Target Spams Email Appended List with Data Breach Notice

U.S.-based retailer Target, which recently suffered a massive data breach, has responded to that breach by hiring an email appender to append scraped email addresses (some of them closed for over a decade) to their customer list. Target then spammed that appended list over the past few days. The ESP is Epsilon, via its subsidiary Bigfoot Interactive.

Read more…

Chase Bank: Sending Transactional Email to a Spamtrap

Chase Bank simply doesn’t get it, or doesn’t care. Months after I reported that Chase was spamming email addresses that did not belong to live customers with marketing and transactional email messages, it is now sending transactional emails containing a customer name and information about account activity to yet another spamtrap. This email was sent directly from Chase’s own IPs.

Read more…

Citibank: Sending “Thank You” Reward Emails to 8-Years-Dead Spamtrap!

U.S. banking giant Citibank yesterday sent bulk email about “thank you” rewards points to a new spamtrap that has been dead for over eight years. The email contained a name and the last four digits of a credit card number. As with previous Citibank bulk emails that I have seen and blogged about, the ESP is Epsilon Interactive via its ESP Bigfoot Interactive.

Read more…

Barclays Bank: Sending Transactional Billing Notices to a Spamtrap

Today Barclaycard, the credit card division of U.K. banking firm Barclays, joined the MainSleaze Spam blog list of banking infamy. It did so when it sent a transactional billing email to an email address that has not been live for ten years, notifying the non-existent owner of this email address that he or she had a payment due, and including a name, last four digits of a credit card number, and tagged URLs that presumably gave anybody who received this email access to a customer’s banking records. The ESP is Cheetahmail, a subsidiary of Experian.

Read more…

Bank of America: Sending Customer Satisfaction Surveys to a Spamtrap

Today Bank of America sent a customer satisfaction survey reminder to the same spamtrap via ESP Real Magnet that it has been emailing or months via ESP ExactTarget.

Read more…

Chase Bank: Including Customer Information in Marketing Email Sent to Spamtraps

Months after I first blogged about Chase Bank sending marketing emails to an email address that had been closed for many years via Acxiom Digital, and after I added a comment to that blog indicating that Chase was sending marketing emails to a different email address via Epsilon Interactive (Bigfoot Interactive), this second email address is *still* receiving the same bulk emails. Worse, they STILL contain the customer’s name and the last four digits of the customer’s credit card number, although the customer has not owned this email address for years!

Read more…

Bank of America: Transactional Email to a Spamtrap :(

Bank of America is sending non-bulk transactional emails to an email address that was closed in 2008, and that subsequently rejected all email for a period of over a year before being re-enabled as a spamtrap. The email contains a customer name and the last four digits of a credit card number. :/ This is not spam; the email was not bulk. However, if Bank of America were paying attention to bounces, it should long since have realized that this email address was not receiving its notifications. Bank of America needs to verify its customer list NOW to fix this security breach. The ESP is ExactTarget.

Read more…

Citibank: Emailing Sensitive Private Credit Card Information to a Spamtrap

First Chase Bank sent marketing emails that contained personal names and credit card information to spamtraps. Now Citibank is doing the same thing. Today Citibank sent a bulk marketing email to an email address that, if it ever existed at all, has been closed since 2007. The email contained a name and the last four digits of a credit card number. Either Citibank is deliberately including made-up “customer” information to make bulk marketing email look more legitimate (which I doubt), or Citibank has badly mismanaged its customer list *AND* (worse) is including sensitive personal information in marketing emails that are going to unconfirmed and incorrect email addresses. The ESP is Epsilon Interactive via its ESP Bigfoot Interactive.

Read more…

Chase Bank: A Spamtrap is “an Amazon.com Business Rewards Visa cardmember”?

Chase Bank is sending advertising emails to an email address that has been closed for many years, claiming that the owner is “an Amazon.com Business Rewards Visa cardmember”. The ESP is Acxiom Digital.

Read more…

Go back to top