Today, I received a notification that there was a “Post by non-member to a members-only list” on one of the mailing lists I run. This occasionally happens if a subscriber posts to the mailing list from the wrong address. It can also happen if the list address has been harvested by spammers – and the message in question is therefore spam.
In today’s case, it was spam. Continue reading »
While talking about the junk email I’d received from Virgin Media, I mentioned my previous junk emails from Sage and from FindMyPast. These are instances where I’d decided to report the emails to the Information Commissioner’s Office – and while writing about Virgin Media, it occurred to me that I should probably write about the responses I had from the ICO. So, in the order in which they happened: Continue reading »
As I’ve said before in a number of posts (such as this one about Sage and this one about FindMyPast), as a general rule if I have to give an email address to any kind of organisation or submit one on a website, it tends to be one unique to that company. If I’m submitting that address via a form (web or paper based), if there is a tick box that says (in effect) “I don’t want junk email” I almost always tick it. In those cases where I don’t tick such an option for whatever reason (or where there isn’t such an option to start with), I should always have the option of “unsubscribing” by clicking a link in the emails – an option which, sometimes, I have exercised. Continue reading »
I have worked for pretty much my entire adult life in the field of accounts, and throughout that period I have almost always used, to varying degrees, a package from Sage.
This started in my first job, working for a firm of chartered accountants. Around 1990-ish, they had purchased a copy of Sage’s software. The intention was to use it to maintain the records for a client, and they asked me (as the resident computer geek) to learn to use the software so that I could train the person who would actually be using it, and provide oversight and support where necessary. Since then, I’ve used it at various clients and, in recent years, even for my own accounts. Continue reading »
That’s the claim of findmypast.co.uk, one of a number of websites designed to help those interested in the subject of genealogy with the task of investigating their family tree. They seem to think it is perfectly acceptable to send out a marketing email – very specifically, advertising new, lower subscription rates – and claim that it isn’t a marketing email, it’s a “service update”, an email that it is necessary to send out to their membership (and from which said members can’t unsubscribe).
Back in January, I wrote about an issue I had with Very, a Shop Direct Ltd trading arm. Specifically, they had started sending me marketing emails to an address I supplied when I made a purchase from LX Direct (which no longer exists, and also belonged to Shop Direct Ltd) – my policy when purchasing online is to use unique addresses (so I can monitor when companies abuse those addresses) and to opt not to receive marketing emails either from the companies concerned or any third parties. That clearly means those emails from Very were indefensible. They were spam – it’s as simple as that.
Over the course of the last few days I’ve discovered what appears to be – or possibly to have been – a fairly notable potential security hole in the Amazon UK website (and possibly others, but I only use the UK site on a regular basis). I will go into detail below about the nature of the security hole and how I discovered it – but first I want to point out that I’ve been trying to cause the problem to manifest itself again today, and failing. This might mean that the problem – which appears to have been triggered on my own Amazon account in August 2010 – has already been fixed. It might also mean, however, that I simply haven’t been able to establish all the variables that caused it to happen.
In other words, the problem I am about to describe might already be fixed, or it might not. I have no way of knowing one way or the other.
I was planning to wait before publishing this, but I’ve decided to proceed because I am somewhat less than happy with Amazon’s response to my emails on the subject – details at the very end of this post. Continue reading »
When do spam and credit checks go hand in hand? Easy: When the spam is from an otherwise legitimate mail order company, and their unsubscribe link takes you through an account sign up process before you can actually unsubscribe – an account sign up process which includes a credit check because, after all, by signing up you are applying for a credit account with them.
The company concerned is Very, a catalogue company which is a Shop Direct Ltd brand along with Littlewoods and a few others. Recently, I started receiving marketing emails from Very which, as far as I am concerned, are unsolicited, making them unequivocally spam. Being a fairly well known, legitimate company, though, I decided to give them the benefit of the doubt and tried unsubscribing by following the link in their emails. However, I discovered that in order to do so it is necessary to apply for an account with them, for which a credit check is required.
A more detailed outline of events, including a brief history that shows how they got my email address, follows.
I wondered how long it would take – and the answer is one and a half to two months.
One and a half to two months, that is, before spammers found a new potential outlet for their rubbish: the comments section on this blog. (Not that there are very many people reading it!)
No spammer has actually tried using the comments to spread their garbage as yet, but today I received a user registration from a very spammy looking address.
Well, I have news for you Mr Potential-Spammer – any user’s first comment, and ALL comments including URLs have to be approved by me. Don’t bother.
Note: This post is actually an article I’ve had on a couple of websites for a number of years, originally written shortly after softrock.co.uk became the victim of a very deliberate use of email addresses at that domain in the headers of UCE (aka a “Joe Job”). Now that this blog is up and running, it’s the ideal place for such material – so one quick re-read, check and update later, here it is.
Right at the start I should state that I am very strongly opposed to the use of munged email addresses, due to softrock.co.uk having been inundated with non-delivery reports and other annoyances since spammers used softrock.co.uk addresses in the From: line of their junk several years ago. I make no denial of that and do not try to defend the fact that my position is biased against munged addresses as a result of this.
However, please do not let that put you off reading this if you are a user of a munged address, or if you are considering using one. If anything, you should read on because there are some alternative suggestions towards the end of this article, just for you. Please consider using them, instead of your current or intended approach.