IT LOOKS AS IF the day is coming when the same people who send you junk e-mail - be they con artists or corporate giants - will also be able to bug you via phone and fax. For some that day is already here.
So far we've tended to distinguish between two different types of junk e-mail: the trashy spam sent out by scam artists and porn purveyors and the unsolicited commercial e-mail that legitimate corporations increasingly send to customers. That distinction, however, is growing fuzzier as the big guys adopt more of the sleazy spammers' methods.
One of the hallmarks of garden-variety spam is that all attempts to get yourself off the spammer's list are invariably futile. (In fact, asking to be removed from a list is far more likely to result in additional spam because the request confirms that the e-mail address is active.) But even the worst "acquaintance spam" from corporations should tell customers how to remove themselves from the list in a way that, with the exception of occasional technical glitches, actually works.
But this isn't always the case any more. We've already seen that companies such as Microsoft and AOL honour remove requests only as long as it suits them. And I keep hearing about other companies' removal methods that just don't seem to work no matter how many times the reader tries.
Of course, the biggest difference between ordinary spam and unsolicited commercial e-mail to customers is that the spam comes from someone with whom you've never done business. But this too is a line that legitimate organisations are crossing more frequently. People find themselves getting increasing amounts of unsolicited commercial e-mail from companies, particularly e-businesses, with which they have had no dealings and which shouldn't have their e-mail address. Often it's anyone's guess how the company came by one's e-mail address, but sometimes the reader will see a clue.
"As you can see from the mail headers in this Buy.com spam, the recipient is postmaster@ ...," one person told me about a message he'd received for a Buy.com promotion. "Nowhere do we actively use this address, except in a Whois' handle record. I've never bought anything from Buy.com, and certainly [that domain] postmaster has never bought or visited them."
Junk messages to e-mail addresses that are unused except in the InterNIC Whois database aren't exactly a new phenomenon. Spammers raided the old InterNIC database frequently until Network Solutions took steps last year to make it more difficult to access records in a batch, and one of the common items for sale in many junk e-mail messages are CDs bearing the fruits of those raids. What is new, though, is that readers' Whois addresses are getting messages not just from the sleazier spammers but also from more respectable outfits. What's worse is that it's not just junk e-mail. Several users have reported having to drop Whois-listed fax numbers that were getting blitzed by junk faxes, and some say they are getting an inordinate number of telemarketing calls on the phone numbers listed for domain technical contacts.
Luckily, those InterNIC records on the spammers' CDs are rapidly going out of date, and it's now more of a chore for them to get the updated records from the current version of Network Solutions' (NSI's) Whois database. And now that security-minded VeriSign is acquiring NSI, we've got nothing to worry about, right? Well, maybe.