Another list purchase horror story

Last week Ken wrote about a marketer who is claiming he was ripped off by Target Point in a purchased list deal. To the purchaser’s credit he actually looked at the email addresses provided by Target Point, something many list purchasers don’t seem to do. This gave him some idea that the list was not opt-in.

[…] 788 of the addresses contained some combination or abbreviation of the words “customer service,” or “customer care.”
Also, 193 of the addresses were “accounting@,” 455 of the addresses were “admin@,” 84 of the addresses were “administration@” or “administrator@,” 223 of the addresses were “careers@,” 108 of the addresses were “comment@” or “comments@,” 297 of the addresses were “contact@,” 160 of the addresses were “service@,” 1,448 of the addresses were “sales@,” and a whopping 7,684 addresses were “info@.”

Many clients come to me wondering why they are having such difficulty mailing their ‘guaranteed double opt in list’ that they purchased through a vendor like Target Point. One quick look at the list shows addresses similar to the above. Role accounts are almost never found on opt-in lists (with some exceptions) and finding lots of “info@” or “administrator@” address is a good sign that there are problems with the seller.
The most important thing to remember is that just removing the obvious role accounts from the purchased list is not going to magically make the list OK. There are going to be problems with the other addresses on the list, too. Mailing them will cause you problems.
Yet another example of why mailing purchased lists is bad. Not only do they cause delivery problems, but sometimes you don’t even get what you pay for.

Related Posts

Two reasons not to buy a list

Ken Magill, celebrity, has two articles today that highlight the issue with buying lists from vendors. The first is yet another article about EmailAppenders selling bad data. In this case, it is not the buyers who are complaining. According to Ken EmailAppenders are sending out email advertising they can sell Internet Retailer’s list of 2008 conference attendees. Internet Retailer is disputing this and has sent EmailAppenders a cease and desist. EmailAppenders is currently dodging Ken’s attempts to get their side of the story.
The second is an article about Zoominfo, a new group in the list selling business. Zoominfo has long been harvesting information from other sites. Now, they are offering to sell their scraped and harvested list. Their only requirement is that the buyer sign an agreement to comply with CAN SPAM. And, yes, if someone is dumb enough to buy this harvested list, they should comply with CAN SPAM as sending mail to a harvested list triggers additional penalties if or when the FTC decides to go after the sender.
Not only are Zoominfo harvesting data, they are harvesting from ancient and obscure sources. They have no current information for me, but they managed to find an email address for a job I left in 1993. They have Steve listed as an employee of “postgreSQL INC” because they harvested the postgres mailing list archives. Mickey pointed out one of Zoominfo’s sources is http://free-personal-ads-wanted-sex-partner-near-hays-kansas.themasterwithin.ca/arch/4/. You do not even need to visit that site, just look at the URL!
Zoominfo’s VP and general manager claims they send emails to people regularly, offering them the chance to opt-out. First of all, I have never received one of these, have any of you? Secondly, some of the addresses are so old opt-outs are not relevant. Finally, unless they are monitoring their delivery, which I strongly doubt given their business model, anyone buying addresses from them is going to buy lots of dead addresses. And spamtraps. Lots of spamtraps.
I am sure that people who buy and sell lists regularly will tell me that these are outliers and that most companies who sell lists have higher data collection standards. My experience suggests that these are middle of the road list brokers. They are companies who are willing to sell anything with an @ sign in it and do not care about how sending to that data affects their customers.

Read More

TWSD: Run, hide and obfuscate

Spammers and spamming companies have elevated obfuscating their corporate identities to an artform. Some of the more dedicated, but just this side of legal, spammers set up 3 or 4 different front companies: one to sell advertising, one or more to actually send mail, one to get connectivity and one as a backup for when the first three fail. Because they use rotating domain names and IP addresses all hidden behind fake names or “privacy protection services”, the actual spammer can be impossible to track without court documents.
One example of this is Ken Magill’s ongoing series of reports about EmailAppenders.
Aug 5, 2008 Ouch: A List-Purchase Nighmare
Sept 9, 2008 Umm… About EmailAppenders’ NYC Office
Sept 15, 2008 E-mail Appending Plot Thickens
Nov 11, 2008 EmailAppenders Hawking Bogus List, Claims Publisher
Dec 23, 2008 Internet Retailer Sues EmailAppenders
Feb 1, 2009 EmailAppenders Update
Mar 10, 2009 Another Bogus E-mail List Claimed
April 14, 2009 EmailAppenders a Court No-Show, Says Internet Retailer
April 21, 2009 EmailAppenders Gone? New Firm Surfaces
May 5, 2009 EmailAppenders Back with New Web Site, New Name
Their actions, chronicled in his posts, are exactly what I see list providers, list brokers and “affiliate marketers” do every day. They hide, they lie, they cheat and they obfuscate. When someone finally decides to sue, they dissolve one company and start another. Every new article demonstrates what spammers do in order to stay one step ahead of their victims.
While Ken has chronicled one example of this, there are dozens of similar scammers. Many of them don’t have a persistent reporter documenting all the company changes, so normal due diligence searches fail to turn up any of the truth. Companies looking for affiliates or list sources often fall victim to scammers and spammers, and suffer delivery and reputation problems as a result.
Companies that insist on using list sellers, lead generation companies and affilates must protect themselves from these sorts of scammers. Due diligence can be a challenge, because of the many names, domains and businesses these companies hide behind. Those tasked with investigating affiliates, address sources or or mailing partners can use some of the same investigative techniques Ken did to identify potential problems.

Read More

Fake privacy policies

I sign up at a lot of websites and liberally spray email addresses across the net. These signups are on behalf of one customer or another and each webform gets its own tagged and tracked email address. I always have a specific goal with each signup: getting a copy of a customer’s email, checking their signup process, auditing an affiliate on behalf of a customer or identifying where there might be a problem in a process. Because I have specific goals, I am pretty careful with these signups and usually uncheck every “share my email address” box I can find on the forms.
In every case the privacy policies of my clients and the things they tell me are explicit in that addresses will not be shared. It’s all opt-in, and email addresses are not shared without permission. Even in the cases where I am auditing affiliates, my clients assure me that if I follow this exact process my address will not be shared. Or so the affiliates have assured them.
Despite my care and the privacy policies on the websites, these addresses occasionally leak or are sold. This is actually very rare, and most of the websites I test never do anything with my address that I don’t expect. But in a couple cases these email addresses have ended up in the hands of some hard core spammers (hundreds of emails a day) and there was no useful tracking I could do. In other cases the volume has been lower, and I’ve watched the progression of my email addresses being bought and sold with morbid fascination.
Today an address I signed up at a website about a year ago got hit with multiple spams in a short time frame. All came from different IPs in the same /24. All had different domains with no websites. Whois showed all the domains were registered behind a privacy protection service. Interestingly, two of the domains used the same CAN SPAM address. The third had no CAN SPAM address at all. None of these addresses match the data I have on file related to the email signup.
It never ceases to amaze me how dishonest some address collection outfits. Their websites state clearly that addresses will not be bought an sold, and yet the addresses get lots of spam unrelated to the original signup. For those dishonest enough to do this they’ll never get caught unless recipients tags and tracks all their signups. Even worse, unless their partners test their signups or their mailing practices, the partners may end up unwittingly sending spam.

Read More