Email harvesters are getting prettier

 
 

Email harvesters are getting prettier

Even if you don't know what an emailharvester is, I'm still pretty sure that you might have met the results of one in your inbox at one time or another. They collect emails in clever fashions, then they send you spam. Ew!
In the front of collecting real and valid emails tactics have changed over the years, no site that cares about their members will sell or leave the gates open to reveal the emails of , say, everyone that is a member here, or everyone that is a subscriber of the New York Times.
Result? Emailharvesters make their own sites! (do read more)

What would make people sign in a lot of emails? The promise of love or simply a cute gal perhaps?

Jennys list is a cute gal, a former dot.commer in San fran, (this one spotted by jennyb at Mefi). She looks like Barbie, she talks like Barbie ("favorite colors Red White and Blue - Go Usa!") , she is as real as Barbie.
She even got the classic TV-land phonenumber in her registrar:

Little Miss Jenny
chillin in the city of
San Francisco, CA 94401
Phone: 415-555-5555
Email: [email protected]

Right. 555-5555... Sure.

Now Jenny is pretty advanced, she's cute, has a fancy site. But people will have to belive her Barbie speak to be sincere before they sign up.

Other tricks are praying on everyones wish to be liked. Chrushlink.com and Secret admirer.com and Ecrush.com and Cupid.thespark.com all play on the idea that "someone has a crush on you", and proceed to ask you for a bunch of valid email adresses - which they then in turn will spam with the same message.

These love-connection scemes are clever, but not that clever, you can feed their own domains in there as "emails of friends" and add their own abuse@ or postmaster@ emails as well, they wil be accepted as valid. (not that I am saying that you should...)

The other day hostmaster ad-rag.com got a note from SomeoneLikesYou.com stating:
--------------------------------------------------------------------------
Believe it! You have a secret admirer!

Just go to http://www.SomeoneLikesYou.com to find out who!

No Spam Policy:

Unlike some other sites, SomeoneLikesYou will never send you spam or junk email. You have received this notice at the
request of someone you know who has told us they like you! If you would like to keep anyone from sending you such a
notice, please go to http://www.SomeoneLikesYou.com/unsubscribe.html
--------------------------------------------------------------------------

Well, nobody likes the hostmaster, or postmaster. Hostmaster mails are usually demons, sortof like "abuse" mails always spit back an automatic reply to you, these kinds of adresses are usually dealt with by machine first and human eyes second.

Unless my machine acme has been flirting vigerously with other machines connected to the net (which isn't very likely he says he loves me and I belive him *hehe*) to gain this sort of attention, the hostmaster adress must have fallen into the hands of someone, who either sincerely belived that hostmaster might have a crush on him/her - or simply some evil little creature who figured that they should feed that email into the spam-machine. The evil little creature could be Someonelikesyou themselves (though, that email is never spelled out, in order to avoid spam harvesting bots).
In any case, finding out who added this email to the database is impossible - like the other crush-sites, someonelikes you has the rule "you'll have to sign up and feed in lots of your friends email until you find the match".

Calling them to ask them about it won't help much either - their register information states:
Organization:
Someone Likes You
Someone Likes You
in the city of
New York, NY 10013
US
Phone: 212-000-0000
Email: [email protected]

And since they are registrered via Register.Com I'd have to place a call to New York City (holding time is now at fifteen minutes) in the vain hope of asking them if they possibly know the phonenumber of their registrant.

Not happening. To deal with these sorts of things we aren't very well armed, it seems at first glance. But we all have brains that we can use. Spamcop's reporting is a saviour (and if you have growing problems with SPAM in your personal account i highly recommend Spamcops email system filter which is only 30 USD a year, and can be used with your old emailadress) - if you send any spam to spamcop (after signing up there, naturally) it reads and defines the header of the email for you, to find out exactly which abuse@ or postmaster@ should be the recipent of your report. They find the open relays that let spam through, they'll figure out down to the IP which machine it was sent from.

We can munge, that is obfuscate our email adresses so that it doesn't work if spambots crawl the sites and mailinglists you chat on. This has to be done in a way that will not invite spam to someone elses adress, munging a makebelive adress with a domain ending that actually exists, or will exist in the near future is just pushing the problem to someone elses inbox.

And we can bitch about it. CAUCE, The Coalition Against Unsolicited Commercial Email has volunteers and subsites for Australia, Europe, India and Canada. Hopefully, some russian and Korean volunteers will open their branches of cauce since thats where most of the spam originates right now.

And we can mail smarter. Never for instance, mail your friends a funny joke by adding a bunch of emails to the CC (carbon copy) field. This lets all your friends - regardless if they know each other or not - read all the other emails you just mailed. Be a little more polite and use the BCC field (blind carbon copy). Also it's a pretty well known fact that viruses propegate by reading CC fields of mails in the inbox to mail themselves out to.

But the biggest damage has already been done, email is rapidly loosing it useability as a form of communication between individuals as adresses are deserted overflowing with SPAM. E-marketeers on the good side warned about this trend years ago - sincere marketeers with *responsible* practics that actually only send targeted offers to those who sign up are shunned, and lately, even sued. Morrison & Foerster is suing Etracks for spamming their employees.

What will the future bring? Tailormade anti-spam machines? Randomly generated use-once-only emails? "Caller-id" gadgets that sit next to your computer to tell you if the incoming mail is friend or foe?

Hey - how about a real, world wide effective, anti-spamming legislation that does not rely on any form of "opt-out" bullshit (such as 1-800 numbers to call or unsubscribe buttons that nowadays, no-one dares to push), but just states plain and simple - don't email people who did not request it, or sign up for it in any way. That be nice. Am I dreaming?

Adland: 

Add new comment

Top