Looking at a spam stream: The story of Jimmy Walker

English: Author: swanksalot URL: http://www.fl...

English: Author: swanksalot URL: http://www.flickr.com/photos/swanksalot/77720976/ Description: Front Window of a financial institution in Illinois which offers payday loans. License: (Photo credit: Wikipedia)

I was recently asked about how to go about proving that someone was not obtaining email addresses in a direct, opt-in manner. The methodology won’t surprise you, and if you have been involved in helping problematic clients for a while, the results might not even surprise you.

The “someone” at issue was a payday loaner. That is, they were an information leads broker. They took information provided by website visitors and brokered that out to other folks who would use it to email them offers for payday loans. This is referred to as a “ping tree.” In this case, the target of our investigation was also managing the ping trees for their clients.

Here is the method used to test for direct opt-in: I created a brand new gmail account, and looked at the Sender Score data for their IP. I picked a single domain from the list of domains that had been mailed for via the IP. Following that link resulted in a redirection (via an affiliate link) to another site, where I entered in data for one “Jimmy Walker” (DY-NO-MITE!) using a Miami-Dade ZIP code. I did not fill out the second page of requested information (where it asks for banking information). It might be interesting to note that at the time that this information was generated and entered, I was in Montreal, Quebec, not the Miami-Dade area.

Within 7 minutes, the address had received 8 emails. We’re just over two weeks in and the address has received 80 emails to the inbox, and another 162 to the spam folder. Some of those are from the target of the investigation and some from another client. There was no indication from whence the sign-up occurred and most of the domains for the senders are hidden behind privacy proxy services.

Jimmy Walker is getting a bunch of email. Not all of it is payday loan related now. Starting on November 7, the test address started getting small amounts of more general spam. So far, that has consisted of offers for diet pills and offers to match Jimmy up with bored, lonely housewives.

These results are a more recent validation of a longer term experiment run by NPR into the payday loan industry. Yesterday, on Morning Edition, Pam Fessler released the results of that experiment, which included putting fake information (and a real phone number) into one of these sites. The result: Lots of email and lots of phone calls from lots of companies trying to get sign-ups.

There are reasons why most email service providers don’t want to work with the payday loan industry. We can see many of them here: There is a lack of transparency, massive levels of list/data sharing, and a high cadence of email sent to very low engagement “subscribers.” These are all things that “best practices” tell folks to avoid. This industry is what you get when you have an industry devoted to “breaking all of the rules.”

Bibliography

  1. Pam Fessler (2013, November 6), I Applied For An Online Payday Loan. Here's What Happened Next. Retrieved from http://www.npr.org/blogs/money/2013/11/06/242351534/i-applied-for-an-online-payday-loan-heres-what-happened-next.
  2. What is a ping tree?, Tech Savvy Leads LLC (2013, November 8). Retrieved from http://techsavvyleads.com/WhatIsAPingTree.aspx.

3 comments

Leave a Reply

Private