Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Best way to block adware E-mail?


  • Please log in to reply
11 replies to this topic

#1 saluqi

saluqi

  • Members
  • 559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:08:26 PM

Posted 12 March 2018 - 04:48 PM

If this is not the right forum, I hope someone will redirect me.

 

I have a friend for whose computer security I am, by default, more or less responsible.  He has had a stroke which has compromised his already limited computer skills.  He is receiving, every day, countless unwanted E-mail advertisements for Viagra/Cialis.  Each comes from a different purported sender (all of them pretty obviously fake and all emanating, when I dig into it, from eastern Europe, I think the Czech Republic).  Obviously he wants to stop this.

 

Various people have told him he probably has a virus.  He is using Webroot antivirus (installed by Best Buy/Geek Squad where he bought the computer).  I have run a Webroot scan, a scan with Malwarebytes 3, and a scan with the ESET Online Scanner, and found nothing.  The curious behavior of his system when he was typing mail, etc., - behavior which prompted some folks to think "virus" - turned out to be because he did not realize he was accidentally hitting the "Insert" key when typing.  Quite perplexing when you don't know what that is or how it works.  So unless I am completely off base I think what he needs is an ad blocker and/or spam blocker.  Question arising, what is the best one for this situation?  Maybe Webroot has such a function - I am not really familiar with that software and he himself has no idea of such things.

 

The computer is a recent (about two years old) HP desktop, running fully updated Windows 10 (Pro I think).  He has a WildBlue legacy Internet connection and is using their E-mail client software.  The WildBlue E-mail user interface is pretty bare-bones and I think he finds it confusing, but I haven't so far been able to talk him into changing (he has Office 365 installed, but not much idea of how to use it).  His requirements are simple - mainly, reliable ad-free E-mail communication.

 

His Webroot is a paid subscription.  He also has MBAM installed (by me; it has now defaulted to the free edition though I hope to persuade him to change that).  He has an enormous investment in photos and videos (he has been an internationally recognized dog show judge, videographer and more) which I hope to persuade him to back up.  So far he has firmly resisted that idea, saying he could never understand how to do it.  I would have to set up something almost completely automatic.  But that is another issue.   The immediate need is to get rid of the hundreds of Viagra/Cialis advertising E-mails he receives every day.

 

Thanks for suggestions!



BC AdBot (Login to Remove)

 


#2 JohnC_21

JohnC_21

  • Members
  • 22,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:26 PM

Posted 12 March 2018 - 05:15 PM

If somebody is sending spam emails an adblocker will not help. The only thing you can do is set filtering rules in the email settings to block emails from a certain domain or sender. You can also set filters by subject name or sender name. 

 

Some web mail providers allows you to block all senders except those in your contact list. 

 

Once spammers have your email address there is not much you can do other than apply filters. If somebody on your contact list gets infected then the spammers can start spamming your email.

 

Edit: I would strongly advise you get your friend to backup his data. Ask him what would he do if tomorrow they were all gone because the drive failed.


Edited by JohnC_21, 12 March 2018 - 05:16 PM.


#3 saluqi

saluqi
  • Topic Starter

  • Members
  • 559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:08:26 PM

Posted 12 March 2018 - 06:40 PM

Trying to block specific senders will not work in this case.  Each message appears to come from a different sender.  The message titles are also all different.  I am sure they all have a common, robotic source, but it seems to be a clever one.

 

I am tolerably sure the spammers got his E-mail address when he clicked on some kind of "offer".  He cannot resist anything cheap or "as advertised on TV".  Maybe he has finally learned - and maybe not.  It's one of the things I mention every time we meet.

 

If the WildBlue mail program allows "rules" I suppose I could create a rule that dumps everything with "Viagra" or "Cialis" in the title or text, straight into the Spam folder.  If the WildBlue program (like AOL in the old days) generates a spam report every time that happens, i suppose it might after a while inconvenience the originating server?  I run a LISTSERV mailing list that periodically dumps all AOL subscribers (several hundred) from the list, because each AOL spam report puts the L-Soft server on a blacklist.  As you can imagine, that doesn't go down very well.

 

I suppose the obvious thing to do is for him to get a new E-mail address.  I know he will resist that idea - for the same reason I do, that his E-mail address is known to a worldwide network of correspondents, and changing it would create at least a short-lived chaos.

 

Re: backing up data, I ask him that question every time we meet (at least once a week because he cannot drive and I am his only transportation provider in our very rural environment).  His invariable response is that it's too difficult for him.  I suppose that is actually true - meaning that it devolves on me to devise an automatic backup system that will run without intervention by him.  How to do that?  A USB port switched on and off automatically, by a timer?



#4 JohnC_21

JohnC_21

  • Members
  • 22,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:26 PM

Posted 12 March 2018 - 06:52 PM

I suppose the obvious thing to do is for him to get a new E-mail address.  I know he will resist that idea - for the same reason I do, that his E-mail address is known to a worldwide network of correspondents, and changing it would create at least a short-lived chaos.

This would probably be the best way even though there will be short term pain. But if he does what you say he does regarding clicking offers the new email address will eventually be like the old.

 

Programs like Aomei Backupper Standard and Easeus Todo Backup Free will do file/folder backups on a schedule to a USB external drive. Easeus being the easiest to use. 

