Fun in spam comments

Posted on by Dale

My website is hosted out in California by prxy.com, owned by an old AOL friend (and actual Apple designer back in the day). His spam filter is excellent, sending a daily report of what it’s trapped. I scan it to make sure there’s nothing I should have received, and then hit the “Delete All” button.

However, there are times when the spam header is so gonzo that I have to go look to see what the actual email says. (The filter allows you to peek at the email contents without actually opening a dangerous email.)

Mostly, though, I just laugh at the preposterousness of the scams they’re trying to pull. Almost all of them are some variety of Costco is giving you a $100 gift card, stuff like that, and there is nothing legitimate looking about them.

However, as a public service, let me give you a pro tip. If you get an email that looks legitimate, say from your bank or Social Security or Costco, the first thing you do is check under the hood:

  1. Click and hold on the From: field and see if the domain it’s coming from is actually your bank, etc.
    1. This info is sometimes right there in the Reply-To: field.
  2. If it’s not, then shift-ctrl-J (or your email/computer’s shortcut for Send to Junk is, is your friend.

As an example, allow me to share today’s haul.

First, a few examples of the clickbait headers, followed by the actual email each is from:

  • A $100,000 credit is now on your Netflix account, netflix [netflix@streamingeurope.homes]
  • Strange Black Elixir increases d*ck [sic] size by 3.6 inches, Men’s Health [support@livlfe.shop] (This one seemed oddly specific…)
  • That gaunt, haggard look…, Appearance Warning [help@garagewarrior.com]

You get the idea. Now here are the actual email addresses for the rest of today’s haul:

  • representativesbattery.lat
  • centurysteam.garden
  • understandprison.living
  • publicationsdangerous.living
  • everywherebid.living
  • holylegacy.blog
  • meatfamoous.garden
  • fbicard.garden
  • grore-images.com
  • gamercum. com
  • angular-engenharia. com.br
  • manuallift.living
  • whomnick.homes
  • chinesemusic.skin
  • surpriseltd.homes
  • emmaopinions.garden
  • jontglide.shop
  • underrapidly.property
  • startedlandscape.property
  • cabinetdevice.living
  • votedburied.homes
  • frauenvernaschen. com
  • shoppingtreated.garden
  • penwin.property
  • franckprovot. com
  • alonginvestements.property
  • cableplan.fit
  • alexanderrealized.garden
  • findingcares.lat

I mean to say, wot? I’m aware that the domains have multiplied beyond .com/.edu/.org/.gov, but most of those seem not credible in the least, not to mention the account names. In a quick check of two or three of them, none connected to a website, so you might wonder how they expect to scam you.

The answer is that each email gives you a simple way to claim your $100,000 credit from Netflix (??) — they give you a button to click.

And if you uncover the link in that button: http://www.claimxngoing.living/me/dl3nyxovwzn. There is no telling what that links to, but I suspect it installs malware on your computer.  (I have modified the text so that it’s not a link to anything.)

Anyway, I hope this entertained you as much as it did me, and I hope it was at least a little informative. Protect yourself!

—————

I recently tried a link to a domain that just seemed odd, but with a great name: look.feel.be — there was nothing there, so I suppose it’s available for your business or personal use. What would you put there? Feel free to speculate in comments.

Leave a Reply

Your email address will not be published. Required fields are marked *