Tag Archives: spam

Epic “spoof-mail” FAIL

I was browsing my spam folder to see if there was anything snagged as spam that was actually legitimate and I came across this PayPal spoof mail attempt. Unfortunately, the spoofers make it way too obvious the message is spoof mail. I’ve circled the two salient parts of the message in the image below:

SpoofMailFail.png.jpg
Click to enlarge

Epic spoof mail FAIL!

 

Saturday humor: what comment spammers are saying about my blog

I get irritated when I browse the comment spam that Akismet deftly snags on my blog. I think to myself, come on, do you really think we’re that stupid? To excise the frustration, I thought I’d pretend to take these comments at face value and publish a few of them as if they were reviews of this blog. Here’s what we’ve got:

On a post about how we remember what we read:

Resources like the one you talked about right here shall be very helpful to me! I’ll post a link to this web page on my blog. I am sure my guests will find that very useful.

Or,

Awesome site you’ve got here. Looks like you really know your stuff. I’m glad I found this in my searches.I realy liked your angle that you have on the topic. Certainly wasn’t planning on this at the time I begun browsing for tips. Your ideas were totally [sic]

And because we all love an off-topic comment:

Hi! This is kind of off topic but I need some help from an established blog. Is it very hard to set up your own blog? I’m not very techincal but I can figure things out pretty quick. I’m thinking about setting up my own but I’m not sure where to begin. Do [sic]

And I’ve got fans in other states, it would appear:

Greetings from Idaho! I’m bored to tears at work so I decided to browse your site on my iphone during lunch break. I really like the info you present here and can’t wait to take a look when I get home. I’m shocked at how fast your blog loaded on my phone .

Finally (I don’t want to bore you with too many), here’s one on the post for my Capclave schedule:

Awesome blog, it’s just like a game for me! It’s so infomative [sic] and usefull [sic], thanks a lot! If you post more of this great stuff, I’ll visit your blog again!

What are some of your funniest comment spam?

SEO’s sleazy pickup line: “I notice you aren’t ranking nearly as well as you could be…”

Most of the comment spam that I get on this blog is SEO spam. SEO stands for search engine optimization and is a means through which you can get your site to show up in more search engines, ranked higher and generate more traffic. I suspect, as anything, there is probably some legitimacy behind the practices. But I also get the feeling that, in general, it is a pretty sleazy business. And large part of my perception on that comes from the comment spam generated by SEO products and advisers.

Fortunately, the spam system traps most of these comments and they never see the light of day, but I scan through them every once in a while (looking for false-positives) and lately, I’ve been surprised at just how much of the overall spam is from SEO people and products. And most of them use the same tactics. A typical comment goes something like this:

After reading your blog post I browsed your website a bit and noticed you aren’t ranking nearly as well in Google as you could be. I possess a handful of blogs myself and I think you should take a look here: [site redacted]. You’ll find it’s a very nice tool that can bring you a lot more visitors. Keep up the quality posts.

Another variant goes something like this:

I’m sorry to annoy you like this but I just stumbled upon your blog and must admit it’s impressive. A little something which I believe would help you however is the [product redacted]. It’s in all honesty the best quality SEO plugin for wp that is available today. In exactly Five days my blog jumped from obscurity to the very first page of the search engines after making use of the [product redacted] plugin. In case you are at all serious about your site you can get it here: [site redacted].

Continue reading SEO’s sleazy pickup line: “I notice you aren’t ranking nearly as well as you could be…”

Some fun with comment spam

Every once in a while, I will sift through the comments that my WordPress system has automatically marked as spam, on the off chance that some real comments got through. Some of these comments are amusing to go through and so I thought I would present a few of them here in lieu of more meaningful content, since I am rather pressed for time today. As you progress through the comments, I think you might begin to notice a theme. Here we go:

Posted in response to: A minor grumble about the local post office

Hi, helpful writing. Lucky I found it by using Google search, to bad that it was on-page 7 of search results. It seems like your operating WordPress on your blog, you should look at this plugin for WordPress at [site redacted] it has dramatically assisted me with my site rankings in Google. I would personally hate to see your useful posting not be observed by others. Best of luck with your blog.

