Instagram is enabling an harassment attack. They are sending out "change in terms of use" statements, you've probably received it. Apparently they will send them to unconfirmed accounts, en masse. So for example you own example.com and all email for *@example.com goes to you. And there are no legitimate email accounts for that domain so can't possibly be confirmed accounts. So you are receiving a firehose of "terms of use" emails to randomstring@example.com apparently being generated by a script, random+domain@domain like (from the actual emails tho not example.com): qiuncjhuxeexample@example.com mazhjkmthexample@example.com and so on and so on, each one different. SOLUTION: Stop sending your terms of use update messages to unconfirmed accounts. It's a trivially abused harassment vector as we're seeing. -- -Barry Shein Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information Utility | *oo*
Mailops? ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: bzs@theworld.com To: nanog@nanog.org Cc: bzs@theworld.com, abuse@instagram.com Sent: Wednesday, December 2, 2020 1:03:13 PM Subject: Anyone from instagram reading? Instagram is enabling an harassment attack. They are sending out "change in terms of use" statements, you've probably received it. Apparently they will send them to unconfirmed accounts, en masse. So for example you own example.com and all email for *@example.com goes to you. And there are no legitimate email accounts for that domain so can't possibly be confirmed accounts. So you are receiving a firehose of "terms of use" emails to randomstring@example.com apparently being generated by a script, random+domain@domain like (from the actual emails tho not example.com): qiuncjhuxeexample@example.com mazhjkmthexample@example.com and so on and so on, each one different. SOLUTION: Stop sending your terms of use update messages to unconfirmed accounts. It's a trivially abused harassment vector as we're seeing. -- -Barry Shein Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information Utility | *oo*
participants (2)
-
bzs@theworld.com
-
Mike Hammett