Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Malware-Laden Ecards Keep Coming | Main | Phony DHL Invoice Malware Delivery »

March 19, 2009

How Spammers Poke and Prod You

I had a note from a Dispatches reader the other day who was psyched into opening a medz spam. Now, this reader claims to be a spam wars veteran ("I have a huge problem with spam mail."), and has even grown inured by it ("As i am used to it,...."). That latter situation is the sad state of affairs we are in. No matter how good your filtering (if you have any), some spam gets through, and you grow accustomed to some level of intrusion into your inbox.

What upset this correspondent was that the medz spammer used what I call the "impending doom" type of Subject: line to get his attention. In this case, the line was:

Subject: your ip saw on illegal sites

Grammar problems aside, if you sense from a Subject: line that you are being wrongly accused of something, your first instinct is to jump into it and defend yourself. For example, my correspondent was confident that the accusation was false, yet he admits "this title made me feel very bad."

As I have recounted many times before, both in the Spam Wars book and in previous Dispatches postings, the more a Subject: line in a message from an unknown sender tries to stimulate you to action, the more you should suspect the message is a complete fraud. The stimulant might be an accusation, as in this case, or some OMG! news item (e.g., a world leader dying or massive regional tragedy). The tactics have been used repeatedly over the years for tricking recipients to open attachments, to visit drive-by malware installation web pages, and, as in this case, to see the umpteenth pitch for medz, knock-off luxury goods, or adult content.

My attitude in general about email is a very cynical one. I suspect every email message from an unknown sender in my inbox to be unwanted until I am convinced otherwise. Sometimes, that means I have to inspect the content (viewing only the source code without downloading images or other external content), but because I start out with a negative vibe about the message, I'm never disappointed. On rare occasion, I'm pleasantly surprised to find a personal message from a real human about a subject of interest to me.

I still have fond, sepia-toned memories of my early days in email—before you could even send a message from one provider to another. I'd log onto The Source or CompuServe and find only messages from people who wanted to communicate with me for who I was, not for the money in my wallet, the value of my email address on a list, or the processing cycles in my computer. I'm afraid those spam-free days have done the ol' 23 skidoo.

Posted on March 19, 2009 at 12:20 PM