Beware The FUDsters…

This is another “not a carping comment” being classified in that category. (IF I do too much more of this I’ll need a new category ;-)

This is another comment from an “unknown” who has fraudulent credentials. In this one, it is a deliberate FUD. Fear, Uncertainty, Doubt. The term FUD was coined back in the day of IBM Mainframes being The Deal and some alternatives, such as Amdahl, starting to take some of their market share. IBM ran around spreading as much FUD as possible about the competition. Phrases like “Nobody ever got fired for buying IBM” implying you could be fired if you didn’t.

So this comment is busy doing a lot of FUDding. I’ll analyse it a little like I did the prior Mongo one. And yes, I am wondering if I have come to the attention of a Disinformation FUD-Op.

Two this close together is a bit unusual.

First off, the header:

MikeB
Bmikeb@optisnet.com.au
49.183.54.xxx
Flagged as spam by chiefio

I’ve xxx’d out the last digits of the IP address of the commenter just to give a little privacy to them.

So note the email address. “optisnet” is a misspelling by one character of a valid provider. “Optusnet”. It could just be a typo, but looks more like a deliberate choice of one vertical vs. 2 on the “u” so to a casual look it seems familiar and valid. But if fails the “valid mail?” check. I even swapped the i for u and reran the mail check. No joy. Bogus email address.

Then did the usual “where is the poster posting from?”

root@XU4uDevuan3:/usr/local/bin# whois 49.183.54.xxx
% [whois.apnic.net]
[...]
% Information related to '49.176.0.0 - 49.191.255.255'
[...]
inetnum:        49.176.0.0 - 49.191.255.255
netname:        OPTUSINTERNET-AU
descr:          Optus Internet Pty Ltd
descr:          Building A, 2nd Floor
descr:          1 Lyonpark Road
country:        AU
org:            ORG-OIPL5-AP
admin-c:        OI3-AP
tech-c:         OI3-AP
abuse-c:        AO400-AP
status:         ALLOCATED PORTABLE
remarks:        ----------------------------------------------------
[...]
remarks:        --------------------------------------------------------
mnt-by:         APNIC-HM
mnt-lower:      MAINT-AU-OPTUSINTERNET
mnt-routes:     MAINT-AU-OPTUSINTERNET
mnt-irt:        IRT-OPTUSINTERNET-AU
last-modified:  2021-01-15T01:45:07Z
source:         APNIC

irt:            IRT-OPTUSINTERNET-AU
address:        1 Lyonpark Rd.
address:        Macquarie Park, NSW 2113
e-mail:         abuse@optusnet.com.au
abuse-mailbox:  abuse@optusnet.com.au
admin-c:        OI3-AP
tech-c:         OI3-AP
auth:           # Filtered
remarks:        abuse@optusnet.com.au was validated on 2021-04-27
mnt-by:         MAINT-AU-OPTUSINTERNET
last-modified:  2021-05-10T03:52:23Z
source:         APNIC

organisation:   ORG-OIPL5-AP
org-name:       Optus Internet Pty Ltd
country:        AU
address:        Building F, 3rd Floor
address:        1 Lyonpark Road
[...]
mnt-ref:        APNIC-HM
mnt-by:         APNIC-HM
last-modified:  2018-05-08T12:57:14Z
source:         APNIC

role:           ABUSE OPTUSINTERNETAU
address:        1 Lyonpark Rd.
address:        Macquarie Park, NSW 2113
country:        ZZ
phone:          +000000000
e-mail:         abuse@optusnet.com.au
admin-c:        OI3-AP
tech-c:         OI3-AP
nic-hdl:        AO400-AP
remarks:        Generated from irt object IRT-OPTUSINTERNET-AU
abuse-mailbox:  abuse@optusnet.com.au
mnt-by:         APNIC-ABUSE
last-modified:  2021-05-10T03:52:24Z
source:         APNIC

role:           Optus Internet
address:        1 Lyonpark Rd.
address:        Macquarie Park, NSW 2113
country:        AU
[...]
mnt-by:         MAINT-AU-OPTUSINTERNET
remarks:        send spam/abuse reports to abuse@optus.net.au
remarks:        please use http://wq.apnic.net/apnic-bin/whois.pl
remarks:        to identify networks before sending reports and
remarks:        always include full headers/logs.
last-modified:  2012-09-25T01:42:42Z
source:         APNIC

% Information related to '49.183.0.0/17AS4804'

route:          49.183.0.0/17
origin:         AS4804
descr:          Optus Internet Pty Ltd
                Building F, 3rd Floor
                1 Lyonpark Road
mnt-by:         MAINT-AU-OPTUSINTERNET
last-modified:  2021-06-17T21:14:41Z
source:         APNIC

So they ARE from Australia, or at least bouncing off a server there. But they can’t spell. (Both in the posting and the email address).

