I found a 419 scam in the spamtraps that started, in typical fashion, with an all-caps name and address, then the line:
HIGHLY CONFIDENTIAL REQUESTING
What made this funny (aside from the bad grammar) was the fact that the To: line contained over 1,200 addresses!
Ah, this is obviously some strange use of the word confidential that I wasn’t previously aware of!
I handle the abuse contact for an ISP’s domain name. Normally this doesn’t take up much of my inbox. Even the “Your users are spamming” messages (in response to forged senders) have dropped off.
Since last night, though, the abuse and tech support contacts that filter into my inbox have collected 42 44 spams advertising the “Body Bouncer,” which claims to “take the gravity out of sex.”* Distributed IPs, random content, 6 different subjects (so far). What they have in common are a sales pitch in an image, and a link to their website.
Ordinarily, that would be enough to tag it. Continue reading
Here’s a piece of friendly advice from a mail server admin to companies that interact with subscribers and customers via email:
Pick one domain name for your business. Just one. Don’t use any other domains in your emails, even if you want to keep order confirmations separate from promotions. If you contract out for some other company to send out a newsletter or survey to your customers, insist that they send it out using your own domain name. If you’re using DomainKeys or SPF, make sure they’re authorized or send it yourself. And don’t even think of making the links through redirection scripts, even if you really want to track which subscribers are clicking.
Why?
Two words: Spam and fraud. Continue reading
I found a flood of crude phishing attempts in our postmaster account this morning.
How crude?
The hook was, “Simply reply to this email with your online login and password.”
No forms, no imitation websites, no swiped logos, no links of any sort at all. One of them even had multiple recipients visible on the To: line. It’s like a throwback to the early days of spam-n-scam.
The headers were full of things like %RNDDIGIT27, suggesting a broken spam generator, and of course there’s the fact that they actually targeted the postmaster account.
Here’s the WTF?!?!?!!!! moment of the day. Actual spam received over the weekend:
Sell Your Organs Online!
Reply to this message if your interested in selling your organs!
Seriously, what the hell?
Forget the fact that selling organs is illegal in the US. And I’m sure mailing them across state lines would be a felony. And you sure as heck can’t list them on eBay. Or Amazon—can you imagine? “15 new and used livers available.” “Customers who purchased kidneys also bought…”
