Cool Stuff Under 20 Dollars – They told you not to reply (2008)

Cool Stuff Under 20 Dollars –

When businesses want to communicate with their customers via e-mail, many send messages with a bogus return address, e.g. “[email protected].” The practice is meant to communicate to recipients that any replies will go unread.

But when those messages are sent to an inactive e-mail address or the recipient ignores the instruction and replies anyway, the missives don’t just disappear into the digital ether.

Instead, they land in Chet Faliszek‘s e-mail box.

As owner of www.donotreply.com, the Seattle-based programmer receives millions of wayward e-mails each week, including a great many missives destined for executives at Fortune 500 companies or bank customers, even sensitive messages sent by government personnel and contractors.

The majority of the e-mails naturally are from spammers, who also are quite fond of using Faliszek’s domain name in the “From” field of their junk e-mails. Some of the non-spam bounce-backs are fairly harmless, like the ones he gets every so often from desperate, hungry people who bought a CharBroil brand grill but can’t get the thing to work properly.

“Instead of letting people just hit reply to these support mails, they make the customer click on a link,” Faliszek said. “It’s sad, too, because I’ll get these e-mails from people and they’re like ‘Oh, man, I really wanted to grill, but it’s not working.’ Sometimes they’ll even send pictures of their grill, too.”

But many of the misdirected e-mails amount to serious security and privacy violations. In February, Faliszek began receiving e-mails sent by Yardville National Bank in New Jersey (now part of PNC). Included in the message were PDF documents detailing every computer the bank owned that was not currently patched against the latest security vulnerabilities. Faliszek has so far amassed more than 200 reports about the bank detailing computers, full branch reports and graphs showing the top 10 most vulnerable systems.

In a blog post cleverly titled “What’s in Your Return Address Field,” Faliszek posted another bank screw up last month after he began receiving replies from Capital One customers inquiring about various details of their accounts. He says Capital One appears to have used donotreply.com as the return address for automated payment transfers and debits set up by customers.

Faliszek also routinely receives bizarre e-mails from Kellog Brown & Root, a Houston-based engineering company and former subsidiary of Halliburton. He said it looks like someone at KBR has set up a system that scans incoming faxes as PDFs and mails them off to various recipients.

“It’s really kind of weird, because I’ll get these faxes from Iraq, where they talk about various camps, when and where they’re moving the support equipment, what they’re buying, accident reports, and information on people applying for jobs,” Faliszek said.

Faliszek bought donotreply.com back in 2000 when he and some friends were running an e-mail service. But he never imagined he would get such a huge volume of misdirected mail.

“We started thinking of all the stupid e-mail names we could register, and we all thought it would be funny to send e-mail from an account at donotreply.com,” Faliszek said.

With the exception of extreme cases like those mentioned above, Faliszek says he long ago stopped trying to alert companies about the e-mails he was receiving. It’s just not worth it: Faliszek said he is constantly threatened with lawsuits from companies who for one reason or another have a difficult time grasping why he is in possession of their internal documents and e-mails.

“I’ve had people yell at me, saying these e-mails are marked private and that I shouldn’t read them,” Faliszek said. “They get all frantic like I’ve done something to them, particularly when you talk to the non-technical people at these companies.”

Instead, he blogs about the most interesting ones. Companies embarrassed by having their e-mails posted online can get him to pull the entries from his blog for a small payment. The normal fee to be removed from the site is proof of a donation to an animal protective league or humane society. So far, Faliszek says his blog has raised roughly $5,000 for local dog pounds.

By

Brian Krebs
 | 
March 21, 2008; 9:30 AM ET

Categories: 

From the Bunker
,
Latest Warnings
,
Safety Tips

Save & Share: 

 

Previous: White House Taps Tech Entrepreneur For Cyber Post

Next: Network Solutions Pre-Censors Anti-Islam Site

Posted by: Jeremy | March 21, 2008 3:11 PM
| Report abuse

Posted by: anonymous | March 21, 2008 4:43 PM
| Report abuse

Posted by: Jason | March 21, 2008 4:48 PM
| Report abuse

Posted by: Anonymous | March 21, 2008 4:52 PM
| Report abuse

Posted by: goodb0fh | March 21, 2008 4:52 PM
| Report abuse

Posted by: Phil Smith | March 21, 2008 5:02 PM
| Report abuse

Posted by: cunning linguist | March 21, 2008 5:07 PM
| Report abuse

Posted by: josh | March 21, 2008 5:07 PM
| Report abuse

Posted by: SuperFly | March 21, 2008 5:07 PM
| Report abuse

Posted by: Anonymous | March 21, 2008 5:10 PM
| Report abuse

Posted by: Ryan | March 21, 2008 5:13 PM
| Report abuse

Posted by: QA | March 21, 2008 5:13 PM
| Report abuse

Posted by: Geek | March 21, 2008 5:16 PM
| Report abuse

Posted by: Anonymous | March 21, 2008 5:16 PM
| Report abuse

Posted by: i see stupid people | March 21, 2008 5:17 PM
| Report abuse

Posted by: Dustin | March 21, 2008 5:18 PM
| Report abuse

Posted by: If your mouth is open you are not learning | March 21, 2008 5:20 PM
| Report abuse

