cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

email support

Ask us about your TalkTalk email account and Webmail.

Spam emails

Ricardo80
Team Player
Private Message TalkTalk
Message 79 of 79

In recent weeks I have been plagued with spam emails, now dozens per day. 

I have tried blocking through my iPhone but I’m fighting a losing battle.

Can anyone please help?

0 Likes
78 REPLIES 78

Message 1 of 79

Hi BG,

You do not say what type of spam you are receiving, if you have access to the source code go to the top and find the Ip address that is usually in [(xx-xx-xx-xx)] this is 4 sets of numbers in two sets of brackets, go online search "infobyip.com, or any ip tracker and past in the IP adress Number.

This tell you where the email originated from and if its microsoft server or local.

The Domain name usually xxx.com or could be org or other. any thing before can be ignored, Just a name and .com. go online and seach for "who is" try Namecheap about 8th on the list as it quite simple to use and results are quite clear, paste in the domain name, this will tell you who sold the domain, e.g Registrar.

Someone has access to this domain, however, they can use a domain and redirect to another site so you could use redirect-checker.com and paste in the whole link, this is usually between the " ht..s//full domain name............................", this should tell you where it goes.

If you can confirm a University connection them report it.

CanTheSpam 

0 Likes

BeachGirl
Participant
Private Message TalkTalk
Message 2 of 79

I am also suffering with a lot of spam and the common domain name fro my spam using @Canthespam's tip is The University of Wales Trinity St David! Could this be right?? It is a rogue student plaguing us all??

0 Likes

Message 3 of 79

Who is Bit.ly as far as I know its a storage site for shortening domain names.

 

Spamcop is the way forward the more people who use it the more reports get sent against the spammer, they find out where the emails are sent from and report them aswell as where the email picture, lamding page and data harvesting are coming from.

 

If sufficient complaints are raised the Registrar has to legally act on these complaints and remove these domains, so if we all used this free service the Registrars would be overwelhmed  and it all adds up to put more pressure on the Registrars who have a legal obligation to ICANN.

0 Likes

Canthespam
Chat Champion
Private Message TalkTalk
Message 4 of 79

One has to remeber

In October 2015, British telecommunications provider TalkTalk experienced a cyber attack that resulted in a data breach. As a consequence, personal and banking details of around 160,000 customers were illegally accessed.[1]

In the course of the attack, TalkTalk received a ransom demand from a group claiming to be responsible. Some customers complained that they were targeted by criminals before TalkTalk disclosed the cyber-attack, and the Chair of the Home Affairs Select Committee said "Suggestions that TalkTalk has covered up both the scale and duration of this attack ... must be thoroughly investigated.

 

 

0 Likes

Rootin
Conversation Starter
Private Message TalkTalk
Message 5 of 79

A ha, you meant word not windows.

I've done that and all is pulls up is the http address the spam wants you to go to.

I've registered with SpamCop and I am going to give that a try. I've juts done it for one recent e mail and its reported it to TalkTalk & Bit.ly

0 Likes

Message 6 of 79

If you do not have microsoft "WORD" you can go,   start  box bottom left next to the cross flsg and type "wordpad" paste it in there.

Top right icon binoculars (Find) click, opens a box "find what" paste "http", press find next and each one will be highlighted.

 

CanTheSpam

0 Likes

Rootin
Conversation Starter
Private Message TalkTalk
Message 7 of 79

I've got Win10 on my desktop

 

0 Likes

Message 8 of 79

Do you have microsoft windows or another word processor

 

0 Likes

Message 9 of 79

Rootin Tootin those xxxxxx, having studied these emails and looking at tools available I have had a good hit but this could just be good luck. The email consists of the Envelope, header and Body so its a case of looking at something that is common and can be used.

 

I have for a long time reported domains to Registrars so if I find a domain you can go online and search "who is" and a number of free search sites come up place that in the search box and the domain details come up and you can forward your email to that abuse email.

 

Spamcop is the easyway as they do all the work for you they even find its origins and send abuse reports in for you, most have a microsoft outlook origin. All I do is store the spamcop email address handy on my desktop to paste in as I forward these emails.

 

You get a password from spamcop and can sign in keep it safe and a box opens up paste the source code in and it will show you all the domains its found and from where the email came from. Its FREE and the more people who use it the more difficult life becomes for the spammer.

 

There is a few notes everybody should consider, these emails plant cookies on your computer, whats a cookie.

Cookies help inform websites about the user, enabling the websites to personalize the user experience. For example, ecommerce websites use cookies to know what merchandise users have placed in their shopping carts. In addition, some cookies are necessary for security purposes, such as authentication cookies.

