Column (blog is so passé)

Joe Jobbed

1.26.16

After 19 years connected to the Internet and working in the industry, I have finally been Joe jobbed - me, of all people. ;-) I don't like it one bit. A joe job is a spamming technique that sends out unsolicited e-mails using spoofed sender data. That is to say, email header information that is falsified to appear that the email came from you when in fact it did not. Your email account has not been compromised (though you should take this opportunity to change your email password) but all your friends now think you're an idiot at best, an asshole at worst. They think this because very few people understand how a joe job works. Let me clear that up for them now:

Early joe jobs aimed at tarnishing the reputation of the apparent sender or inducing the recipients to take action against him (Google e-mail spoofing), but they are now typically used by commercial spammers to conceal the true origin of their messages.

Joe jobs often intend to capitalize on general hatred for spam. They usually forge "from" addresses and email headers so that angry replies are directed to the victim instead of the culprit. Some joe job attacks adopt deliberately inflammatory viewpoints, intending to deceive the recipient into believing they were sent by the victim. Joe job victims may lose website hosting or network connectivity due to complaints to their Internet service providers, and even face increased bandwidth costs (or server overload) due to increased website traffic. The victim may also find his or her email blacklisted by spam filters.

Unlike most email spam, the victim does not have to "fall for" or even receive the email in question; the perpetrator is using innocent third parties to fuel what essentially amounts to slander combined with a denial of service attack.

False headers are used by many viruses or spambots today, and are selected in a random or automated way, so it is possible for someone to be Joe Jobbed without any human intent or intervention. The IT industry has the technology but not the will to eradicate this menace.

Joe jobs usually look like normal spam, although they might also disguise themselves as other types of scams or even as legitimate (but misdirected) messages.

Joe jobbing (or "joeing") can take different forms, but most incidents involve either e-mail or Usenet. They are sometimes seen on instant messaging systems as well. In general, joe jobbing is seen only on messaging systems with weak or no sender authentication, or where most users will assume the purported sender to be the actual one.

If the joe-jobber is imitating a normal spam, it will simply advertise the victim's product, business or website. It may also claim that the victim is selling illegal or offensive items such as illegal drugs, automatic weapons or child pornography to increase the likelihood that the recipient will take action against the victim.

Some joe jobs are politically motivated, where the intended victim is usually a political candidate, party or organization. Such joe jobs generally espouse an inflammatory viewpoint not actually held by the victim, or present a deliberately distorted variation of an actual viewpoint. Large-scale joe jobs were staged on Usenet against the Ralph Nader campaign in 2000 and 2004. The second of these was unusual in employing multiple phases —the first a conventional political joe job, the second claiming to be a widely spammed and similarly inflammatory statement by the Nader campaign about the first.

When imitating a scam, such as a Nigerian scam, or phishing scheme, the e-mail will still feature links to the victim's website or include contact information. In these instances, the joe-jobber is hoping that the recipient will notice the e-mail is fake, but mistakenly think the victim is behind the "scam".

When imitating a legitimate e-mail, the joe job will usually pose as an order confirmation. These "confirmations" may ask for credit card information, in which event the attack differs from phishing only in intent, not methodology, or simply imply that the recipient has already bought something from the store (leading the recipient to fear his credit card has already been charged). Like the "normal spam" jobs, these e-mails will often mention illegal activities to incite the recipient to angry e-mails and legal threats.

Another joe-job variation is an e-mail claiming that the victim offers a "spam friendly" web host or e-mail server in the hope of further inciting action against the victim by anti-spam activists.

Now, for someone like me who has been completely able to avoid spam for almost 2 decades, the best case scenario with regard to the fallout from this is a massive influx of new spam for me. The worst-case scenario - you saw some examples above - is very costly and time-consuming and has the added stink-bomb of tarnishing my reputation.

And then there's the halo effect. The term Halo effect denotes a phenomena that occurs when the light from my halo shines a little light on you. Normally a positive connotation is intended but I'm using the term in a negative way. How will this affect all the people who host their web presences with me? It won't. My clients accounts are served from different IP addresses and using different servers than I use personally. If we were dumb enough to serve our clients hosting needs from the same server and on the same IP address as MarkGilchrist.com, the tarnishing of my reputation would extend to any individuals whose websites were served from the same IP address. That's how it works, The IP address usually (and wrongly) gets the blame. And we would all be busy scrambling to write letters to get us out of those black holes and stop the denial of service attacks. But we don't make the same mistakes as others so customers: Not to worry.

In this case, my little south Asian friend (yes I know where they are) utilized a Trojan on my Luddite, PC using, friend's computer to spread the malware. Normally they just falsify headers so no unauthorized access ever occurred. (Meaning that usually, the attack is platform agnostic) But since Windows continues to be the scourge of the earth, anyone who asks me for help with a Windows computer will indeed get my help, in the form of me sitting them down in front of a Mac, perhaps like the upcoming iPad or iTablet or whatever iName Apple is going to give their amazing new product when it launches tomorrow.)

Thanks Windoze,
Sincerely,
Mark.