Recently in Spam Category
I got a "Service Message" spam from a company called Venista a couple of months ago. I eventually found out, after being passed between Vodafone and Regtel, that the best bet is to report it to the Data Protection Commissioner.
Three weeks after the original report I got an email from them stating:
We contacted Venista in relation to the sending of these messages and as a result they have suspended all their services in Ireland. They are also going to carry out an internal review.
They have removed your number from their database.
It's nice to see a Government organisation that is actually responsive :)
So, if you're in Ireland and get a spam sms, make sure to report it to the Data Protection Commissioner. There should be equivalent organisations in most countries who should also be able to help.
Adam has pointed out that SEC are planning on planning on taking action to combat the pump and dump spams doing the rounds. So far trading in 35 companies has been suspended in the aptly named "Operation Spamalot".
It is a logical step to take in order to curb the amount of such spams going out, however you would have to wonder how long before spammers twist the situation to their advantage? Blackmail anyone?
A new script was created in order to get around this limitation, which is available here. If no argument is passed to the script, it will return the aggregate numbers for all the zones, and if the zone name is passed in as an argument it will give the numbers for that zone. In both cases it will return two lines. The first is the number of positve hits on the zone, the second line is the total number of requests to the zone.
In order to use the script with mrtg you will have to edit the $statfile variable to point at where rbldnsd is outputting it's stats. For each DNSBL, you have to setup a target in your MRTG config. The target for sbl.spamhaus.org would be:
Target[sbl.spamhaus.org]: `perl /etc/mrtg/rbldnsdstat.pl sbl.spamhaus.org` MaxBytes[sbl.spamhaus.org]: 4800000MRTG should then be run every five minutes using cron.
Title[sbl.spamhaus.org]: RBLDNSD - sbl.spamhaus.org
PageTop[sbl.spamhaus.org]: <H1>sbl.spamhaus.org requests </H1>
According to greatfirewallofchina.org, Chinese citizens are unable to get to my blog. Not that this bothers me all that much. What is strange, is that Akismet is catching plenty of spam comments coming from Chinese ip space. Chinese spammers are also having no problem sending lots of spam email.
Are the spammers in China just technically advanced enough to get past the Great Firewall? Or do the Chinese authorities not care about spam traffic? All this is making my decision to drop all email from China at MTA time seem a lot more reasonable.
I mentioned last week how I managed to recieve a unsolicated message on my phone from vkap.net. Since the message was not a SMS, but rather a service message, Vodafone couldn't give me the five digit number which RegTel require in order to do anything about it.
The solution as it turns out is to contact the office of the Data Protection Commissioner. They can act on any complaints about unsolicited spam messages. Details for how to procede with reporting the spam are here.
Since I did the original post, I have gotten a lot of hits from other European countries. For these visitors, I can only suggest that you contact your local Data Protection Commissioner.
Got an interesting message on my Mobile today. The message is from "Peggy" and is a Service Message rather than a normal SMS Message. It's only content is
I have contacted both Vodafone and Regtel about this, however due to the way Vodafone's system works, their customer service won't be able to get access to the needed record until 24 hours have elapsed.
I decided to look into it and have turned up some interesting information about the people responsible for the spam. A whois of vkap.net indicates that "Venista Holding GmbH & Co. KG" are the registrants. They have have the same annonying flash based site at www.venista.de, www.venista.com and venista.co.uk. There is a piece of text at the right under "Company 2007" which can't be made out even after taking a screenshot and magnifying.
So far, so boring. What's more interesting is if you search for Venista on Google. Seemingly the UK version of Regtel, ICSTIS, has fined Venista twice before for various breaches of their Code of Conduct. The full details can be found here and here. From my reading of it, they first got fined £5000 and then £15000.
I also decided to check and see what the payload of the spam might be. A quick search for vkap.net turned up this post on F-Secure's blog.This particular form of spam has been showing up on networks around Europe since December 2006. The URL in the message is tied to your phone, so going to it in a normal browser is no good, you will just get an error. However, if you go to it on the phone, you will seemingly get signed up to a premium ringtone provider. The first ringtone might be free, however it will be €2 a pop after.
All this begs the question, how are these people able to send a "Service Message". I'm no expert on the SMS protocol, but I would have presumed that the service provider, in this case Vodafone would be the only one able to send a Service Message. Are Vodafone in bed with Venista, or have Venista found some other loophole to exploit in order to send the message?
I will be contacting both Vodafone and RegTel again tomorrow, and hopefully I will get some more light shed on the situation :)
Update (Mar 1st):
Seemingly it will take another 24hours to get the information from Vodafone.
Update (Mar 2nd):
They still don't have recent enough records. They seem to have access to the same information as I have on my online Vodafone account, so I possibly should be able to get the number when it appears there.
If only :( Seemingly I have won €4.8 Million in the last 4 months. Unforunately all the notifications have been caught by my spam filter and thrown into my Spam folder. They also all seem to be from countries in which I have never been, and from Lotto organisations who can't afford anything more than a Hotmail or AIM address.
Do people honestly fall for this tripe?