« A Degree From Botnet University | Main | Botnet Vigilantes »
Home | The Book | Training | Events | Tools | Stats |
May 02, 2008
A Spammer By Any Other Name...My email client suspected something was fishy (not necessarily phishy) about a message from a marketing communications company, and sidelined it into the Junk folder. If my email client were a guard dog, I'd pat it on its head and give it a Milk-Bone.
The Subject: line was as follows:
Subject: Intel aims to serve SMBs with new portal
In case you're not familiar with the acronym, SMB stands for small and medium-sized business. The From: field in my Junk folder listing showed an email address that implied it had something to do with IT and was a newsletter of some sort. The combination of "Intel" in the Subject: line and an IT newsletter in the From: line added up to a credible combo.
But I've seen plenty of bogus listings in my in-box from unknown senders...you know the kind I mean where the Subject: line content happens to be spot-on to something of technical interest to you, and when you open the message you're greeted with the latest erectile dysfunction product promotion. My spam radar's sensitivity was set to 11.
Imagine my surprise, then, when (after checking the message's source code for any nasties) that the message was, in fact, a kind of IT-related newsletter. The source code revealed that the download of one of the images in the HTML-formatted message was a tracking image. Although the URL for the image was not tied to my email address, it did reference this particular daily (sigh) issue of the newsletter. That can serve as a hit count to let the sender know how many recipients got as far as opening and viewing the entirety of the message. Fortunately, my email client has image retrieval turned off, so my view won't count.
This newsletter was fairly typical of a traffic-generator. Five one-paragraph summaries (of incredibly dull and bland stories) ended with links to the company's web site for the full stories.
Not that it makes any difference to my regarding this message as spam, but it was CAN-SPAM compliant. It was sent through the company's email server and had full identity and opt-out facilities at the end of the message (the company is located outside the U.S.). I normally wouldn't have given this message a second thought but for what I saw as disingenuous statements in the identity section:
[Removed] USA is an email publication devoted to bringing you the latest news from the US small and midsize business community. It is published free of charge by [Removed].com and distributed to subscribed readers. If you are not a subscribed reader, please use the link below to be removed from our mailing list.
So, let me get this straight, oh newsletter sender: You claim to distribute this thing to subscribed readers. But if I received it, I may not be a subscribed reader and need to remove myself from your list of subscribed readers?
I just heard a small "pop" inside my head...I think part of my brain exploded.
My choice is clear here. I won't opt-out from this list. I'll just have my email server quietly delete future messages from this sender as my small way of helping dilute the effectiveness of the "list of subscribers" that he'll eventually try to rent to others.
Now where's that aspirin?
Posted on May 02, 2008 at 09:06 AM