10 October 2006
Chatty spam

Some of the comments caught in the crap-filtration system around here lately are attempting to be cordial in the process of leeching linkage. Examples:

What a cute site you have here. I can tell that you have put a lot of time and work into it. Great job!

I feel like a complete blank. That's how it is. I can't be bothered with anything recently.

I really find this site very interesting, and it gives people a pleasure time! I really appreciate the creators of this website!

My life's been basically dull these days. I haven't gotten much done these days. Today was a complete loss.

Since obviously the scum who wrote this originally can be considered a complete loss, I'm taking some pleasure time to empty out the trash.

Permalink to this item (posted at 3:39 PM)
24 November 2006
To an unsuspecting company

Sent by me this morning to support at infermed.com:

I have received several (let's say "dozens") of spams identified as from your user "kterefe". A sample link below:

http://www.infermed.com/Members/kterefe/Document.2006-11-20.2275556059/

(S)he is not actually using your facilities to send the spam — they come from a variety of IPs, probably hijacked and turned into zombie machines — but all the links therein point to one of kterefe's "Members" pages, such as the one above.

I trust that this will be a simple matter for you to take care of, and I thank you for listening.

cgh

Regular readers will note that this is a kinder, gentler treatment than that which I would actually prefer.

Permalink to this item (posted at 8:23 AM)
Meanwhile on those WP blogs

I have two other blogs which run WordPress (currently 2.0.4); after an influx of Evil Farging Spammers, I devoted some time this evening to installing Dr Dave's Spam Karma 2. Nothing has actually been sneaking onto the sites without my knowledge, but, well, I'd like to thwart the bastards at an earlier stage if at all possible.

Permalink to this item (posted at 7:55 PM)
2 December 2006
The pink torpedo, unchanged

The latest dubious dingus-embiggener to hit the mailbox is something called "Man XL," and inasmuch as I was no great shakes, so to speak, when I was forty, I have no reason to want to pay to relive those times.

Incidentally, one Dr Oz, apparently one of Oprah's posse, has recycled the old story about how losing 35 lb is the equivalent of gaining one inch. Were this at all reliable, you'd see guys lined up around the block for stomach stapling and other arguable ventures. Certainly the year I lost 30 lb (this would be 2004) didn't end with anything resembling six-sevenths of an inch of newfound wangage.

I presume, therefore, that this is an old wives' tale, which makes sense inasmuch as Oprah's audience is largely composed of old wives — and old ex-wives. I accord it the same credence I give to that business about shoe sizes, and inasmuch as I wear a size 14 double E, I consider myself in a reasonable position to render judgment thereupon.

Permalink to this item (posted at 3:00 PM)
8 December 2006
Let's school these phish

You know, guys, you could be a lot more successful with your phishing if you didn't come up with stilted, unintelligible crap like this:

You have been chosen by our online department to take part in our quick and easy online departament. In return we will credit $20 to your account — Just for your time! Helping us better understand how our customers feel benefits everyone. With the information collected we can decide to direct a number of changes to improve and expand our online service.

We kindly ask you to spare two minutes of your time in taking part with this unique offer!

I kindly ask you to bite me.

Permalink to this item (posted at 4:19 PM)
9 December 2006
And you thought they only enriched uranium

A week ago I was grumbling about something called "Man XL", yet another Product of Infinite Bogosity which promises to expand the distance from foreskin (where present) to base. I have continued to receive occasional spams promoting this stuff, but none were noteworthy until today, when one arrived with a link to a surprising-looking URL: mullahs.net.

It is, of course, highly unlikely that anyone in the Iranian inner circle is actually running this operation, but there's something sort of poetic about the notion of Mahmoud Ahmadinejad trying to move bogus wang pills in a desperate attempt to keep the reactors running.

Permalink to this item (posted at 8:20 PM)
17 December 2006
Time to backtrack?

I was deleting yet another piece of trackback spam last night, and I wondered, briefly, if it was even worth it to keep the darn things running.

In a couple of minutes I found this commentary from Kasia:

[I]s trackback effectively dead? Gone the way of the dodo and frames? I suppose it's time to kill it completely (at least on this blog) say a few words of gratitude for its usefulness for as long as it has lasted and thank spammers for making yet another communication tool effectively useless.

