Dave, you wrote earlier about getting spam through the Plaxo system [see Can I get Plaxo Spam?], but I’m wondering if other systems could also be used to generate spam, and if so, how?
I actually have been watching as some of the best software systems on the market have been suffering from not having paid sufficient attention to this very problem.
It’s one big reason I think it’s so hard to find online greeting cards nowadays, for example: because it was darn easy to send unwanted email to unknown people, to “stalk” them, harass them or otherwise be unpleasant, which wasn’t the image that greeting card companies were seeking!
Indeed, for the last few days, I’ve received spam from postcard.com saying rather cryptically that “You have just received a virtual postcard from a family member!” then ostensibly pointing to a domain “postcards.org” but actually linking to “www.postcards16.home.ro” (that’s Romania) and to a link called “postcards.gif.exe”. Yes, a ‘.exe’ file is an executable. This is a BAD, BAD link to click on!
But that’s not the worst of it.
Tonight I received what appears to be spam from someone using the Gizmo Project, a Voice over IP (VOIP) telephony system, that asks me to sign up and download their software:
Now it may turn out that I actually know “tnlnyc”, but it’s certainly not something that inspires confidence and I’m darn surprised that the Gizmo Project team didn’t anticipate this situation and ensure that users had full profiles, names, and that the invitation email was less suspicious.
As it is, this is one of my first communications from the Gizmo Project site, and now I’m skeptical of the entire project and suspicious that it might be spyware, malware, or something else that I don’t want to get involved with. I’m sure I’m wrong, but really, every site on the net now, from Plaxo to eBay , American Greetings to, yes, The Gizmo Project needs to put in the effort to minimize the potential misuses of its email notification and invitation system.
Otherwise we’ll all truly end up sinking under the never-ending waves of genuine spam and legitimate email that’s impossible to differentiate from spam.