Worth Reading to Avoid Being an Unsuspecting * SPAMMER *...

[Guest guest]

Hello Everyone,

Recently, I had joined boxbe to try out their services in supposedly

improving my email experience (handling spam, prioritizing emails,

etc.). Unaware, the software company essentially harvested my email

contacts list and sent out invitations to my list to join their

network on their behalf! I have since closed my account.

In the era of " social networking, " you may want to read this article

from the NYTIMES to get an idea of what companies on the net are doing

these days to help spread the word about their company at the expense

of your reputation and trust network.

Apparently, this practice of spamming by trust has shades of gray in

terms of whether this is considered inappropriate/illegal or not...

here's the article (source):

http://tinyurl.com/avoidSPAMtoday

(http://www.nytimes.com/2009/06/20/technology/internet/20shortcuts.html?pagewant\

ed=all)

**<clip>**

Typing In an E-Mail Address, and Giving Up Your Friends’ as Well

Published: June 19, 2009

I THOUGHT it was a little strange when I received separate e-mail

messages from two people I knew only slightly asking me to click and

see their photos on a social networking site called Tagged.

I ignored them at first, but then thought maybe I should check it out.

After all, I should keep up on what’s hot in the social networking

world, right? This could be the new Twitter.

That’s when I started doing everything wrong. I obligingly typed in my

e-mail address and a password to see those photos. Well, the photos

didn’t exist, but I had unwittingly given the site “permission” to go

through my entire e-mail contact list and send a message to everyone,

inviting them to see my “photos.”

I found this out only when I started receiving e-mail back from people

agreeing to be my friend. I quickly realized what had happened and

shot off an apologetic message explaining why I inadvertently spammed

them.

As friends’ responses started rolling in, I heard from some who had

received similar e-mail. Others told me about the same problems with

Web sites like MyLife.com and desktopdating.net.

This wasn’t along the lines of someone stealing my bank account

information or Social Security number, but I was annoyed and

embarrassed.

“They’re using your good name to establish a connection,” said

Cassidy, secretary general of the Anti-Phishing Working Group, a

nonprofit organization with representatives from law enforcement,

industry and government.

So what’s going on here? I turned to Argast, a security

analyst with Sophos, an Internet security company based in Boston, to

find out.

He told me that this kind of thing has been happening for quite a long

time in various forms, but has really caught on in the last three to

six months. It’s not the same as what’s known as phishing — fake Web

sites masquerading as real ones to get personal information. These Web

sites really exist.

Instead, this is generally called contact scraping. Once you enter

your credentials, like your user name or password, the company sweeps

through your contact list and sends everyone an invitation to join the

site.

How do the companies benefit? They are expanding their user

population, Mr. Argast said, which they can use to attract potential

investors or advertisers. Whether those users are willing

participants, or people like me, is another question.

[Click the link above to read more]