A comment from one of her readers:

Trackbacks were dead the day a spammer first heard about them, which was the day after they were first announced. It was such a ludicrously stupid idea from the start and I'm surprised it took this long for people to realize it was going to be nothing but a spam magnet, much like unmoderated posting.

This was ten months ago; it is probably prudent to assume things have not improved since then.

At any rate, only 7.2 percent of my TBs (46 of 642) since the database flush in September have turned out to be valid; the rest were junk. I'd be interested in hearing if anyone is doing better — or, God forbid, worse.

Permalink to this item (posted at 11:31 AM)
8 February 2007
Indiscriminate leeches

All spammers are nasty farging dweebs, but some of them are just a shade nastier than their scum-sucking brethren.

This little jewel popped in today with the dubious headline "How not to be a Grammy fashion don't":

We are glad to offer you F.D.A approved Original Viagra.

You can order it here: http://www.christianschoolmagazine.info

Fast shipping and tax free prices guaranteed.

Said URL actually lands on worldwidebonus.com, the domain record for which was posted this week by registerfly.com, a generally-respectable registrar who probably hasn't noticed this yet.

Permalink to this item (posted at 5:06 PM)
28 February 2007
Spam be damned

I mentioned this weekend that I had installed a newish anti-spam product on my home box, and I promised updates. This is one.

This package used to be called Qurb, and was purchased by the drones of Computer Associates, who promptly slapped their own name on it. (CA's old EZ brand seems to be an endangered species.) It is a very specific tool: it hooks into Microsoft Outlook or Outlook Express — I see no evidence that it works with anything else — and it indexes your entire mail database at installation.

First day in, the package went through all my mail folders except Deleted Items and added all the names therein to the Approved Senders list, on the basis that if I kept something you sent me, I presumably want to hear from you. Some people are in there two or three times, by dint of having had multiple email addresses over the ten years I've been accumulating this mail. There was also one simple toolbar added to the client.

It's interesting to watch it work, as incoming messages are routed to the Inbox and stuff deemed spam remains on screen for maybe a third of a second before it vanishes into the quarantine folder. You can select daily or hourly intervals to have the quarantine list popped up, and if anything is in there that you want to keep, you can move it to Inbox and mark the sender Approved.

Operation is pretty much seamless. I have the quarantine opened every four hours, and I have "Verify Sender Domains" toggled on. Interestingly, no formal spam scoring takes place until the first mail is received and learning mode kicks in; after that, I have automatic disapproval on anything over 90 percent and no automatic approval (these are the defaults).

To give you an idea of the volumes around here, about 70 percent of incoming mail — let's say 500 out of 700 items a week — will be caught by the mail server's filters. In the period since installing the CA/Qurb package, 66 items were sent to quarantine; two were pulled out for being sufficiently unspamlike and their senders were subsequently Approved. No items that I deem unacceptable for my Inbox were allowed through.

Inasmuch as this thing doesn't seem to mess up the databases, or to suck up vast quantities of system resources, I have to pronounce it a success, though obviously I can't recommend it to anyone who isn't using Microsoft's otherwise-ghastly mail clients.

Permalink to this item (posted at 6:32 AM)
15 March 2007
I don't think so

Someone left a spam comment here a few minutes ago, using the name "George Soros." Whatever you may think of Mr Soros, you have no reason to think he'd resort to that sort of thing. The offending item has been deleted.

(The title should be spoken with inflections that convey a certain irritated disdain; I recommend the way LL Cool J says it in "Going Back to Cali.")

Permalink to this item (posted at 7:48 AM)
21 March 2007
The Wilsonian approach, maybe

In this morning's email was an offer: "Woodrow — Viagra for you!"

I suppose I should be grateful it wasn't addressed to Woody.

(There was also an item from, allegedly, "Hung Short," but I couldn't bring myself to read it.)

Permalink to this item (posted at 11:02 AM)
28 March 2007
Sniff, then scratch

Mark Alger gets one of those International Lottery spams, and wonders:

If a lottery is a tax on the innumerate, how much more stupid would you have to be to buy a ticket from a complete stranger approaching you at random on the Internet? (And probably without any way to contact him included in the email.)

But then, people are people and grifts work for that very reason. I suppose an appeal to greed will never go unanswered.