Posted by: Hans Stuk | March 21, 2008 5:24 PM
| Report abuse

Posted by: Mike | March 21, 2008 5:29 PM
| Report abuse

Posted by: David Schwartz | March 21, 2008 5:40 PM
| Report abuse

Posted by: Anonymous | March 21, 2008 5:41 PM
| Report abuse

Posted by: David Schwartz | March 21, 2008 5:41 PM
| Report abuse

Posted by: S. Y. Walters | March 21, 2008 5:45 PM
| Report abuse

Posted by: Ken | March 21, 2008 5:47 PM
| Report abuse

Posted by: Soybean | March 21, 2008 5:51 PM
| Report abuse

Posted by: Bradley Dilger | March 21, 2008 5:59 PM
| Report abuse

Posted by: inchitown | March 21, 2008 6:01 PM
| Report abuse

Posted by: frankenbiscuit | March 21, 2008 6:10 PM
| Report abuse

Posted by: badbofh | March 21, 2008 6:10 PM
| Report abuse

Posted by: Bug | March 21, 2008 6:14 PM
| Report abuse

Posted by: stubie | March 21, 2008 6:15 PM
| Report abuse

Posted by: Joel | March 21, 2008 6:22 PM
| Report abuse

Posted by: Rich Kulawiec | March 21, 2008 6:23 PM
| Report abuse

Posted by: Anonymous | March 21, 2008 6:23 PM
| Report abuse

Posted by: tallwookie | March 21, 2008 6:23 PM
| Report abuse

Posted by: Josh | March 21, 2008 6:26 PM
| Report abuse

Posted by: Christen | March 21, 2008 6:33 PM
| Report abuse

Posted by: [email protected] | March 21, 2008 6:34 PM
| Report abuse

Posted by: kentdog | March 21, 2008 6:36 PM
| Report abuse

Posted by: Don B | March 21, 2008 6:40 PM
| Report abuse

Posted by: pete | March 21, 2008 6:47 PM
| Report abuse

Posted by: not_goodb0fh | March 21, 2008 6:54 PM
| Report abuse

Posted by: Don B | March 21, 2008 7:03 PM
| Report abuse

Posted by: Fatal | March 21, 2008 7:04 PM
| Report abuse

Posted by: Rich Kulawiec | March 21, 2008 7:06 PM
| Report abuse

Posted by: Alan Doherty | March 21, 2008 7:06 PM
| Report abuse

Posted by: Phil Smith | March 21, 2008 7:17 PM
| Report abuse

Posted by: Brian | March 21, 2008 7:21 PM
| Report abuse

Posted by: Doug | March 21, 2008 7:40 PM
| Report abuse

Posted by: Granted Yo | March 21, 2008 7:48 PM
| Report abuse

Posted by: Jonnan | March 21, 2008 7:49 PM
| Report abuse

Posted by: Nick H | March 21, 2008 7:55 PM
| Report abuse

Posted by: Ross | March 21, 2008 7:56 PM
| Report abuse

The Most Powerful Sale & Affiliate Platform Available!

There's no credit card required! No fees ever.

Create Your Free Account Now!

Posted by: Duncan C | March 21, 2008 8:26 PM
| Report abuse

Posted by: Duncan C | March 21, 2008 8:26 PM
| Report abuse

Posted by: dr2chase | March 21, 2008 10:02 PM
| Report abuse

Posted by: Incognito | March 21, 2008 10:12 PM
| Report abuse

Posted by: John L | March 21, 2008 10:14 PM
| Report abuse

Posted by: Silly me… | March 21, 2008 10:18 PM
| Report abuse

Posted by: MCA | March 21, 2008 10:30 PM
| Report abuse

Posted by: WillDuh | March 21, 2008 11:03 PM
| Report abuse

Posted by: kelsi | March 21, 2008 11:35 PM
| Report abuse

Posted by: Thanks for being public about usinjs | March 22, 2008 12:09 AM
| Report abuse