Skipping over the Hard Fail with opti…. and jumping to the corrected address, using:
https://verifalia.com/validate-email

It goes well for a while, then falls off the rails a little:

Validation report
Syntax validation
The address is syntactically valid.

Address (without comments and folding white spaces) Bmikeb@optusnet.com.au
Local part Bmikeb
Domain part optusnet.com.au
ASCII domain part
The domain part is not internationalized, no conversion to ASCII is necessary.
Role account validation
The e-mail address is not a well-known role account.
Syntax validation, ISP-specific
According to the syntactic rules of the target mail exchanger (optusnet.com.au), the address is syntactically valid.
Disposable email address (DEA) validation
The address is not provided by a known disposable e-mail address (DEA) provider.
Free email provider check
This email address is bound to a known free email provider (optusnet.com.au).

DNS records validation
The domain of the email address has valid DNS records.
Honeypot detection
The email address under test does not seem to hide a honeypot.
Disposable email address (DEA) validation, second pass
The mail exchanger responsible for the e-mail address is not a known disposable e-mail address (DEA) provider.
SMTP server validation
The mail exchanger of the email address domain can be contacted successfully.
Mailbox validation
A timeout occured while verifying the existence of the mailbox.

So the mail box is not valid. I suppose I could try “fixing” the email address by things like taking the B off the front to match the “screen name” etc.; but that risks just making an invalid email address into a valid one for somebody else.

So at this point, it could just be a person who’s a bit paranoid about their identity and being “cute”. But does the comment support that idea, or does it read like something nasty, hurtful to others, or deceptive full of FUD?

Here’s the comment and my meta-comments:

Ivermectin tubes of paste are usually intended as one tube per anamal. As such, the concentration of imectin may not be uniform. Beware you can overdose or not ant at all by using just some of it.

This is just not true. The stuff in the tubes is mixed up in very large vats and shoved into tubes (mostly on automated machinery I think). Were it not uniform in the vat, the variation between tubes would be unacceptable too. The tubes give several doses, by weight, and have a ring on them to adjust the amount given. The whole tube is not given at once unless the animal if huge.

I note in passing that “anamal” and “imectin” are gross misspellings. Then “not ant at all” is, I think, supposed to be “not any…” so also botched. Either a sloppy or poorly educated person, or a “foreign agent” who didn’t do that well in their “how to look like an Australian when bouncing off their ISPs” class…

Th pour on is usually used for cattle and has some nasty other things to get it through the hide so not good for people

This one is another untruth. Lie or just stupid? Hard to tell. I have the MSDS for Cattle Pour-On. The solvent is rubbing alcohol. Ivermectin diffuses through the skin on its own, nothing needed to “get it through the hide”. I’ve also been using it for over a year now with ZERO side effects. Nothing. Nada. Zip. Zilch. No nasty anything. (Just do not drink it as rubbing alcohol is not good for the digestion and metabolism… that’s why it is for rubbing on the outside of you.)

The best one I found was sheep drench – Osmectin. You need to check no other additives cos they will bite you (Murphy’s law?)

OK, makes a “recommendation” I’ve never heard of before. Let’s look it up:

https://duckduckgo.com/?q=%22Osmectin%22&norw=1&t=chromentp&ia=web

What turns up is a load of unrelated pages in several foreign languages. Now that’s a pretty good red flag. While I’ve deleted some detail from each result, this is ALL the results on the top page of the search. “The best fit” pages.

WO2012088648A1 – Deuterated acid salts of oseltamivir …
Search domain […]
Disclosed are the deuterated acid salts of oseltamivir, namely, ethyl (3R,4R,5S)-4-acetamido-5-amino-3-(1-ethylpropoxy)-1-cyclohexene-1-carboxylate, hydrates thereof and their preparation methods. More specifically, oseltamivir phosphate-d3, hydrates thereof and their preparation methods are disclosed. Also disclosed are the polymorph A of oseltamivir phosphate-d3, pharmaceutical compositions …

Cholusat Sur Canal 36 – EL SOL DE LAS NOTICIAS 25-08-2021 …
[…].com/Canal36Honduras/videos/el-sol-de-las-noticias-25-08-2021/528945821509722/
Cholusat Sur Canal 36 is live now. EL SOL DE LAS NOTICIAS 25-08-2021. Cholusat Sur Canal 36 is live now.