Then again, truth will not always be denied, as Eric Siegmund discovers:

I see the newly enacted "Truth in Spam Labeling" legislation is beginning to pay dividends. I just got an email entitled "Worldwide Lootery Agent."

Which reminds us that after all, there is greed on both sides of this transaction.

Permalink to this item (posted at 3:02 PM)
29 March 2007
As if

Just received while I wait out the stormage: something titled "Internet Explorer 7 Downloads," claiming to be from admin@microsoft.com.

Yeah, right.

For the record, I have gotten one email from Microsoft since ever: a followup to see if I'd gotten the XP Service Pack 2 CD I had ordered. Assuming, of course, even that was from Microsoft, which is a lot to assume.

Permalink to this item (posted at 4:30 PM)
25 April 2007
They should get it back threefold

I run a couple of WordPress blogs on the side, and both of them are using the Spam Karma 2 plugin to ward off the sort of garbage that besets all of us with our own soapboxes. Each comment or ping is assigned a Karma value based upon its discernible characteristics. I pulled one spam to look at the calculation, and here's how it went:

0.5: Comment has no URL in content (but one author URL)
-7: Trackback Source Site [URL redacted]​ does not contain Blog URL domain (wendex.net).
-6: Entry posted 1 year, 7 months ago. 0 comments in the past 15 days. Current Karma: -6.

This spam was therefore valued at Karma -12.5, well below the threshold of acceptability.

It appears, though, that this is comparatively mild: this week I received a ping with the startling Karma of -1032.38. This is some seriously bad stuff, made more so by dint of sheer repetitiveness. (Apparently the SOB, or his legions of zombiebots, sent a metric crapload of these in rapid succession.) Has anyone ever gotten one worse? Surely I can't be the recordholder.

Permalink to this item (posted at 6:55 AM)
1 June 2007
Support your local spammer

An old-style hangman, or a motivated citizen, can recommend the proper support.

But then, how do you know if he's local? This GeoCommons map will tell you. At least, it will tell you where he was in 2004.

(Via Rocketboom.)

Permalink to this item (posted at 6:27 AM)
7 June 2007
Time to whippet out

Some worthless lump of pond scum (may he die in a chemical fire) has hijacked an informe.com forum to spam the world with drug offers, and the most annoying of them, from the standpoint of link lust, is the one that begins "can greyhounds take amoxicillin".

Since this has already been spread around a bit, I'm taking the liberty of linking to an actual abstract on the subject, with the hope that future Googlers will find it instead of his spam pages.

The abstract (which is available here) is called "Effect of feeding on plasma antibiotic concentrations in greyhounds given ampicillin and amoxycillin by mouth," by Watson, A.D., and Egerton, J.R. Regular users of PubMed may already have seen this abstract.

Permalink to this item (posted at 7:17 AM)
9 June 2007
Oh, hello, Kwyjibo

So many spammers are using email addresses that look like bad Scrabble racks, it's almost news to see one that looks like a name these days.

Well, sort of a name. I got something this morning from gwendolyneroticprosopopoeia at rr.com, which, if it isn't a real address, darn well ought to be.

Permalink to this item (posted at 12:05 PM)
10 June 2007
Temporary prophylaxis

Some fellator of diseased goats has set up a crapload of Yahoo! Groups for the purpose of spamming blogs with drug-sale offers; I've received rather a lot of TrackBack spam from his sorry ass. I sent a terms-of-service complaint to Yahoo! which, judging by the response, was not understood — or maybe Yahoo! doesn't consider this a TOS violation. Until such time as they excise this particular dingleberry, you might want to consider blocking as much Yahoo! Groups traffic as is technically feasible.

Permalink to this item (posted at 8:19 PM)
15 June 2007
The nine billion names of sildenafil citrate

Actually, there are a lot more than that, and there are times when I think I've seen every last one of them in my inbox.

(Via Tinkerty Tonk.)

Permalink to this item (posted at 10:20 PM)
17 June 2007
Unplumbed depths

Last April I marveled at an item that Spam Karma 2 had snagged on one of my other sites, with an appalling karma of -1032.38. Commenters informed me that this was not so unusual; one, in fact, reported having received a score of -50482.7, fifty times as lame.

Come today, I find a new batch of scum, and most of them are in the general vicinity of -685908. (My first thought was "Geez, this isn't a score, it's a phone number." And indeed, with one additional digit, this was my phone number, circa 1979. No, you don't dial the minus sign.) Evidently SK's Retro-Spanking routine means business.

