Facebook spam is more successful than email spam and more lucrative, too. Those were some of the findings in a study performed by an Internet collective of security professionals, according to the Winnipeg Sun.

The findings shouldn’t be too surprising to anyone familiar with Facebook. A problem with email spam is that much of it is anonymous. If a junk message is lucky enough to evade a network’s spam defenses and end up in a recipient’s inbox, it lacks credibility because the recipient has no idea who sent it. A message appearing in a Facebook news stream, on the other hand, has at least a veneer of credibility because it originates from a network of “friends” created by the recipient. Add that to the size of the target pool–500 million active users and counting–and their high activity rate–50 percent of them log on to the network on an given day–and you’ve got an irresistible attraction for spammers.

Unlike their email counterparts, social network spammers don’t need large volumes of dupes to make substantial sums, according to the study. However, it added, Facebook scams have been known to produce hundreds of thousands of clicks once they go viral on the network.

A common scam perpetrated by Facebook spammers involves SMS subscriptions. It works like this. Spam news feeds are used to lure Facebook members to pages where they’re asked to complete surveys or questionnaires. For example, testing one’s IQ in something is a favorite on the service. What’s your baseball IQ, for example, or your World Cup IQ? Once the questionnaire is filled out, the spammer will ask for a cell phone number as a condition of revealing the results of the IQ test to the victim. The number is then used to subscribe the target to an SMS service. Those services send unsolicited messages to a phone on a periodic basis. The target is charged for the message and the spammer gets a cut of that charge.

The problem with surveys and questionnaires, though, is that people flitting the Internet don’t have the patience to fill them out. Clicking a button to indicate one “likes,” or gives a thumbs up to something, barely puts a crimp in a cybernaut’s surfing session. Filling out a survey or questionnaire–not a cherished activity either inside or outside cyberspace–is another matter entirely. When the bloom was first on the questionnaire approach, merely offering results may have been an effective way for spammers to induce guppies to take the hook of a scam in their mouths, but it rapidly lost its efficiency.

Spammers found they had to raise the ante if they wanted meaningful participation numbers in their shenanigans. They began to disguise their intent better by creating fan and group pages. Some of those pages, stripped of their injurious content, have been gathered by a website called bypassfanpages.com. Many of the pages try to attract a target with a tantalizing headline. “10 Secret Tips To Get Any Guy to Ask You Out!” shouts one headline. “OMG! You WON’T believe what this SICK old man put in a 9 year old GIRLS halloween candy!!” screams another containing grammatical errors, a trademark of spammers the world over.

Once they attract potential victims to one of those pages, they offer them various perks, always bogus, to snare them. They may offer free products, some kind of bonus or an enhanced feature set for joining the group, getting others to join the group and finally, for filling out the nefarious questionnaire.

Even those methods, though, are beginning to wear thin with social networkers, the study reported. Its authors discovered that in many cases, while clicks indicating visitors favored a page might be zooming, click-throughs to the content being teased by the page were pallid, as low as a few dozen.

          “That’s good news,” the study said. “Examination of the data demonstrates that fewer and fewer people actually continue on to ’step 3,’ which is filling out the survey.”

“The vast majority of people bail out of the process after simply liking the page, or after sharing the link,” it added.

While the word about Facebook scams spreads quickly, it doesn’t seem to be deterring the scammers, the study noted. That’s because the junko artists still appear to be able to turn a buck with their schemes.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Facebook trumps email for spam success

Here’s a look at the Zeus botnet’s top spam campaigns:

1. An unauthorized transaction billed to your bank account- Although most people should know that if their bank spots a fraudulent transaction they will call you or send you a letter - not email you, this subject line is alarming enough to get some people to open it and wind up getting phished or infected with malware.
2. DHL Tracking number #######- This is one of the oldest campaigns. A variation uses UPS instead of DHL, but in both cases the included attachment has a hidden executable that contains malware.
3. FDIC has officially named your bank failed bank- An obvious attempt to exploit the economic crisis. Too bad the horrible grammar gives it away.
4. Hello- This is why it’s often advised not to send emails this way. Many spam filters flag messages with “Hello” or “Hi” as the subject because of campaigns like this.
5. Notice of Underreported Incomeir- The glaring misspelling gives this away as spam right away.
6. Review your annual Social Security statement- This has been around for a while as well. The scammers are hoping there are still folks out there who don’t know that the SSA sends out your statement via postal mail about 6 months before your birthday each year.
7. Welcome to Friendster- An obvious attempt to exploit a brand. Unfortunately for them Friendster isn’t quite as popular as it used to be.
8. You have received a file from (email) via YouSendIt.- This campaign is banking on people’s natural curiosity to be peaked enough to open it.
9. Your Flight Ticket #####- Delta was one of the more recent airlines to be exploited by this campaign. The scammers are hoping that when someone gets the fake ticket and cheery note informing them that their credit card has been charged over $800 that they’ll be upset enough to not think first and open the attached paperwork, which delivers a Trojan.
10. Your Order with Amazon.com- This is a blatant phishing campaign. Every link in the fake notification leads to a fake Amazon login page. It’s pretty easy to spot though because the total amount due, which is listed twice, is always two different amounts and there is plenty of broken English as well.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Top 10 Zeus Campaigns

You might have been considering implementing a hosted spam filtering solution such as GFI’s Max MailEdge service, but are unclear as to how it works, and what reprecussions it might have on your existing IT infrastructure.

Simply put, the majority of hosted or cloud-based spam filtering works by redirecting incoming e-mails directly to the appointed service provider instead.  This is achieved by appropriately modifying the IP address listed under the MX configuration of the company’s domain. As a result, e-mails that come in are forwarded to the service provider’s servers first, before being rerouted to the “real” e-mail server.

Today, I’ve listed some important factors of a hosted spam filtering deployment that the technical manager will be interested in.

Freedom from the burden of processing spam

One of the key advantages of using a hosted provider to tackle spam is how it allows businesses to offload the computational and storage demands of eliminating spam to a service provider.  Unlike the hard to predict costs of operating and maintaining servers over any length of time, hosted spam filtering providers charge a fixed rate per protected mailbox, which serves to eliminate hidden or unanticipated costs.  Ultimately, this allows businesses to better track and budget for the cost of properly equipping each employee in the company.

Bandwidth and DDOS protection

One facet that is usually missed out in a hosted spam filtering deployment is the greatly reduced bandwidth required for the e-mail server.  Assuming the company e-mail server is hosted in a data centre, this translates into direct savings on the billable bandwidth since only e-mails that have been cleaned are forwarded to the mail server.  This reduction in network traffic is true even in servers deployed on the local area network and which will be evidenced by faster Internet connectivity in the office.

In addition, the use of a hosted spam filtering service also grants an implicit defence against denial of service attacks that are propagated against the e-mail domain.  Obviously, this does not stop a malicious hacker or entity from directly targeting your e-mail server’s IP address.  It does however form an additional layer of defence against DDOS, and should be more than adequate against casual or widely targeted spamming.

Platform Neutrality

One of the greatest advantages of a hosted spam filtering service is its platform neutral nature. All messaging systems are supported by default, ranging from Microsoft Exchange, Lotus Notes, to standard POP or IMAP servers.  This includes more sophisticated deployments involving BES implementations of BlackBerry smartphones or Exchange Sync clients like the iPhone.

The only real prerequisite to use hosted spam filtering is that the protected e-mail address must belong to a company-owned and managed domain, in order to allow the MX configuration to be modified accordingly.  E-mails flowing in will be automatically forwarded to the service provider, which will eventually route processed e-mails back to the correct e-mail server.

Ease of deployment

All it takes is a signed service contract and the appropriate modification of MX records to enable hosted spam filtering, making it a trivial matter to implement.  The reverse is true of a self-deployed solution; companies usually have to either acquire physical severs (or provision virtual ones), purchase the correct number of client access licenses, followed by the installation and configuration of the appropriate spam filtering software.  And I’ve not even got started about setting up the appropriate level of failover redundancy or the training and lead time required of the technical staffers running it on a day-to-day basis.

On the other hand, hosted spam filtering can be implemented without extraneous training for already overwhelmed IT managers or system administrators.  In fact, the correct information and authorization to modify the MX records could even allow service providers to setup and enable their service – remotely.

Flexible and versatile

Finally, the nature of hosted spam filtering allows for great flexibility and versatility in how it is deployed.  For example, users can concievably “stack” multiple providers in a chain, or opt to channel e-mails through another server (or service provider) for archival first, or even reroute new e-mails to a different server for the purpose of rolling out a new e-mail server.  The list goes on.

This clean separation between the various components of your e-mail subsystem means there is no need for corporations to be concerned about operating system security patches or updates to the spam filtering software inadvertently “breaking” any part of your precious e-mail infrastructure.

Conclusion

Of course, while the controls and spam filters afforded by the hosted spam filtering services are generally excellent, there are also advantages to running a self-deployed spam filtering server as well. Next week, I shall be looking at some of the features that an IT manager will want to look for in a self-deployed system, so stay tuned!

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Some Reasons to Consider Hosted Spam Filtering

Google announced that it has fixed a bug that caused a small percentage of GMail accounts to send the same email messages over and over again. The unending barrage of messages caused some of the affected accounts to be blacklisted by services such as SORBS.net and Backscatterer.org and left users wondering if their computers had been infected with some kind of malware or hacked.

“The problem with Google Mail should be resolved,” Google’s tech support staff wrote. “We apologize for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google, and we are making continuous improvements to make our systems better.”

Some affected users who use GMail for business purposes were embarrassed and left having to explain to clients and colleagues who were no doubt annoyed by the flood of duplicate messages. Google has not provided any details about the bug or what might have caused it, and it’s not known if they provided assistance in getting blacklisted users off those lists.

It’s estimated that about 2.5% of GMail’s roughly 160 million users (as reported by the Wall Street Journal) were affected. That may not sound like much, but it equals about 4 million users whose accounts were turned into mail bombing machines by the bug. That’s a lot of email.

Google probably wishes the timing had been better as the bug hit in the same week they had called a press conference to announce that Google Voice and GMail have been integrated.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

GMail Bug That Turned Some Users Into Spammers Fixed

The folks over at InformationWeek are reporting that the Pushdo botnet has been crippled. Thanks to a combined effort on the part of several security researchers, Pushdo, also known as Cutwail, has had the majority of its command and control servers shut down. Pushdo pumps out enormous amounts of spam, much of it malicious, and is responsible for a massive DDoS against hundreds of commercial and government websites earlier this year.

Compromised computers spew spam.

          “We identified a total of 30 servers used as part of the Pushdo/Cutwail infrastructure, located at eight different hosting providers all over the world,” said Thorsten Holz at cybercrime intelligence service LastLine. “We contacted all hosting providers and worked with them on taking down the machines, which lead to the take-down of almost 20 servers. Unfortunately, not all providers were responsive and thus several command & control servers are still online at this point.”

The shutdowns resulted in Pushdo’s huge flood of spam sharply plummeting.

Is this a good thing? Of course. Will it last? Not likely.

Botnet herders have learned from the McColo shutdown. Their command and control systems have become more complex and widespread so that when something like this happens, they are usually back in business within days rather than weeks or months. Many botnets are not programmed with long lists of domains so that if they try to connect to one and get no response they can move on to the next one and so on until they are able to connect.

It will be interesting to see how long it takes Pushdo to bounce back!

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Pushdo Botnet Crippled

Apple’s walled garden, also known as the iTunes store, showed a crack this week when reports began flooding the Internet of compromised accounts being used to siphon money from PayPal for unauthorized purchases at the online music outlet.

Sums charged to PayPal varied, but one iTunes customer claimed $4700 had been debited to his account through the Apple store by parties unknown. Other users reported more modest thefts–$500, $650 or $1000.

Although the bandits were exploiting connections between iTunes and PayPal, they exhibited behaviors associated with credit card scammers. For instance, they always spent less than $100 on an item. That’s a tactic used to stay off the radar screen of fraud trackers. It’s also a significant cut off point for merchants. At $100 or above, they’ve got to foot the bill for a fraudulently purchased item.

PayPal has denied its systems had been breached. “We’ve looked into this extensively, and want to assure you that: 1) the PayPal system itself has not been compromised and continues to be secure; and 2) if you have been affected by this issue, the criminals behind it have not taken over or logged into your PayPal account,” the company’s chief information security officer Michael Barrett wrote in a blog.

While PayPal was advising its customers to report their problems to the company so they could be reimbursed for   any money they may have lost to scammers, Apple passed the buck to others. “We’re always working to enhance account security for iTunes users,” it said. “If your credit card or iTunes password is stolen and used on iTunes you should contact your financial institution about chargebacks for any unauthorized purchases.”

While not officially commenting directly on the security of iTunes, off the record, the company discounting breach speculation. “There’s no security hole in iTunes, and if you’ve been unfortunate enough to have hundreds of dollars in unauthorized purchases charged to your iTunes account, it’s likely because you’ve fallen victim to a bot attack or phishing scam-a variation on the one that’s been around for years now,” John Paczkowski wrote in All Things Digital.

“Sources close to Apple tell me iTunes has not been compromised and the company isn’t aware of any sudden increase in fraudulent transactions,” he added.

If neither iTunes nor PayPal were compromised, password theft via a phishing scam or malware infection seems like a logical inference. Indeed, it’s one a number of unnamed security experts cited when contacted by reporters following the story. But there were some oddities in the transactions involved that didn’t seem to fit a straight password pilfering scam.

For example, all the unauthorized transactions were tied to PayPal. If the scammers stole iTunes passwords in a phishing scam, why were the only users victimized those who made iTunes purchases with their PayPal accounts?

The receipts generated by the unauthorized purchases were also queer. When purchases are made at the iTunes store, a receipt is generated and sent to the purchaser. Such receipts were received by the victims of this scam. However, a comparison of subject lines in receipts performed by Charles Arthur at The Guardian revealed an interesting disparity.

When an item is bought with a credit card at iTunes, the subject line usually says “Receipt for your payment to iTunes Store.” When it’s bought with PayPal, the subject says reads, “Receipt for your payment to iTunes.” What Arthur discovered was that while PayPal was used to make unauthorized purchases, the receipts generated from those purchased contained credit card subject lines.

Despite the lingering questions about the break-in, the consensus still seems to be that they involved compromised passwords and those passwords were obtained by phishing or other forms of Net mischief.

For consumers who want to avoid becoming victims of online scammers, PayPal’s Barret offers these tips:

• Use a safe password: use a strong password which includes a combination of upper and lowercase letters and numbers. But don’t use the same password for every online account you have. That’s basically like using the same key for your house, your car, your office and your safety deposit box. If you lose that key, you’re in trouble.
• Protect your computer: use a modern, supported operating system such as Windows 7 or Apple’s OS X Snow Leopard. You should also use an updated Internet browser that blocks fraudulent websites, like Internet Explorer 8, Safari 5, Firefox 3 or higher. As always, keep your antivirus software updated.
• Don’t click on links in email: never click on links in email and then enter your username, password or other sensitive information – even if the email looks like it’s from your bank, an e-commerce site, the IRS or popular sites like PayPal.
• Use common sense: if you wouldn’t do something in the offline world, don’t assume it’s safe online. If a stranger walked up to you at a gas station and said, “Please give me the key to your house; I need to make sure there are no burglars there,” you’d probably tell him to go take a hike. Likewise, if you get an email, phone call or some other unexpected message demanding that you turn over your username and password, don’t do it. Trust your instincts.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Phishing primary cause of bogus iTunes charges

One aspect of spam has to do with trickery, where users are cajoled or tricked into performing an action, usually in the form of clicking on a specially prepared URL link.  While the best way to stop the proliferation of spam would of course be the implementation of a good spam filter, the inevitable junk e-mail slipping is often an inevitable state of affair.

Rather than having to sort through the mess after the fact, one way that IT managers can turn the situation around is to train non-technical staffers to complement and enhance technical methods of identifying spam. Teaching employees how to identify spam is a good idea on a few fronts, such as allowing spam administrators to better refine or tweak existing spam filters.  In addition, savvy users dramatically reduce the possibility of malware being introduced through spam.

Today, I will highlight a number of current spam vectors that you can use to train your users on how to identify spam.  You can of course also use these methods to better tune your spam blacklist.

1. “Mail undeliverable” messages
   I personally experienced a spike of such e-mails recently, which were all fortunately caught in my spam filter.  Depending on specific configurations – so as not to erroneously block legitimate warnings about unsuccessful mail delivery – some organisations might inadvertently let in more of such spam.  Less savvy users who see such e-mails might be panicked into rashly clicking a link in a misguided attempt to determine the problem.  While it would be unreasonable to train every employee on how to read e-mail headers, it won’t be as difficult to coach them on how to watch out for bogus links embedded within such e-mails.
2. Messages from popular on-line services
   The shotgun nature of unsolicited mails means that spammers are drawn to masquerade as popular Web services that have a higher chance of being used by their targets.  Common vectors are sites such as Facebook, PayPal, Amazon, or even iTunes. In a nutshell, messages that claim to come from these popular on-line services are then laced with links in the hope that victims will click on them.
3. Nonsensical headers or text body
   One popular trick by spammers is to copy or paste snippets of legitimate Web content as the e-mail header or text.  Links to specific sites are then carefully embedded to trick readers into clicking them.  The content of copied text can vary greatly, and I’ve seen materials from several sites combined before in a bid to bypass Bayesian filters.  Users can be further confused because e-mail recipients and senders are typically spoofed.
   IT managers need to remind users that if an e-mail makes absolutely no sense, it probably isn’t legitimate – even if apparently originating from someone they know.
4. Death and accident involving well-known personalities
   Events ranging from the demise of pop megastar Michael Jackson to the recent World Cup have clearly shown us how spammers are reacting much faster than before in an attempt to circumvent increasingly sophisticated spam technology.  Spam involving current or breaking news have a far higher chance of making it into inboxes before administrators have an opportunity to react.  Also, users who might have heard part of the news via other avenues are far more susceptible to read or click on any links that are given. Rather than forcing spam administrators to stay glued to breaking news, tapping into users to identify such spam is also an excellent opportunity to involve them in the fight against spam.
5. HTML file attached
   Most e-mail servers and spam filters now block executables by default, even if compressed within ZIP archives.  However, the continued discovery of flaws in popular Web browsers have led to spammers who send HTML files containing code to exploit these vulnerabilities.  Header and body text can vary as usual, but suffice to say that it usually involves something enticing such as winning a lucky draw or some unsolicited transfer of funds.  Users need to know that the sending of HTML files constitutes extremely suspicious behaviour and should first be verified with the appropriate administrator.

The above list represents just some of the newer spam attempts that I’ve personally witnessed; periodical training will be necessary to keep users up-to-date.  Ultimately, staffers need to know that the spam (or mail) administrator is always available to address any doubts or queries that they might have.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Five Ways to Train Your Users to Identify Spam

Security researchers say the massive Rustock botnet is currently responsible for 40% of the world’s spam volume. This is particularly impressive considering the number of infected computers under its control has dropped from 2.5 million to 1.3, probably as a result of increased detection by anti-virus software. Still, even with the reduction in size it is still pumping out nearly 50 billion spam messages a day.

Compromised computers spew spam.

Most of that spam is pharmaceutical, hawking counterfeit prescription drugs offered by the infamous group of Canadian Pharmacy websites. The drugs, which are freely distributed without a prescription, are made in India and China and are not regulated or inspected in any way. The group behind the Canadian Pharmacy scams is said to be connected to the Russian Mafia.

Rustock was thought to be using Transport Layer Security to encrypt its spam in an effort to make detection difficult but appears to have abandoned the practice, probably due to the affected it had on bandwidth and processing speed.

The botnet has been thriving since its recovery from the McColo shutdown back in November 2008. When the cybercriminal-friendly ISP had its service terminated by its upstream providers, Rustock went dark, but the herders behind it acted quickly to switch its command and control servers to another host and began developing ways to keep it from depending on a single host, which has kept it from further shut downs. Botnets are now programmed with a list of different domains and IPs to contact for instructions, so if one goes down, a new one can easily and quickly be found.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Rustock Botnet Responsible for 40% of All Spam

In newspaper circles, when a correction to a story has to be written, a rule of thumb used by many organizations is to omit the original mistake from the correction. That’s not to eschew embarrassment, although it often works out that way, but to avoid printing the incorrect information twice. Bad information, you see, has a way of sticking to little gray cells when it’s the first to arrive in the information marketplace. Repeating it, even in a correction debunking it, tends to add to its stickiness.

That seems to be the case with the recent hullabaloo over the “dislike” button in Facebook.

