Tuesday, April 30, 2013

An Open Letter to Spammers

NOTE:  This post is rated PG-13 for mild strong language.

An open letter to spammers

A natural way  to start this letter would be to rail against you spammers for being scumbags, but that’s really beside the point.  Everybody knows you’re scumbags, including you.  Perhaps you justify your behavior by feeling utter contempt for those who actually open your e-mails, and who even sometimes click on the link within, or (gasp) open the attachment.  It really does amaze me that there are people who fall for this, and I don’t exactly admire them either. 

What really bothers me, though, is that your methods—which you probably think of as “crude but effective”—are mostly crude and couldn’t possibly be very effective.  Frankly, “crude” doesn’t cover it:  your methods are monstrously stupid.  If you weren’t so stupid—that is to say, if you weren’t such absolute shit-for-brains types that it probably stinks when you think hard—there wouldn’t be so much collateral damage:  that is, we wouldn’t have the sheer volume of spam messages your non-victims nonetheless have to clear out on a daily basis.  If you had any brains at all, you could get the same results without clogging up the Internet nearly so badly.

It’s natural to be lured toward a grudging respect for the really cunning criminal, like the jewel thief who slips into a museum during the dark of night, outwits all the laser-beam motion detectors, and makes off with the big diamond.  Roald Dahl wrote a story that painted a pickpocket in a positive light.  The cool French movie “Diva” featured an attractive character who was, among other things, an expert shoplifter.  But, vile spammer, your methods are so grossly ineffective, the fitting criminal analogy would be the last guy who stole gas from my old Volvo, who was too lazy or stupid to pick the lock on the gas cap and instead did hundreds of dollars in damage prying it open, just for about $20 worth of gas.  Sure, H.L. Mencken was right when he said “Nobody ever went broke underestimating the intelligence of the American public,” but that doesn’t mean anyone can get rich doing a really stupid scam.

I’m going to detail here all the ways in which your methods are really lame.  In doing this I hope to help you understand that you are just barely smarter than that tiny fraction of a percent of your recipients who actually give you want you want.  Perhaps some people reading this will by miffed that I could be helping you improve your game, but a) real spammers are probably not reading this, and b) this post also serves as a way to help people see through spammers’ absurdly unsophisticated schemes and be better at evading them.

Stock tips

I got an e-mail recently titled “My Huge New Pick!!!”  At first I misread it and thought it said “My Huge New Prick!!!” and I assumed it was from a congressman showing off his new male enhancement.  But no, it was just another stock tip from a complete stranger.  (At least, I assume it was.  Needless to say I didn’t open it.)  In the last week I’ve also received “Huge Day For Our Latest Pick,” “This Stock in our new SUBPENNY,” “A Breaking Bull That's Ready To…” and “It Looks Strong on Solid News.”  My favorite?  “The Upside Potential is Unbelievable.”  That last example is almost certainly accurate:  the potential is truly not to be believed.

Look, just give it up guys.  Why would anybody accept a stock tip from a complete stranger, a tip which is obviously broadcast completely indiscriminately?  What could be the motive:  altruism?  Yeah, right … an altruistic spammer.  Surely it’s a way to get people to buy stock in a company just to boost that company’s stock.  But why would anybody invest in a company with such a pathetic strategy?

Yeah, yeah … “There’s a sucker born every minute.”  But how many of these suckers actually have the know-how to complete a stock purchase online?  If they fell for your e-mail, there’s a pretty good chance they’d spell the ticker wrong.

Sequential messages from the same sender

Often I get bursts of spam where the pretend name of the sender is the same several times in a row.  Look at this:

I can’t imagine these are from different senders.  Something is clearly wrong with this spamming system—it should detect duplicate “send to” addresses.

And how do you come up with the fake names?  Why not choose something more common?  I suppose it’s possible I could actually know somebody named Marina, or that I’d at least think it possible that there was a Marina in my past I’ve temporarily forgotten about, who has bubbled up on the Internet to reconnect.  But look at the putative addresses of these various senders.  Could I really forget a Marina whose e-mail address is "snugglebunny"?  Or could I actually believe I’ve forgotten about a Marina from Russia?

I’m tempted to take you to task for the transparency of having senders’ names not match their addresses (e.g., the Marina whose address starts “laura_c” or the Marina whose address starts “tjr), but I acknowledge that popular e-mail platforms like Gmail and Outlook mask the sender’s address.  Well, you’re not fooling me.  And anybody who finds an e-mail suspicious can look at the Internet headers in Outlook, as shown here.

Sequential messages with the same subject:

Here’s another burst of obvious spam I received recently:

I don’t have six different bank accounts, and I’m pretty sure it would take a major life event for all of them to be put at risk simultaneously.  Clearly this is another problem with a spam distribution mechanism. 

Transparent phishing

Taking another look at the snapshot above, there’s another obvious sign these messages are bogus:  since when do banks use an individual sender’s name when they contact you?  And even if they did, given that most of these customer service folks are probably in India, wouldn’t they pick more generic-sounding fake American names than “Bella Flowers”? 

Yes, there are some people out there who might actually believe a bank would contact them via e-mail due to an account problem.  But for every phishing success story there are probably thousands of would-be phishers coming up with an empty hook, every time.  Your success rate is probably dismal, and just remember:  the other, better phishers are probably laughing at you.

For those readers looking to avoid getting scammed, here’s an easy rule of thumb:  if an e-mail claims to have anything to do with any account you hold at any institution of any kind, delete it.  Banks and such don’t like your account to go away, and they’ll figure out how to reach you.  Believe me. 

