On 7/10/10 7:26 AM, Nick Boyce wrote:
Just my tinfoil-coated 2 cents:
I tend to assume that when I get an email allegedly from Company A (Internap) but actually sent by Company/Domain B (iContact), inviting me to enter all kinds of sensitive information about my organisation's operations into a "survey" hosted at Domain C (Zoomerang), in return for which I may win a Dell laptop (but only if I give full identity-theft-enabling details about myself), then I'm being socially engineered by a Bad Guy, and I just press "delete".
That doesn't alter Company A's behavior, it reinforces it. As there will be others who fall for it, passively hitting delete does nothing to disprove Company A's idea that doing this type of thing is acceptable. "It got some results and nobody complained." That's how spammers work. Rather than JHD (just hit delete) please try to reach out to someone with technical clue at Company A or their upstream.
I do this, even when Company A is a big well-known company (e.g. Sun ... it's happened)
Sun giving away Dell laptops? O RLY?
or an industry magazine (e.g. Secure Computing .. ditto), cos lets face it .. who needs a Dell laptop anyway ;)
I expect this type of crap from magazines. They've been playing fast and loose with their customers' personal data for decades.
I urge everyone else to just do the same (at the very least it may help to eliminate UCE merchants from the world).
Shaming them is IMHO more effective, although it takes more work. -- Jay Hennigan - CCIE #7880 - Network Engineering - jay@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV