Email attacks

Ken has an article up today about the ongoing attacks against ESPs and email marketers. In it he says:

Someone in permission-based email marketing should have sounded the alarm about the wedding-photo attacks months before Blumberg did.

The attacks were being talked about on at least 2 different private lists. One made up primarily of email marketers and most of them didn’t seem to take it very seriously. The other list, though, had a number of people sounding loud alarms, sharing IP addresses to block and reporting the information to various block lists and anti-spam vendors in order to protect their infrastructure. One of my clients has been aggressively chasing this for a few months, as well.
To the best of my knowledge, no one knew of any actual compromises that had happened. I only received my first phish last Wednesday. The only other company that had sent mail to that tagged address was Return Path and I immediately notified them that they appeared to be breached.
While I know nothing was made public and that may be a problem, to assert that no one sounded an alarm is untrue. There were a lot of people that were sounding alarms and sharing information to help other companies protect themselves from the phishing attacks. To the best of my knowledge the truly targeted spear phishing attacks on ESPs started about 6 weeks ago.
Ken touches briefly on something that I, and others, have been saying. Email is hostile traffic. Email marketers seem to not understand how much hostile traffic comes into the average users’ mailbox nor how many email marketing practices actually train users to be accepting of that traffic.
It’s something I will be blogging about over the next few days or months. Because it’s time for email marketers to understand just how malicious spammers are and how they can stop helping the criminals.

Related Posts

FBox: The sky isn't falling

Having listened to the Facebook announcement this morning, I am even more convinced that emailpocalypse isn’t happening.
Look, despite the fact that companies like Blue Sky Factory think that this means marketers are NEVER EVER going see the inside of an inbox again this isn’t the end of email marketing.
Yes, Facebook email is a messaging platform that marketers are not going to have direct, unlimited and unfettered access to. I have no problem with this. Unfettered access to a messaging platform has been abused by marketers long enough, that I heartily approve of a platform that gives real control back to the recipient.
With that being said, there are a couple blindingly obvious ways to avoid having to give users control of their own inbox.

Read More

Ah, Spammers.

The too many.
The stupid.
The spammers.
The blog spammers are still actively attempting to get their claws into my blog. Today the comments included:

Read More

The myth of the low complaint rate

I have been reading the complaints filed by Holomaxx and will have some analysis and information about them probably Monday or Tuesday next week. I’ve been keeping an eye on the press and something that Ken Magill said caught my eye.

Read More