Releases · BitBonk / coinbase · GitLab
[…]
Golang SDK for coinbase

Флок такой милый правда☃️ как бахилы
[…]tiktok.[…]/@polina_bonk/video/6994080032251579649
Пользователь 🤝чибупицца😈 (@polina_bonk) создал короткое видео в TikTok (тикток) с песней оригинальный звук. | Флок такой милый правда☃️ как бахилы
[…]

Envíos a Pucallpa, Perú desde Rutherford College, North …
[…]envios-a-pucallpa-peru/desde/rutherford-college/north-carolina
Beneficios de tu cuenta. Incluye un casillero gratis. Ahorra tiempo en tus envíos. Rastrea tu paquete en cualquier dispositivo. Disfruta de promociones en servicios y tarifas.

Buy 3 BHK Flat/Apartment in Sobha Windsor Vijayanagara …
[…].com/propertyDetails/3-BHK-1817-Sq-ft-Multistorey-Apartment-FOR-Sale-Vijayanagara-in-Bangalore&id=4d423536313839323535
Property Sale Price – 1.40 Cr Rate/Sq-ft Rs 7705.0 1817 Sq-ft – Sobha Windsor is an ongoing state of the art project being developed in Whitefield

第153章_异种之母_霹雳书坊 – pilibook.com

Search domain […]tastebudsboutique.comhttps://www.tastebudsboutique.com/540ohn3156
315-540-6*** 651-275-4723 Regular Landline Calling Technique 334-768-3275 Regular Landline Calling Technique 415-214-7490 Cellular (Dedicated) Calling Technique 803-578-1854 Regular Landline Calling Technique 559-506-4322 Paging (Dedicated) Calling Technique 857-318-3895 Regular Landline Calling Technique 516-831-3763 Cellular Calling Technique 615-704-2913 Regular Landline Calling Technique …

cerca risultati per ‘flussimetro pce em 883 ‘ | PCE …
[…]pce-instruments.xxx/italiano/?action=Query&-query.&query.stichwort=flussimetro+pce+em+883+&query.mode=OR&_start=1521
cerca risultati per ‘flussimetro pce em 883 ‘. Informations, support and knowledge about measuring instruments. If you are interested in measuring instruments ask our engineers.

So at the very minimum, a recommendation so obscure that the search engine is resorting to quasi-random stuff from all over the planet, or more likely a complete fraud of a recommendation.

It’s at this point that I lose interest and send it off to SPAM land… But decided later to fish it out and make an example of it ;-)

So that’s how you “vet” a new poster with a questionable posting and how an Experienced Systems Admin evaluates things.

I get some crap like this about once a week, lately a bit faster, but it comes and goes. Many sites just let any comment through, thus encouraging them to send more. I tend to “vet” new people, then monitor their style and content over time to detect folks who “got past the gate” but were posing.

My guess is that this comment is a deliberate Dis-Info Campaign being run from a 3rd Country to attempt to stop effective treatments by promoting FUD and a bogus alternative. That is, “Lies For Effect”. I could be wrong, it is just a guess. But my “guesser” is pretty good. A lower possibility, but also possible, is just someone who’s not that bright, and inexperienced, spreading garbage they heard somewhere else, and they can’t spell or type well enough to get their email address right. (In which case I’m not so sure I want them posting comments here anyway…)

So hopefully this example shows you how to easily “vet” things you find on-line or in your mailbox.

Subscribe to feed

Advertisement

About E.M.Smith

A technical managerial sort interested in things from Stonehenge to computer science. My present "hot buttons' are the mythology of Climate Change and ancient metrology; but things change...
This entry was posted in Carping Comments. Bookmark the permalink.

10 Responses to Beware The FUDsters…

  1. p.g.sharrow says:

    Yep, sounds like a “50 cent-er”trying to earn their coin. Not an actual English language speaker. There are times I’m glad my boring little blog rarely attracts “those” people.

  2. another ian says:

    E.M.

    This would likely be the “product trawl that missed”

    https://www.iahp.com.au/animal-products/ausmectin-sheep-drench

    Also comes as a “pour-on” for cattle

    https://www.fmb.com.au/250ml-of-ausmectin-ivermectin-pour-on.html

  3. jim2 says:

    Found a patent with reference to the exact word:

    This indicates that direct administration of the osmectin carboxylate analog or its ethyl ester to the lung target can achieve a local lung concentration much higher than IC90 and a low circulating system concentration.

    https://patents.google.com/patent/WO2015027847A2/en

    Then there is this:

    Oseltamivir, sold under the brand name Tamiflu,

    https://en.wikipedia.org/wiki/Oseltamivir

  4. H.R. says:

    @p.g. – Your blog is not boring in the least. It’s leisurely paced.

  5. Annie says:

    I thought maybe Osmectin is just misspelt Ausmectin (of which I have a small container; there are 6 cattle on our place).

  6. pinroot says:

    I believe that there are people who are paid to spread FUD. You’ve gotten someone’s attention, so good job! You’re helping to provide employment and income to someone. :) And thanks for the walk-through on how back track an email, things like that can be useful.

