Some Spammer Has a Crush on You 283
A friend of mine and I were bit by SomeoneLikesYou in the last week. The scam is elegant in its simplicity. The site teases you with an email claiming to know someone who likes you, then makes you guess who it might be by submitting their email address(es). Each of those addresses receives a teaser email just like yours. Rinse, repeat. I ignored the message -- obviously a fake; I couldn't possibly be anyone's crush :-) -- but my friend took the bait and fed it some demographic data and email addresses. Once she realized what was going on, she wrote to everyone apologizing for any spam they may have received. She also sent a nastygram to the site's operators.
It should be pointed out that there is no proof that SomeoneLikesYou is doing anything nefarious with the data they're collecting. However, their credibility is not strengthened by their faked WHOIS records and their meaningless doubletalk on privacy issues (the declaration, "We send precisely zero e-mail advertisements," says nothing about the behavior of their partners/affiliates.)"
in Germany they do this on mobile phones (Score:5, Interesting)
To find out dial: 0190-whatever
0190 is in Germany the dialing prefix for Premium rate-services (from 1 to 10 euros/minute)
I didn't call but looked in the newsgroups if someone has: works exactly the same way you described:
- please give us some mobile numbers from persons you guess that might be it..
Re:i wonder if you ever find out... (Score:1, Interesting)
Just for fun, I sent a "crush" to a different email account of mine, and it wouldn't let me "guess" the correct address.
Spammers!
This is great (Score:2, Interesting)
Despite the fact people are getting unsolicited email from a company that they have had no business dealings with (and the fact that that is illegal...) this does seem to be an unique business tactic. Unique but sleazy and underhanded as well.
They're sleazy alright... (Score:2, Interesting)
Now I sometimes get junk from them, or from > their other alias [greetingwishes.com] in my hotmail account, which - interestingly - gets very little spam otherwise. Maybe because it 10+ chars long. Some of them were from legitimate companies too - some college in the UK even got duped into using their service to advertise itself.
Deduce the rate at which suckers are born (Score:5, Interesting)
$100 gets 10 million addresses. It costs $3,000 to send these 10 million messages. Let's assume a capital outlay of $3,100 per week, which seems reasonable.
A "positive response rate" of 0.1% to 1% is expected. Say 0.1%, since this scam is especially egregious, that's 10,000 responses per week, is 10,000 suckers per 60 * 24 * 7 = 10,080 minutes.
That means a sucker is born every minute (every 59.52 seconds, actually), which we already knew.
The same has happened from other sources... (Score:2, Interesting)
However, I have managed to trace this guy to a limited company, and trace the premium rate number that he asks you to dial. Hopefully, the premium rate number will be shut down, his company can be had for false advertising, and his ISP's account will also be shut down.
Some addresses to feed into their system (Score:2, Interesting)
Well, if it's addresses they want, why not give them some addresses to play with...
This could be "educational"...
Re:a question (Score:2, Interesting)
My solution (Score:5, Interesting)
Instead of putting down bogus addresses, I submitted every abuse@{$insert ISP here} address and anti-spam address that I could think of. That'll give them something to think about.
Re:a question (Score:4, Interesting)
Re:i wonder if you ever find out... (Score:4, Interesting)
So when my address was spammed by SomeoneLikesYou, I got on the phone. Sure enough, the one person who actually did it was my not-so-security-minded girlfriend.
So when I hit the site, I entered only one email address--hers. The site didn't like that, and since it doesn't like bounces either, I just started registering aliases on my linux box. So we had a@mybox.net, b@mybox.net, c@mybox.net, and d@mybox.net.
And, sure enough, when it finally accepted that, it said I had a match! (I also had some 4 more emails popping up in my inbox....)
Since the site demanded that I pay up-front or sign up for affiliate info, I went on my merry way, happy to know I hadn't offended anyone else.
About a month later, though, I got this email "Are you sure this loser Sara is right for you?" which told me to come back and visit the site again, threatening to remove my information and promising not to spam me again. I received a second mesage, again titled "Are you sure this loser Sara is right for you?", before I created a new procmail rule.
I figured I was lucky, I got everything I wanted to know without it costing me anything but the time. I doubt many others were so lucky.