 

What does the ICO (INFORMATION COMMISSIONERS OFFICE) say, You must tell people if you set cookies, and clearly explain what the cookies do and why. You must also get the user’s consent. Consent must be actively and clearly given.

 

So this is again an illegal activity, not only did the spammer see what you are looking at he also collects information about your computer, having gone through the process of tracking where these domains go I found operating system, model, etc, this enables them to send out cookies and other software to perform on your machines.

 

As most people don't consider this the spammer has a lot of data so if there is a lot of people looking at Rgos (again sorry for the spelling but talktalk?) then he can send out Rgos gift card scams. Now if you receive one of these they want you to confirm that your email address is live plus may have a precursor for a Fraud.

 

Using a company Logo without the company consent is illegal by the way.

 

CanTheSpam

0 Likes

Rootin
Conversation Starter
Private Message TalkTalk
Message 10 of 79

Hi Again

Apols, failed at the first hurdle!

 

'Paste the source code into microsoft windows, blank document, search the code using "search function" by putting in "http", this will reveal between 3-5 domain names.?'

 

I've got the source code from webmail. Can you just advise exactly where I go from there. Do I go into cmd to search the code?

0 Likes

Rootin
Conversation Starter
Private Message TalkTalk
Message 11 of 79

Brilliant. Thank you so much, I think I have a new hobby. Hope it works, if so, it will be good to 'get back' at the xxxxxxxx

0 Likes

Canthespam
Chat Champion
Private Message TalkTalk
Message 12 of 79

Hi Ric, the spammers source code can be found in Talktalk webmail by clicking on three dot logo, copy and paste the source code into microsoft windows, blank document, search the code using "search function" by putting in "http", this will reveal between 3-5 domain names.

These represent the picture png that loads into the email, the landing page where the email takes you to and the campaign where the data is harvested.

The format will be http there will be : followed by // followed by a domain name and then . followed by com. (The reason I spell this out is because talktalk look for domain names and won't let the format to be posted).  The spammer can place anything in front of the . and com so what is in front of . and com is the domain name. Think before . and com to the next . is the domain.

In web mail click on the COG top right, click on "All settings" and slide the drop down menu until you find "Rules" click on this , click on "Add Rule".

A new box opens with "New Rule" in the top box, delete this (New Rule) by backspace and add the domain name that before the . and com, and add Body .

Go down to "add condition" and click, from the drop down menu click "Body" , opposite this the word "contains" and  fill in box should be displayed, in this box add the Domain name.

What this does is look for that domain name in any email received and now you need to decide what you want to do with it go to "add action" box below and click it, a drop down menu appears so you can mark it as spam, discard it or reject it.

Once you have done this save this. What you have done is set up your spam filter to act on a domain purchased by the spammer to spam, none of these domains are from any company that you would want to receive a spam email.

What I advise is Join Spamcop its FREE and you will get a forwarding email address, what you do is forward a copy of your spam email to this email address and they will process it and send reports to those Registrars who sold the domain names and also where the emails originated from. 

I have tried this and looked for a common word in all the spam emails I received, so the spammer used the same source code in these emails and set up the spam filter to reject it as spam, the next email I received he had omitted that line, so it worked. By using these domain names you are hitting his pocket as he wants to send out all his emails to a list of Talktalk subscribers, if they start to bounce he has to buy a new domains.

Now Talktalk could do this, we place enough spam emails into the spam box and if Talktalk did this the spammer would have to fork out a lot of money for each email if 3 domains are blocked each time.

CanTheSpam

Rootin
Conversation Starter
Private Message TalkTalk
Message 13 of 79

Just when you think it’s safe to go out and back they come. 

I’ve had no reply from Google but they are not exactly going to listen to small fry like me. It needs a collaboration of the big players to control this. I am sure if there was a will this could be sorted.

 

It is not for me to tell others what to do but I have sent a letter of formal complaint in an attempt to raise this at a higher level.

 

Lets hope this can get sorted soon.

0 Likes

Message 14 of 79

Exactly Ricardo80!!

Please Michelle get this sorted for once & for all.

Sick of it!!!

0 Likes

Message 15 of 79

Hello Michelle 

 

things are as bad as ever

can you please assist?

0 Likes

Message 16 of 79

Please stop trying to blame us as individuals!

It is obviously linked to all being tiscali email users

0 Likes

Message 17 of 79

Looks like they're back again Talktalk. Please can you get this sorted for once & for all?

0 Likes

Message 18 of 79
0 Likes

Message 19 of 79

Thanks Michelle 

I’ll I let you know if things improve for me.

Ricardo80

0 Likes

Message 20 of 79

Thank you Michelle

0 Likes