User not logged in - login - register
Home Calendar Books School Tool Photo Gallery Message Boards Users Statistics Advertise Site Info
go to bottom | |
 Message Boards » » Faniq.com spam email Page [1]  
synapse
play so hard
60939 Posts
user info
edit post

How in the hell is this not illegal?


GF gets an email purporting to be from one of her friends who sent her a private message through Faniq.com.

she [stuipdly] clicks the unsubscribe link at the bottom of the email, and she's taken to a page saying she's been unsubscribed. she closes her browser.

everybody in her address book gets an email/text with the same bullshit about her sending them a private message...it sounds like everybody in her address book gets a total of three emails/texts. assholes.


1) how is this not illegal?
2) can anything be done about it.


more info:
http://community.ca.com/blogs/securityadvisor/archive/2009/03/26/faniq-spam-technique-to-invite-new-customers.aspx (although my gf didn't get do most of the stuff in this article, she just clicked an unsubscribe link.)
http://salaswildthoughts.blogspot.com/2009/01/fan-iq-spam-or-virus.html

7/20/2009 12:22:20 AM

dakota_man
All American
26584 Posts
user info
edit post

omg, spam and phishing are illegal. that's how we'll get them.

7/20/2009 1:06:45 AM

Master_Yoda
All American
3626 Posts
user info
edit post

its phishing. bitch all you want govt doesnt care. you wanna do something about it, give me 5 mil and another 5 to all the white hats out there.

seriously i dont unsubscribe to shit. if i dont want it, i flag it as spam.

7/20/2009 1:18:29 AM

evan
All American
27701 Posts
user info
edit post

Quote :
"seriously i dont unsubscribe to shit. if i dont want it, i flag it as spam."


exactly.

clicking an unsubscribe link only serves to confirm to the spammer that the address in question is valid, and therefore can be sold for more money.

7/20/2009 1:20:29 AM

synapse
play so hard
60939 Posts
user info
edit post

^ i'm well aware of this (an the gf is now too :beatup

i can see her getting some increased spam as a result of her actions...but grabbing your address book and spamming that takes it to another level. but i guess it's "legal" huh.

7/20/2009 9:26:47 AM

Shaggy
All American
17820 Posts
user info
edit post

from the discription in the first link it looks like its 100% stupid user. It asks for the user's google account creds in order to get their address list. While it is shady as hell to spam a bunch of people using your address book, its definitely not a virus and i wouldn't even call it phishing.

On the page where it asks for gmail creds it has a checkbox labeled invite everyone on my contact list. The term phishing and social engineering generally mean using a human as the weakpoint in order to circumvent some security measure. In this case the application gives clear notice that its going to send something to everyone in your contact list. Options like that being checked off by default are nothing new.

tl;dr: nothing here thats even remotely close to illegal. Annoying? sure, but its only an issue for lazy users.

[Edited on July 20, 2009 at 10:51 AM. Reason : l;]

7/20/2009 10:49:46 AM

Shaggy
All American
17820 Posts
user info
edit post

hell, the emails even observe proper etiquette by using a correct from address with the faniq.com domain making it easy to block by sender address or sender domain

7/20/2009 10:53:34 AM

synapse
play so hard
60939 Posts
user info
edit post

Quote :
"It asks for the user's google account creds in order to get their address list. While it is shady as hell to spam a bunch of people using your address book, its definitely not a virus and i wouldn't even call it phishing."


Perhaps you didn't fully read my post. She never even went through that whole process...

Quote :
"she [stuipdly] clicks the unsubscribe link at the bottom of the email, and she's taken to a page saying she's been unsubscribed. she closes her browser."


that's it. she attempted to unsubscribe, and all her contacts were emailed/texted as a result.

7/20/2009 12:46:21 PM

Shaggy
All American
17820 Posts
user info
edit post

It doesn't work like that. Without a cross site scripting vulnerability or some really really specific malware, theres no way for it to get her gmail contacts. She had to have put her credentials in at some point.

7/20/2009 1:13:54 PM

synapse
play so hard
60939 Posts
user info
edit post

It was yahoo, and she didn't put her credentials in. But yeah, it seemed strange to me too.

7/20/2009 1:19:30 PM

 Message Boards » Tech Talk » Faniq.com spam email Page [1]  
go to top | |
Admin Options : move topic | lock topic

© 2024 by The Wolf Web - All Rights Reserved.
The material located at this site is not endorsed, sponsored or provided by or on behalf of North Carolina State University.
Powered by CrazyWeb v2.39 - our disclaimer.