24/2/10

azurelunatic: Warning: participating in #dw may result in blacking out and discovering yourself as head of a project team. (#dw warning: department head)
[personal profile] azurelunatic
It's time for some informative digressions on Joe Jobbing.

What are Joe Jobs?

Rather than being Steve's less-famous younger brother, a Joe Job is where some spammer, scammer, or other lowlife forges a third party's information when carrying out an attack.

This is to be distinguished from the sort of attack where the lowlife cracks or otherwise gains access to the third party's property in order to carry out an attack.

From Wikipedia:
A joe job is a spamming technique that sends out unsolicited e-mails using spoofed sender data. Early joe jobs aimed at tarnishing the reputation of the apparent sender or inducing the recipients to take action against him (see also e-mail spoofing), but they are now typically used by commercial spammers to conceal the true origin of their messages.

The name "joe job" originated from such a spam attack on Joe Doll, webmaster of Joe's Cyberpost. One user's joes.com account was removed due to advertising through spam. In retaliation, the user sent another spam with the "reply-to" headers forged to make it appear to be from Joe Doll. Besides prompting angry replies, it also caused joes.com to fall prey to denial-of-service attacks that took the web site down temporarily.

Some e-mail joe jobs are acts of revenge like the original, whether by individuals or by organizations that also use spam for other purposes. Spammers use the technique to cycle through domains and try get around spam filters and blocks.

Joe-jobbers could also be businesses trying to defame a competitor or a spammer trying to harm the reputation of an anti-spam group or filtering service. Joe job attacks in other media are often motivated politically or through personal enmity.


The parties in this scenario are the Attacker, Joe, and the Recipient.

Joe Doll on the Joe Job
Steve's JoeJob Page (warning: Comic Sans)
Fighting the email Joe Job on your personal domain: SPF (Sender Policy Framework)

The Joe Job in Spam

In spam, the joe job is generally found in e-mail, where the spammer (Attacker)forges their e-mail headers to appear that it is emitting from poor Joe's email address or domain.  )

Who is the victim in a Joe Job? How are they hurt?

There are two victims: the recipient(s) and Joe. )

Who benefits from a Joe Job? How do they benefit?

The attackers benefit from the joe job. )

I'm a Dreamwidth user. Am I likely to be the victim of a Joe job?

If you have a paid account and the paid account forwarding email address, it may be forged as a part of a spam campaign, making you (and, by extension, Dreamwidth) Joe. This form of joe job is rampant on sites such as LiveJournal.

This address may also be the recipient of spam, including possible spam sent as part of a joe job.

Any forum that allows anonymous comments or any other form of anonymous posting, or allows un-authenticated user accounts (such as a form where you enter your name and email address, but does not confirm that you own the email address) is vulnerable to someone simply posting a comment signed with someone else's name. If you have anonymous comments enabled, or frequent other journals that have anonymous comments enabled, this can be used against you.

If someone wishing to cause trouble for Dreamwidth emits spam that appears to benefit or otherwise implicate Dreamwidth, the whole site will suffer.

How can I help?

Use SPF records, respect SPF records, and be aware of Joe Jobs as a form of spamming. )