Acc Consulting Oy: Hell bent on spamming

Acc Consulting Oy, our old friend (www, biz reg (note absence of email address…), responsible people) seems to be hell bent on spamming the living bejesus out of every business email address in Finland.

The good people at their ISP, Elisa Oyj / Saunalahti, are well aware of this, and either unable or completely unwilling to stop them.

Acc Consulting Oy advertise courses on repairing mold damage in buildings to hairdressers, hot work safety to IT consultancies, asbestos removal to healthcare providers… And of course their address source (“their own list”) is full of illegal outdated and erroneous personal data, and there isn’t so much as an attempt to provide the legally required Description of Personal Data File for the list. One has been demanded of them on June 7, 2013; no response received.

In mid-September 2013, Vesa Hämäläinen (sole board member of the Ltd) provided the following insightful response to a spam complaint:

x poistettu(manuualisesti). Ostamme profiloidut tiedot
suomen asiakastiedolta jonne voi osoittaa valitukset markkinointi
tietonnoilla olemisesta.

(“X removed (manuualy). We buy profiled information from Suomen Asiakastieto to whom complaints about being on marke
ting datases should be adresed.”)

Spamming IP:,, (outgoing MXes for the customers of, as before)

Spam headers:

Return-Path: <>
Received: from (
        by x (Postfix) with ESMTP id x
        for <x>; Fri,  8 Nov 2013 14:mm:ss +0200 (EET)
Received: from SATC660D11K-PC (
        by (Postfix) with SMTP id x
        for <x>; Fri,  8 Nov 2013 14:mm:ss +0200 (EET)
Organization: Acc Consulting Oy
Message-ID: <>
From: Koulutusta sinulle <>
To: x
Subject: Marraskuun koulutukset Helsingissä: TYÖTURVALLISUUS (TraFi),
Date: Fri, 8 Nov 2013 14:mm:ss +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;

6 Responses to Acc Consulting Oy: Hell bent on spamming

  1. Deleted Username from

    Where is the proof of your claims:
    “their address source (“their own list”) is full of illegal outdated and erroneous personal data”?

    Provide proof, that:
    1. They have personal data.
    2. This personal data is outdated or erroneous.

    In other words: which emails from their list is personal email, outdated and erroneous. Provide this email address, so that your claims can be verified.

    Without this proof your accusations is just your sick fantasy.

    • Glad you joined, I am not quite sure why you registered in this blog under “InfiniteMhoOy”, that’s clearly a violation of somebody else’s business name, don’t you think. Please pick something else the next time.

      I also don’t know why anybody in Estonia would have an interest in protecting the reputation of the Finnish spammer over in Malmi.

      As for revealing spamtrap addresses, we have a FAQ page in both Finnish and English on the topic.

      Having said that, the proof is easy, because the circumstances in themselves are sufficient to prove it. Here goes.

      Mr Vesa Hämäläinen indicates (in his September 2013 response in private email, copied above) that instead of operating their own address file, which is how they claim to operate in the spam text, they purchase the address information. (This needs to be indicated in their Description of Personal Data File under regular data sources, and there is no Description, which in itself violates the law.)

      Previously, they have purchased information from Fonecta. It’s even documented here in the previous post. These days, they’re purchasing from Suomen Asiakastieto, but no longer indicating that they do, because so many parties take a dim view of that.

      An important part of the material in both sources, Fonecta’s and Suomen Asiakastieto’s (in fact, in the lists of anybody who sells Finnish B2B information) comes from the YTJ, the Finnish Business Information System. It only takes one business that has registered a firstname.lastname@domain.example email address in the YTJ for any list that is sourced from the YTJ to be a register of personal data. I’ll pull a business from the YTJ at random (a defunct transportation business) and you can see for yourself that the email address there in is a “firstnamelastname@domain” type, which qualifies as personal information. (None of our spamtraps are, so I haven’t lost anything by using this random example.)

      Companies are responsible for maintaining their YTJ data themselves. Nobody does it for them. Some don’t bother, so some of the information therein necessarily becomes outdated and erroneous from time to time. If that information should happen to be an email address, and moreover, a personal one (such as firstname.lastname@domain.example), it becomes outdated and erroneous personal data, and it’s illegal as per Section 9.2 of the Personal Data Act to process it in any way. Now the National Board of Patents and Registrations probably get an exception because it’s the responsibility of us all (Finnish business owners, that is) to keep our own information up to date, but all of the parties reselling this information are already in violation if they don’t make an attempt to weed out the crap.

      Since you ask “which emails from their list is…” (sic!), the answer is clear. I don’t have access to their entire list, so I couldn’t possibly answer that question in its entirety anyway. I also don’t have access to the world’s supply of outdated and erroneous email addresses or domain names, so even if I had the complete list, I couldn’t answer that question in its entirety. And as for revealing spamtraps, dream on.

      Suur tänu & lugupidamisega, IMho (the real one)

      • It just occurred to me that I’ve seen the writing style above before. This may be purely coincidental, but the owner of Kotar / OfficeHelpsX (search for those names on this site) writes exactly the same kind of broken English as found in that post. Hmm…

    • Blog owner here. Unfortunately this individual has created two accounts as “InfiniteMhoOy”, a name to which he has no right. The owner of that Finnish company is one of the bloggers on this site, and deleted the first account because the owner had no right to that name. The abusive account owner opened a second account, and posted two messages. One contained a number of guessed spamtrap domain addresses that he things belong to the real InfiniteMho.

      I don’t allow abusive users to masquerade as other people, or to attempt to cause an uproar, on this blog. I’ve set the new account to inactive status.

      • The previous posted returned as follows:

        Very curious that me account was deleted after the last comment, but no worries I just created new one with same username.

        Well, you can’t post on the site without comments being approved, so it won’t be visible unless we figure it should be, and rest assured you won’t be able to create any more usernames that end up visibly infringing on the rights of others.

        What you wrote is total garbage.

        In your opinion, and you’re entitled to one. Everybody’s got an opinion, much like everybody’s got an exit at their rear end.

        The question was:

        Which emails from their list is personal email, outdated and erroneous. Provide this email address, so that your claims can be verified.

        There is no question above, there are statements.

        Revealing spamtraps would make them useless as spamtraps, doubly so if you did it in public. So sorry, but I’m not going to destroy my data sources 🙂

        If you don’t have this data, how can you claim the above?

        I have the data, significant amounts of messages in spamtrap addresses that qualify as outdated and erroneous. The blog owner has access to the same spamtraps and can verify. Numerous other people, some of whom post on this blog, do, as well.

        Everyone who reads this will understand by now that you are lying.

        This is an opinion site, just like every other blog. It doesn’t have the authority of law or anything of the sort. You’re free to judge it based on its merits and your own presumptions, as is everybody else.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Go back to top