UGN SafeNet |
Definition of UBE |
ISP Initiative |
Avoiding 'New' Spam Traps
- Dispite all the news about legal actions against spammers the online email marketing industry seems to have no end to creative methods of sucking email users into their webs.
Early in November anti-spam trackers began noticing posts which convincingly enticed web page owners into "confirming" search engine listings or news list subscriptions. Two such offenders are Icograda eNews (Brussels, Belgium), and Global-Submit.com. These and others seem to be testing new techniques of getting people to legally subscribe or opt-in -- agreeing to accept spam.
- The Listserve Scenario
This technique reads perfectly clearly, as if you've subscribed to a news list. It then asks you to come and confirm your subscription, as any self respecting news list should. The only difference is you didn't really subscribe, but was rather listed on a spam engine email list.
Many victims feel they just forgot about submitting and respond to comply to the offer. Big mistake.
"Confirming" the Icograda post simply validates your email and opts you in to their list. We do not know if they sell or distribute the email addresses harvested to other spammers or listers, we didn't follow the trail that far. We did, however, chase this one down and learned you can eventually unsubscribe or opt out. Whether or not they honor your opt-out is yet to be seen.
- The Search Engine Scenario
This one is much more insidious. It exploits every webmaster's strong desire to gain higher and higher search engine listings. This spam reads as if you've registered your web page in a search engine, which many web masters do on a regular basis without a thought to whether or not it will actually benefit their site.
Global-Submit.com, one of the most frequent recent spams using this tactic writes:
"This e-mail has been sent to inform you that your web site URL has been submitted to our search engine database. In order to complete this request we require that you click on the web site link below."
They actually include a web domain -- yours if you have one -- others if you don't. Of course, when coplying to this request you arrive at a form page which asks for name, email, postal address and other ID data. Gotcha!
The name Global-Submit.com seemed so familiar we looked it up in our spam database as well as the RKSO blacklist. Sure enough, there they were, a known and prolific spam distributor.
- Protecting Yourself
To protect yourself, the best policy is to make a record of any instances where you subscribe to or register at any web sites.
It's easy to be surfing, see an item of interest that requires a registration and a click of a check box. Many will do this, get the content, then surf on forgetting the event.
Never sign up for anything without making a record of what you signed for, the date, and any other additions like giving your email address or creating a password. Keep all these records in an easily accable file you frequently back up. Later, if such messages arrive in you mail box you can check those records to see if it really was something you in fact wanted to do.
Many new tactics being tested by spammers to elude the new laws have no forged headers, no false identities or misleading subject lines. So they would evade commercial filtering and possibly litigation under the new anti-spam laws. They are exploiting the fast pace of the net, and the mindlessness of many web surfers.
Beware: if you mistakenly comply, or "opt in" it's your fault, and not theirs. You may not be keeping records, but you can bet they will be.
- Be vigilant.
To learn more, visit the Web site at www.ftc.gov/infosecurity
or call toll free 1-877-FTC-HELP (1-877-382-4357).
Return to the Safe Netting Page ... or contact us
Get Involved contact: The User Group network ... This service provided in part by the generous support of the Appleseeds Foundation, the Global User Group Registry; User Group Network, the Graphic Design Network, the Designers' Bookshelf, and the Design & Publishing Center ... All of the content in this web site is copyright by various authors, and by the User Group Network as a collection, 1999 through 2006. All Rights Reserved. UGNN is located in Harrisonburg, Virginia, in the Shenandoah Valley of Virginia