Is this legit or a really good fake?

[studog]

I received this email just now. I did once sign up for an AMD contest, and may have opted in for email. I don't recall, it was several years ago.

What concerns me is that it doesn't seem to have come from AMD at all, rather from this rm04.net. OTOH, all the links at the bottom are consistent, and it's possible that a large corp like AMD would outsource its legitimate email marketing. OTOH, why is the "AMD homepage" link not amd.com?

Thoughts?

If this is a common practice, perhaps third party legit firms need to be "mailhosted" into SpamCop to prevent false reports?

...Stu

[Wazoo]

Using SamSpade for a 'safe' look, and dropping the tracking codes from the URL, guess what ... they're not going to allow any investigation;

07/08/04 12:53:36 Browsing http://sdm3.rm04.net/ctt

Fetching http://sdm3.rm04.net/ctt ...

GET /ctt HTTP/1.1

Host: sdm3.rm04.net

Connection: close

User-Agent: Sam Spade 1.14

HTTP/1.1 302 Moved Temporarily

Date: Thu, 08 Jul 2004 17:53:38 GMT

Server: Apache/1.3.28 (Unix) JRun/4.0 mod_ssl/2.8.15 OpenSSL/0.9.7c

Connection: close

Transfer-Encoding: chunked

07/08/04 12:55:04 Slow traceroute http://sdm3.rm04.net

Trace http://sdm3.rm04.net (129.41.69.50) ...

129.41.69.5 RTT: 57ms TTL: 16 (default.silverpop.com bogus rDNS: host not found [authoritative])

* * * failed

129.41.69.50 RTT: 72ms TTL: 47 (sdm3.rm04.net ok)

whois -h whois.crsnic.net rm04.net ...

Redirecting to ALLDOMAINS.COM INC.

Registrant:

SilverPOP Systems

(DOM-151479)

11 Piedmont Center

Suite 510 Atlanta

GA

30305 US

Domain Name: rm04.net

If it was me, I'd go to AMD's site, look for some contact data, to include "sales" and let them know just how spammy this thing looks and see what they say.

[studog]

I'd already discovered the whois fakery, which is partly why I posted here.

The other part is this isn't the first email of this type that I've received. I've had a couple of others, different real companies, different sender domains, but one of them was an official Sun newsletter. So I'm guessing some corps do use third parties for legit mass email. The question is, which ones? And if it's not something I signed up for directly, how can I be sure that the third party hasn't obtained my email address in a fraudulent or criminal manner?

I'll talk to AMD and see.

...Stu

[turetzsr]

<snip> if it's not something I signed up for directly, how can I be sure that the third party hasn't obtained my email address in a fraudulent or criminal manner?

<snip>

...In my view, anything you don't know that you have signed up for is spam. But I can understand your not wanting to report, for example, company B who has purchased a list of confirmed subscribers (including you) from company A when company A has informed you that they might do that. In that case, I can't think of any way other than to ask company A if they sold your name to company B.

[Wazoo]

No way to answer your queries easily. My 'notes' back to companies that do this include what you've asked, amongst other remarks, when needed. For instance, "this is an authorized ..." means squat in today's spammed up world. I suggest that they be upfront, at the very top, and state that a third-party was hired to send their adverising spew and how my address was actually handled ... not that it would make it any more appetizing, but slowing down research like this when guessing what's going on and what the connection between the e-mail source and the advertised company is.

I had one particular outfit that had an advertising gal that sent out all their "important" stuff encrusted within an HTML package, but then had it all Base-64 encoded ... so all I ever saw in my OE was a blank message, as all that crap is disallowed here .. I believe my last e-mail to those idiots went to just about everyone listed with a relationship to that company, as previous e-mails to the sender, advertising office, sales office, a couple of VP's, (on and on, list kept getting bigger and bigger everytime I got another one) ... and I believe the situation is now that instead of fixing the real problem, they simply got around to unsubscribing me <g> Not answering your question here, but ....

That's the real issue, in that you don't know how the third-party got your data (or what they are goin gto do with it next) without challenging the original company involved. And even that request may have to be flogged around a bit to find someone that actually has a clue.

[turetzsr]

...Good points by Wazoo. And then there's always Pinned: Spammer Rules rule #2 to consider, as well as "Russel's Admonition" and the "Lexical Contradiction" to rule #1. <g>

[studog]

Wazoo - Posted on Jul 8 2004, 03:07 PM

I suggest that they be upfront, at the very top, and state that a third-party was hired to send their adverising spew and how my address was actually handled...

I agree, although I'm not holding my breath.

turetzsr - Posted on Jul 8 2004, 03:00 PM

But I can understand your not wanting to report, for example, company B who has purchased a list of confirmed subscribers (including you) from company A when company A has informed you that they might do that.

That would be Company A selling its subscriber/whatever list. I'm talking about the situation where Company A has outsourced its legit email marketing to Company C, but not bothered to tell anyone. Email you opted in for is now coming from Company C, on behalf of Company A. But because this isn't made clear at the time of signup, or announced later on to the subscriber list, there's no way to tell if this is legit or a clever spam.

...Stu