Harvesting is alive and well

I’m finding out that email address harvesting off websites is alive and well on the Internet. We have a rotating address on the contact page, which does get harvested but usually the spam is attempting to sell me blog related services. I didn’t expect to get a very different collection of emails to the address I posted here. I’m quite surprised that address is getting a completely different type of spam from the contact address.
The one thing that harvesters appear to have in common is sending CAN SPAM violating email. Both the contact address and the questions address get lots of mail that is in violation of US (and California) law. One of these days I might get bored enough to file a suit against one of them and blog about it.

Related Posts

What Happens Next…

or Why All Of This Is Meaningless:
Guest post by Huey Callison
The analysis of the AARP spam was nice, but looking at the Mainsleaze Spammer Playbook, I can make a few educated guesses at what happens next: absolutely nothing of consequence.
AARP, if they acknowledge this publicly (I bet not) has plausible deniability and can say “It wasn’t us, it was an unscrupulous lead-gen contractor”. They probably send a strongly-worded letter to SureClick that says “Don’t do that again”.
SureClick, if they acknowledge this publicly (I bet not) has plausible deniability and can say ‘It wasn’t us, it was an unscrupulous affiliate”. They probably send a strongly-worded letter to OfferWeb that says “Don’t do that again”.
OfferWeb, if they acknowledge this publicly (I bet not) has plausible deniability and can say ‘It wasn’t us, it was an unscrupulous affiliate”. And maybe they DO fire ‘Andrew Talbot’, but that’s not any kind of victory, because he probably already has accounts with OTHER lead-gen outfits, which might even include those who also have AARP as
a client, or a client-of-a-client.
So the best-case result of this analysis being made public is that two strongly-worded letters get sent, the URLs in the spam and the trail of redirects change slightly, but the spam continues at the same volume and with the same results, and AARP continues to benefit from the millions of spams sent on their behalf.
I’m not a lawyer, but I was under the impression that CAN-SPAM imposed liability on the organization that was ultimately responsible for the spam being sent, but until the FTC pursues action against someone like this, or Gevalia, corporations and organizations will continue to get away with supporting, and benefiting from, millions and millions of spams.
As JD pointed out in a comment to a previous post: sorry, AARP, but none of us are going to be able to retire any time soon.

Read More

Spot the CAN SPAM violations

I received this piece of unsolicited email today, to an address harvested off a website. How many CAN SPAM violations can you count?

Read More

Defining spam

This is a post I’ve put off for a while as the definition of spam is a sticky subject. There are online fora where the definition of spam has been debated for more than 10 years, and if there isn’t a working definition after all that time, it’s unlikely there will ever be a definition the participants can agree on.
This came up again recently because one of the comments on my “Reputation is not permission” post took me to task for daring to call the mail “spam.” I’m going to assert here that the mail was unsolicited bulk email. I did not ask for it and I know at least 4 other people that received it.
The commenter, and a few marketers, argue that if the mail is sent without any forgery and the mail contains an opt-out link then it is not spam. It is a definition I have only seen folks who want to send unsolicited bulk email use, however. What they are really arguing is their mail isn’t spam because they provide a valid return address and a way to opt-out. Few people actually agree with this definition.
Here are 10 of the many definitions of spam that I’ve seen.

Read More