Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Guarding Passwords with Sieves | Main | Do People Believe 419ers? You Bet! »

September 19, 2008

Impending Doom. Click Now!

Those of us who battle spam daily can usually sniff out the purpose behind blatantly false email messages. Take this one, for example:

From: cory hardison
To: client
Subject: Your internet access is going to get suspended

Your internet access is going to get suspended


The inbox listing shows only the From: and Subject: fields. A spammer has only those two fields to make his first impression on a recipient. If it's in an inbox listing, the message has probably survived one or more automated antispam filters. But can the combination of From: and Subject: lines get past a supposedly smarter human filter? If the recipient opens the message, will the message body be sufficiently compelling to incite further action—a visit to a web site?

My first thought on the message above was that it was another impending doom message intended to lure recipients to a malware installation page. This tactic had been used years ago, but usually with the From: field forged to suggest it came from the recipient's own IT department (e.g., if the message was addressed to dannyg@example.com, the From: field was admin@example.com).

Upon safely checking the source code of the destination page, I discovered that the site was instead one of seemingly thousands of phony Canadian pharmacies (running on a bot-infected computer on the Japanese @NetHome network). This type of misdirection always puzzles me. Given the fact that the message is intended to instill fear and dread into the recipient, how is that person supposed to react to a medz spam site instead? Is he so relieved that his internet access won't be suspended that he'd better stock up on Viagra to shtup his significant other? Or is she supposed to reflect on how afraid she was and pick up some illegal (if not deadly) anti-anxiety drugs to lessen the impact next time?

Perhaps I'm just saturated by American marketing methods, but I don't understand how this type of advertising can possibly be worthwhile. If the spammer wants to go through all kinds of motions and not sell anything, let him hire Jerry Seinfeld and Bill Gates to appear in the message and at least try to entertain us.

Posted on September 19, 2008 at 08:57 AM