Something different from the usual B2B spam that you might be seeing these days are occasional probing messages.
These probe mails seem to have the purpose of checking whether addresses are deliverable or not. These messages are whimsical health-related messages, require no response and provide no contact information.
Sample subject lines:
- “Data about maintaining fitness.”
- “Data regarding staying fit.”
- “Key info in regard to staying healthy.”
Sample probe message:
Just a one-time public service communication about Psoriasis (no further
emails will be sent).Psoriasis is a chronic, noncontagious immune condition that affects 5% of
the US population. The most common form of Psoriasis is plaque psoriasis
which can appear on most any part of the body but typically shows up on
knees, shins, elbows and lower back. Typical symptoms are red, itchy
patches or spots, raised bumps, or silvery scales and can often be
misdiagnoses as eczema. Keep well.
Another sample probe message:
A quick one time public service broadcast about Diabetes (no further
emails will be sent).Nearly 26 million Americans suffer from diabetes, and 7 million are
unaware that they’re afflicted. Of that total, the more-preventable type
2 diabetes accounts for 90 to 95 percent of all cases. Take steps to
prevent diabetes from progressing: Peel off the pounds, focus on fiber,
exercise, eat three square meals, and get heart healthy. Thanks so much.
A few of the domain names, mostly anonymous, being used in these emails include:
- dt5ls.com [173.224.213.197]
- 1vprtcls.com [74.50.127.153]
- info-healthcare3.com
- confirming1.com [74.114.167.163]
- confirm1service.com [70.38.3.107] (registered to Atlanta’s Abernathy Road/Northpark B2B spammers)
- verif1cationservice1.com (registered to Atlanta’s Abernathy Road/Northpark B2B spammers)
- mt4hdvsnd.com
A couple of the domain names used are registered to Atlanta’s Abernathy Road/Northpark B2B spammers. That group sends unsolicited targeted email to business email addresses, often selling memberships to their B2B events (many of which are “event summits”).
If the domain name ends in “…summit.org,” “…summit.net,” or “…summit.com,” there’s a chance it came from Atlanta. Examples:
- the-ciosummit.com, cio-summit.net, cio-summit.org, theciosummits.org, theciosummit.org, the-ciosummit.net
- thecmo-summit.com, the-cmosummit.org, cmosummits.org, cmo-summit.org, thecmosummit.org, thecmosummit.net
- customerservicesummit.net, thecustomerservicesummit.org, the-salessummit.com, thesalessummit.net
- thecoosummit.org
- risingexecutivesummit.org
- the-salessummit.org
Dynamoo’s blog documents his experience with spam from the Atlanta group.