This is incredibly bizarre. Today I’ve started getting spam which is clearly coming from zombies and using fake return addresses and forged headers, but the content is a plaintext message encouraging hurricane relief donations and linking to the legitimate Red Cross and FEMA websites. There’s one further link, to, but the ISC reports that the site is legit.

It literally looks like some spammer decided to encourage donations to the relief effort, picked an organization he figured most people would recognize, and plugged the message into his usual spam software.

I can’t decide what to do about them! On one hand, they’re spam. They’re unsolicited, they’re using spammer techniques, and they’re clearly not associated with the Red Cross. And we’ve always said the issue is “consent, not content.” But if the ISC is right, they’re not trying to pull a fast one like the scams and spyware installers that are leeching off of the catastrophe.

I keep thinking I should train the filter on them anyway, just like I would add political or religious spam, or an everyday charity that decided to start spamming for donations… but for some reason I just can’t bring myself to do it.

I noticed a few days ago that the Red Cross website was running really slow. (It took me about 5 tries just to get the home page to load.) Well, has a Red Cross donation page, and they’re already set up to handle massive amounts of traffic. (Thanks to the Syndic8 mailing list for the link.) [Edit: the page is no longer active]

There’s also FEMA’s list of organizations offering assistance.