Note that I highlighted some of the more egregious grammatical errors in red to make it clear they were in the original comment. I found it amusing that my grumbling about the pending move of the local post office was “helpful writing.” And it is heartening to think that this poster is so personally invested in my well-being (“I would personally hate to see your useful posting…”)

Continue reading Some fun with comment spam

The case of the missing comments

My good friend Michael A. Burstein pointed out last night that a comment he posted never showed up on the blog. That was strange. I took a quick glance at things and couldn’t find anything obvious. My spam filter hadn’t identified any false-positives. So I was going to chalk it up to a glitch. They happen. But this was Michael, and my mind just wouldn’t let go of it. So I dug further and finally decided to go look at the spam comments. There were 144 in the queue. And guess what, Michael’s comment was there, and I marked it as NOT SPAM at once.

But I decided to read through the rest, and it turns out I discovered 8 more comments that were flagged as spam that should not have been. Of these 7 were pingbacks. I marked all 8 as NOT SPAM and have approved them. That, plus a more careful monitoring of the spam folder should prevent this from happening again in the future. But if your comment was one of the 8, I apologize for this. It is very embarrassing, but I now believe I have the issue fixed.

A British approach to the Nigerian email scam?

When I got back from the gym this morning, I received the following email message at my work email address (which is unusual because our spam filters are pretty good) and which looks to me like a British approach to the Nigerian email scam. This kind of thing is a waste of time, clutters up email and in general is incredibly annoying. I really wish that our spam filters were more intelligent. Here is the message:

This information is for you from Campbell Law Firm and we implore you to give it priority attention!

Pursuant to our fundamental commitment to human rights, social justice and equality which still underpin everything that we do whether in the courtroom, or out in the wider world, we wish to seek your cooperation and guidance, if you could perhaps provide us with detailed information as you share the same last name with our late client who died on July 7, 2005 London terrorist bombing leaving no trace of his immediate family members information.

Over the years, we have worked indefatigably and uncompromisingly to locate any of the relatives of our late client and all to no avail hence, the need for this correspondence. We would be delighted to have you as the apparent heir of our late client hence, you share the same last name and could possibly be somewhere in his family tree. We have been mandated by his bankers to provide any of his family members to claim his lawful assets with the bank because it is legally incumbent on us to do so as the legal representatives to the deceased.

We have decided to take this chance with you as our last resort to have you stand as the apparent heir of our late client since you both share the same last name as we have secured an order of mandamus from the Probate Registry to locate any member of his family to claim what rightfully belong to him and for this reason, it remains your legal right and responsibility to protect the interest of your family in this regards.

Contact me in person for additional information and to discuss the modalities of this brief. Your earliest response is imperative and shall be appreciated if you provide your Resume Information to with your feedback.

Thanking you for your kind attention in anticipation of your response ASAP.

Respectfully submitted,

Alexander Marshall QC, Campbell Law Firm,

320 Bethnal Green Road Bethnal Green, London E2 0AH

Tel: +44 (0) 701 112 8147. URL: [removed for security purposes]

EDUCATION: LLB (Hons), (University Coll., London ). QC 1992, Recorder (Criminal/Family/Civil) 1993 to date.

Now, with a telephone number, website and address it would seem to be legitimate. I did a quick search and could not find anything related to this specific type of spam online. However, there are a few things that remain highly suspicious:

  • While the From: line of the message is from the address alex.marshall@campbell-law.co.uk, it appears to be spoofed. The Received header is from “nobody by wc3.forethought.net”. So is the Sender and Return Path
  • The message says “if you could perhaps provide us with detailed information as you share the same last name with our late client who died on July 7, 2005 London terrorist bombing leaving no trace of his immediate family members information.” And yet there is no mention of my last name anywhere in the message, which is suspicious as well.
  • I know of no one who would fit the description of the person this letter refers to.
  • The URL for the law firm, which is removed in case it is a Trojan site, is “under construction”.

The bottom line here is that even if this email were legit, I don’t think I’d be interested in getting involved in what would ultimately be lots of paper work and cost lots of money. But of course, it’s not legit, it’s spam camouflaged as something that seems more intelligent than the Nigerian email scam.

