The latest spam scams and how to avoid them
(IDG) -- Corporate IT managers be warned: the spammers are out to capture your company's e-mail addresses. And if you don't want your networks swamped with junk e-mail, you'd better start educating your users on how to recognize the spam scams.
Most e-mail users are all too familiar with garden-variety spam messages that hawk pyramid schemes, porn sites, and bulk e-mail tools. Some spammers, however, now appear to be taking a more subtle approach, using ploys such as phony Microsoft giveaways, free pre-initial public offering (IPO) stock in Internet companies, e-mail gift certificates, calls for political action, and bogus surveys to lure recipients into revealing information about themselves and their colleagues.
The most common address-collecting trick right now seems to be the "e-mail tracking system" giveaways, a type of modern-day chain letter. The first versions of this, usually purported to be from Bill Gates, claimed that Microsoft was testing a system that would track the e-mail as you forwarded it to your friends. Recipients were encouraged to pass the message onto everyone they knew, because once it had reached a certain number everyone would get free software, money, a trip to Disneyland, or some other prize.
I'm not sure which requires the greater suspension of disbelief -- that there is such a thing as an e-mail tracking system or that Microsoft would use it to give away money.
Nonetheless, many people did believe it, at least to the point of deciding there would be no harm in forwarding it to their co-workers. The Microsoft/Disney version that was widely circulated last fall (which had the added credulity-straining aspect of being signed by a nonexistent "Walt Disney Jr.") created message threads that I saw with long strings of corporate e-mail addresses from many well-known companies.
Because there is no e-mail tracking system, I would assume these early Microsoft ones were just pranks and were not intended to collect addresses. But they were so widely circulated, no doubt spammers saw the same strings of valuable e-mail addresses that I did and decided this was a good thing.
So in recent months there's been a profusion of messages with different variations on the e-mail tracking theme, some supposedly from Microsoft but others pretending to be from major manufacturers or retailers. Often they use a fairly obvious technique for getting messages sent back to them after they've accumulated a number of addresses, such as a request that every tenth or hundredth recipient forward it to a "tracking verification" address. Others probably rely on a few of the later recipients to query or complain to those who appear to have gotten the message earlier but who may be the spammers themselves.
Don't get the idea that only those who believe in fairy tales can fall prey to the spammers' tricks. One widespread hoax that I suspect was started by a spammer was a message that warned of "Bill 602p," an alleged attempt by the U.S. Postal Service to get Congress to impose a 5-cent "alternative postage fee" on every e-mail delivered. Given all the proposals that have been made for the government to regulate and/or tax the Internet, I wondered if it might be true the first time I saw it, but there is no 602p.
One of the cleverest ploys may be the "free Internet stock" offer, another kind of chain letter that has gone through corporations like wildfire. The usual scenario is you get a message from a company claiming to be in pre-IPO mode, and in order to raise its visibility, it is offering you free stock just for registering at its site. As if that wasn't too good to be true, it will also give you additional free stock for every person to whom you forward the message who signs up. If you do sign up, though, I suspect the only returns you'll ever see on that investment stock are a sharp increase in the amount of spam you receive.
Other tricks in the spammers' toolbox include electronic gift certificates, phony market research surveys, and promotions for bogus Web auction sites. One big problem with many of these is that the e-mail you get may be virtually indistinguishable from what is sent out by companies that are running legitimate surveys, auctions, etc.
I think the important point to make with users is that they should err on the conservative side.
When there is any doubt as to whether an e-mail offer is real, users should be told to assume it's not. And those doubts should be raised for any message that asks to be forwarded on to friends and co-workers, because that is the hallmark of these spam scams. It's sad, but e-mail offers that are too good to be true are just that.
Ed Foster has been writing about technology and consumer issues for nearly 20 years. Send him gripes about computer companies and products at firstname.lastname@example.org or call (800) 227-8365, Ext. 7710.
Anti-spam organization criticizes EU proposal
RELATED IDG.net STORIES:
Kill spam dead!
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.