  7. yarpos says:

    Interesting trail, thank you

  8. E.M.Smith says:

    @yarpos:

    You are most welcome. I wander down trails. Lots of them are dreary and dull. The ones that interest me become a posting…

  9. Lev says:

    Can I suggest another possibility? We have an Australian semi-literate with a new low-end job in a new field who thinks he has a better grasp of what he is being taught in his new job than he actually does… as a result, he has a mistaken understanding of the subject that he is trying to engage in out of what boils down to excitement for a new job and is sharing his still unqualified understanding of the subject. This may explain why he has shared information that appears to be learned phonetically, based on the nature of the spelling mistakes.

    Furthermore, optusnet emails are definitely not free emails, they are issued to people who take up Optus as their fixed line or cellular home broadband ISP (and not even to people who take up a mobile service with Optus) and are very commonly provided by people who don’t use email often. “Hey Jessica, whats my email again!?”
    “You don’t have one, Mike”
    “Yeah i do, whats the one on the bill for the internet?”
    “oh i think its MikeB@optusnet.com.au – no it had a letter or something at the front”
    Mike thinks to himself ‘It woulda been a B, for sure!’ *starts typing “bmikeb@optisnet.com.au”

    It is also pertinent to note (that last time I checked) optusnet emails are issued automatically and are reasonably difficult to change.. Alternatively, additional new one email addresses using optusnet could be created inside a subscribers’ account via the ISP’s web portal… and it is usually based on the username for their service which is based on a private user’s actual name by default, with digits added to the end where the name is taken. BMikeB would have to be an additionally created optusnet email and these are much rarer as anyone savvy enough to do this is likely to use those same skills to create an email with a more feature-rich email service, if that makes sense..

    Also, at an educated guess, I’d say about 25% of private domestic connections in Aus will be via optusnet connections.. as Australia’s second largest (and most resold) internet provider. Including my own.

    So maybe we have an uneducated person who is also inexperienced in IT attempting to join in on discussion of a subject he is excited to be involved in but not yet qualified to contribute meaningfully to. This is the feel that I get from it.

    It would be kinda sad to see that interest snuffed in its infancy by rejection due to poor literacy and/or tech skills.

    Or hes a Nigerian spammer hired for a very specific purpose by very undiscerning employers.. Juss’ saying.

  10. E.M.Smith says:

    @Lev:

    Good local information about Optusnet. Redoing the email address check without the leading B:

    Validation summary
    Input data: mikeb@optusnet.com
    Classification:
    Risky
    Status:
    Failed to validate, a timeout occurred while verifying the existence of the mailbox.
    Retrying the validation may result in a definitive response.
    Status code:
    MailboxValidationTimeout (What’s this?)
    Validation report
    Syntax validation
    The address is syntactically valid.

    Address (without comments and folding white spaces) mikeb@optusnet.com
    Local part mikeb
    Domain part optusnet.com
    ASCII domain part
    The domain part is not internationalized, no conversion to ASCII is necessary.
    Role account validation
    The e-mail address is not a well-known role account.
    Syntax validation, ISP-specific
    According to the syntactic rules of the target mail exchanger (optusnet.com), the address is syntactically valid.
    Disposable email address (DEA) validation
    The address is not provided by a known disposable e-mail address (DEA) provider.
    Free email provider check
    This email address does not seem to be bound to a known free email provider.
    DNS records validation
    The domain of the email address has valid DNS records.
    Honeypot detection
    The email address under test does not seem to hide a honeypot.
    Disposable email address (DEA) validation, second pass
    The mail exchanger responsible for the e-mail address is not a known disposable e-mail address (DEA) provider.
    SMTP server validation
    The mail exchanger of the email address domain can be contacted successfully.
    Mailbox validation
    A timeout occured while verifying the existence of the mailbox.

    I ran the test twice, both times got a mailbox timeout. I’m pretty sure that means it is bogus (but not absolutely as it could just be a repeated “too long” contact, but that’s unlikely).

    So at this point one would suspect that “Bmikeb” is just a B modifier on a bogus email address. So when someone puts “mikeb” in their spam filter “Bmikeb” gets through and when “Bmikeb” is in the filter “Cmikeb” gets through, etc. Not a very bright tactic, but one that is used sometimes.

    So I’d go with “Nigerian paid troll” over “innocent with interest”, but yes, it could just be someone who’s a bit clueless about all this internet stuff and has drunk the Kool-Aid on “Ivermectin bad” when in fact it is an absolute blessing. (See Uttar Pradesh in India, Japan, El Salvador and others along with my 2 years and counting of ZERO side effects and ZERO Covid, head colds, flu, whatever while meeting up with a few hundred thousand of my “closest strangers” without a mask or any other protections. Works a champ.)

Comments are closed.