329
submitted 6 months ago* (last edited 6 months ago) by henfredemars@infosec.pub to c/showerthoughts@lemmy.world

I wonder how many thousands of spam bots have tried to connect to the servers and send email using text ripped from these pages federated across numerous domains.

And they can’t just block one website. They’d have to individually block every node if they want to crawl the web for email addresses to steal. I hope it’s a real thorn in their side.

you are viewing a single comment's thread
view the rest of the comments
[-] moira@femboys.bar 76 points 6 months ago* (last edited 6 months ago)

At my instance I did setup a email wildcard (receive emails from any address on that domain which don't already have a account) and I get a lot of phishing and scam emails, most of them are send "to" /c/meta@femboys.bar, as link to this community is linked in sidebar, but I also seen emails "send to" random usernames

screenshot showing email mailbox, about 15 phishing emails

So yeah, It is happening, i wonder how bad it is on larger instances

[-] henfredemars@infosec.pub 14 points 6 months ago

Wow! Thanks for confirming my suspicions.

[-] abbadon420@lemm.ee 10 points 6 months ago* (last edited 6 months ago)

The horror! I hope you have a good spam filter

[-] moira@femboys.bar 5 points 6 months ago

thankfully that is a special mailbox for spam, I sometimes like to come through the emails and see where they submit the data, and maybe submit some data on my own, plus report the issue to website owner/hosting

[-] PM_Your_Nudes_Please@lemmy.world 6 points 6 months ago

I personally love my catch-all email domain. Anything that isn’t addressed to a specific list of addresses lands in a generic secondary inbox. So like I can have a personal inbox with the email address I give to friends, a work inbox for the address I give to clients, and an “everything else” inbox that isn’t associated with either work or personal emails.

It also allows me to easily identify which companies are selling my info. If I sign up to a Walmart membership with “Walmart@[domain]” and then start seeing a bunch of spam at that address, I know they sold my info to some ad company. I can simply burn that address; I just filter everything from that address straight into spam. And now my inbox is clean again.

[-] RGB3x3@lemmy.world 4 points 6 months ago* (last edited 6 months ago)

Crap, that sounds amazing! Any good resources you'd suggest for getting started with doing that?

[-] lord_ryvan@ttrpg.network 1 points 5 months ago

Btw, the last one can be done via plus-addresses on at least GMail and Outlook; rgb3x3+walmart@outlook.com will forward to rgb3x3@outlook.com, and you'll see that it was sent through rgb3x3+walmart@outlook.com at the top.

[-] EtzBetz@feddit.de 3 points 6 months ago

I was searching for this, but how can you do a wildcard account which will just receive mails from all aliases?

[-] moira@femboys.bar 5 points 6 months ago

it depends on your email provider/server, search under term "catch-all" or alias. I'm using a self hosted email on hestiacp, which have a option under domain email settings

this post was submitted on 11 May 2024
329 points (96.1% liked)

Showerthoughts

29522 readers
902 users here now

A "Showerthought" is a simple term used to describe the thoughts that pop into your head while you're doing everyday things like taking a shower, driving, or just daydreaming. A showerthought should offer a unique perspective on an ordinary part of life.

Rules

  1. All posts must be showerthoughts
  2. The entire showerthought must be in the title
  3. Avoid politics
    1. NEW RULE as of 5 Nov 2024, trying it out
    2. Political posts often end up being circle jerks (not offering unique perspective) or enflaming (too much work for mods).
    3. Try c/politicaldiscussion, volunteer as a mod here, or start your own community.
  4. Posts must be original/unique
  5. Adhere to Lemmy's Code of Conduct-----

founded 1 year ago
MODERATORS