Permalink to this item (posted at 11:29 AM)
27 June 2007
The clues of the phisherman

Now this is hilarious. The phish was typical — "We detected irregular activity on your Bank of America Check Card" — but the bogus link to B of A was this:

http://adsl-69-216-37-241.dsl.klmzmi.ameritech.net/redirect.html

You know, if you're gonna steal stuff, Mr. Kalamazoo Phisher Guy, you probably ought not to telegraph where it's going.

This IP, incidentally, falls in a range belonging to these guys.

You're welcome.

Addendum: I toyed with the idea of reporting this to AT&T, whose DSL line this is, but the ignorant douchenozzles make it impossible to do anything on their Web site without jumping through their intake hoops. Repeat: AT&T = ignorant douchenozzles. Remember it.

Permalink to this item (posted at 11:16 AM)
25 August 2007
Sorry, I'm waiting for "Gigadik"

Email to this domain must pass through three filters: one at the server level, one at the client level, and one which analyzes the contents of the inbox and quarantines that which it deems unworthy. The most obvious spam is caught in the first pass, and once in a while I go through there to see what sort of horrid monstrosities might have fallen into the trap.

Of course, anything containing the word "shaft" is automatically suspect unless it's from Isaac Hayes; dingus-embiggeners are still a major draw in Spamland. This week I got a pitch for something with the implausible name of "Megadik." (Robin Wauters of MarketingBlog.eu is willing to show you his. His copy of the spam, I mean.)

Actually, I don't see this as a viable product name, since it's so easily used as a pejorative during fits of pique. Example: "This wouldn't have happened if you didn't act like a megadik in front of everyone."

Permalink to this item (posted at 3:33 PM)
13 September 2007
No taste for accounting

Normally I don't pay any attention at all to the sort of spam that promises me sexual delights, but one caught my eye this week, mostly for the following declaration:

Less than 29% of all women can achieve a climax by having intercourse alone.

How do they do when they're having it with someone?

(Just asking.)

Permalink to this item (posted at 9:46 AM)
22 September 2007
Please delete me, let me go

One of the Blogger sites I occasionally read (but had not blogrolled) presented me with an odd phenomenon yesterday: the page loads normally, then everything after the first post title is replaced with spam. Poking around for an explanation, I first stumbled across this:

Check out how a widget has spammed a blog

On this page about Factor Programming http://psalm35.blogspot.com/

It has a script in its footer: <script src=http://www.oedemera.com/blogger_navbar/navbar_012.php>

When you visit the page with Javascript turned on, all the contents are replaced dynamically with ads.

This is beyond sick.

And it's beyond most of the widgets I've seen, admittedly a small sample. Another explanation from another blog:

I suspect that what happened was this:

1 - 962 [a Hong Kong blogger] decided to stop blogging.

2 - He deleted his blog, freeing up the URL.

3 - Some spider or robot discovered this and claimed the URL, associating it with a different Google account.

So 962 would not be able to access the settings for that blog.

His only recourse is to report this to Blogger, that his blog has now become a splog (spam blog) and hope that an actual human being reads his message and takes some action.

Finally, a use for that FLAG BLOG button.

Oedemera, incidentally, is a genus of beetle. All spammers, I think, should name themselves for crawling insects.

Permalink to this item (posted at 1:17 PM)
24 September 2007
The eagle and the phish

They're not even trying anymore, I think. Today's spam is fudged to appear to come from service at IRS.gov, and it says:

After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $209.30.

You are wrong, involuntary-conversion breath, but no matter. The proffered link to "access the form for your tax refund" is http://211.20.241.149/IRS.gov/ which, I need hardly point out, does not go to the Infernal Internal Revenue Service.

Further amusement:

Note: For security reasons, we will record your ip-address, the date and time. Deliberate wrong inputs are criminally pursued and indicated.

Indicate this, pal. Oh, and at the end:

© Copyright 2007, Internal Revenue Service U.S.A.

Shouldn't be too hard to write off this intellectual property.

Permalink to this item (posted at 6:25 PM)
3 January 2008
Überspam

So what did I do to deserve spam in German?

Ich Liebe dich!
Die Liebe wird gewinnen!
Ohne dich bin ich nur ein halber Mensch!

