MindComet

Mother London Turns Spam On It’s Head

What happens when an ad agency sends out a seemingly spammy email claiming to give away $10,000 to hundreds of people? Watch below and find out.

View Comments

Posted by Bryan Quilty on Dec. 23, 2009

Lashback & Yahoo! Team Up

ExactTarget is reporting that Lashback and Yahoo! are now working together to determine senders’ “unsubscribe reputation”. What is Lashback, you ask? Lashback is a service that basically oversees and identifies which senders are honoring unsubscribes and which are not. They report on the Spam counts from reputable senders as well. For instance, when a user marks an email as Spam from a sender that has a good unsubscribe compliance, Lashback steps in and makes sure it’s actually marked as an unsubscribe request and not a Spam complaint.  They have dubbed themselves as being “The Email Compliance Authority”.

For any sender who’s using a major ESP, they have nothing to worry about as all ESPs remove unsubscribed addresses pretty much immediately. If you’re a small business or a sender who doesn’t have a lot of resources, it is more likely you’re keeping track of your unsubscribes manually. If you miss one, it may come back to bite your reputation… especially with Yahoo! addresses, in this case.

Along with overseeing sender reputations and righting wrongs, they’re also trying to educate users with a plugin available for download. Once installed, the plugin helps compile unsubscribe information which can report when senders are not honoring opt-out requests. The gist of the service is to identify which senders / entities are not following CAN-SPAM rules. Seems to be quite useful.

The only question I have is do they allow a grace period of 10 days before they start reporting on an unsubscribe or is it immediate? This could be problematic if it’s the former, as CAN-SPAM rules state that a recipient needs to be removed from the list within 10 days.

View Comments

Posted by Bryan Quilty on Nov. 17, 2009

Major Spambot Killed

According to theregister.co.uk, a botnet (also know as Mega-D or Ozdok) which was responsible for 1/3 of all of the world’s spam has been wiped off the proverbial map. The responsible party, FireEye, analyzed the ins and outs of this botnet and attacked it’s commands and control channels, ultimately paralyzing it and rendering it useless.

The botnet operated through various control channels that sent out instructions to “zombie” machines in their network that would in turn send out spam.

Although this is great news in the long run, it won’t garner as much change as one might think, though. All of the IP addresses (more than 264,000) the botnet used were already blacklisted. For now, the ISPs will have to identify each individual IP address that was under the botnet’s voodoo hex and clean up the mess from there.

In 2008, a staggering 200 BILLION spam emails were sent per day. But now, without Mega-D looming around, that daily total will drop to around 134 billion daily spam emails. I know it’s still an overwhelming number to digest, but at least it’s a bit more manageable.

View Comments

Posted by Bryan Quilty on Nov. 10, 2009

Emails Like This Make People Like Me Opt Out From Your List

Let me start with a rhetorical question. If you saw this email, would you consider it spam?

Well, if you’re anything like me, you thought it was spam and opted out immediately. There’s nothing here that screams “legitimacy”, even if it actually is a legit message (which this is).

And as you can see, even with the images “on” it still doesn’t do much to defend itself.

Another telling reason why I thought this was spam is because I never opted in to ever receive emails from Nation’s Restaurant News. It was most likely because I accidentally opted into a partner network of email lists. Shame on me for not paying better attention.

I think it would be wise if all 3rd-party emails had a disclaimer above the fold, warning the user that the email they’re receiving may not be of interest to them. This verbiage would also have a prevalent opt out link next to it.

Another thing I’d like to note is that the email wasn’t from Nation’s Restaurant News, it was from Ellen Koteff. Ellen, I don’t know you and I surely don’t want emails from you. If the email is from a company, it should be FROM the company. No excuses.

View Comments

Posted by Bryan Quilty on Oct. 27, 2009

Major SPAM Distributor Taken Down by Feds

Have you noticed a drop in the amount spam being delivered to you recently? If so, this may be due to the fact that one of the largest SPAM firms was taken offline.  McColo Corp, based out of San Jose, California was hosting servers by a relatively small firm that served (no pun intended) as a means to deliver a significant amount of the world’s SPAM. McColo’s client list doesn’t hold up as far as integrity goes.  Their ‘clients’ include companies that sell knock off pharmaceuticals & handbags as well as child porn—all via email.

As soon as their site and servers were pulled, spam volumes dropped worldwide—as much as 66 percent in some cases.  Spamcop, the absolute authority on SPAM, saw 40 spam emails per second drop down to 10 per second. The graph can be found below:

McColo’s fate is not ultimately sealed, but it seems as though they’re S.O.L. Mark Rasch, a former cyber-crime prosecutor for the Justice Department claims that “It’s a little bit like a landlord who owns a building and sees people coming in and out of the apartment complex constantly at all hours and not suspecting their may be drug activity going on.“ Sure, they can play dumb all they want, but they more than likely knew of the fishy behavior occurring through their servers.

This is a major score for all of us legit email senders as well as anyone who is inundated with irrelevant, spammy email.