I’ve only ever known of one false positive:  way back in 1999, I got an e-mail from some no-name outfit called PayPal titled, “Joe Blow has sent you money!”  Except it wasn’t Joe Blow, it was a guy I know who’d left Visa to help start PayPal.  They wanted me to enter my checking account information, and I’d get money right in my account.  Amazingly, this ended up being legit, but since I hadn’t heard about it through the guy I knew, I didn’t bite.  What am I, stupid?  Of course, had I accepted I’d have made a buck or two, plus the right to brag about being one of the first-ever users of PayPal.  But you know what?  Bragging about being wary of phishing before anybody had ever heard of phishing isn’t so bad either.

Errant capitalization

What do these subject lines have in common?

Huge Day For Our Latest Pick
My Huge New Pick!!!
It Just Issued More News Momen...
A Breaking Bull That's Ready T...
It Looks Strong on Solid News

Well, despite the title of this section, I’ll bet you didn’t get it, you moron, so I’m just going to tell you:  these phrases all have words that are unnecessarily capitalized.  Sure, this used to be standard, back in the 18th century.  But unless you’re pretending to be Ben Franklin e-mailing from beyond the grave, give it a rest.  Real humans don’t use capitals like that, and if my friends start doing it, they’ll just have to start phoning me because I’m not reading any more of their e-mails.

Nonsensical subject lines

Look at these e-mail subjects:

It Expected to Move Higher
my, (YOU) asked...
Be the women' h...

How could “it” have any expectations?  I think “It’s” was meant, but maybe the spammer couldn’t remember the “it’s” vs. “its” rule and just deleted the “s” entirely.  The second example … who knows where that went wrong.  Sure, there are people who don’t understand punctuation, but I hardly think most of them sprinkle around commas and parentheses like so much garnish.  And the apostrophe after “women” is completely bizarre.  A good many people might stumble when trying to remember whether an apostrophe goes before or after an “s,” but after an “n”?  Really?

This example of patently obvious spam needs no explanation:

Discount pharmacy and Viagra

The market in black-market Viagra has got to be well and truly saturated by now.  Keep in mind that it’s fairly widely known that Viagra isn’t an aphrodisiac, so by sending a man a Viagra offer you’re insulting his manhood.  This has always been a narrow market and very well served by the several offers per day everybody has been receiving for the last fifteen years.  Just stop.

I receive lots of other “online pharmacy” messages, of course; the most recent was from “Love” and was titled “Online pharmacy buy cheap disc…”  (Surely “discount” was the truncated word there, and the redundancy of “cheap” and “discount” surprises me not at all.)  Again, this has got to be a really tiny niche.  In my experience, the less educated Internet users tend to be the more paranoid ones.  How many would actually toss the dice on illicit prescription meds online?  After all, if they get ripped off they can’t exactly bring in the cops (nor will anyone cry for them).  How can they possibly establish the trustworthiness of the seller?  This is the online equivalent of the college roommate I had who kept getting shafted by dudes in People's Park selling him oregano they said was pot.


This isn’t quite as stupid, of course; I’m talking about outfits I once gave money to who now pester me relentlessly.  There are so many reasons quasi-spam is smarter than the Gatling-gun-shots-in-the-dark strategy your lowly ilk employs.  For one thing, these outfits know I have money, and for another, they know I know who they are.  But still, it’s annoying.

For example, I have set foot in The Walking Company exactly twice.  The first time was during Christmas shopping, and I bought some slippers that were half off and a couple of blankets that were 80% off.  Since then I’ve been getting an e-mail solicitation from them practically every day.  Most of them are totally pointless—“NEW Cork Sandals For Spring!”—but one offered some amazing blowout sale on a pair of shoes that I miraculously had actually already had my eye on.  (Miraculous because I’m a typical guy and buy a pair of shoes every few years.)  So I went there, found out the shoes were mail-order only, vowed on the spot to boycott The Walking Company for life on principle, and went to a competing shoe store in the same mall where I bought a nice pair of shoes and like 15 pairs of socks.  A spiteful purchase?  Possibly.

Then there’s the former Presidential candidate who continued to e-mail me asking for money for years after he’d wasted the money I already gave him (i.e., after he failed to get elected).  Pretty shameless.  Which brings us to the poster child for quasi-spam, “Ranger Rick” magazine, which keeps up a constant barrage:

Such lies.  “Limited Time Offer”—there’s always another offer.  “Last Chance!”—really?  If I don’t renew my subscription, they’ll never let me subscribe again?  Yeah, right.  The kicker here is that I would never, ever renew my subscription, for the simple reason that “Ranger Rick” punishes its loyal subscribers by giving them really crappy renewal rates.  I let the subscription expire and then signed up as if I were a totally new subscriber, for about half the price.  I thought they’d figure that out but I guess they haven’t.

Alternatives to spam

Of course, you could argue that the flip side to spam is targeted ads, like Google’s AdSense nonsense.  As I’ve explained at length, I’m no fan of that, either.  But it doesn’t clog up my Inbox, and at least there’s a very simple way to kill it.  More insidious is the way social networks are contriving to get people to essentially advertise things to their friends.  That makes me sick.  (It brings to mind the non-virtual pyramid schemes that have been around forever.  A friend of mine once tried to bring me in on a Super Blue Green Algae deal and I never talked to him again.)

But the real flip side to spamming is simply not spamming.  Has that ever occurred to you?  To just go find something more constructive to do?  Of course it hasn’t.  You scumbags.

No comments:

Post a Comment