Replica watch spam

I rarely check my spam filtered mail at work because I simply don’t care enough. If someone sent me a message that accidentally got caught by my spam filter, I naturally assume it was their fault. (It’s different on my personal email because fewer people have my address and the spam control software is much, much better. But I digress.)

At work I get a daily summary of the messages that were flagged as spam. I never look at this message, but this morning I was curious. There were 23 new messages flagged as spam in the last 24 hours. What I found interesting was that several of these messages seemed to be about replica watches. Some sample subject lines:

  • The best Replica!
  • Watches!
  • replica watches, rolex replicas, fake watches
  • Low Cost Replica Watches
  • The best Replica

I found this to be odd. I mean, there was a fair share of the usual spam (“Can’t find a good drug s tore?”, “GOt Meds?”, etc.) but replica watches?

It made me wonder if watches are back in now? I don’t use a watch. I have a good sense of time and I try and minimize the number of gadgets I carry to reduce redundency. I have a cellphone that tells time, so why wear a watch? But if 20% of my spam is about replica watches, I assume watches are once again on the rise.

It begs the larger question: can spam be used as a meter for social trends? I get plenty of spam for Viagra (usually spelled V|@gra in a clever attempt to fool automated filters). I get plenty of spam for stock tips. Both the little blue pill and the blue chips are hot items these days. In fact, I wouldn’t be surprised if the people selling blue chips are taking the blue pill more frequently than others. So perhaps spam has the value of being attuned to social trends. It helps keep you hip and in the know.

There is one exception that I’ve noticed. I get a lot of spam with the subject line: “Re: Hi”. That trend seems to buck the tide. No one says “Hi!” anymore. (It’s all wussup or how’s it going or duuuuude.)

Your phone will ring!

I am fascinated by chain-letter type spam because it shows just how gullable people can be. In my junk mail folder this morning, was a message with a subject “FW: FW: This is SOOOOOOO Creepy” and the gist of the message was that if you read the entire message and made a wish, your wish would come true within minutes.

Now, it is my experience that wishes come true only through hard work or random chance. So natural, I was fascinated by how reading an email message and making a wish would make it come true. So I read the message.

First of all, there is a science to this, and this science is, apparently, predictable. There are even equations involved. For instance, to find out how long it will take for your wish to come true, simply take your age and convert it to minutes and you’ve got your answer. I am 34 years old and therefore my wish, should have come true within 34 minutes. The younger you are, therefore, the quicker your wish will come true. This means that people with the least amount of wisdom and experience will get their wishes granted faster than those people with (presumably) the most amount of wisdom an experience. Even in chain mail wishes, there is no justice in the universe!

Then there is the documentary evidence that this work. For instance:

I’m 13 years old, and I wished that my dad would come home from the army, because he’d been having problems with his heart and right leg. It was at 2:53 pm when I made my wish. At 3:07 PM (14 minutes later), the doorbell rang, and ther was my Dad, luggage and all!!

Presumably, in this case, it was okay that it took 14 minutes, instead of the predicted 13 minutes because, you know how clocks are always off and who knows what time it really was. What I don’t understand is that this youngster wished for his (or her) Dad, and yet what they got was Dad and his luggage. That’s going the extra mile, wish-wise, if you ask me.

Maybe this did happen. Maybe the phone did ring as soon as someone made their wish. But as a skeptic, I can’t believe it had anything to do with the making of the wish itself. The fact is, there are two explanations that make much more sense. The first is the fact that we internalize information subsconsciouly all the time. We might, for instance, hear our mother talking on the phone to our father and while we don’t hear the entire conversation, we can piece together the fact that dad is coming home soon. Then we start to wish Dad was coming home, and a few minutes later, there he is. It was not the wish but our subconscious knowledge that he was already on his way that did the trick.

The second explanation is probably even more common. Plain and simple coincidence. I’ve said this before and I’ll say it again, but there is no necessary connection between making a wish and having that wish come true–and when it does happens, very often it’s a coincidence. For some reason, however, people feel the need to place some kind of otherworldly value on coincidence when none belongs there. Flip a coin long enough, and you are bound to get twenty heads in a row. Nothing magic about it, it’s the law of averages. So you make enough wishes (or buy enough lottery tickets) and you are bound to win something. And if that winning is associated with our desire to win, then one must have caused the other. I think this is nothing more than an illustration of just how egocentric we are.

