I decided to have a small investigation on (some!) of today’s spam…  I noticed a lot of similarities in my Mailwasher Pro output:

• Forged/spoofed “from” address
• “Debt free” or “get out of debt” or some permutation thereof in the subject field
• ALL have a non-obfuscated ~spaces.live.com web address as the link
• 2 line body: e.g.
  • Let us Help you Manage your Debt. Reduce your payments up to 50%!
  • http://cid-0210edcd1b81f31a.spaces.live.com/
• All 1.2kb in size
• No attachments
• All to the usual spam harvester address – a catch all I use for sign-ups of ANYTHING on the web

These are the four address links:

• http://cid-0210edcd1b81f31a.spaces.live.com/
• http://cid-8c9140fee87a9fe8.spaces.live.com/
• http://cid-c6a7ef1ebf9fda3f.spaces.live.com/
• http://cid-2007bf4b228d055b.spaces.live.com/

All the genuine spaces pages look exactly the same.  The pdf is an exact copy of the web page I made using Nitro’s PDF Download add-on for Firefox.

There are two websites buried in here.

• http://sariakandiful.com/ is the click-to link
• http://www.precisiondebtrelief.com/images/debt-consolidation_01.jpg is where the large central graphic is located

Clicking the follow through link instead of going to http://sariakandiful.com/ actually goes straight to Google.com!!  This must be Microsoft’s doing within the spaces.live environment.  They must be expecting this rubbish…

Going to the domain hosting the picture, actually IS a debt type site called http://www.precisiondebtrelief.com which looks very professional and honest.  Thoughtfully, they’ve provided a “Company Info” page…..

….er, apart from a large pile of advertising waffle, the only “info” is a graphic with a nice glass office block and an address in Dallas, Texas.  This is it here in Dallas:
View Larger Map

Doing a WHOIS on the site, like here, or here, we find that the website is registered/owned by a guy called Mark Compton who owns about 108 other domains according to public whois information.  Some proper company info can be found here and traced through – I haven’t the time for my investigation here and it’s not relevant for me.  I’m chasing IP address info, like so.

Doing a whois on SARIAKANDIFUL.COM such as here or here, gives us a place in China for the domain nameserver and the website is hosted in Panama! So that’s the spamming bit…

So all you need to ask yourself is:

Q.  Why does Mark Compton who has several companies and websites,

1. advertise his services with forged email spam that
2. links to Microsoft Live Spaces as a hook, and
3. is nameserved from China and
4. is hosted in Panama and
5. has a dedicated server for his websites (IP 67.212.165.51), physical address in Chicago, apparently, and
6. has websites registered with (cheapo) GoDaddy and
7. has DNS nameservers (e.g. DNS1.MIDPHASE.COM) which are at http://enom.com and
8. uses a simple anonymous yahoo email address for business correspondence?

A.  He’s trying to hide something. His name and address are clear but there’s something going on.

Q.  So why borrow money from someone who’s trying to hide his business?

A.  ?

Or am I missing something and have got it all wrong?

He hasn’t harmed me and I don’t have a connection with him?

Er… I do now!   He’s just plonked shite in my in-tray!

Amazon Related:

Googled: The End of the World as We Know It

Wi-Fi Detecting T-Shirt (Green - Small)

• Reader Question: You Readers Answer A couple of weeks ago I received the most flattering email about my work on Weakonomics since I started about...
• P2P Lending in Miami Hearld The P2P lending buzz is everywhere... Today it is in the Miami Herald: Anyone can be a banker with peer-to-peer...

Related Posts by Tags

• Robert G Allen, Grants, and a Credit Card Slimeball (32)
• Combatting WordPress Trackback Comment Spam (9)
• Google Treasure Chest – it’s a scam and a half! (274)