Usernames You Should Never Use

Project Honey Pot Statistics

Top Dictionary Attacker Usernames

Usernames		Occurences
1.	iamjustsendingthisleter	77,453
2.	buh	28,480
3.	buhgalter	28,142
4.	buhgalteria	28,044
5.	bux	27,940
6.	dir	27,816
7.	direktor	27,726
8.	buhg	27,713
9.	finance	26,793
10.	sekretar	25,407
11.	hr	19,405
12.	director	18,229
13.	info	17,901
14.	thisisjusttestletter	15,393
15.	sales	12,220
16.	petgord34truew	5,148
17.	mail	2,674
18.	ingthisleter	1,682
19.	er	1,535
20.	www-data	1,384
21.	mogggnomgon	1,375
22.	justsendingthisleter	1,107
23.	kretar	1,013
24.	ley	950
25.	ab	948
26.	pargo	907
27.	fnez	780
28.	djhbqw	755
29.	firechicken44	752
30.	eppd	746
31.	ctw	745
32.	jeaneneilovallo	743
33.	pqd	740
34.	nylander	739
35.	ery	737
36.	yvhmql	734
37.	ofrkk	732
38.	dfame	731
39.	anjaravenhorst	730
40.	eastclub	724
41.	ngthisleter	724
42.	ygr	720
43.	aracelisglowski	719
44.	ollg	717
45.	jeromekalawe	716
46.	bofx	715
47.	eymm	715
48.	hmt	710
49.	yczpiu	706
50.	yitiy	702
51.	glqtd	700
52.	fcnk	700
53.	opwzg	699
54.	bobgswentzel	694
55.	bvxru	693
56.	doreenaheyl	687
57.	oxx	686
58.	npvole	686
59.	hfoqicyvos	685
60.	onrn	684
61.	ndingthisleter	680
62.	gvlsx	676
63.	jackiejmaurizio	675
64.	a	674
65.	appiah	673
66.	hrdzei	670
67.	jpp	669
68.	valentinedixie	669
69.	ermelindavittone	668
70.	ppiah	666
71.	gertiemekee	665
72.	mobk	663
73.	rbyqo	661
74.	zzxm	661
75.	iah	661
76.	gthisleter	660
77.	bethanieliffick	659
78.	asmiluminadaomelick	659
79.	kurtgsalo	656
80.	nancysmclafferty	656
81.	malling	655
82.	nhih	655
83.	ckfeg	654
84.	gvr	652
85.	geneegleston	652
86.	itf	651
87.	adelaideerojo	650
88.	freewareplayer	649
89.	gearldinevmeeker	648
90.	demetriusrjaus	646
91.	clinttowey	645
92.	jerilynzhoback	645
93.	jjc	644
94.	wlkuso	644
95.	ashtoncodling	643
96.	kliods	641
97.	bethannpohl	641
98.	lagnzfhjnx	641
99.	elveramurzycki	640
100.	margaritakleibfried	640

Email addresses are made up of two parts: a username and a domain. The username comes before the @ sign, the domain comes after the at sign (e.g., for the address bob@exampledomain.com, “bob” is the username, “exampledomain.com” is the domain). Spammers often try and guess email addresses by trying common usernames. These guessing games are known as a “dictionary attack.” Above is a list of the top-100 usernames guessed by spammers.

Let SolidHostDesign install a Honey Pot tp protect your web site TODAY!

Posted October 24th, 2011 in ALERTS. Tagged: Domain Management, E-Mail, Honey Pot Project, How-To, Info, management, Security, Spam, Support, web hosting.

Watch Out For 196.20.162.226

196.20.162.226

That’s the Internet Address of an e-mail spammer who tried do get me to download a virus onto my computer today.

How did I catch it? Actually I knew right away.

But…In case you want to have a fighting chance to stop them from getting at you, maybe you should read on…

You should also know that I have BoxTrapper Spam Trap turned on on my web server to protect my e-mail addresses.

