Something Phishy's Going On
Flagging a new twist on an old scam and decoding mystery text in spam.
Flagging a new twist on an old scam and decoding mystery text in spam.
Legitimate e-mail marketers should take note of two trends that could adversely affect deliverability and brand reputation.
Issue one: spoofing of legitimate domains in order to deliver spam. This practice has been on the rise since last year.
In the past, brands (such as banks, credit card companies, and eBay) have been spoofed in order to obtain a person’s private and personal information. Over the last nine months, we’ve monitored many brands whose domains are used simply to get past spam filters.
For instance, an e-mail promoting a male enhancement product called “PÖwerGaÍn+” with the subject line “What she REALLY wants for Christmas” has been delivered to inboxes using the following domains in the sender’s address: washingtonpost.com, merriam-webster.com, novell.com, flickr.com, smarttech.com, boston.com, aaas.org, science.org, time.com, foxnews.com, budget.com, and cbpp.org.
In most cases, the spoofed domains aren’t the domains used by the companies to actually deliver their own e-mail. For instance, “The Washington Post” uses the domain “e-mail.washingtonpost.com” to deliver its e-mail, not washingtonpost.com.
We’ve recorded more than 9,600 spam e-mail campaigns delivered using the washingtonpost.com domain since 2006; 8,500 — or 88 percent — were delivered in 2008, indicating the problem has gotten much worse.
Ford.com was used to deliver e-mails with the following provocative subject lines: “Our research team found shocking length increases,” “Achieve your true growth potential with these meds,” “online Discount Pharmacy,” “Order Meds Online Now,” “Save on generic Meds!” and “Make better sex more often.”
Problem is, it can be next to impossible to discover if your business is the victim of this kind of spoof. It’s even harder to do anything about it. But it does make a good case for services like Goodmail, Iconix, and other services that provide branding along with the e-mail to help recipients and ISPs know the difference between legitimate e-mail and thieves riding a legitimate brand’s coattails.
Issue two: Speaking of spam, did you ever wonder about the long quotations at the bottom of some spam mail? The quotations are from books, articles, and other sources of text that have nothing to do with the Viagra or herbal remedy promoted in the main part of the e-mail.
I once searched Google for a particularly interesting chunk of text and found the spammer was using quotations from a site dedicated to posting high school term papers for students to download and cheat, claiming the work was their own. This text was always a mystery to me until I recently attended a conference attended by a lot of people who know the spam space up close and personal.
This text appears because some ISPs use the text-to-link ratio as a filtering device to block spam. If the percentage of links to text reaches a certain ratio, ISPs block it. I asked how that affects e-mails that contain only graphics and no text. But the spammer — I mean, high volume e-mailer — couldn’t tell me.
But legitimate e-mailers need to keep that in mind. If you’re sending out e-mails that are mostly links associated with graphic images and no real text in the e-mail body, you may be opening yourself up to some delivery problems you weren’t expecting.
Until next time.