Spammers sending emails with spam images hosted on Google Storage Api
763 views
Skip to first unread message
Remy Medranda
Aug 19, 2020, 4:35:38 PM8/19/20
to Google Cloud Filestore Discuss
This is the kind of email I get constantly. How do I get this scammers email outside of my daily inbox?
Paz Stephen
Aug 27, 2020, 9:38:39 AM8/27/20
to Google Cloud Filestore Discuss
You have to make a total nuisance of yourself to the spammers and the people who pay them.
1) Report all hosted images to the hosts
2) Report the email via a tool like SpamCop.net (it definitely is reducing the volume I get)
3) SpamCop only looks at the links to sites in the email so you need to dig further for the redirects (and sometimes there will be many)
I take multiple approaches because the spammers do
A) CURL logging of the hops to each site. Sometimes it does not work because the spammer has some script detection of your chosen utility. If it works: You can grab the URL and run it through SpamCop as a single line to get the IP and the host abuse reporting address.
B) Failing the above you can use a browser and try catching the hop links/URL details. I can go in one place on the house and turn off Wi-Fi to slow it down. I find a well laid out report to all the service providers is generally well received and they do shut these nuisance people down.
C) A VPN connection can help. I tend to stick with the same VPN location. Other times I think the spammers detect VPN and block the hood from happening or send me elsewhere lol - I dunno if that is true really.
It’s a lot of effort, but eventually it seems to work. SpamCop is the important step in my opinion.
One last thing you can do is go to the American BBB website for the area of the US where the endpoint Is (the last hip, the ultimately spamvertized site). When you get to their website lookup their business name and address. Create a BBB complaint for the company. Send them the URL for the hops. One of the hops will typically have very good clear parameters after the link details. Those identify the affiliate party doing the work (who will be paid by the spamvertized business)
Contact them and say, stop. Just stop, if they say they are not responsible for third parties, tell them they are. The law says they are. They usually shut up when they realize the person complaining knows the legal situation.
Sometimes a service provide like AWS will tell you, “Here, our customer says this...” and their customer is claiming it’s nothing wrong. They are about as bad at telling lies as they are hiding themselves from responsibility in their spam!!
1) Report all hosted images to the hosts
2) Report the email via a tool like SpamCop.net (it definitely is reducing the volume I get)
3) SpamCop only looks at the links to sites in the email so you need to dig further for the redirects (and sometimes there will be many)
I take multiple approaches because the spammers do
A) CURL logging of the hops to each site. Sometimes it does not work because the spammer has some script detection of your chosen utility. If it works: You can grab the URL and run it through SpamCop as a single line to get the IP and the host abuse reporting address.
B) Failing the above you can use a browser and try catching the hop links/URL details. I can go in one place on the house and turn off Wi-Fi to slow it down. I find a well laid out report to all the service providers is generally well received and they do shut these nuisance people down.
C) A VPN connection can help. I tend to stick with the same VPN location. Other times I think the spammers detect VPN and block the hood from happening or send me elsewhere lol - I dunno if that is true really.
It’s a lot of effort, but eventually it seems to work. SpamCop is the important step in my opinion.
One last thing you can do is go to the American BBB website for the area of the US where the endpoint Is (the last hip, the ultimately spamvertized site). When you get to their website lookup their business name and address. Create a BBB complaint for the company. Send them the URL for the hops. One of the hops will typically have very good clear parameters after the link details. Those identify the affiliate party doing the work (who will be paid by the spamvertized business)
Contact them and say, stop. Just stop, if they say they are not responsible for third parties, tell them they are. The law says they are. They usually shut up when they realize the person complaining knows the legal situation.
Sometimes a service provide like AWS will tell you, “Here, our customer says this...” and their customer is claiming it’s nothing wrong. They are about as bad at telling lies as they are hiding themselves from responsibility in their spam!!
Jofre Riba Sanchez
Aug 27, 2020, 9:38:39 AM8/27/20
to Google Cloud Filestore Discuss
If you suspect there's some abuse in the usage of GCP (i.e. Not complying with the acceptable use policy [1]), you can use the "Report suspected abuse" form [2].
If you're using Gmail, you can mark those emails as spam [3] to train the spam algorithm, or directly create an email filter (if they have some common patterns to filter with) in order to send them directly to the spam folder [4].
Reply all
Reply to author
Forward
0 new messages