Wednesday, April 25, 2012

My Other Self, Again

Some days, I really do enjoy my job...specifically, the knowledge that comes from being an infosec and privacy professional. For example, here is a spam email I received at work.























In case it's hard to see, it begins:

Hello

I hope you are doing fine. I am checking in to see if you are looking for marketing and data partners/supplier. We are providing b2b and b2c lists with email addresses and other information worldwide. We have 40 million b2b and 250 million b2c records across the world with their email addresses and other details. Here are some of the lists

Chief Executive Officer - CEO Email List    85,000    499 USD
Chief Financial Officer - CFO Email List    56,000    429 USD
....

Though I'm getting ahead of myself, there is a certain irony in the fact that this clown is spamming me with an email to sell me the tools to spam others. 

Here was my reply to him:

Hello --

What a fascinating email.

It's fascinating, because it appears as though have no idea what the Federal CAN-SPAM Act requires of commercial email messages. It mandates (among other things) that:

1. The subject line reflect the content of the message. (I don't think"New Databases" counts.)
2. You include a valid street address. (I don't see one.)
3. You tell recipients how to opt-out of future annoying correspondence from you. (I don't see that either.)

I'm sure that the Federal Trade Commission (CC'd on this email) can fill you in on the rest of the details, including fines and penalties.

Have a nice day,
Michael 

And of course, I really did CC the FTC.

For future reference, if you get a spam email, you can forward it to spam@uce.gov  It helps them if you can show the full header, which usually is an option under your email program's View menu.

No comments:

Post a Comment