Joe job
Encyclopedia
A joe job is a spamming
technique that sends out unsolicited e-mails using spoofed sender data. Early joe jobs aimed at tarnishing the reputation of the apparent sender or inducing the recipients to take action against him (see also e-mail spoofing
), but they are now typically used by commercial spammers to conceal the true origin of their messages.
s that temporarily took the web site down.
Some email
joe jobs are acts of revenge like the original, whether by individuals or by organizations that also use spam for other purposes. Spammers use the technique to cycle through domains and try to get around spam filters and blocks.
Joe-jobbers could also be businesses trying to defame a competitor or a spammer trying to harm the reputation of an anti-spam group or filtering service. Joe job attacks in other media are often motivated politically or through personal enmity.
Joe jobbing (or "joeing") can take different forms, but most incidents involve either e-mail or Usenet
. They are sometimes seen on instant messaging
systems as well. In general, joe jobbing is seen only on messaging systems with weak or no sender authentication
, or where most users will assume the purported sender to be the actual one.
If the joe-jobber is imitating a normal spam, it will simply advertise the victim's product, business or website. It may also claim that the victim is selling illegal or offensive items such as illegal drugs, automatic weapons or child pornography to increase the likelihood that the recipient will take action against the victim.
When imitating a scam, such as a Nigerian scam
, or phishing
scheme, the e-mail will still feature links to the victim's website or include contact information. In these instances, the joe-jobber is hoping that the recipient will notice the e-mail is fake, but mistakenly think the victim is behind the "scam".
When imitating a legitimate e-mail, the joe job will usually pose as an order confirmation. These "confirmations" may ask for credit card information, in which event the attack differs from phishing only in intent, not methodology, or simply imply that the recipient has already bought something from the store (leading the recipient to fear his credit card has already been charged). Like the "normal spam" jobs, these e-mails will often mention illegal activities to incite the recipient to angry e-mails and legal threats.
Another joe-job variation is an e-mail claiming that the victim offers a "spam friendly" web host
or e-mail server
in the hope of further inciting action against the victim by anti-spam activists.
s, and even face increased bandwidth
costs (or server overload) due to increased website traffic. The victim may also find his or her email blacklist
ed by spam filters.
Unlike most email spam, the victim does not have to "fall for" or even receive the email in question; the perpetrator is using innocent third parties to fuel what essentially amounts to slander combined with a denial of service attack.
Spam (electronic)
Spam is the use of electronic messaging systems to send unsolicited bulk messages indiscriminately...
technique that sends out unsolicited e-mails using spoofed sender data. Early joe jobs aimed at tarnishing the reputation of the apparent sender or inducing the recipients to take action against him (see also e-mail spoofing
E-mail spoofing
Email spoofing is email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source. Because core SMTP doesn't provide any authentication, it is easy to impersonate and forge emails...
), but they are now typically used by commercial spammers to conceal the true origin of their messages.
Origin and motivation
The name "joe job" originated from such a spam attack on Joe Doll, webmaster of Joe's Cyberpost. One user's joes.com account was removed due to advertising through spam. In retaliation, the user sent another spam with the "reply-to" headers forged to make it appear to be from Joe Doll. Besides prompting angry replies, it also caused joes.com to fall prey to denial-of-service attackDenial-of-service attack
A denial-of-service attack or distributed denial-of-service attack is an attempt to make a computer resource unavailable to its intended users...
s that temporarily took the web site down.
Some email
Email
Electronic mail, commonly known as email or e-mail, is a method of exchanging digital messages from an author to one or more recipients. Modern email operates across the Internet or other computer networks. Some early email systems required that the author and the recipient both be online at the...
joe jobs are acts of revenge like the original, whether by individuals or by organizations that also use spam for other purposes. Spammers use the technique to cycle through domains and try to get around spam filters and blocks.
Joe-jobbers could also be businesses trying to defame a competitor or a spammer trying to harm the reputation of an anti-spam group or filtering service. Joe job attacks in other media are often motivated politically or through personal enmity.
Form
Joe jobs usually look like normal spam, although they might also disguise themselves as other types of scams or even as legitimate (but misdirected) messages.Joe jobbing (or "joeing") can take different forms, but most incidents involve either e-mail or Usenet
Usenet
Usenet is a worldwide distributed Internet discussion system. It developed from the general purpose UUCP architecture of the same name.Duke University graduate students Tom Truscott and Jim Ellis conceived the idea in 1979 and it was established in 1980...
. They are sometimes seen on instant messaging
Instant messaging
Instant Messaging is a form of real-time direct text-based chatting communication in push mode between two or more people using personal computers or other devices, along with shared clients. The user's text is conveyed over a network, such as the Internet...
systems as well. In general, joe jobbing is seen only on messaging systems with weak or no sender authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
, or where most users will assume the purported sender to be the actual one.
If the joe-jobber is imitating a normal spam, it will simply advertise the victim's product, business or website. It may also claim that the victim is selling illegal or offensive items such as illegal drugs, automatic weapons or child pornography to increase the likelihood that the recipient will take action against the victim.
When imitating a scam, such as a Nigerian scam
Advance fee fraud
An advance-fee fraud is a confidence trick in which the target is persuaded to advance sums of money in the hope of realizing a significantly larger gain...
, or phishing
Phishing
Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT...
scheme, the e-mail will still feature links to the victim's website or include contact information. In these instances, the joe-jobber is hoping that the recipient will notice the e-mail is fake, but mistakenly think the victim is behind the "scam".
When imitating a legitimate e-mail, the joe job will usually pose as an order confirmation. These "confirmations" may ask for credit card information, in which event the attack differs from phishing only in intent, not methodology, or simply imply that the recipient has already bought something from the store (leading the recipient to fear his credit card has already been charged). Like the "normal spam" jobs, these e-mails will often mention illegal activities to incite the recipient to angry e-mails and legal threats.
Another joe-job variation is an e-mail claiming that the victim offers a "spam friendly" web host
Web hosting service
A web hosting service is a type of Internet hosting service that allows individuals and organizations to make their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own or lease for use by their clients as well as providing Internet...
or e-mail server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
in the hope of further inciting action against the victim by anti-spam activists.
How it works
Joe jobs often intend to capitalize on general hatred for spam. They usually forge "from" addresses and email headers so that angry replies are directed to the victim. Some joe job attacks adopt deliberately inflammatory viewpoints, intending to deceive the recipient into believing they were sent by the victim. Joe job victims may lose website hosting or network connectivity due to complaints to their Internet service providerInternet service provider
An Internet service provider is a company that provides access to the Internet. Access ISPs directly connect customers to the Internet using copper wires, wireless or fiber-optic connections. Hosting ISPs lease server space for smaller businesses and host other people servers...
s, and even face increased bandwidth
Bandwidth (computing)
In computer networking and computer science, bandwidth, network bandwidth, data bandwidth, or digital bandwidth is a measure of available or consumed data communication resources expressed in bits/second or multiples of it .Note that in textbooks on wireless communications, modem data transmission,...
costs (or server overload) due to increased website traffic. The victim may also find his or her email blacklist
Blacklist (computing)
In computing, a blacklist or block list is a basic access control mechanism that allows everyone access, except for the members of the black list . The opposite is a whitelist, which means allow nobody, except members of the white list...
ed by spam filters.
Unlike most email spam, the victim does not have to "fall for" or even receive the email in question; the perpetrator is using innocent third parties to fuel what essentially amounts to slander combined with a denial of service attack.
Joe-job-like automated spam
False headers are used by many viruses or spambots today, and are selected in a random or automated way, so it is possible for someone to be Joe Jobbed without any human intent or intervention.See also
- Backscatter (e-mail)Backscatter (e-mail)Backscatter is incorrect automated bounce messages sent by mail servers, typically as a side effect of incoming spam....
, a related phenomenon that is not targeted directly at a particular victim - False flagFalse flagFalse flag operations are covert operations designed to deceive the public in such a way that the operations appear as though they are being carried out by other entities. The name is derived from the military concept of flying false colors; that is flying the flag of a country other than one's own...
, a similar military concept - SporgerySporgerySporgery is the disruptive act of posting a flood of articles to a Usenet newsgroup, with the article headers falsified so that they appear to have been posted by others. The word is a portmanteau of spam and forgery, coined by German software developer and critic of Scientology Tilman...