Looking at a spam stream: The story of Jimmy Walker
I was recently asked about how to go about proving that someone was not obtaining email addresses in a direct, opt-in manner. The methodology won’t surprise you, and if you have been involved in helping problematic clients for a while, the results might not even surprise you.
The “someone” at issue was a payday loaner. That is, they were an information leads broker. They took information provided by website visitors and brokered that out to other folks who would use it to email them offers for payday loans. This is referred to as a “ping tree.”* In this case, the target of our investigation was also managing the ping trees for their clients.
Here is the method used to test for direct opt-in: I created a brand new gmail account, and looked at the Sender Score data for their IP. I picked a single domain from the list of domains that had been mailed for via the IP. Following that link resulted in a redirection (via an affiliate link) to another site, where I entered in data for one “Jimmy Walker” (DY-NO-MITE!) using a Miami-Dade ZIP code. I did not fill out the second page of requested information (where it asks for banking information). It might be interesting to note that at the time that this information was generated and entered, I was in Montreal, Quebec, not the Miami-Dade area.
Within 7 minutes, the address had received 8 emails. We’re just over two weeks in and the address has received 80 emails to the inbox, and another 162 to the spam folder. Some of those are from the target of the investigation and some from another client. There was no indication from whence the sign-up occurred and most of the domains for the senders are hidden behind privacy proxy services.
Jimmy Walker is getting a bunch of emails. Not all of it is payday loan related now. Starting on November 7, the test address started getting small amounts of more general spam. So far, that has consisted of offers for diet pills and offers to match Jimmy up with bored, lonely housewives.
These results are a more recent and short-term validation of a longer-term experiment run by NPR into the payday loan industry. Yesterday, on Morning Edition, Pam Fessler released the results of that experiment, which included putting fake information (and a real phone number) into one of these sites (Pam Fessler, I Applied For An Online Payday Loan. Here’s What Happened Next, Planet Money (2013), http://www.npr.org/blogs/money/2013/11/06/242351534/i-applied-for-an-online-payday-loan-heres-what-happened-next (last visited Nov 8, 2013). The result: Lots of emails and lots of phone calls from lots of companies trying to get sign-ups.
There are reasons why most email service providers don’t want to work with the payday loan industry. We can see many of them here: There is a lack of transparency, massive levels of list/data sharing, and a high cadence of email sent to very low engagement “subscribers.” These are all things that “best practices” tell folks to avoid. This industry is what you get when you have an industry devoted to “breaking all of the rules.”
- *https://activeprospect.com/glossary/ping-tree/
- Help me see if there is a need for that I can fill - 23 September 2024
- Verkada: Data Protection Issues - 19 September 2024
- About Consent Decrees - 6 September 2024