Spam + discardmail.com = evil

·

Recently, I skimmed my e-Mail spam folder to check if some false positives had ended up there unseen. During this, attention was drawn to some Spam message that came from a very special domain: discardmail.com1. I had seen such services before: they let you get a temporary e-Mail address to fight spam or just get that registration you wanted so badly - no signup required.

Spam coming from a service that’s basically intended to fight spam – interesting. I went to the site and there was that login screen (See screenshot). The e-mail address the spammer had used made sense in the context of the mail, so it wasn’t just someone’s address used for spamming. I couldn’t resist but to enter the address the spammer had used. No suprise here – I got to an inbox full of “Undelivered Return”’s.

However, the interesting bit was that of these roughly ~100 bounces in the inbox, 3-4 seemed to be responses from actual people. To my surpise though, some of them not only told the sender to remove them from the list but were actually asking for a delivery of the promoted product, including details like postal address, mobile phone numbers and more …

I don’t know what’s more evil – spammers using these services for spamming or the simple fact that anybody can go and “check” the responses to the spam. I also wonder if this was intentional: To use that unprotected account to eventually let other spammers go and harvest additional e-Mail addresses.



  1. Which I won’t link to for obvious reasons. ↩︎

Comments.

No comments. Be the first to add one!
Add a comment.
We'll never share your email with anyone else. We use the Gravatar system to pull in pictures based on an anonymous hash.
Once you submit your comment, it will be moderated and then show up here shortly after.