No one harvests email addresses any more

There are a lot of people who assert that “no one” actually scrapes websites for email addresses any longer. My experience indicates this isn’t exactly true.
We have a rotating set of email addresses on our contact page. Every day we push out a new email address. Every day we expire addresses that were pushed out 7 days ago.
I can say, with 100% certainty, that there are people harvesting addresses off websites. The ads are reasonably “targeted.” Most of them are offering increased traffic, or the ability to monetize the website. Some are offering work from home.
I suppose you could call these targeted mails. After all, what website owner doesn’t want more traffic? Who wouldn’t want to make hundreds of dollars a day from the comfort of their own couch? What website owner doesn’t want their site submitted to 2700 different search engines?
Targeted spam is still spam. And having a rotating, expiring contact address has kept the amount of spam coming into our contact address low enough that the contact address is actually useable. 10 spams a month (for a 7 day old email address) is much more manageable than 1000 emails a month (for a 4 year old email address).

Related Posts

TWSD: I can haz ethix marketing

I’m getting slammed by spam advertising URLs at http://perfectdeliveries.com/ from
Ethix Marketing LLC
711 S. Carson Street Suite 4
Carson City, Nevada 89701
The kicker? They’re violating CAN SPAM while they’re doing it. Seriously, sending mail out through open relays and proxies with forged From: addresses is a violation of CAN SPAM. And they’re spamming for ambulance chasers.
Spammers, eh?

Read More

Another kind of email breach

In all the recent discussions of email address thievery I’ve not seen anyone mention stealing addresses by abusing the legal system. And, yet, there’s at least one ambulance chasing lawyer that’s using email addresses that were never given to him by the recipients. Even worse, when asked about it he said that the courts told him he could use the email address and that we recipients had no recourse.
I’m not sure the spammer is necessarily wrong, but it’s a frustrating situation for both the recipient and the company that had their address list stolen.
A few years ago, law firm of Bursor and Fisher filed a host of class action lawsuits against various wireless carriers, including AT&T. At one point during the AT&T lawsuit the judge ruled that AT&T turn over their customer list, including email addresses, to Bursor and Fisher. Bursor and Fisher were then to send notices to all the AT&T subscribers notifying them of the suit.
This is not unreasonable. Contacting consumers by email to notify them of legal action makes a certain amount of sense.
But then Bursor and Fisher took it a step further. They looked at all these valid email addresses and decided they could use this for their own purposes. They started mailing advertisements to the AT&T wireless list.

Read More

User education doesn't work

A growing OSX security problem illustrates why user education is not the solution to virus, spam or malware problems.
HT: @briankrebs

Read More