February 05, 2008Impending Boom/Doom Tricks
Spammers desperately want you to open their messages (the ones that get through spam filters) and then trick you into performing whatever action will get you to give up something of value, even if it is just a click of a link. Among the most deceptive tactics that seem to work (because they continue to be used year after year) are the Subject: lines and message bodies that promise impending boom (e.g., lottery windfall, love of a secret admirer, free iWhatever) or impending doom (e.g., verify your account info or else, IRS documents attached, "Dude, you're gonna get caught, lol").
Resisting these false come-ons can be difficult, especially those of the impending doom variety. They typically arrive with enough of a believable warning and not enough information to get that mouse button a-clickin'. After all, no one wants to be accused of doing something wrong, especially when, dammit, they've done nothing wrong.
The following spam message that came my way will certainly get lots of adrenalin flowing in recipients (linked domain partially obscured by asterisks):
From: Catherine Gill (Investigator)
Subject: Alert: Account Locked
URGENT - February 4th, 2008
Hello, we have been informed your credit has been suspended.
All credit cards and credit lines are curently locked.
Until the current investigation is completed, we ask for your
Let's face it, the U.S. economy is in a downturn, and more than a few people are having tough times financially; for many consumers, their credit cards are a lifeline. Spammers know this, and are eager to prey on these financial fears.
Recipients of the above spam message will be too freaked out to notice the spamminess of the message (too many red flags to mention). Instead of doing the right thing—checking directly with their credit card companies to find out if the claim is true—they'll click the link because it's easier than wading through automated telephone menu systems at the credit card companies.
The identity of the spamvertised domain owner is hidden (never a good sign of legitimacy for a commercial venture). Upon checking the source code of the site, it turns out that this is simply a lead-generation site for debt consolidators. There is nothing there about you or your accounts being frozen. Instead, you are invited to fill out a form with your name, email address, phone, and a couple bits and bobs about your current debt (how much it is and how late you are). By submitting the form, you agree to be contacted by phone by up to three debt consolidators—even if you are on the FTC Do Not Call list. Oh yeah, they got their bases covered (at the site anyway, their email exhibits multiple violations of CAN-SPAM).
It's clear that lead-generation spammers have abandoned the mortgage game in favor of the debt consolidation game—simply riding the economic wind currents. They get paid richly for the leads they generate through this 100% deceptive email advertising. There oughta be a law against...oh, wait, there is.Posted on February 05, 2008 at 09:21 AM