Et tu, Gmail?
27 April 2010 - 08:23 PM |
Permalink
There are growing numbers of reports of spammers using people's Gmail accounts to send out links to pharmacy sites. I've actually seen one such message, sent to a mailing list by someone whose account had obviously been taken over. The spam actually involved a double hack. Not only had the spammer hijacked the sender's Gmail account, but they had also compromised a third-party website. The body of the spam consisted of a link to a page on that website, which then redirected to the spammer's pharmacy site.
I confess that I did get some small amusement out of the fact that the hijacked website belonged to the Front National, the French fascist far-right, nationalist party.
There's also some reason to think that the China-based scammers who have been hijacking Hotmail accounts to send pitches for their fake e-commerce sites are also able to compromise Gmail accounts. A blog post by one victim describes how what sounds very much like the same gang used his Gmail account to send out their spam — and also suggests that the fake electronics merchants and the knock-off shoes and boots sellers may be part of the same operation.
We are assassin
15 April 2010 - 07:32 AM |
Permalink
The old favorites never die. I felt a touch of nostalgia today when I saw that in the recent wave of spam advertising naked pictures of celebrities (and leading directly to a malware download page), tennis player Anna Kournikova still gets a mention. Nine years on, and Anna is still being used to encourage people to infect their computers. And they say tradition is dead.
Continue reading 'We are assassin'
They blew it
01 April 2010 - 07:57 AM |
Permalink
If you're a business with a mailing list that may be of questionable quality, there are three possible options open to you. One is to err on the safe side, dump the whole list and start over using known best practices for list building. This is commendably cautious, but sometimes hard to justify to the marketing department. Another is to ignore your doubts and just keep sending to the whole list anyway: this is the kind of thing that gets you into spam blacklists. The third option is to do what's called a permission pass, which is to send a brief message to all the addresses on your list asking if they want to remain on it. The message should contain no advertising copy (to reduce the risk of it being seen as a kind of surreptitious spam) and the default should be to unsubscribe: in other words, if someone doesn't write back and say 'Yes! Keep me on your list!'
, you should drop their mail address. A permission pass is a gray area — it's a tacit admission that you've done things the wrong way in the past, but also a declaration that you want to start doing them the right way. Permission pass mails should be a last resort, but they shouldn't be viewed as spam.
Continue reading 'They blew it'