A new twist on confirmation

I got multiple copies of a request to “confirm my email address” recently. What’s interesting is the text surrounding the confirmation request.

Hello,
I have a list of potential customers in your area. The list includes several ways for you to contact them.
I would like to send you a sample of this list to the address I have on file: spamtrap@example.com.
Can you call me today at 1 (800) 676-2011 Ext 619 to confirm your email?
Thanks,
Travis Smith
Prospect Profile Specialist
1 (800) 676-2011 Ext 619

This message came to multiple spamtraps of mine. But I thought it was interesting that they’re actually trying to confirm addresses, even if the text surrounding it is a bit of a lie. None of the addresses the message was sent to is associated with any sort of commercial site.
Wonder how many confirmations Travis is getting? And if he’s actually sending “lists of customer addresses” to them, or if he’s actually just taking the confirmed addresses and adding them to the lists he is selling.

Related Posts

Botnets and viruses and phishing, oh my!

MessageLabs released their monthly report on email threats yesterday. Many media outlets picked up and reported that 41% of spam was from a the Rustock botnet.
Other highlights from the report include:

Read More

Confirmation is too hard…

One of the biggest arguments against confirmation is that it’s too hard and that there is too much drop off from subscribers. In other words, recipients don’t want to confirm because it’s too much work on their part.
I don’t actually think it’s too much work for recipients. In fact, when a sender has something the recipient wants then they will confirm.
A couple years ago I was troubleshooting a problem. One of my client’s customer was seeing a huge percentage of 550 errors and I was tasked with finding out what they were doing. The first step was identifying the source of the email addresses. Turns out the customer was a Facebook app developer and all the addresses (so he told me) were from users who had installed his apps on Facebook. I did my own tests and couldn’t install any applications without confirming my email address.
Every Facebook user that has installed an application has clicked on an email to confirm they can receive email at the address they supplied Facebook. There are over 1 billion users on Facebook.
Clicking a link isn’t too hard for people who want your content. I hear naysayers who talk about “too hard” and “too much drop off” but what they’re really saying is “what I’m doing isn’t compelling enough for users to go find the confirmation email.”
This isn’t to say everyone who has a high drop off of confirmations is sending poor content. There are some senders that have a lot of fake, poor or otherwise fraudulent addresses entered into their forms. In many cases this is the driving factor for them using COI: to stop people from using their email to harass third parties. Using COI in these cases is a matter of self protection. If they didn’t use COI, they’d have a lot of complaints, traps and delivery problems.
The next time you hear confirmation is too hard, remember that over 1 billion people, including grandparents and the technologically challenged, managed to click that link to confirm their Facebook account. Sure, they wanted what Facebook was offering, but that just tells us that if they want it bad enough they’ll figure out how to confirm.
HT: Spamresource

Read More

TWSD: avoid filters

I was cleaning out one of my spamtraps. This is the one that gets a ton of “legitimate” spam. In the last 12 hours it’s gotten spam advertising: T.G.I.Fridays, KFC, Applebees, LendingTree, Lasix Vision Institute, Khols, Burger King, Match.com, and Vistaprint.
The footer of some of the mails are making me laugh, though. It’s clear they’re trying to comply with CAN SPAM, but are having problems with content filtering. Here’s a brief selection of the footers:
Ondemand Research, 1O5 E.[34th]-Street Ste 144, New Y0rk, NY 1OO16
Ondemand Research, 105 E. 34th Street St #144, New York, NY 10016
0ndemand=Research, 1O5/E/./34th Street Ste 144,New Y0rk,NY=1OO16
Poor OnDemand Research, they just can’t catch a break.
EDIT: Just got a spam for Ruby Tuesday’s using a .pw domain.

Read More