Nintendo Spam

The following message dropped into my mailbox earlier today:

To: www [at] unicom [dot] com
From: Nintendo <nintendo [at] nintendo-news [dot] com>
Subject: Score Big this Holiday Season with Great Games for Wii and Nintendo DS!
Reply-To: Nintendo <nintendo [dot] RDEIA [dot] 28048 [at] nintendo-news [dot] com>

Click here to view this message in living color:

To ensure ongoing optimal receipt of these communications,
please add our 'From' address (nintendo [at] nintendo-news [dot] com)
to your Address Book. Thank You.



It's amazing that in this day and age, major companies like Nintendo still haven't gotten the clue that spam is bad.

This is lame in a couple of ways.

First, of course, spam is lame.

Second, the www [at] unicom [dot] com address Nintendo is spamming isn't even a real address. It's one of the default "role account" email addresses my Linux installation created on the server.

That makes me wonder how that address may have ended upon the Nintendo spam list.

There are five primary ways spammers get their email addresses:

  • Scrape from the net. Spammers have 'bots that scour the net looking for web pages that say something like: joe [at] example [dot] com. The spammer will then scrape that address off the web page. I suppose that email accress could have been a typo that Nintendo scraped.
  • Dictionary attack. Spammers will connect to a mail server and just try blasting names (as if they are going through the dictionary), trying to find ones that work. I doubt Nintendo did this. I suspect they are idiots, not criminals.
  • E-Pending. This is a really ugly one: one thing that credit bureaus have started doing when they build their profile of people, is to append guessed email addresses. This is bad because the guess is sometimes wrong. This is very bad because e-pending is almost always used for unsolicited email. After all, if they had your permission, they probably would have gotten your correct email address at the same time.
  • Forgery. People can forge subscriptions for other people as a harassment technique. Reputable mailers do a closed-loop confirmation on the email address to verify it's good and the subscription request is valid. This isn't just a spam issue: it's a mail hygiene issue. It's bad to have undeliverable addresses on your lists.
  • Buy a List. Spammers that compile lists from any of the above methods will sometimes sell those lists to other spammers.

I don't know which technique Nintendo used. The www [at] unicom [dot] com address makes me suspect one of the last three.

It's amazing that even though spam is so reviled, companies are still doing it. I don't know how other people feel, but I know I'm less willing to do business with a company that spams me.


Comments have been closed for this entry.

You forgot one

There is the other technique where a trojan will infect a vulnerable computer, scrape all the e-mail addresses from it, and phone home with those.