Spam through a PDF?
March 16, 2009 4:56 AM Subscribe
Somebody downloaded a file off my server and now they are getting specific spam. How is this?
I uploaded file.pdf to www.subdomain.domain.co.uk and sent the http://www.subdomain.domain.co.uk/file.pdf link via email to a friend so they could view or download. They downloaded the PDF onto their desktop and viewed it.
The file.pdf was some 3D CAD renderings and the Meta of the PDF said similar.
Now my friend is getting loads of spam emails to their email address offering 3D CAD services.
Coincidence or have they been botted. If so, what can I do to stop this if I have to send said link to say.... clients / prospective employers, etc.
further information: there is no index.htm file on the subdomain. both emails use mail.app, me with a gApps account and friend with supermarket.com account out in the cloud. all spam messages are coming from supermarket.com addresses and addressed to the same person, a Dorothy something-or-other.
what's going on?
I uploaded file.pdf to www.subdomain.domain.co.uk and sent the http://www.subdomain.domain.co.uk/file.pdf link via email to a friend so they could view or download. They downloaded the PDF onto their desktop and viewed it.
The file.pdf was some 3D CAD renderings and the Meta of the PDF said similar.
Now my friend is getting loads of spam emails to their email address offering 3D CAD services.
Coincidence or have they been botted. If so, what can I do to stop this if I have to send said link to say.... clients / prospective employers, etc.
further information: there is no index.htm file on the subdomain. both emails use mail.app, me with a gApps account and friend with supermarket.com account out in the cloud. all spam messages are coming from supermarket.com addresses and addressed to the same person, a Dorothy something-or-other.
what's going on?
One (or both) of the email services scans the content of its users' mail, and then uses the data to send specific, targeted ads based on the content--subject lines, attachments, etc.
It's a pretty common tactic for "free" email services.
posted by bhayes82 at 8:00 AM on March 16, 2009 [1 favorite]
It's a pretty common tactic for "free" email services.
posted by bhayes82 at 8:00 AM on March 16, 2009 [1 favorite]
One (or both) of the email services scans the content of its users' mail, and then uses the data to send specific, targeted ads based on the content--subject lines, attachments, etc.
Whoa. That's an astonishing claim about Google. They display targeted ads. If you have any evidence that they spam, I'd be happy to hear about it.
posted by rdr at 9:23 AM on March 16, 2009
Whoa. That's an astonishing claim about Google. They display targeted ads. If you have any evidence that they spam, I'd be happy to hear about it.
posted by rdr at 9:23 AM on March 16, 2009
Oh I see. You're saying that supermarket.com is doing this. Sorry.
posted by rdr at 9:24 AM on March 16, 2009
posted by rdr at 9:24 AM on March 16, 2009
In my experience end users always have conspiracy theories about infections. "The computer next to mine is sending me spam." Theyre usually wrong. Its probably a long time infection and feeds back advertising info via spyware to the spammer. It saw the CAD application and phone home. Have them go to housecall or do a full virus scan.
If youre paranoid just download that pdf again and scan it. If you dont trust your own scanner you can use this online one.
posted by damn dirty ape at 11:31 AM on March 16, 2009
If youre paranoid just download that pdf again and scan it. If you dont trust your own scanner you can use this online one.
posted by damn dirty ape at 11:31 AM on March 16, 2009
This thread is closed to new comments.
Adobe Reader (depending on their version) is currently vulnerable to malicious exploits. So, this may be the cause of their issue. Here's a link to Adobe's security bulletin: http://www.adobe.com/support/security/advisories/apsa09-01.html
I would recommend they upgrade to the latest version (or ditch Adobe for an alternative like FoxIt).
posted by bwilms at 6:22 AM on March 16, 2009