December 18, 2005This Should Be Illegal
I recall that several years ago the magazine subscription sweepstakes outfits ran afoul of various U.S. and/or state laws because they went too far in intimating that the recipient of an offer had already won a huge cash prize, when, in fact, the recipient might have won a prize (one winner out of a gazillion).
This bit of history comes to mind because of a not-uncommon type of spam that came into view here today. The Subject: line is pretty clear:
Subject: Shop on us this holiday season with a $300 Mastercard
The message then starts out like this:
We have been trying to reach you in order to deliver your free $300 Mastercard Gift Card
Please visit our website and verify your zipcode:
We have given you this $300 Mastercard just in time for the holidays. Let us buy all your holiday gifts
I ask you: Does this not say that they have given me this card? Doesn't it sound like it's all mine, ready to put in my hot little pocket to shop the holidays away?
Oh, wait...here's the fine print:
Receipt of your item requires compliance with offer terms, including: age and residency requirements; registration with valid email address, shipping address and contact phone number; completion of user survey and sponsor promotions.
I defy you to find out exactly what you have to do to get your card without also ratting yourself out by supplying at least your email address. Not only does the message contain a Web beacon image (coded with a number that identifies your address on the sender's list), but every link to the Web site bears the same code. Something also tells me that you'll have to jump through a lot of hoops and give up a fair amount of personal information (and perhaps information on your friends and family) to eventually qualify for the card...if you get it at all.
And holiday shopping? Maybe for St. Patrick's Day.
I stealthily visited the site managing the promotion. It's another of the long line of affiliate e-marketing sites about which I rant regularly. There are at least two (and probably more) sites with different domain names that all lead to the same server and IP address.
...("we") believe(s) in 100% permission-based marketing. We collect the information you provide at our websites. Additionally, we purchase and manage opt-in email lists generated by affiliate sites and organizations. To subscribe, you must provide your email address and categories of interest. ... We will confirm your subscription via email. Then, we may send offers for goods and services relevant to the categories of interest you have chosen.
So I'm visiting their Web site, but the only action one can take from the front page is to unsubscribe. There is no form to fill out to subscribe and supply one's categories of interest. The spam message assures me that I can "update my preferences" if I click on one of their coded links (no, thank you). I can also assure you that I have not given this company (or any of the companies I could find related to it) my permission to send me email. It's quite possible that they use the Direct Marketing Association's definition of "opt-in," which means that anyone can fill out a form with anyone's email address, and the address gets added to the database—all the screening of chicken wire. That this outfit uses affiliates further increases the likelihood that addresses could come from anywhere. It wouldn't surprise me to find out that the transmission of the Web beacon code is interpreted as a form of "opting in" because you opened the message.
In the meantime, untold thousands of recipients of this message will click the links to find out how they have been lied to about having won a gift card. In return the spammer gets thousands of email addresses verified for resale and rental to other spamvertisers. More cash for the spammer; more future spam for the spammee. If you're keeping score at home for this game of Spammer vs. Consumer, it's 1-0, Spammer.Posted on December 18, 2005 at 10:32 PM