[Last modified: 07-SEP-2002]

The Weekly Spam Report


Week 1 - September 01-07, 2002

Number of spam messages for this report: 335

Ok, I confess. I had the idea for the report in the middle of the week and, at that point, I had already removed a lot of messages. That's the reason for the low number listed above.

This is an interesting week... we're close to September 11, and that brought a kind of spam I didn't think I'd see (because I thought no one would dare... now I know that I'm still not cynical enough): 9/11-related merchandise. I received a piece of spam selling a "commemorative piece" that was supposedly sent to Pres. Bush (it's a watch, with the words "In God We Trust" engraved in front... only $29.99, brought you by someone called "thankUgift"). I'm also pretty sure I received (and removed) a message about "being patriotic and buying a .US domain". Yeah, sure. Still another, from momslist.com, had a full list of products: Pres. Bush's message, memorial dollar bills, and even gifts for mom and dad. Too bad that their website was down.

Also this week I got my first few pieces of political spam this year. Elections in Brazil are a month away, and regulars at soc.culture newsgroups probably noticed a few messages in Portuguese showing up almost everywhere lately. It's gonna get worse, folks. But the end is near. By the way, if you are Brazilian, do not vote for a guy named "Apolinário" (running for governor), nor for a guy named "Piauí do Sintral" (running for the state legislature); they are spammers (and I don't which state they running in).

But the one thing I'd like to talk about is how generous the spammers are! It seems like every second message is trying to give me something for free! There are free CDs, magazines, money for college, t-shirts, mugs... and porn sites. None of it is actually free, of course. All of them find a way to request your credit card information before they give you anything (if they give you anything, of course; I wouldn't give my credit card info to a spammer, and neither should you).

Spammer of the week: this one is giving away actual money: a free Euro. I decided to check it out. They are, apparently, trying to sell investment services focused on Europe and, to get you started, will send you a free report on world currency and a free 1 Euro bill. They also want you to have at least $10,000 in "risk capital" before using their services. In all fairness, they do tell you that there is a significant risk of loss of capital involved. In order for them to send you their money, you have to fill a form with your name, e-mail, telephone, city, state, country... but not address! How they will send it to you is anyone's guess. I did fill the form, and I submitted it, with mostly real data (fake e-mail address, though). In return, they promised to contact me (over the phone) in 48 hours to get my mailing address. No return so far; I'll keep you posted.

Stupid spammer of the week: a message advertising a search engine based in Brazil using Google technology ("we use the same technology as google, but we're Brazilian, so we're better"). Their front-page is not so bad: small and loads very quickly; they even have a privacy policy. I tried to search for "spam" and got this: 

Host \\www.<stupid>.net\cgi-bin\superbusca\meta.cgi could not be found
Yes, they used backslashes in their better-than-Google search engine! Very smart, boys! Keep up the good work. So, good netizen that I am, I wrote them to warn them of their mistake (and to make fun of them). This is what I wrote: 
	Guys, the difference between Google and you is that they do not spam...
	and they know HTML.
	(hint: do not use "\" in URLs)

I got back two responses, from the same guy, sent within one minute of each other. Here they are, for you enjoyment (most grammatical errors removed in the translation): 

	First:
	About the "\", you don't know what we use, so don't talk bullshit if
	you know nothing about programming.

	Second:
	Where did you see this "\", if you saw it in the search form, that's how it
	works, pal.

Later I found out that the "\" does work if you are using Internet Explorer (I use Mozilla). Trying again, this time with IE, the query returns a page that is eerily similar to google.com.br. My guess is that their "meta.cgi" sends the query over to Google and inserts their ads in the return page. I wonder if Google knows about that...

That's all for today... see you next week.

Last updated September 07,2002. Send feedback, comments and criticism to Wilson Afonso.
Developed with jEdit