Category: Spam

Posted on
by

Last week I received a message offering a 30% discount on Norton Internet Security 2006. It claimed to be from Symantec, but the email address was at digitalriver.com, and all the links—including the ones that claimed to be at symantec.com—went to bluehornet.com.

Now 5 minutes of research turns up the facts that Symantec does work with Digital River and Digital River owns Blue Hornet. And it did go to the address I used to register Norton Antivirus last year. So it’s probably a legit offer.

But let’s think about this for a minute.

Assuming it’s legit, Symantec—a company that deals in internet security—is deliberately sending out offers via third-party domains, email and web servers. Depending on how security-conscious you are, they are either making their messages look suspicious or training users to ignore warning signs.

Or have you never seen spam offering enormous discounts on Norton products? Which generally turn out to be pirated. And I seem to recall—though I can’t find an article to back it up—that the bootleg copies are often infected themselves, or crippled in some way.

Given how many shady operators are out there, taking advantage of the big guys’ name recognition, you’d think the big guys would at least make some effort to make their own offerings look less, well, shady.

Posted on
by

eBay must have some sort of blanket advertising deal with Google, because the “sponsored links” you get for some searches really don’t make any sense.

Case in point: I did a Google search for the phrase, “nigerian scam,” and saw the following ad:

Looking for Nigerian Scam? Find exactly what you want today

Wow, when they say, “Whatever it is, you can get it here.”—they really mean it! 😉

Interestingly, if you search for “419 scam,” you get the same type of ad, but not if you search for “advance fee fraud.”

I tried a few random search terms, and from what I can tell, eBay’s ad shows up on many—but not all—two-word searches. I’m not sure what the pattern is, but I can’t imagine someone at eBay deliberately asked to buy ad space for some of these phrases.

But in a show of accuracy, if you search for “random stuff,” you’ll find it!

Posted on
by

I found a 419 scam in the spamtraps that started, in typical fashion, with an all-caps name and address, then the line:

HIGHLY CONFIDENTIAL REQUESTING

What made this funny (aside from the bad grammar) was the fact that the To: line contained over 1,200 addresses!

Ah, this is obviously some strange use of the word confidential that I wasn’t previously aware of!

Posted on
by

I handle the abuse contact for an ISP’s domain name. Normally this doesn’t take up much of my inbox. Even the “Your users are spamming” messages (in response to forged senders) have dropped off.

Since last night, though, the abuse and tech support contacts that filter into my inbox have collected 42 44 spams advertising the “Body Bouncer,” which claims to “take the gravity out of sex.”* Distributed IPs, random content, 6 different subjects (so far). What they have in common are a sales pitch in an image, and a link to their website.

Ordinarily, that would be enough to tag it. Continue reading

Posted on
by

Here’s a piece of friendly advice from a mail server admin to companies that interact with subscribers and customers via email:

Pick one domain name for your business. Just one. Don’t use any other domains in your emails, even if you want to keep order confirmations separate from promotions. If you contract out for some other company to send out a newsletter or survey to your customers, insist that they send it out using your own domain name. If you’re using DomainKeys or SPF, make sure they’re authorized or send it yourself. And don’t even think of making the links through redirection scripts, even if you really want to track which subscribers are clicking.

Why?

Two words: Spam and fraud. Continue reading

Posted on
by

I found a flood of crude phishing attempts in our postmaster account this morning.

How crude?

The hook was, “Simply reply to this email with your online login and password.”

No forms, no imitation websites, no swiped logos, no links of any sort at all. One of them even had multiple recipients visible on the To: line. It’s like a throwback to the early days of spam-n-scam.

The headers were full of things like %RNDDIGIT27, suggesting a broken spam generator, and of course there’s the fact that they actually targeted the postmaster account.

Posted on
by

Here’s the WTF?!?!?!!!! moment of the day. Actual spam received over the weekend:

Sell Your Organs Online!

Reply to this message if your interested in selling your organs!

Seriously, what the hell?

Forget the fact that selling organs is illegal in the US. And I’m sure mailing them across state lines would be a felony. And you sure as heck can’t list them on eBay. Or Amazon—can you imagine? “15 new and used livers available.” “Customers who purchased kidneys also bought…”

»All pages site-wide with this tag