What is Box Trapper? BoxTrapper protects your inbox from spam by forcing all people not on your white list to reply to a verification email before they can send mail to you. Until they respond properly to the challenge that you can set up, their mail is held in queue on your web server.

To learn more about BoxTrapper visit your control panel and under “EMail Management Tools” you will see the icon for BoxTrapper. I STRONGLY recommend you take a look at the video before attempting to do anything, I’ve learned that knowing what needs to be done allows me to prepare to do whatever is needed to be done. Didn’t say “done right” just “done”!!!!

But I seem to have drifted off to the left…

So I see this message sitting in the BoxTrapper queue and “it” claims to be from the IRS.

First flag went up immediately. This e-mail message supposedly from the IRS was addressed to an address never used to communicate with the IRS in the first place. It was never used in any transaction with the agency…

Hmmmm…

Four more flags went up as I also noted there were four more messages waiting to be delivered to my computer from “The IRS”. Instead of being from a Manager within the IRS these were supposedly from “support@IRS.gov”

Uh huh…..

Right here I know these are garbage messages but I wanted to see where they came from. Sort of a morbid curiosity kinda thing….

Already knowing the messages were bogus I wanted to see what they said so I clicked on the subject line of the message (still in the BoxTrapper screen).

When you click on a message that is listed in the queue, the sever will display a text version of the message. This way you can see the message “remotely” because the actual message in its original form is never sent to your email program.

The message contained in the email says “primary account holder” failed to include important information with the return and all one needs to do is print out the attached forms and mail them to the address listed on the forms.

Okayyyyyy

In BoxTrapper you are offered the opportunity to delete and blacklist (or ignore) the sender.

Naturally I deleted the message. I also traced the Internet Address and saw that part of the path the message took to my server was through Mauritius (yet even the Internet Address could be faked)

Here’s the Honey Pot output for the address:

196.20.162.226 [Spam Server] [Dictionary Attacker]

“The Project Honey Pot system has detected behavior from the IP address consistent with that of a mail server and dictionary attacker.
Threat Rating 12 <– Pretty high
Example Messages Sent From 196.20.162.226

From: “Elizabeth Bean”
Subject: With a monster tool you can have even the most unt

From: “Hallie Schuppert” Subject: Sie vergoettern!

And so on and so on….

Now for those of you who are curious to try out BoxTrapper. I need to tell you that it will not send you any indications that it is holding messages for you to check and either approve or deny delivery.

You will need to periodically check to see if mail is sitting out there on your own.
How often depends on how often you tend to receive email.

I have to check mine daily (yeah all 36 of them….).

I’m sure some will say you don’t need all that and don’t have time to do all of that.

Well, you may not have time today. But if you download something that does your computer harm, how much time,effort and or cost do you think it will take to rectify the situation?

If you need help setting it up. You know how to reach me (ticket, email)…

Remember, don’t get click happy out there!

-Webmaster

Posted August 11th, 2011 in ALERTS. Tagged: Domain Management, E-Mail, Honey Pot Project, How-To, Info, mail.system, management, News, Security, Support, web hosting, Webmaster.

SECURITY ALERT

Some users are receiving e-mail messages stating that there is a server upgrade that requires they click on a link included in the e-mail.

DO NOT CLICK THE LINK!!! ITS A TROJAN ATTACK.

The email contains URLs (internet links) that are already on a number of spam block listings. The sender’s address is not recorded in any DNS records or email MX records. And the message is tagged as FORGED mail pretending to be from a computer running Microsoft Outlook.

Solid Host Design will ALWAYS contact the site owners PERSONALLY when there is a need for work to be done on the server. We will not contact you via e-mail.

Best Regards,

SHD Mgmt.

Posted October 13th, 2009 in ALERTS. Tagged: Domain Management, E-Mail, Info, Security, Spam, Support, Webmaster.

Posts Tagged ‘Security’