There's a lot more, and it all links back to myigla.net, owned by S-H-F E-Marketing, in a place called Shimshit, Israel. Feel free to write your own jokes; I'm sure Mr. Half A Man there won't mind.

Permalink to this item (posted at 3:37 PM)
14 January 2008
Bank error in your favor, collect $200

That Community Chest card is slightly more likely than this email received yesterday:

The Bank of New York and the World Bank had earlier transferred fund to our Bank (Barclays PLC) last month. They disclosed that this fund was recovered as "Traced Fund" belonging to the (holder of this e-mail address) and we have been directed to contact you in this regard.

I am not in the position to disclose the amount here for security reasons. But I think you will have to make this inquiry for yourself. Please verify the amount in which you were previously expecting and reconfirm your banking coordinate as well. Send your e-mail and the copy of your International Passport to Mr. Pyle Michael Lee — director of Operation.

Unlike most phishing expeditions, this one has no obscured or dubious Web addresses, though I suspect that the email addresses for the sender and for the "director of Operation" don't go anywhere near Barclays. Bunch of wankers.

Addendum: This afternoon someone from the World Bank dropped by to see who was using their name in vain.

Permalink to this item (posted at 11:29 AM)
25 January 2008
Misleading inbox residue

NewsMax sent me an item this morning with this headline: "Will Pelosi Kill Bill to Stop Illegal Immigration?"

You know, I always figured that if anyone was actually going to kill Bill, it would be Hillary — or maybe Beatrix Kiddo. Either way, the effect on immigration seems unclear.

Permalink to this item (posted at 10:55 AM)
29 January 2008
FTC exercises undue kindness

The case went like this:

The Federal Trade Commission today announced a complaint and proposed consent decree settling charges that a California-based "voice broadcaster" made over 46 million unlawful telemarketing calls. The proposed court order permanently bars the defendants from violating the FTC's Telemarketing Sales Rule (TSR) and requires them to pay $180,000 in civil penalties.

According to the complaint filed by the Department of Justice (DOJ), since October 1, 2003, Voice-Mail Broadcasting Corporation (VMBC) and its owner, Jesse Crowe, have used automated dialers to "blast" consumers with prerecorded telemarketing pitches. The calls pitched products from debt-consolidation services to mortgage brokerage services and other retail and financial services. When VMBC's telemarketing calls were answered by consumers rather than answering machines or voicemail systems, VMBC either immediately hung up, leaving consumers with "dead air," or played a prerecorded message. Such calls violate the TSR, which limits telemarketers' use of prerecorded messages by requiring that calls answered by a person be connected to a sales representative within two seconds. The FTC's complaint alleges that VMBC, under the direction of its owner, made more than 46 million calls that violated the TSR.

The penalty is at least marginally stiff:

The proposed consent decree imposes a civil penalty of $3 million against VMBC and its owner, of which all but $180,000 will be suspended based on the defendants' inability to pay. However, VMBC and its owner will become liable for the full amount if the court finds they misrepresented their financial condition.

I think it's a safe bet that he's hiding it somewhere, so the FTC made a good call with that last clause. However, I was really hoping for something that (1) puts the guy under some form of house arrest and (2) rings his telephone every 45 seconds, twenty-four hours a day, three hundred sixty-four days a year. (Give him Christmas off.) This kind of treatment would surely impel him to mend his ways far more effectively than merely draining his bank account would.

(Via Consumerist.)

Permalink to this item (posted at 5:28 PM)
4 March 2008
And now there's smishing

Or, perhaps more precisely, SMiShing, which is a phishing attempt using Short Message Service, a protocol used for text messages on cell phones. It's not new, exactly, but anything that works once will draw lots and lots of copycats once word gets around.

Recent citations:

Fox Channel 2 in St. Louis ... reported that consumers in the St. Louis area have been receiving text messages on their cell phones that appear to be coming from Arsenal Credit Union. Instead, these messages are being sent by identity thieves. The messages ask readers to provide information about their bank account, debit card and credit card numbers, so Missouri Attorney General Jay Nixon has put out a warning to consumers.

Earlier this month, the Web site of the Washington State Office of the Attorney General added information about three new identity theft scams — one involving text messaging. Here's what happened: A text message in Spanish was sent to the cell phone of an elderly woman. The message provided a phone number and asked that she call them immediately, so she did. She was told she had won something and was asked for her personal information to confirm her identity. The woman's daughter was in the room and suspected foul play, so she ended the phone call.