You can read the entire story at msnbc.com.  It’s worth the read.  Thanks to Greg Cangialosi for pointing this out.

View Comments

Posted by MindComet on Nov. 13, 2008

Allure Is Doing It Wrong

Where do I begin…

First of all, I have no idea how I got on this list in the first place.  I’m a dude, and I swear I have no interest in handbags and makeup.  Seriously.  I scanned the email, heading toward the footer for the opt out link when low and behold, their opt out procedure was to forward the email to a sketchy address beginning with “unsubscribe-ctg0aib62aacgk4qtkisrfejqyybag2a”.

Then the next line reads: “You will no longer receive our special offers; however, you will continue to receive any newsletters to which you have subscribed.“

Umm… no.  I want to unsubscribe from ALL communications.  But YOU’RE NOT LETTING ME!

At this point I was pretty annoyed… I hovered my mouse over the text of the email when I noticed that the whole email was click-able.  So, I patronized them and clicked… low and behold the link was BROKEN.  Invalid URL.  Probably had something to do with the DOCTYPE being in the URL string.  DOCTYPE?  Really?  It’s not even necessary to include it in HTML emails.  All you need are tables.  No HTML tags, body tags, meta tags, etc.

Haven’t marketers learned that it is absolutely essential to test emails nowadays?  And furthermore, in today’s day and age, you must include a means for the user to update their preferences.

Oh yeah… and they used a very spammy subject line.  See below:

If anyone from Allure or Conde Nast Magazine is reading this and you need some help in the email department, give us a shout.

View Comments

Posted by MindComet on Aug. 07, 2008

Conclusions of the Global S.P.A.M Diaries Project

Dylan over at eROI posted a link to a story today that immediately grabbed my attention: What Happens When You Reply to ALL of Your Spam.  My first reaction was that it was just madness, who would even want to participate in this type of experiment or have time to do that considering all the spam we get.  I read on to find out that it was an experiment that McAfee was running with the incentive of getting a free PC.

A housewife told her story which began on April Fool’s Day.  The experiment (Spammed Persistently All Month (S.P.A.M.)) was to answer each and every spam message and pop-up on their PC over a 30 day period.  My first question that arose was, are they experimenting on the free PC and if so, who would want to use the test computer afterward considering the spam and pop ups were probably loaded with viruses?  However considering McAfee’s expertise in antivirus solutions, I’m assuming McAfee took care of that for them afterward.

McAfee’s goal was to have 50 volunteers from around the world participate in this Global S.P.A.M. Diaries project. Some of the objectives of the campaign included:

• Allowing users to go where they never sought to before, to see if these susceptible calls to action where too good to be true

• Educating users in helping them identify spam emails and the risks associated with them

The total spam count allotted to 104,832 messages in a 30 day time frame.  Each participant received roughly 2,096 messages or 70 messages a day.  Of all the countries that participated the U.S. received the most spam with over 20,000 messages.

The conclusions from the campaign McAfee found included the following:

• Spam is still out there in abundance: Despite everyone’s efforts and precautions, it is a still a very real threat that grows at a phenomenal pace. Once subscribed, our participants proved it is almost impossible to unsubscribe from spam lists and as time passes this only gets worse.
  

• Spammers will stop at nothing! The nature of the spam received has given valuable insight into the social engineering aspects of spam that we have seen grow in the last few years; from religion, death and sick children to enticing people with offers of free products, cash and money for loans - the spammers will literally use any subject to scam people or steal valuable data from individuals or businesses. The current “credit crunch” means financial spam is very popular at the moment.
  

• Spam and cybercrime are linked: The fact that most participants received some phishing emails in such a short space of time, even though they had new email addresses, proves the danger spam carries. We should all take caution in opening suspicious emails and giving out our email addresses in cyberspace.
  

• Non-English Spam is growing: The diversification of languages of spam was higher than expected, proving that participants in different geographies receive different types of spam depending on their location. Local language spam is often harder to detect, because it is less common and this trend proves spammers are putting in more and more effort to remain inconspicuous. McAfee continues to investigate the growth of foreign language spam and predicts this as “an area to watch” in the future, as spam becomes more targeted and localized.
  

• Mobile spam has yet to really take off: Although this area doesn’t seem to have been fully embraced, many of our participants being asked to give mobile numbers. McAfee predicts mobile spam will start to grow at a similar speed to email-based spam in the near future.
  

• Even if people think they know the danger of spam, they don’t understand the true extent: McAfee’s participants came from all walks of life, from all over the world. Given their interest to take part in the experiment, they were all aware of the problem of spam, yet they were all shocked by the sheer amount of spam they attracted in a short time and the lengths the spammers would go to gain success.
  

• There’s no such thing as a free lunch! However tempting an offer looks, they are almost always too good to be true!

Source: McAfee Global Spam Diaries

Key takeaway from this experiment - be careful what you click on! If you are unsure of the ‘From’ recipient, don’t open it!

View Comments

Posted by MindComet on Jul. 10, 2008