Profiting off spam

The FTC filed suit against Match.com for using fake accounts to entice people into signing up for accounts. (WA Post) Part of the FTC’s allegations include that Match flagged the accounts and prevented them from contacting paying Match users while simultaneously allowing the users to contact free Match users.

Image of a courthouse.

I’m actually surprised the FTC took action. I’m not surprised Match allowed, and possibly even encouraged, fraudulent accounts to send mail to registered users. The revenue they were making from the fraud was significant, according to Match’s own numbers.

Hundreds of thousands of consumers subscribed to Match.com shortly after receiving a fraudulent communication. In fact, Defendant has consistently tracked how many subscribers these communications have generated, typically by measuring the number of consumers who subscribe to Match.com within 24 hours of receiving an advertisement that touts a fraudulent communication. From June 2016 to May 2018, for example, Defendant’s analysis found that consumers purchased 499,691 subscriptions within 24 hours of receiving an advertisement touting a fraudulent communication. FTC Complaint (.pdf)

What doesn’t surprise me is that Match didn’t stop the outbound abuse. There are a lot of technology companies that will protect their own users and their own networks, while continuing to profit off of abuse of other networks. I’ve repeatedly talked with companies having delivery problems and pointed out that the fraud was a likely part of the delivery problems. I’ve rarely found any company that cared about fraud that was making them money.

Related Posts

FTC solicits CAN-SPAM feedback

The FTC (US Federal Trade Commission) is soliciting comments on CAN-SPAM legislation:
A. General Issues

Read More

Fraud, terms of service and email marketing

gavelHere at the Atkins house we’re still both recovering from the M3AAWG plague. I don’t know what it was that we shared during the conference, but it’s knocked many folks over. I don’t have a lot to blog about this afternoon so I was looking through some of my old blog posts to get at least some content up before I give up for the weekend.
I found an old post about permission (Permission: It May Not Be What You Think It Is). The post discusses where a woman sued Toyota over emails from an online marketing campaign. I’d totally forgotten about that blog post, so I started looking at what happened with the case.
In the original case Toyota created a social media campaign where people could opt their friends in to be the target of a prank.

Read More

Facebook scams move to LinkedIn

There’s a fairly common Facebook scam where someone clones an account, then sends out friend requests to friends of that person. This actually happened to a friend over the holiday break. The only problem was that most of the folks who got friend requests were actually security people. Security people who thought it was very, very funny to play along with said scammer.
The scam account didn’t last long, partly because FB security is pretty good and partly because a few of the folks the scammer invited were FB employees. I’m sure, though, that for a brief moment the scammer thought he’d found the motherlode of scam victims.
Today I got a similar scam on LinkedIn. A very bare account with little in the way of information about who this was.
LI_Scam_Profile
I don’t like connecting with these kinds of profile. But, the name does sound vaguely familiar. So I do a little Googling. And I find another LinkedIn profile for the same person, but this profile has a lot more info: A picture, a statement, 500+ connections, all the things one expects from a real person on LinkedIn.
So yes, Facebook scams have rolled over to LinkedIn. Be careful out there, folks. Pay attention to who you’re friending on all social media, not just FB or LinkedIn. Discretion is the better part of valor and all.

Read More