« What a Haiti Earthquake Charity Scam Looks Like | Main | Short and Sour 419er »

January 23, 2010

For the past 10 days, I've seen a lot of spam claiming to come from someone calling her(?)self "Mary":

From: Mary <[variety of bogus email addresses]>
Subject: Hi remember me?

I've seen two separate campaigns using the same combination above. The first had the following message body:

Hi, I'm from Russia - a dream to live abroad, my name is Mary, can we get started? "I'm on this dating site - come in to me.

[various URLs removed]

The more recent of the two has the following body:

Hello my dear. Hey, want to marry a Russian beauty? I want you, my good man. Come to my profile - you'll get a surprise! You want what would you be good? Come to me.

[various URLs removed]

These types of things aren't anything new, to be sure. But the hazard for those of us who don't have visions of marrying a Russian spammer-bride is that any curious recipient may be putting a few kopeks into the spammer's pocket or G-string. All of the URLs I've seen have affiliate identifiers of some kind. So, whether the URL goes straight to the spamvertised web site, or if it first goes to a redirection page, a click might very well make the spam pay for itself (and then some). This only guarantees more of the same to follow — if not to you, then to millions of others whose addresses have been scraped over the years.

Imagine how angry the spammer would be if, upon mailing tens of millions of these messages, not a single recipient visited the site. That would be more effective than shutting down one of the botnets he uses to spew.

Apparently I have weird fantasies.