Posted by: Rick | March 22, 2008 12:19 AM
| Report abuse

Posted by: AGradStudent | March 22, 2008 1:20 AM
| Report abuse

Posted by: plumsauce | March 22, 2008 1:44 AM
| Report abuse

Posted by: cheese | March 22, 2008 2:37 AM
| Report abuse

Posted by: Steve | March 22, 2008 2:55 AM
| Report abuse

Posted by: John Doe | March 22, 2008 3:50 AM
| Report abuse

Posted by: JimC | March 22, 2008 4:35 AM
| Report abuse

Posted by: Mike | March 22, 2008 4:56 AM
| Report abuse

Posted by: PyD | March 22, 2008 5:22 AM
| Report abuse

Posted by: jonk | March 22, 2008 5:45 AM
| Report abuse

Posted by: Rich Kulawiec | March 22, 2008 6:24 AM
| Report abuse

Posted by: Alexander Gieg | March 22, 2008 10:10 AM
| Report abuse

Posted by: Michel | March 22, 2008 10:31 AM
| Report abuse

Posted by: Stan | March 22, 2008 10:53 AM
| Report abuse

Posted by: Karl | March 22, 2008 11:19 AM
| Report abuse

Posted by: Albert | March 22, 2008 11:26 AM
| Report abuse

Posted by: John | March 22, 2008 11:33 AM
| Report abuse

Posted by: Steve | March 22, 2008 11:49 AM
| Report abuse

Posted by: Ken P. | March 22, 2008 12:02 PM
| Report abuse

Posted by: Joe | March 22, 2008 12:24 PM
| Report abuse

Posted by: Johnny2Bad | March 22, 2008 12:58 PM
| Report abuse

Posted by: Ed Hershey, San Diego, CA | March 22, 2008 1:07 PM
| Report abuse

Posted by: Jeff S. | March 22, 2008 1:34 PM
| Report abuse

Posted by: Dave | March 22, 2008 1:44 PM
| Report abuse

Posted by: Deekoo L. | March 22, 2008 2:00 PM
| Report abuse

Posted by: Deekoo L. | March 22, 2008 2:21 PM
| Report abuse

Posted by: Anonymous | March 22, 2008 2:47 PM
| Report abuse

Posted by: me | March 22, 2008 4:58 PM
| Report abuse

Posted by: Julian D | March 22, 2008 6:11 PM
| Report abuse

Posted by: (-:@donotreply.com | March 22, 2008 6:28 PM
| Report abuse

Posted by: Anon | March 22, 2008 6:29 PM
| Report abuse

Posted by: Jake | March 22, 2008 6:46 PM
| Report abuse

Posted by: Barryke | March 22, 2008 6:57 PM
| Report abuse

Posted by: Nardo | March 22, 2008 8:43 PM
| Report abuse

Posted by: Greg Lee | March 22, 2008 9:26 PM
| Report abuse

Posted by: Randal L. Schwartz | March 22, 2008 9:35 PM
| Report abuse

Posted by: Ha Ha | March 22, 2008 11:16 PM
| Report abuse

Posted by: copywrite bs | March 23, 2008 10:02 AM
| Report abuse

Posted by: antibozo | March 23, 2008 1:33 PM
| Report abuse

Posted by: Chris | March 23, 2008 3:18 PM
| Report abuse

Posted by: Mr Fnortner | March 23, 2008 3:46 PM
| Report abuse

Posted by: Bk | March 23, 2008 10:27 PM
| Report abuse

Posted by: Ronin Amano | March 23, 2008 11:13 PM
| Report abuse

Posted by: Brian | March 24, 2008 9:17 AM
| Report abuse

Posted by: Austin | March 24, 2008 2:53 PM
| Report abuse

Posted by: Defectuous | March 24, 2008 8:08 PM
| Report abuse

Posted by: Nessie | March 25, 2008 2:00 AM
| Report abuse

Posted by: Nym | March 25, 2008 5:02 AM
| Report abuse

Posted by: Bart | March 25, 2008 8:33 AM
| Report abuse

Posted by: antibozo | March 25, 2008 11:25 AM
| Report abuse

Posted by: guy | March 25, 2008 12:24 PM
| Report abuse

Posted by: Sampson | March 25, 2008 1:06 PM
| Report abuse

Posted by: Thought | March 25, 2008 1:06 PM
| Report abuse

Posted by: The Lord | March 26, 2008 7:13 AM
| Report abuse

Posted by: shabbycynic | March 26, 2008 11:08 AM
| Report abuse

Posted by: Paying Attention | March 27, 2008 11:28 AM
| Report abuse

Posted by: Anonymous | March 27, 2008 2:01 PM
| Report abuse

Posted by: Glenn.Isaac | March 27, 2008 8:08 PM
| Report abuse

Posted by: Mark | March 28, 2008 1:23 AM
| Report abuse

Posted by: Michael Z. Williamson | March 28, 2008 1:04 PM
| Report abuse

Posted by: pay attention | April 7, 2008 2:19 AM
| Report abuse

Posted by: Bk | April 7, 2008 3:42 PM
| Report abuse

Posted by: pay attention | April 8, 2008 1:53 AM
| Report abuse

Posted by: pay attention | April 8, 2008 1:56 AM
| Report abuse

Posted by: pay attention | April 9, 2008 3:32 PM
| Report abuse

Posted by: Stevereno | April 10, 2008 10:52 PM
| Report abuse

Posted by: Anonymous | April 12, 2008 3:32 PM
| Report abuse

Posted by: kevin | April 18, 2008 8:20 AM
| Report abuse

Posted by: YaVerOt | April 22, 2008 11:58 AM
| Report abuse

The comments to this entry are closed.

Subscribe to the newsletter news

We hate SPAM and promise to keep your email address safe