Terrible Ideas Hackathon - ScamSpamEmail

I have recently gotten along to a number of hackathons at the University of Auckland. Before COVID I would attend hackathons regular in person. During COVID I tried doing some online, but really it wasn't the same. It's great to be in Auckland where things are pretty much back to normal.

One of the hackathons that I attended was the Terrible Ideas Hackathon. I had an idea before attending - so just needed a few team members.

During the pizza dinner I met Lucy who was a linguistics student - she joined my team. Lucy wasn't technical but was able to help out with ideas, validation and slides for presenting.

After dinner we met Daniel - a developer with a focus towards the frontend. This was perfect for me as I prefer to focus on backend.

Though I did pitch my idea to those looking for a group it ended up with just the three of us. Myself, Lucy, and Daniel. Three is a good number - don't want too many cooks in the room.

My idea was to build something around this software I use on my computer called ActivityWatch - which keeps track of websites I visit.  It has a API which allows access to this data. Along with a bunch of other random person / location / business / currency APIs develop a app with generates a spamming looking email which could be used to attempt to scam someone - in this case myself.

We had much discussion over the body of the text - wanting to make it as random as posible. Deciding on what services we could use to generate the random aspects

  • Currencyfreaks - for a random currency.
  • ActivityWatch - for getting URL that victim had visited. This was one of the most imporant apis that was used, everything else just makes it more interesting.
  • randomuser - for random generate of person / location.
  • Au Business List - for getting a random business name.

So as I was writing this blogpost it seems I failed to commit my final code, and though I backed up my laptop which I worked on this code with - it's an older version. I didn't have much plans with continuing with the project - but it is disappointed.

With the code ended up sending the email with Daniels frontend (which he built in React). He used a framework called EmailJS which was okay, but if I was to use email in code in future - I would do it in the backend as I have more control.

Here's the screenshot of the email that is being sent:

example scam email

As you can see the name, location, business, currency are all being randomly generated.

And finally the code:

I used GIN for the webserver which allowed Daniels frontend to generate the email body text with his frontend.

Subscribe to wmckee

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
Contents © 2020 William Mckee Creative Commons Attribution 4.0 International License
wmckee by William Mckee is licensed under a Creative Commons Attribution 4.0 International License.