How (not) to send Spam

A few weeks back, I got an interesting “spam” mail, see the screenshot and email text below.

Here is the email:

Hey,

The reason that I am emailing you is because the company that I work for is looking for people in or around Clearwater who would be interested in making a little extra income, working out of their home. We don’t require any selling, nor any phone calling; everything is done entirely online, and you will be paid within 15 days. You can do this either part-time or full-time – it’s entirely up to you.

We do not require that you have any prior experience; no educational or special skills are required, as we provide all training.

We actually prefer working with people online, because our experience has shown us that you guys are computer proficient, and are just, overall, easier to work with.

I don’t want to rush you into making a decision, but this same offer is going out to all people that I could find in Clearwater, and we only need a certain number of people.

So, if this sounds like something you might be interested in, you can check out our website right here, and I hope that you choose to apply.

Thanks for your time,

Human Resources
HJB Placement Inc.

A lot of the details are accurate and the blacked-out address is an accurate address of an office I know but the IP address that it claims that I registered with is a Local IP address (in the form of 192.168.XXX.XXX) which cannot be revealed to a website. I am very curious as to how this email was leaked and the only possibility I can think of is that one of the old PC’s at this office was picked up by some spammer company and my email + info was sold to them. The date in the image is a little suspect as well.

Has anyone else ever encountered this? The link in the email points to breakfm.com which by itself does not load but http://www.breakfm.com/203.php?zach_fluid@hotmail.com works and redirects you to http://www.ivanblogsecrets.com/campaigns/rgah/IF_1_new.php?linkid=425452&subid=110890. (Sorry, I am not linking to the actual links as I dont want to give them any link juice.)

Anyway, marketing companies – if you are doing this, please STOP! It is down-right creepy to display that you have so much information about a user (even if you do). This appears to be more of a high-level phishing attempt than a marketing pitch.

  • eapen

    I took a look at the headers of the email I received and then realized that these guys probably got the local IP from the email headers of some email I sent but I am still not sure how they would got the office address along with that.