Members of the vast Facebook social network have the ability to click a button when they “like” a posting they see in their news feeds, but unlike other websites that solicit mob opinion on their content, Facebookers can’t show their displeasure with what they see on the network. That omission has vexed more than a few of the Facebook faithful, including columnist Dan Tynan.

          “Like many people of an inherently cynical nature, the fact Facebook only allows you to express your ‘Like’ on various topics, posts, and advertisements irks me,” he wrote. “I know I’m not alone, and so do Facebook scammers, which is why the latest viral ‘Dislike button’ scam has spread so quickly.”

As many popular scams begin on Facebook, a member sees a message with an enticing pitch. In this instance, it was “I just got the Dislike button, so now I can dislike all of your dumb posts lol!!” or “Get the official DISLIKE button NOW!” Included with the message is a shortened URL, so victims don’t know where they’re going when they click on it.

Clicking on the short URL in the Dislike message displays a screen for installing the Dislike Button. When members attempt to install the feature, they’re asked to give their permission to allow the app to access their basic information, post to their “walls” and access their data at any time, which pretty much opens the door to the chicken coop for the foxy spammers.

Once they have access to your Facebook information, the spammers use the member’s information to promote–under the member’s name–the Dislike Button to all the member’s friends.

Meanwhile, the member still doesn’t have a Dislike Button. Before he or she gets the button, they must fill out a survey, which makes the scammers some cash. After finishing the survey, the member is sent to a website where they can install a browser add-on called Dislike Button. The app began as a Firefox add-on, but now it can be downloaded as a executable file that will work with Chrome, Internet Explorer and Opera. Support for Apple’s Safari browser is in the works.

What got lost in all the hubbub about the scam, though, was the fact that the Dislike Button is a legitimate add-on. Its makers, FaceMod, were being victimized by the scammers as much, if not more, as Facebookers clicking on the URL in the fraudster’s pitch message. Unfortunately, the maker’s message was lost in the digital din that erupted when the scam was revealed by a malware fighting firm.

          “Recently, the Dislike Button has been mentioned in several articles, blogs and tweets, in conjunction with a scam, which silently sends the link to users’ Facebook friends, and requires the user to then take an online survey, which makes money for the scammers,” FaceMod wrote on its website. “Due to the high demand for the Dislike Button,” it continued, “unaffiliated people and/or groups are attempting to monetize FaceMod’s products by re-directing to online surveys. FaceMod does not require a user to fill out a survey, is not affiliated with this Scam and urges users to avoid unofficial posts.”

For the sake of clarity, FaceMod’s add-on only works with other Facebook members who have installed the app in their browsers. In other words, if you click “dislike” and the person who posted the item you disapprove of doesn’t have FaceMod’s software installed in their browser, they won’t see your thumbs down.

Initially, FaceMod sent a message to a person when a user of its app gave the thumb’s down to an item, but it removed that feature–although the company’s website still says it’s there–after receiving complaints from people who received what could be interpreted as spam messages announcing they’d been “disliked.”

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

The curious case of the Facebook Dislike button

Thousands of UK students are furious with the country’s Universities and Colleges Admission Service after receiving an email from them with the subject line “You’ve Been Accepted”. The message, which led students to believe it was an acceptance notice from a university, was actually a spam message advertising discounted HP laptops. This infuriated students, as this is the time of year when they are awaiting their A-level results and scrambling to apply to the limited amount of university openings available. In the UK there are more qualified students than there are spots at the most sought after universities. Many students feel that the spam message was not only misleading, but cruel and in poor taste. The UCAS, red-faced, quickly offered an apology.

A UCAS spokesman said: “We understand and apologise for the confusion this has caused to some applicants, and we are looking at reviewing our quality filters to avoid this type of situation in future.”

It’s not known who approved the message or its deceptive subject line. HP has declined to comment on the matter. This story illustrates how important it is to use care in sending newsletters and other bulk mailings to the customers on your mailing list. A deceptive subject line, even if it wasn’t intended to be, can cause a real public relations headache for your company, and thanks to social networking services like Facebook, your unhappy customers can make themselves heard in a hurry! Avoid wordplay and other attempts to be cute and keep your subject lines and messages simple and straightforward. The old saying, “Keep it simple, stupid!” really is the best policy.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

UK University Service Infuriates Students With Spam