Looked at as art, most spam is the email equivalent of a two year old scribbling with a crayon. Every once in a while, though, we see something outstanding. In this post we’re going to give a shout out to a spammer who obviously cares about their work.
We grabbed a few examples of this campaign and most of them have fairly innocuous subjects that might be likely to get you to open the message like:
You have new ticket
Your payment has been done
Tracking confirmation
Oddly there were a few obviously spammy ones like:
The best way to please her
Maybe they were trying to make sure they got the people who like to open spam messages too?
This campaign is sent though AOL.com servers, which simply goes to prove that no matter what the big “webmail” firms claim about their commitment to preventing spam, they’re easily and consistently exploited day in and day out. The four above all connected from different AOL servers:
- imr-ma03.mx.aol.com ([64.12.206.41])
- imr-ma04.mx.aol.com ([64.12.206.42])
- imr-da05.mx.aol.com ([205.188.105.147])
- imr-ma06.mx.aol.com ([64.12.78.142])
And all of them originated on different Webmail servers too:
- webmail-d082.sysops.aol.com (205.188.181.108)
- webmail-m110.sysops.aol.com (64.12.232.218)
- webmail-d037.sysops.aol.com (205.188.181.88)
- webmail-m053.sysops.aol.com (64.12.140.163)
We could go on down the line, but the point is that the spammer in question easily hacks and abuses AOL accounts with impunity.
(more…)