In any event, the instructions were clear. I needed to make my wish. I closed my eyes, made my wish, and scrolled to the end of the message. Apparently, however, wishes don’t work for “non-believers”. I wished that I would stop getting all forms of nonsense spam. I didn’t have to wait 34 minutes to find out if my wish had come true. Two minutes later, another piece of junk found it’s way into my junk folder.

But maybe that’s my fault. After all, I didn’t follow the instructions completely. I was supposed to forward the junk to 10 or more people within 5 minutes of making my wish, and this I simply didn’t do. The message indicates that if I don’t do this, I will have bad luck for years. Apparently, it’s right on target there, as I am still getting annoying spam.

Incidentally, why is it that the wishers can’t be happy with getting what they want? Why do these silly messages always have to punish those who don’t forward them with years of bad luck? Isn’t it bad enough that you didn’t get what you wished for in the first place? Whatever happened to the Golden Rule? Or for that matter, common decency?

Just wishful thinking, I guess.

Spam!

Panix provides excellent spam detection-and-elimination services, but every now and then, a message will sneak it’s way through, and these messages never fail to amuse me.

Invariably, these messages have to do with sex or drugs. Add Rock ‘n’ Roll to the mix and we’d have a truly American combination. Today I received two of these messages.

Read about the Love Pills

Spam of the week

I was forwarded the results of an NBC “poll” this week about whether or not the words “In God We Trust” and “God” belonged in the Pledge of Allegiance. The indigant author of the spam pointed out that NBC had the highest number of responses that they’ve ever had to a poll, with results as follows:

86% in favor of keeping the words “In God We Trust” and “God” in the Pledge of Allegiance
14% against.

The instructions in the spam indicated that I was supposed to forward the email on to other people if I agreed with the poll, or delete it if I didn’t.

I decided to write about it here instead.

First of all, either the author of the spam is mistaken, or the poll is wrong. The words “In God We Trust” do not appear in the Pledge of Allegience. They appear on the back of our currency. The word “God” does appear in the Pledge of Allegience, however, in the phrase “One nation, under God…”

The spam goes on to say:

It is said that 86% of Americans believe in God. Therefore, I have a very hard time understanding why there is such a mess about having “In God We Trust” on our money and having God in the Pledge of Allegience. Why is the world catering to this 14%?

It is also said that a large percentage of Americans “believe in” U.F.O.’s, and Elvis sightings. Belief alone does not imply proof. In fact, the whole notion of faith is that no proof is necessary, you simply believe. As far as why the “world” is catering to this 14%, I can only ask a few questions:

Why the world? Did the author of the spam mean “nation”?

How is the “world” catering to this 14%? I just pulled my money out of my pocket and I see the words “In God We Trust” on the back of every bill. Last I checked, when most people say the Pledge of Allegience, they still include the word God.

The issue here, the “mess”, as the spam author suggests, has to do with the fact that the first clause of the First Amendment of the United States Constitution says that “Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof.” Over two centuries of constitutional law have interpretted this clause to mean a “separation of Church and State”, that the state should not in any way interfere with religion, nor should the state be in favor of or sponsor any one religion. Only a narrow look at religion as a whole would indicate that the notion of “God” is part of all religions, when in fact it is not. By included the words “In God We Trust” or other referecnes to “God”, some people see it as the government supporting one form (a Judeo-Christian one at that) of religion over others.

Whatever one’s religious beliefs, the state should not interfere with them, so long as they are not causing harm to others. That is why the 14% are imporant.

It’s my opinion that email like this goes around to support the fragile egos of people who are uncertain of their own faith (or lack thereof) in an effort to gather reinforcement that they are, in fact, right in their beliefs. True faith, I imagine, doesn’t require this kind of second guessing.

Blacklisted!

I now know why it seemed like I was never getting any email from Rich. I just happened to randomly check my email trash and saw that my spam filter trashed a reply from Rich because at some point I’d accidentally blacklisted his address. Whoops! Good thing I caught it. I whitelisted his account and things should be good there. But I wonder: have I blacklisted anyone else?