A customer of online roleplaying/gaming web market DriveThruRPG, Wizards of the Coast, is emailing a spamtrap in my collection. A single bulk email to a repurposed spamtrap is not in itself a huge problem, but it is a sign that a list needs attention. Since a botnet spammer has also been emailing spamtraps with forged email addresses @drivethrurpg.com, I wanted to be sure that DriveThruRPG and its ESP, MailChimp’s transactional email service Mandrill, knew that a DriveThruRPG customer also has a spamtrap on its list.
A unidentifiable investment solicitation spammer using an anonymous free GMail address (
email@example.com) just emailed to a purchased or email appended list. The list includes two role accounts originally scraped from a website and Whois. I registered the domain for those accounts in the 1990s, and am the only registered owner that domain has ever had. Neither spammed email address *ever* sent email to anybody; they only received email. The ESP was YourMailingListProvider.
I’ve only just received a spam from [18.104.22.168] to an address that has to be harvested from the web pages of the company. I did a little looking up and it turns out that the spammer is Martin Anderson, of the Estonian company All-Tec Services OÜ, who is already familiar to the local spamhound.
Verizon, one of the largest telecommunication companies in America, has sent email to several of my spamtraps in the past few weeks. These emails solicit the business of companies that are not associated with those spamtraps, but whose company names might plausibly belong to the email addresses that received the spam. No ESP was involved; Verizon sent this email from their own IPs.
Filip Poutintsev keeps sending me private email asking me to remove all mentions of him from this blog.
That’s not going to happen, as it would be revisionist history, but I’ll say it that his ROKSO entry appears to have been dropped in early April after he had lain low for half a year. I also have no other evidence connecting him to any recent spamming. To my knowledge, he is out of the spam business.
Oh, and Filip is not Sheikh Ahmed. That’s Abdul Sattar, a real Pakistani. The two did collaborate way back when, but it eventually transpired that two distinct individuals were clearly involved.
Neptura Oy, Credo power Oy, Reality Interactive Oy, Axion Suomi, Rapid Investment Ltd, Spamming, Fraud, And Who Knows What Else
Since a few months earlier, a few interconnected Finnish businesses have been spamming a list that isn’t documented (but is clearly based on Finnish Business Information System data) with messages regarding “your [mobile, Internet, whatever] subscription update” (original Finnish: Liittymäpäivityksestänne) or “Contact” (original Finnish: Yhteydenotto).