 

https://www.easeus.com/todo-backup-guide/schedule-backup.html



#5 Mason21

Mason21

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:10:26 PM

Posted 12 March 2018 - 07:01 PM

Here's a pretty good link on the subject.  https://www.pcworld.com/article/3072435/data-center-cloud/5-ways-to-stop-spam-from-invading-your-email.html



#6 saluqi

saluqi
  • Topic Starter

  • Members
  • 559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:08:26 PM

Posted 13 March 2018 - 12:37 PM

I frequently get phishing E-mails - they are usually easy to recognize - and routinely report them to the "fraud" department of my provider (Earthlink).  The Nigerian ones are more amusing than anything else (I lived in Nigeria for a couple of years, on the faculty of a University there, so i know the culture a bit).  Haven't had many of those recently.

 

I think my friend may have learned from this experience NOT to click on anything you aren't absolutely sure of.  Of course the spammers might have gotten his E-mail address by hacking the address book of any of his many correspondents.

 

If he changes mail programs (say from the WildBlue mail client to Outlook) his address will change anyway.

 

Making sure that spam gets labeled as such is a good point.  He has not yet begun doing that, but should be able to.

 

I was thinking of setting up scheduled Macrium backups in such a way that he would not have to keep track of files and folders.  The problem with any backup system is that the media should be disconnected from the computer except while actually doing a backup.  I don't see any easy way to do that without user intervention to connect and disconnect the media.



#7 JohnC_21

JohnC_21

  • Members
  • 22,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:26 PM

Posted 13 March 2018 - 01:08 PM

I was thinking of setting up scheduled Macrium backups in such a way that he would not have to keep track of files and folders.  The problem with any backup system is that the media should be disconnected from the computer except while actually doing a backup.  I don't see any easy way to do that without user intervention to connect and disconnect the media.

That is correct. Some Backup software allows backups to the cloud but then you are still dealing with requiring access to cloud storage continously.



#8 saluqi

saluqi
  • Topic Starter

  • Members
  • 559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:08:26 PM

Posted 25 March 2018 - 11:14 AM

Back to the original idea, how to block the spam messages: I thought it should be possible to create a message rule that would consign all the spam messages to the Spam folder (and thereby, I hoped, alert the ISP to the problem).  The spam messages are, however, cleverly crafted - the product names (Viagra, Cialis etc.) are randomly misspelled, with doubled letters, transposed letters and/or special characters, the originating address is always different, likewise the name of the sender and even the country of origin (all spoofed I presume).  The only item that is constant from one message to another is part of a link that begins "https" and goes on to "goo.gl/"  the rest of the link is different each time.  I hope that will work in a rule.

 

What follows should probably start a separate thread (please advise).  A mutual friend (living far away) has been insisting that the subject computer has a virus, and urging my friend to install Norton antivirus.  The subject computer has, however,. Webroot SecureAnywhere installed, with a license for 3 devices valid until September 15, 2019.  Every test I could devise indicated that Webroot was running and doing its job.  None of the scans I ran (including ESET online scanner and Malwarebytes 3) found any sign of virus or malware activity.  The Speccy report did, however, to my surprise indicate that a good many recent Windows updates (including several of the cumulative ones) had failed to install.  I tried running Windows Update, which reported (after each of several attempts) that KB4088776 failed to install, with error 0x80070bc2.  At earlier dates, KB4056092 had failed to install, error 0x80070020; and KB4058043 had failed to install, error 0x80240034, according to the Windows Update log.

 

I have published the Speccy report at (link removed until I can figure out how to redact the user name)

 

Can anyone suggest what is going on there?  It looks to me as if no cumulative updates have been installed since about the middle of December - and perhaps not since the upgrade to version 1709.


Edited by saluqi, 25 March 2018 - 02:00 PM.


#9 JohnC_21

JohnC_21

  • Members
  • 22,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:26 PM

Posted 25 March 2018 - 01:05 PM

You should start a separate thread in the Windows 10 forum.



#10 saluqi

saluqi
  • Topic Starter

  • Members
  • 559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:08:26 PM

Posted 25 March 2018 - 02:03 PM

OK, will do.  There's nothing more to say about the mail rule, I think, until I have tried it.



#11 saluqi

saluqi
  • Topic Starter

  • Members
  • 559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:08:26 PM

Posted 31 March 2018 - 09:45 PM

Ack, alas, there IS something more to say about the E-mail rule.  I now realize that "goo.gl" is a legitimate link-shortening function (Google is going to drop it soon, but that presumably won't affect these spammers because they already have a "goo.gl" account).

 

So what is left?  Going through all the remaining spam messages and labeling them as spam, one at a time?

 

WildBlue (or, rather, Viacom who have taken over that system) are offering a way of updating the mail client to a gmail client, and transferring the existing mail files.  Presumably that will result in a new E-mail address?  If so, am I correct in thinking that should solve the problem?



#12 JohnC_21

JohnC_21

  • Members
  • 22,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:26 PM

Posted 01 April 2018 - 09:20 AM

A new email address should fix the problem unless the old email address is forwarded to the new. I don't know if that would happen. I know Mail.com allows a person to create multiple alias addresses. If your friend would use the alias then all spam mail would go to the alias address inside the main mail.com account. The person would have to know when to give out the alias address and when to use the main address. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users