The irony of spam

During the week, I received what purported to be a legitimate email from Eircom.net Sales. Surprisingly, it arrived at my business address, which is not registered with Eircom.

On closer analysis, it had several hallmarks of a spam phishing expedition:

  • None of the inline HTML images displayed correctly
  • The sender’s actual (hidden) email address was directsales@nbnyfo.eyxglo.r.12hs.com even though the message was apparently from Eircom.net sales
  • At the bottom of the email was a polite “To unsubscribe, please click here

(A common tactic with spammers is to offer an unsubscribe link in the hope that unhappy recipients will follow it, thus confirming that the email address is read by a real human. That email address can then be sold to other spam merchants for a significant premium over unverified email addresses.)

Although I knew they wouldn’t be able to do anything about it, I figured Eircom.net might be interested to know that someone was sending out emails on their behalf, so I forwarded a copy of the offending email to abuse@eircom.net.

Rather annoyingly, this resulted in an automated reply telling me to report the problem using http://support.eircom.net/abuse/ instead. I wouldn’t have minded, except that page didn’t give enough space to report the problem in as much detail as I’d have liked. Still, I did my best.

Imagine my surprise when a day or so later, I received a message back from Eircom Support telling me that in fact, the message was completely legitimate. 12hs.com is apparently Twelve Horses, a direct marketing company that Eircom have employed.

And the subject of this direct marketing? Eircom were promoting their new secure business email service.