The 401st Blow :: Thoughts On Media

Spam vs. Hijacking

Posted in Data Analysis, Software, Technology by Noah Harlan on July 19, 2011

The most common and widespread form of spam is spam from an alien sender directly to me. Alien in the sense that they are unknown to me and directly to me in the sense that it lands directly in my inbox (or, more often, my spam filter). An email address like and sent to dozens of variations of my email address. It’s carpet bombing and, like carpet bombing, is not very effective.

Increasingly the spam that does find its way into my inbox is of two related types. The first are hijacked direct sources: people I know who have had their accounts hacked and are unknowingly sending spam. And the second is indirect: social network accounts of people I know who have had their accounts hacked. Both types reveal a problem with traditional spam reporting. If I don’t know you and you send me spam then I am inclined to click the spam reporting link. If I do know you then I assume you’ve been hacked, but I don’t want to report you as a spammer because then you’ll potentially lose your account.

A solution would be a “report this as a hijacking” link adjacent to the “report this as spam” link on all messages. If the former is activated then the host would automatically change the passwords for the account, shut down outgoing mail, send an in-bound email to alert the user of the hijacking, and require re-authentication on the next login.

With this new feature I’d be inclined to report more of these incidents faster and networks & mail hosts could respond more quickly.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: