https://www.mywot.com/wiki/api.php?action=feedcontributions&feedformat=atom&user=BoonsiriWOT Wiki - User contributions [en]2026-04-10T01:57:45ZUser contributionsMediaWiki 1.31.1https://www.mywot.com/wiki/index.php?title=Joe-job&diff=10313Joe-job2013-01-30T03:00:27Z<p>Boonsiri: </p>
<hr />
<div><br />
A joe-job is a message that <em>looks</em> like spam, which is sent to damage the reputation of a web-site by making it look like the message was sent by the victim, who is the <strong>target</strong> of the spam, not the <strong>sender</strong>. See: http://en.wikipedia.org/wiki/Joe-job<br />
<br />
It is not always easy to tell if a spam campaign is a joe-job, because sometimes one illegal domain will use a joe-job against another illegal domain. <br />
So we cannot just decide by the nature of a spammed domain whether or not it is a joe-job.<br />
Have a look at the WHOIS information of the domain and at its reputation. <br />
Check the reputation with a tool like http://www.urlvoid.com . <br />
If a domain has existed for several years, and has not been blacklisted, than it is <em>not</em> likely that it suddenly will start spamming.<br />
<br />
The <em>style</em> of the spam message will be different from average spam. <br />
Real spam will often use redirects and other tricks to make reporting more difficult. <br />
Joe-jobs will display the name of the domain in a prominent way, to make reporting as easy as possible. <br />
The joe-jobs will also often contain provoking text to irritate anti-spammers. That text can be vulgar words or ridiculous offers like heroin or Tomahawk-rockets. <br />
Sometimes this will even be a message as unlikely as “we will send more spam”.<br />
<br />
Most recent joe-jobs targeted domains in Eastern Europe, and those domains are in a local language. Such domains depend on local customers and sometimes on customers in nearby countries who share the language. When such a domain is world-wide spamvertized, it is clear that that is a joe-job. A forum on politics in Ukrainian language has nothing to gain from sending world-wide spam to people who can not even read the domain. Therefore, if you receive spam in an unfamiliar language for a domain that also uses unfamiliar language, you can be sure that it is a joe-job. <br />
<br />
Joe-jobs are business. Criminal spammers who already have the control over large botnets, offer reputation damage on demand.<br />
<br />
It is important to realize that the purpose of joe-jobs is to make as many anti-spammers as possible submit bad comments and ratings at SiteAdvisor and WoT, and report the spam to services like SpamCop and to Registrars. <br />
This means that the spammers <strong>use</strong> anti-spammers to do the job they get paid for: damaging or even closing the targeted domain.<br />
When reporting joe-jobs to SpamCop, only submit the full headers + from the body only the part <em>above</em> any link to websites, and add the text "<truncated>".<br />
By reporting it in that way, SpamCop will investigate and notify the source of the message (usually an infected system, which is part of a botnet), but nothing is reported on the innocent victim of the joe-job.<br />
<br />
Finally, when joe-jobs do not have the desired effect as quickly as the joe-job spammer (or the client they work for) wants, the available botnets sometimes are used for a DDOS attack so that the domains cannot be accessed, or have to pay for an expensive service that offers protection against a DDOS attack.<br />
<br />
As always you should comment and rate a domain according to your own experience. Please read the recommendations for comments at: http://www.mywot.com/en/faq/website/scorecard#howtocomment<br />
No matter how much you may dislike a certain kind of domain, only comment/rate it for good reasons. The fact that a joe-job has made you aware of the existence of a domain is <em>not</em> a good reason for rating it or commenting on it. Do <strong>not</strong> let yourself be used by spammers!</div>Boonsirihttps://www.mywot.com/wiki/index.php?title=Joe-job&diff=10237Joe-job2013-01-17T12:33:23Z<p>Boonsiri: </p>
<hr />
<div><br />
A joe-job is a message that <em>looks</em> like spam, which is send to damage the reputation of a web-site, by making it look like the message was sent by the victim, who is the <strong>target</strong> of the spam, not the <strong>sender</strong>. See: http://en.wikipedia.org/wiki/Joe-job<br />
<br />
It is not always easy to see if a spam-campaign is a joe-job, because sometimes one illegal domain will use a joe-job against another illegal domain. <br />
So we cannot just decide by the nature of the domain, if the spam that has its name in it, is a joe-job or not.<br />
<br />
Have a look at the WHOIS-information of the domain and at its reputation. <br />
Check the reputation with a tool like http://www.urlvoid.com . <br />
If a domain has existed for several years, and has not been blacklisted, than it is <em>not</em> likely that it suddenly will start spamming.<br />
<br />
The <em>style</em> of the spam message will be different from average spam. <br />
Real spam will often use redirects and other tricks to make reporting more difficult. <br />
Joe-jobs will display the name of the domain in a prominent way, to make reporting as easy as possible. <br />
The joe-jobs will also often contain provoking text to irritate anti-spammers. That text can be vulgar words or ridiculous offers like heroin or Tomahawk-rockets. <br />
Sometimes this will even be a message as unlikely as “we will send more spam”.<br />
<br />
Most recent joe-jobs targeted domains in Eastern Europe, and those domains are in a local language. Such domains depend on local customers and sometimes from customers in nearby countries who share the language. When such a domain is world-wide spamvertized, it is clear that that is a joe-job. A forum on politics in Ukrainian language has nothing to gain from sending world-wide spam to people who can not even read the domain. Therefore, if you receive spam in an unfamiliar, language for a domain that also uses unfamiliar language, you can be sure that it is a joe-job. <br />
<br />
Joe-jobs are business. Criminal spammers who already have the control over large botnets, offer reputation damage on demand.<br />
<br />
It is important to realize, that the purpose of joe-jobs is, to make as many anti-spammers as possible, submit bad comments and ratings at SiteAdvisor and WoT, and report the spam to services like SpamCop and to Registrars. <br />
This means that the spammers <strong>use</strong> anti-spammers to do the job they get paid for: damaging or even closing the targeted domain.<br />
When reporting joe-jobs to SpamCop, only submit the full headers + from the body only the part <em>above</em> any link to websites, and add the text "<truncated>".<br />
By reporting it in that way, SpamCop will investigate and notify the source of the message (usually an infected system, which is part of a botnet), but nothing is reported on the innocent victim of the joe-job.<br />
<br />
Finally, when joe-jobs do not have the desired effect as quickly as the joe-job spammer (or the client they work for) wants, the available botnets sometimes are used for a DDOS attack to cause that the domains cannot be accessed, or have to pay for an expensive service that offers protection against a DDOS-attack.<br />
<br />
As always you should comment and rate a domain according to your own experience. <br />
No matter how much you may dislike a certain kind of domain, only comment/rate it for good reasons. The fact that a joe-job has made you aware of the existence of a domain is <em>not</em> a good reason for rating it or commenting on it. Do <strong>not</strong> let yourself be used by spammers!</div>Boonsirihttps://www.mywot.com/wiki/index.php?title=Joe-job&diff=10233Joe-job2013-01-17T11:41:11Z<p>Boonsiri: </p>
<hr />
<div><br />
A joe-job is a message that <em>looks</em> like spam, which is send to damage the reputation of a web-site, by making it look like the message was sent by the victim, who is the <strong>target</strong> of the spam, not the <strong>sender</strong>. See: http://en.wikipedia.org/wiki/Joe-job<br />
<br />
It is not always easy to see if a spam-campaign is a joe-job, because sometimes one illegal domain will use a joe-job against another illegal domain. <br />
So we cannot just decide by the nature of the domain, if the spam that has its name in it, is a joe-job or not.<br />
<br />
Have a look at the WHOIS-information of the domain and at its reputation. <br />
Check the reputation with a tool like http://www.urlvoid.com . <br />
If a domain has existed for several years, and has not been blacklisted, than it is <em>not</em> likely that it suddenly will start spamming.<br />
<br />
The <em>style</em> of the spam message will be different from average spam. <br />
Real spam will often use redirects and other tricks to make reporting more difficult. <br />
Joe-jobs will display the name of the domain in a prominent way, to make reporting as easy as possible. <br />
The joe-jobs will also often contain provoking text to irritate anti-spammers. That text can be vulgar words or ridiculous offers like heroin or Tomahawk-rockets. <br />
Sometimes this will even be a message as unlikely as “we will send more spam”.<br />
<br />
Joe-jobs are business. Criminal spammers who already have the control over large botnets, offer reputation damage on demand.<br />
<br />
It is important to realize, that the purpose of joe-jobs is, to make as many anti-spammers as possible, submit bad comments and ratings at SiteAdvisor and WoT, and report the spam to services like SpamCop and to Registrars. <br />
This means that the spammers <strong>use</strong> anti-spammers to do the job they get paid for: damaging or even closing the targeted domain.<br />
When reporting joe-jobs to SpamCop, only submit the full headers + from the body only the part <em>above</em> any link to websites, and add the text "<truncated>".<br />
By reporting it in that way, SpamCop will investigate and notify the source of the message (usually an infected system, which is part of a botnet), but nothing is reported on the innocent victim of the joe-job.<br />
<br />
Finally, when joe-jobs do not have the desired effect as quickly as the joe-job spammer (or the client they work for) wants, the available botnets sometimes are used for a DDOS attack to cause that the domains cannot be accessed, or have to pay for an expensive service that offers protection against a DDOS-attack.<br />
<br />
As always you should comment and rate a domain according to your own experience. <br />
No matter how much you may dislike a certain kind of domain, only comment/rate it for good reasons. The fact that a joe-job has made you aware of the existence of a domain is <em>not</em> a good reason for rating it or commenting on it. Do <strong>not</strong> let yourself be used by spammers!</div>Boonsirihttps://www.mywot.com/wiki/index.php?title=Joe-job&diff=10229Joe-job2013-01-17T11:39:50Z<p>Boonsiri: </p>
<hr />
<div><br />
A joe-job is a message that <em>looks</em> like spam, which is send to damage the reputation of a web-site, by making it look like the message was sent by the victim, who is the <strong>target</strong> of the spam, not the <strong>sender</strong>. See: http://en.wikipedia.org/wiki/Joe-job<br />
<br />
It is not always easy to see if a spam-campaign is a joe-job, because sometimes one illegal domain will use a joe-job against another illegal domain. <br />
So we cannot just decide by the nature of the domain, if the spam that has its name in it, is a joe-job or not.<br />
<br />
Have a look at the WHOIS-information of the domain and at its reputation. <br />
Check the reputation with a tool like http://www.urlvoid.com . <br />
If a domain has existed for several years, and has not been blacklisted, than it is <em>not</em> likely that it suddenly will start spamming.<br />
<br />
The <em>style</em> of the spam message will be different from average spam. <br />
Real spam will often use redirects and other tricks to make reporting more difficult. <br />
Joe-jobs will display the name of the domain in a prominent way, to make reporting as easy as possible. <br />
The joe-jobs will also often contain provoking text to irritate anti-spammers. That text can be vulgar words or ridiculous offers like heroin or Tomahawk-rockets. <br />
Sometimes this will even be a message as unlikely as “we will send more spam”.<br />
<br />
Joe-jobs are business. Criminal spammers who already have the control over large botnets, offer reputation damage on demand.<br />
<br />
It is important to realize, that the purpose of joe-jobs is, to make as many anti-spammers as possible, submit bad comments and ratings at SiteAdvisor and WoT, and report the spam to services like SpamCop and to Registrars. <br />
This means that the spammers <strong>use</strong> anti-spammers to do the job they get paid for: damaging or even closing the targeted domain.<br />
When reporting joe-jobs to SpamCop, only submit the full headers + from the body only the part <em>above</em> any link to websites, and add the text "<truncated>".<br />
By reporting it in that way, SpamCop will investigate and notify the source of the message (usually an infected system, which is part of a botnet), but nothing is reported on the innocent victim of the joe-job.<br />
<br />
Finally, when joe-jobs do not have the desired effect as quickly as the joe-job spammer (or the client they work for) wants, the available botnets sometimes get used for a DDOS attack to cause that the domains cannot be accessed, or have to pay for an expensive service that offers protection against a DDOS-attack.<br />
<br />
As always you should comment and rate a domain according to your own experience. <br />
No matter how much you may dislike a certain kind of domain, only comment/rate it for good reasons. The fact that a joe-job has made you aware of the existence of a domain is <em>not</em> a good reason for rating it or commenting on it. Do <strong>not</strong> let yourself be used by spammers!</div>Boonsirihttps://www.mywot.com/wiki/index.php?title=Joe-job&diff=10225Joe-job2013-01-17T10:47:45Z<p>Boonsiri: Created page with " A joe-job is a message that <em>looks</em> like spam, which is send to damage the reputation of a web-site, by making it look like the message was sent by the victim, who is ..."</p>
<hr />
<div><br />
A joe-job is a message that <em>looks</em> like spam, which is send to damage the reputation of a web-site, by making it look like the message was sent by the victim, who is the <strong>target</strong> of the spam, not the <strong>sender</strong>. See: http://en.wikipedia.org/wiki/Joe-job<br />
<br />
It is not always easy to see if a spam-campaign is a joe-job, because sometimes one illegal domain will use a joe-job against another illegal domain. <br />
So we cannot just decide by the nature of the domain, if the spam that has its name in it, is a joe-job or not.<br />
<br />
Have a look at the WHOIS-information of the domain and at its reputation. <br />
Check the reputation with a tool like http://www.urlvoid.com . <br />
If a domain has existed for several years, and has not been blacklisted, than it is <em>not</em> likely that it suddenly will start spamming.<br />
<br />
The <em>style</em> of the spam message will be different from average spam. <br />
Real spam will often use redirects and other tricks to make reporting more difficult. <br />
Joe-jobs will display the name of the domain in a prominent way, to make reporting as easy as possible. <br />
The joe-jobs will also often contain provoking text to irritate anti-spammers. That text can be vulgar words or ridiculous offers like heroin or Tomahawk-rockets. <br />
Sometimes this will even be a message as unlikely as “we will send more spam”.<br />
<br />
It is important to realize, that the purpose of joe-jobs is, to make as many anti-spammers as possible, submit bad comments and ratings at SiteAdvisor and WoT, and report the spam to services like SpamCop and to Registrars. <br />
This means that the spammers <strong>use</strong> anti-spammers to do the job they get paid for: damaging or even closing the targeted domain.<br />
When reporting joe-jobs to SpamCop, only submit the full headers + from the body only the part <em>above</em> any link to websites, and add the text "<truncated>".<br />
<br />
As always you should comment and rate a domain according to your own experience. <br />
No matter how much you may dislike a certain kind of domain, only comment/rate it for good reasons. The fact that a joe-job has made you aware of the existence of a domain is <em>not</em> a good reason for rating it or commenting on it. Do <strong>not</strong> let yourself be used by spammers!</div>Boonsiri