Smishing needs to be smushed, pronto.

Permalink to this item (posted at 1:27 PM)
12 March 2008
It's Jenny on line two

Now this takes nerve:

Some people getting late night and early morning telemarketing calls in the Wilmington [Delaware] area have been doing a double take when they see the number on their caller ID: 867-5309.

Actually, what makes it heinous is not the Tommy Tutone reference, but this:

At least two other people have told the [Wilmington] News-Journal about similar calls, and others have reported the calls in online forums, with more than five dozen complaints logged Tuesday at CallerComplaints.com.

They haven't been able to call back to protest, because there is no 867-5309 in Delaware's 302 area code.

Spoofing Caller ID numbers isn't illegal — yet. But if you're using a fake number to call me, I consider it prima facie evidence that you're dishonest and therefore unworthy of my business or anyone else's.

Permalink to this item (posted at 7:54 AM)
13 March 2008
Aren't you glad they use dial?

Actually, no, I'm not.

Yesterday's item about telemarketers contained, in the quoted material, a mention of a Web site called CallerComplaints.com, with which I was otherwise not familiar. The operator of the site, noticing the reference, suggested that I might want to take a look at what's there, and so I did.

There is, of course, a database of numbers, broken down by area code — including nonexistent area codes, under "Spoofed," which is nice — and a handful of articles about the scuzzbuckets who keep calling you. Perhaps the most interesting deals with how toll-free numbers are assigned (it's not pretty) and how to complain to the assigners.

But what I really wanted to mention is the motivation, from their About Us page. Yes, they're building a database, but there's another purpose:

Public Humiliation. Sure, this may not stop the calls right away... but you'll probably feel better after you vent. ;) Plus, once a company "Googles" their name and sees hundreds of complaints come up... they'll think twice about calling you again!

I'm not so sure about that — thinking twice, after all, requires thinking once to begin with — but I'm definitely in favor of public humiliation.

Permalink to this item (posted at 6:57 AM)
14 March 2008
Candida: we could make it together

Some fungi who plasters worthless TrackBacks all over blogdom dropped in here yesterday with a link reading as follows: "Sex during diflucan."

As the phrase goes, I do not think that word means what he thinks it means. And if it does, well, the further from here, girl, the better.

Permalink to this item (posted at 11:09 AM)
22 March 2008
Subtle sabotage?

Last week marked James Lileks' return to actual newsprint, and, says Saint Paul, this event didn't sit well with everyone:

The media liberals in town, who are accustomed to having a monopoly for their opinions appearing in the local press, are predictably getting the shakes over what this may mean. Lileks has always been a tough case for them to handle. He's clearly more talented than they are and he's an apostate to the dominant media culture. So a mix of condescension and grave foreboding usually accompanies reviews of his work.

I'd be tempted to dismiss this as the usual sniping across the aisle — except that I went to read the online version of that first column, which to maximize advertising potential had been spread over two pages, and the second page had been hijacked by this:

Last week there was a comment spam on various blogs, the comment contains a link which redirects the user to a fake/scare scan page of the infamous XP AntiSpyware / XP AntiVirus rogue security applications.

Which makes me wonder if some Star Tribune reader, upset that the paper was giving space to One Of Them, planted this thing as a comment in the hopes of killing Lileks' pageviews.

I left a note to the newspaper explaining what happened on my visit to the page, not including that particular bit of speculation.

Permalink to this item (posted at 11:02 AM)
23 March 2008
How generous of them

Today's spam is from "Kauri Cowart," who's faking an email address from a Utah wilderness-protection group to point me to an IP in Gwinnett County, Georgia where I can allegedly purchase something called "Prolonged Activity" — "helping geezers score since 1999."

I'm not sure which is more annoying: being called a geezer, or the suggestion that I need help scoring. (The fact that the proffered URL didn't work at all didn't annoy me in the least.)

Permalink to this item (posted at 1:15 PM)
6 April 2008
With a sprinkling of croutons

Back in the pre-industrial days when I studied the concept of "word salad," it was considered to be a possible byproduct of schizophrenia, depending on who was doing the analysis at that particular instant. Its application to spam came much, much later.

