Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Bogus Lottery Scammer Fails Elementary Arithmetic | Main | Hitting the Quaker Oats Lottery »

May 12, 2009

Fairfax Digital Spam or Joe Job?

Over the past few days, a spam campaign claiming to be sponsored by Australian electronic marketing firm, Fairfax Digital, caught my eye. Here is what a typical item in HTML format looks like:

Spam message claiming to be from Fairfax Digital

The Subject: lines have consisted of all-too-typical erectile dysfunction medz spam phrases, such as:

Subject: Try it and she won't ever see your manhood in flaccid condition.
Subject: If your boy refuses to stay, add some chemical and herbal strength in it!

At first sight, the message appears to come from a slick-ish email marketing firm that sends newsletters encased with ads. I've seen so many of these types of offerings that I roll my eyes when I see yet another outfit disguising unsolicited email as newsletter subscriptions (to which the recipient never subscribed). The kiss of death for your inbox is to unsubscribe from anyone who has "signed you up" to receive their crap. I was not about to send an email to the suggested support address.

But something wasn't right with this message. Or, rather, many things weren't right with this message.

First, rolling over the links in the first bullet and in the bottom line (for Privacy Policy and such) revealed that the actual destinations were to domains that had nothing to do with Fairfax Digital. In fact, they were all .in (India) domains whose registrant claimed to reside in Russia. The domains had been registered in late April 2009.

Second, the message headers also revealed that they had apparently been sent through botnet computers widely distributed around the globe. Just like your basic medz spam.

And third, I checked my server logs. The messages I saw were just a sample of the tons being hurled at my domain in dictionary-style attacks.

My next task was to do a bit of due diligence on Fairfax. Although Australia has some fairly strong antispam laws in place, the teeth chomp primarily on Australians attempting to spam Australians. But if this firm were concerned about its reputation as an email marketing company, would they risk flaunting the law by sending to addresses not explicitly tagged as being Australian?

I didn't jump right away to Fairfax's web site, but did a Google search first. One reason I go that route is that I have the Finjan SecureBrowsing plugin installed in Firefox. If there is any potential nastiness at the end of a search result link, the plugin flags the link accordingly.

Unsurprisingly (to this old dawg who has high suspicions of every so-called email marketing firm, even if it means throwing out the koala with the koala droppings), Finjan flagged the Fairfax Digital site as a potential adware site. Ugh. That meant putting up all shields before visiting the site.

The only reason I even considered visiting the site is that my other quick searches didn't turn up anything negative about the firm. Unlike many email marketing firms that change their names as often as I change socks (daily, if you want to know), Fairfax had been around for quite awhile and had been mentioned by many Australian business news outlets.

As I studied the site, it appeared that the company either runs or has influence over web sites for a few newspapers in Australia—perhaps accounting for the glowing news reports. But a look at their Privacy Policy made me rather uncomfortable. It represents the antithesis of a confirmed opt-in operation:

How we collect it [information]
We may collect your personal information from a variety of sources, including from you, advertisers, mailing lists, recruitment agencies, contractors and business partners.

We may collect your personal information when you request or acquire a product or service from us, register with us as a member, provide a product or service to us, complete a survey or questionnaire, enter a competition or event, contribute in a fundraising event, participate in our services (including our radio programs, blogs and forums) or when you communicate with us by e-mail, telephone or in writing (for example if you contact customer service to make a complaint or provide feedback).

If, at any time, you provide personal or other information about someone other than yourself, you warrant that you have that person’s consent to provide such information for the purpose specified.

In other words, if they even get a whiff of an email address as it wafts by, it's theirs to do with as they please. Any trust that had been building in my mind went right out the window.

Still, I wanted to know if the spam campaign that had been hitting my server was in any way connected with Fairfax (an affiliate perhaps?) or if a spammer was trying to ride Fairfax coattails into inboxes. At the moment, my inclination is the latter.

I tried to use the contact form on the Fairfax Digital site to inquire, but I received an error message upon submission. I am trying other routes to contact them (at great potential peril to one of my email addresses, mind you), and will update this posting if I learn more from the company.

Posted on May 12, 2009 at 11:47 AM