Oct
01
July to September 2020 in Spamtraps: ESPs
Turns out there was a point to being lazy with the monthly reports over the summer. This chart needed to be drawn over a longer period of time to highlight the obvious.
May
12
Join Netflix today
Recently, a friend encouraged me to look into the marketing of Netflix, the video-on-demand platform.
They’re sending from Amazon SES, one of the ESPs we are tracking, so I might have materials to look at.
My notes on ESP spam go back years, so I can easily pull up the data and draw a graph of the percentage of mail related to netflix.com in the observed output of Amazon SES in our traps.
I’d say somebody has got a little over excited with the remarketing. My favourites are the “Join today!” emails sent to addresses that never existed, where the explanation for why the recipient got it is that they had previously created an account. Why do they need to join in a second time and how were they able to join to begin with, with an email address that has never existed?
Nov
20
Urmo Mark at it still/again
Urmo just can’t shake his old habits. Here he is again, today or yesterday, spamming with some new domains created in October 2019, predictably proposing spam-for-hire services to Estonian companies. The sending domain is already on Spamhaus DBL and I don’t predict a great lifespan for the OVH IP out of which this was sent.
Read more…Aug
28
UpCloud – competition is fierce and business prospects dire
Earlier today, the Finnish cloud hosting company UpCloud Ltd (www, biz reg, responsible people) decided they’d start looking for new customers by spamming.
Feb
01
October 2018 in Spamtraps: ESPs
Blast from the recent past
(This is what happens when you forget to click Publish)
The percentage of ESP spam was 3.0%, down from 3.2% in September. The total amount of mail in this trap collection was up 16% from September.
There’s a new player on the list again. Ediware is a French email service provider that has been around since 2001. This is the first time ever they have made this list in any capacity, and it’s straight to the top 10. During October 24 from 5 pm to 8 pm CEST they had a malware/botnet/whatever infestation spamming “fix your wifi”, “desktop microscope”, “heating gadget” etc. To their credit, they got on top of it quite quickly, in four hours the problem was completely curbed, but while it was going on, the volume was huge. Any other stuff from them amounted to 0.4% of the total – no wonder we don’t usually see them.
Salesforce is so much ahead of SendGrid this month I would have expected to see something unusual from them. But no, it’s the same old players, none of whom are sending anything out of the ordinary.
SendGrid really need to get rid of Advisor Perspectives. Like, really. And so do MailChimp, for that matter.
Bubbling under this month: Mapp Digital (2.1%), Adobe Campaign (2.0%).
| RATING | PARTICIPANT | PERCENTAGE | NOTES | MOST PROMINENT CUSTOMER |
| 0 | All others | 34.7% | ||
| 1 | Salesforce Marketing Cloud | 14.2% | ExactTarget | Kohls (4.5%) |
| 2 | SendGrid | 11.8% | Advisor Perspectives (11%) | |
| 3 | MailChimp | 8.9% | Boston Globe (0.8%) | |
| 4 | Oracle Marketing Cloud | 5.7% | Nordstrom (6.9%) (Nordstrom and Nordstrom Rack are also Salesforce’s #7 most spamming customer with 1.6% of SMC total) | |
| 5 | Amazon SES | 5.0% | Netflix (3.8%) | |
| 6 | CheetahMail | 4.2% | Eddie Bauer (5.8%) | |
| 7 | Mailgun | 4.0% | The Italian affiliate spammers (at least 35%) | |
| 8 | Ediware | 3.9% | Botnet flood on October 24 (>99%) | |
| 9 | IBM Marketing Cloud | 3.1% | renewlife.com (nearly 30%) | |
| 10 | Constant Contact | 2.5% | 123dj.com (2.4%) |
Sep
04
On The Forensic Capabilities of LeadForensics
The study of forensics refers to scientific tests or techniques used in connection with the detection of crime. It is an odd choice of name for what I think is a data seller, especially one whose targeting seems poor enough to be spamming me. They claim to want to help me generate more leads for my website, but my website doesn’t sell anything. I do not really need any leads.
They are sending from IP address 46.236.37.232, which appears to be an email platform called Message Focus or Adestra.
From what I can tell, the only forensic capability this entity has shown me is that they seem to buy B2B spam leads, which is very disappointing.
Aug
31
Siltaraha Oy / Finlandia Finance Oy
In May 2016, a Finnish B2B financing company (or “payday loans for businesses”, if you like) called Siltaraha Oy (www, biz reg, people responsible) started advertising its activities in B2B spam to purchased lists.
Read more…
Jul
28
New Finnish B2B spammer: Digimarketingmanager.com / Mailmarketingmanager.net
Domains have been registered a week ago. The LI profile indicates the operation has started in July 2018. The people whose network the spam was sent from already know. Not just abuse@, the actual people.
If you’re reading this, Mr. A, take my advice: stop now.
