(RESOLVED) Turbogear Oy (swimshop.fi): Spamming the “B2B” list of yrityspostia.fi
Turbogear Oy (swimshop.fi) wants to sell swimwear via spamming.
The message says it was meant for the eyes of “entrepreneurs and decisionmakers”. It does not contain an address source, but it was sent to the address of a natural person at a Finnish academic site who is neither an entrepreneur nor a decisionmaker at the workplace.
- In the case of natural persons being addressed, it’s a mandatory requirement in the Personal Data Act, Section 25, to name the file of personal data that was used to obtain the addresses and identify the data controller.
- Sending UCE to natural persons also happens to be illegal as per the Act on the Protection of Privacy in Electronic Communications, Section 26.
- The site advertised does not contain a description of the data file, in violation of Section 10 of the Personal Data Act, and $5 says the advertiser has not notified the Data Protection Ombudsman as per Section 36 of the Personal Data Act.
Given the intended audience, the target address, and the omission of certain required elements, another $5 says Swimshop.fi has bought the so-called “B2B” mailing list of yrityspostia.fi, whom I have just mentioned here today. Update Feb 6: I got my $5 – a phone call from the CEO of Klubben Sport Finland Oy confirms they purchased a list from yrityspostia.fi, will be demanding a refund, and reporting the matter to the Data Protection Ombudsman…
Spamming IP: mail2.brednett.no [217.77.46.37]
Spam headers:
Received: from mail2.brednett.no (mail2.brednett.no [217.77.46.37]) by x (8.14.4/8.14.4) with ESMTP id q0P9eKm2018717 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <x>; Wed, 25 Jan 2012 11:40:25 +0200 Received: (qmail 24064 invoked by uid 89); 25 Jan 2012 09:11:57 -0000 Received: by simscan 1.3.1 ppid: 23783, pid: 24014, t: 0.8949s scanners: attach: 1.3.1 clamav: 0.88.4/m:51/d:9971 Received: from unknown (HELO KLUBBEN-WEB01) (195.254.217.90) by 0 with SMTP; 25 Jan 2012 09:11:56 -0000 Received: from mail pickup service by KLUBBEN-WEB01 with Microsoft SMTPSVC; Wed, 25 Jan 2012 10:10:46 +0100 From: <info@swimshop.fi> To: "address" <address> Reply-To: info@swimshop.fi Date: Wed, 25 Jan 2012 09:40:58 +0100 Subject: =?ISO-8859-1?Q?Uintivarusteet=20viimeist=E4=20viikkoa=20alennuksessa=20?= =?ISO-8859-1?Q?-=20hanki=20nyt=21?= MIME-Version: 1.0 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Mailer: aspNetEmail ver 3.5.2.0 Message-ID: <KLUBBEN-WEB011db2573464b14d81ba7eb99ec4d787a0@KLUBBEN-WEB01> X-SpamAssassin-Tests: BAYES_00,HTML_MESSAGE,MIME_HTML_ONLY,T_REMOTE_IMAGE Content-Length: 139749 Lines: 1854
Human-readable spam content: None. The message does not contain a text/plain part at all. All HTML links, including web bugs and other inline images, are tagged with the recipient address.
<html>
<head>
<title>eDM</title>
</head>
<body><div id=’TopLink’>
<div style=”text-align: center; margin-bottom: 10px;”>
<a href=’http://swimshop.klubbensport.fi/x/ADDRESS/edmpreview.aspx’ style=”color: #333333; font-family: verdana, sans-serif; font-size:7pt;text-decoration:none;”>Paina tästä lukeaksesi tämä sähköposti sivuillamme.</a>
…
<map id=”header_map27″ name=”header_map27″>
<area shape=”rect” alt=”Klubbensport.fi” title=”” coords=”503,67,607,94″ href=”http://www.klubbensport.fi” target=”” />
<area shape=”rect” alt=”Swimshop.fi” title=”” coords=”610,66,704,93″ href=”http://www.swimshop.fi” target=”” />
</map></body>
</html>