Spam, campaign statistics and red flag URLs

It’s not often spammers send me their campaign statistics, but on Tuesday one did.
The spam came “from” news@udemy.com, used udemy.com in the HELO and message-ids and, sure enough, was advertising udemy.com:
 

Received: from udemy.com (unknown [198.20.115.217]) by ...
From: Udemy <news@udemy.com>
Subject: The Photoshop Secret - Master Adobe Photoshop like a Pro!
Message-ID: <20160706031012.1E35F28A6B081174@udemy.com>

 
But the call to action link was a bit.ly URL. Following the clickthroughs, the bit.ly URL redirected to linksynergy.com, which in turn redirected to udemy.com. Nothing too surprising – udemy.com’s users are paying udemy for clicks, which udemy are buying from linksynergy and linksynergy are buying from our spammer. A perfectly normal, spammer-infested affiliate programme.
The spammer might be using bitly to hide the linksynergy URL (linksynergy links on web pages might well be legitimate, but in email they’re a serious red flag and an almost sure sign that the mail is spam), but I think it more likely they’re using it for bitly’s click-through reporting.
One of the nice things about bitly clickthrough reporting is that anyone can see it, just by adding a + sign to the end of it. Our spammer sent https://bitly.com/1JUHIe3, so if we go to https://bitly.com/1JUHIe3+ we can see everything about the clicks on it.
It’s had 56,622 clickthroughs since early February. The vast majority of clicks had no referers, so were likely from email. Of the few hundred that did have referers, they mostly look like webmail. So it’s pretty likely this URL has been used solely for spam.
Bitly__The_power_of_the_link_
 
This same URL has been used in four spam campaigns so far, mostly targeted to North America.
Bitly__The_power_of_the_link_
Bitly__The_power_of_the_link_
From a spam perspective one of the interesting things is that this URL has been in active use in spam for at least six months, without any of Udemy, LinkSynergy (aka Rakuten) or bit.ly taking any action against it. It’s possible that’s just because none of them knew about it, I guess.
If I’m filtering email this tells me that bitly (or clicksynergy or linkshare) URLs in email are likely to be a problem – and, hence, if I’m sending legitimate email I should avoid using any of that sort of URL in my email. Something we’ve discussed here before.
And if I’m considering running an affiliate programme this is a good example of why I either have to run a very good, well-policed affiliate programme or make a business decision that I’ll make more money from paying spammers to bring in leads than I’ll lose customers due to my poor reputation.

Related Posts

Let's talk CAN SPAM

CheckboxEarlier this week I posted about the increased amount of B2B spam I’m receiving. One message is not a huge deal and I just delete and move on. But many folks are using marketing automation to send a series of emails. These emails often violate CAN SPAM in one way or another.
This has been the law for 13 years now, I find it difficult to believe marketers are still unaware of what it says. But, for the sake of argument, let’s talk about CAN SPAM.

Read More

Podbox Expert Interview Series

Last month I did an interview with Podbox about email, deliverability and how I became an email expert (breaking things, lots of breaking things… and having to pick up the pieces and fix them…)
Check out the interview over on their website.
IMG_9482
I’ve been thinking a lot about history and longevity. Next year will mark 10 years of the Word to the Wise blog and 20 years of me entering the anti-spam / deliverability space. That’s a lot of time. When I first started fighting spam it was really about my mailbox and getting rid of the junk I was receiving. At the time, a lot of people thought it was silly to spend so much effort fighting spam.
But as time as gone on, email spam and fraud became a big deal. Criminals realized they could use spam to further their gains at the expense of people. Spam is a network problem. Spam is a danger.
Personally, I’ve moved away from fighting spam. I’m now working more on making and keeping email a useful tool. Yes, that does include commercial email. Yes, it does include bulk email. Helping people get the mail they want in their inbox is a part of keeping the email ecosystem healthy. It’s the part I can do and the part I am good at.
Seeing email become such an important part of commerce, communication and modern life has been a journey. I look forward to seeing where the next 20 years takes us.
 

Read More

Your purchased list … is spam.

This morning I got spam from someone selling email addresses. The mail starts:

Read More