b=Skqvq/ZiKlPey1eY/ckgADYqsITuY9HFvwM9YBrpUIDOECa/IHf6fVrhtzFk8fDlJMOpHL5Qymo1mst3zVp+IA==;
Received: from mx25.itsforyougetitnow.com [216.10.15.25] by itsforyougetitnow.com [216.10.15.25];
Sun, 9 Dec 2007 18:24:19 EST
MIME-Version: 1.0
------------
DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=superpalacegold.com;
h=from:to:subject:content-type:date:message-id;
q=dns/txt; s=s512; bh=PPXyHYv6Ou+5FBSNwoOzuk6aiCY=;
b=YafHjZz67gy+XS8A0MztstkPL1vyl+SyaTh+MCCho4lCzilJ kEi+ZbVdU/DSY0fK0ziUuReVR0Tt5p+QIxzvrw==;
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple;
s=s512; d=superpalacegold.com;
b=lR6ikWJj4gg2h1OxnpTAyUtRi7udJfxBAiB+ldGqvwmsvg3d ayBVabCa47RoteRf7VpYT1NeYepqrGAKElFEcQ==;
Received: from mx52.superpalacegold.com [216.10.15.52] by superpalacegold.com [216.10.15.52];
Thu, 6 Dec 2007 18:45:49 EST
MIME-Version: 1.0
----------------
So all of them came from 216.10.15.xxx which is godaddy. The domains were registered on 29th November 2007, by;
Doust, John dedijohn@gmail.com
dedijohn
cyprys limassol
limassol, lima 8234
Cyprus
357892949302
-------------------
Bluesq #1;
Received: from balmyd.net ([75.126.66.132])
by mx.kundenserver.de (node=mxeu17) with ESMTP (Nemesis)
id 0MKxIC-1IzGCL3MBS-00083p for bluesq@mydomain.com; Mon, 03 Dec 2007 19:39:18 +0100
Message-ID: <C2D05BFA.64F7864A@balmyd.net>
Date: Mon, 03 Dec 2007 20:12:32 +0100
Reply-To: <bluesq@balmyd.net>
From: <bluesq@balmyd.net>
MIME-Version: 1.0
---------------------
bluesq#2;
Received: from beardc.net (www.rockheads.com [74.200.253.12])
by mx.kundenserver.de (node=mxeu22) with ESMTP (Nemesis)
id 0MKr6C-1J0jci2VT4-0003xp for bluesq@mydomain.com; Fri, 07 Dec 2007 21:16:37 +0100
Message-ID: <2A2E6438.75AD1658@beardc.net>
---------------------
Whois;
Domain Name: BEARDC.NET
Registrant [1151825]:
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Rockheads.com;
Rockheads Comics & Games
2527 75th Street
Kenosha, WI 53143
US
(I suspect this may be a bot)
Domain Name: BALMYD.NET
Registrant [1151856]:
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Record created on: 2007-11-08 22:36:47
Casinomeister (11th December 2007), satchmo (11th December 2007), thisisvegas (11th December 2007)
Posting Permissions
Reply With Quote
Also: Moneybookers e-wallet for online gambling!
Bookmarks