Since just about anything that can be done in spam can also be done in blog, it was inevitable that I would happen across something like this spectacular example of complete and utter nonsense which inadvertently contains some tiny shards of reality amidst its links to similarly-bogus bloggage. One paragraph is quite enough:

The most common cantonese ringtone remains to have male plug on cable, and female socket mounted in a piece of equipment, which was original intention of design. It would be cantonese ringtone to specify a new ripping location, too, so ripped song doesn't end up dirty hippo ringtone in rest of your collection.

[One link — under "dirty hippo ringtone" — removed from original.]

Maybe someday Google Almighty will figure out a way to shred this stuff before it gets shoveled at you from under the sneeze bar.

Permalink to this item (posted at 9:56 AM)
25 April 2008
A memory without blot

Contamination, now, that's another matter:

In the last 24-hours, I've gotten upwards of one hundred spam comments that all begin with text from Jane Eyre. Do you even know how just the name Rochester thrills me? They sure do! Because I have read every single comment. Marked them as spam, sure, but I read 'em! The best part is, that after the initial delightful grabs from some of the best chick lit of all time, the message dissolves into gobbledygook — I mean, pure and absolute nonsense — with dirty words inserted here and there. No links, no products. Just Jane Eyre and profanity.

Laws and principles are not for the times when there is no temptation: they are for such moments as this.

Permalink to this item (posted at 8:12 AM)
1 May 2008
The times call for a 180

During a one-hour period yesterday, someone's botnet planted about 100 bogus TrackBacks here, connected to a whole link farm full of Yahoo! 360 blogs which were probably created by a botnet.

Not that I'd tell you to ban everything incoming that mentions Yahoo! 360, but until such time as they can come up with some semblance of security — don't hold your breath — you might want to think twice about anything that shows up with their domain on it. (I did leave them a nastygram, which so far has garnered only an autoresponse.)

Update, 9:30 am: Yahoo! responds:

Yahoo! has evaluated and taken the appropriate action, as determined in Yahoo!'s sole discretion under our Terms of Service, with regard to the Yahoo! 360 account you have brought to our attention.

Their definition of "appropriate" probably differs from mine — I doubt that broadswords even occurred to them — but I suppose we can consider this matter closed for now.

Permalink to this item (posted at 6:56 AM)
4 May 2008
Well, that didn't take long

Received this weekend from, it says, irs.us (ha!):

Over 130 million Americans will receive refunds as part of President Bush program to jumpstart the economy. Our records indicate that you are qualified to receive the 2008 Economic Stimulus Refund. The fastest and easiest way to receive your refund is by direct deposit to your checking/savings account.

Please follow the link and fill out the form and submit before May 10th, 2008 to ensure that your refund will be processed as soon as possible.

The link, I need hardly point out, doesn't go to the government; it goes to a site in South Korea.

This last touch, though, is almost charming in a cynical sort of way:

NOTE: If you received this message in you SPAM/BULK folder, that is because of the large amount of e-mails we are sending out or because of the restrictions implemented by your ISP.

© Copyright 2008, Internal Revenue Service U.S.A. All rights reserved.

It is to laugh.

Permalink to this item (posted at 8:17 PM)
7 June 2008
It's all your ISP's fault

Last month I reeled in a phish which contained the following "explanation":

NOTE: If you received this message in you SPAM/BULK folder, that is because of the large amount of e-mails we are sending out or because of the restrictions implemented by your ISP.

Apparently this bit of verbiage has caught on among net.predators. Jeffro picked up one claiming to be from the NCUA:

Copyright 2008 National Credit Union Administration (NCUA). Note:
  • If you received this message in your SPAM/BULK folder, that is because of the restrictions implemented by your ISP
  • For security reasons, we will record your ip address, the date and time.
  • Deliberate wrong imputs are criminally pursued and indicted.

Note the Double Secret Copyright symbols. You may have seen "deliberate wrong inputs" — as opposed to "imputs," to which I am indeed opposed — here.

If nothing else, this proves that the level of honor among thieves is even lower than you thought: they're stealing from themselves.

Permalink to this item (posted at 11:24 AM)
The Finch Formerly Known As Gold

These archives begin 6 September 2006. For items beginning in August 2002, click here and select the desired category.

Click the Permalink on an individual entry to read comments and TrackBacks if any.