Spam Attack! Help!
August 11, 2012 6:31 AM   Subscribe

Help! 10,000 new messages, all junk! What's going on?

Last night between about 5:20am and 8:00am, I got some 10,000 messages or so sent to my gmail address.

The address all come from some variant of ######@cui***.com (where #is a random number and * is a letter) so I can't block a single e-mail address and stop the flood.

Is this some kind of attack? How can I stop it? I can report a bunch of messages as Spam, but doing them all will take forever.
posted by synecdoche to Computers & Internet (11 answers total) 5 users marked this as a favorite
You can just filter anything from an address containing the cui sequence of letters to spam. They're not exactly common in English words, so you shouldn't miss much. Maybe cuisine related things? Hmmm.
posted by two lights above the sea at 6:58 AM on August 11, 2012

Response by poster: Oh, the plot thickens! In going through all of those messages there's one saying I sent a paypal account to somebody whose address is similar to the one I'm getting the spam from. HELP!
posted by synecdoche at 7:00 AM on August 11, 2012

Best answer: Oh and you an just select one, go to "filter messages like these," change the parameters to something effective (like that I suggested above), and then if your parameters are good, there should be an option to include all of the other emails. Easy peasy.
posted by two lights above the sea at 7:01 AM on August 11, 2012

there's one saying I sent a paypal account to somebody whose address is similar

I don't know what it means to send an account to someone, but keep in mind that messages which look like they came from PayPal may not actually be from PayPal. It's very likely that scammers are "phishing" for private information.
posted by jon1270 at 7:14 AM on August 11, 2012 [1 favorite]

Response by poster: Sorry, I meant to say sent a PayPal payment. I logged in to PayPal independently of the messages and there is a charge but it hasn't gone through because PayPal flagged it as suspicious. Apparently somebody in Milwaukee wants me to by them an iPod Touch.
posted by synecdoche at 7:16 AM on August 11, 2012

+1 to jon1270

Nowadays there are many many mails coming from what seem to be legitimate sources (AT&T, carriers, paypal, etc.) for billing or account notices that upon examination (hover over link determination) do not have valid links to those respective sources. All these are attempts to get you hooked and steal your information. Be very very careful.
posted by Bodrik at 7:44 AM on August 11, 2012

Okay, so your personal info has already been compromised to some extent. If you used the same passwords for any other popular websites (ebay, amazon, facebook, etc.) then it's time to change them. Continue to log into these sites independently, not by clicking links in emails. Let Paypal know that the flagged transaction is indeed fraudulent. Check the credit cards and bank accounts you've got linked to paypal for suspicious charges.
posted by jon1270 at 7:49 AM on August 11, 2012

Best answer: +1 to both jon1270 and Bodrik: DO NOT CLICK ON ANY LINKS sent to you from messages purporting to be from PayPal, AT&T, Yahoo or any other service provider whatsoever. These are spammers who want your personal info.

If you want to know what is going on with PayPal, do just what you did - go directly to the site and log in from there. You might want to go to your bank and anyplace else which has your financial information and check that out, too, just in case.

As for the messages - maybe you just got onto someone's spam list. Mark them as "spam" so the filters catch them in the future, then trash them.
posted by Rosie M. Banks at 7:50 AM on August 11, 2012 [1 favorite]

Best answer: I read an article (though I can't for the life of me find it again) recently about scams like this. The 10,000 messages are intended to hide the one genuine one in the middle so you miss the notification from Paypal or your credit card company or whatever account they're stealing from.
posted by Blue Jello Elf at 7:53 AM on August 11, 2012 [23 favorites]

Don't forget to add 2-stage authentication to your account if it's Gmail if you've not already done so.
posted by urbanwhaleshark at 8:38 AM on August 11, 2012 [4 favorites]

I think this is the article Blue Jello Elf is talking about (boingboing linked to it): Spamflooding as a smokescreen for another cyber attack.

If you can do your best to alert Google to this, they learn to study and figure out how to block these attacks.
posted by nanojath at 12:17 PM on August 11, 2012 [2 favorites]

« Older Am I sleep Ok-Cupiding?   |   Help me network a little less awkwardly (what to... Newer »
This thread is closed to new comments.