How to get your spam in front of webmasters

A client sends me the following email this morning...


I don't know what she is on about?????????

-----Original Message-----
From: XXXXXXX XXXXXXX [mailto:XXXXXXX@gmail.com]
Sent: Friday, 1 April 2011 8:43 a.m.
To: info@XXXXXXX.co.nz
Subject: XXXXXXX Form Submission

This is an automated response, please do not reply.

A visitor to XXXXXXX submitted the following information on
your form. The address of the form is http://www.XXXXXXX.co.nz/XXXXXXX/.

name: XXXXXXX XXXXXXX
email: XXXXXXX@gmail.com
phone:
submit: Submit
reason: I really like what you post here,very fresh and smart. One issue
though, I'm running Firefox in Debian and parts of your current layout
pieces are a little off. I recognize it's not necessarily a widespread set
up, yet it is still something to keep in mind. I hope this will help and
keep up the top quality writing.
<a href="http://XXXXXXX.com">http://XXXXXXX.com</a>

It's worth noting that the link at the bottom goes to a Wordpress-related site.

Clever spam

This is quite impressive on a number of levels. Firstly, the spammer understands that the contact form is probably going to go to the owner of the site rather than the webmaster. Site owner's don't like layouts being broken (even on operating systems they have never heard of) so the only logical course of action is to forward the email to the webmaster.

The Wordpress-related link is much more likely to be relevant to the webmaster than the site owner, and that's what makes this spam so clever. They have successfully bypassed the layman site-owner and got the message in front of someone who could easily be interested in Wordpress plugins.

It's entirely possible there is a browser bug in Firefox on Debian, but unfortunately it's not economical for most people to keep a warehouse full of Linux distributions for browser testing. This means there's more chance this email will stick around in the inbox until it's dealt with, and that's clever too.

So how do I know it's spam?

Aside from the usual warning signs:
  • Sender uses a Gmail account
  • Sender's name is completely different to Gmail account
  • The message contains a link, not in any way related to the site content
  • The domain name in the link contains the word "best"
  • There are no specifics about what the layout error actually is. Note the difference between "parts of your current layout pieces are a little off" (non-specific) vs "The sidebar is sitting over the main content" (specific).

I also log another little bit of information with form submissions that proves invaluable for determing if enquiries are genuine.
Referer: direct visitor
Browser: Internet Explorer 6.0

OK - so I'm expected to believe that someone was using Firefox on Debian and couldn't view the site due to browser issues - so they switched to IE6 as their backup browser?

No fucking way.

Seriously, that's like suggesting that Steve Jobs keeps a spare Android in his car in case his iPhone breaks down.
Digg StumbleUpon del.icio.us technorati blinklist furl reddit sphinn

Tags: spam,email