Here's a story of one of the many spammers out there.

I've been a WTF fan for a few months, but always took the stories with a
grain of salt. After all, the world couldn't be that WTF, could it?
Well, after what happened to me yesterday I completely changed my mind.
I have no doubts whether all the stories I read are true. They are.

So please meet Joe Spammer. WTF community, this is Joe Spammer. Joe
Spammer, this the WTF community, your soon-to-be fan club. Joe is a new
to the business. This is what probably was a source of his failure.

One day, I found a message in my mailbox. It was a mail from Joe
Spammer, who wrote to me in my mother tongue (Polish). He got passed
through my spam filters (SpamAssasin + greylist). From his HTML message
I could (after some effort) read that he has a great database of basic
information of all the countries + something more. Basically all the
information I surely need to have to be successful in my business
career. 

I guess most of you have received such an offer at least once. But have
you ever followed it? Well, this time I did - after all, an alternative
to this was to read scripts for the incoming laboratory sessions on a
local WTF university.

So i clicked a link. No phishing there, just a page he owns. Even though
I have a 2 mbps link here, the page took quite a while before it loaded.
What I saw afterwards was a simple form with two input fields, one
select box and a submit/reset buttons. "WTF?", I thought. I decided to
look into the source of the page. The select box was (probably) a
complete list of all the cities/towns/villages in Poland. Whole code was
roughly 2 MB in size. But it wasn't a real WTF yet. in the beginnning,
the guy included a javascript code. The line looked like that:

	script src="ftp://login:pass@example.com/public_html/script.js"

And yes. Not only one could log in through ftp, but also through ssh.
And, oh, all his mails were in the ftp scope too. He had around 13000
addresses in his spam-addresses table. Luckily, he had.