[ NNSquad ] California Spamming: When "The Governator" Seems to Spam

NNSquad - Network Neutrality Squad
NNSquad Home Page
NNSquad Mailing List Information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] California Spamming: When "The Governator" Seems to Spam

To: nnsquad@nnsquad.org
Subject: [ NNSquad ] California Spamming: When "The Governator" Seems to Spam
From: Lauren Weinstein <lauren@vortex.com>
Date: Tue, 25 Aug 2009 12:54:33 -0700


          California Spamming: When "The Governator" Seems to Spam

                http://lauren.vortex.com/archive/000607.html


Greetings.  When those e-mails arrive from "Barrister Nitwit"
informing you (and 100K other recipients) that you've inherited $50M
courtesy of the late Dr. Terwilliger (who built a fortune over the
years stealing money from the pocketbooks of unsuspecting mothers) you
know immediately that you're dealing with a "419" crook who knows full
well what he's doing, and that it's very, very wrong.

But there's a perhaps even more insidious type of spam as well, sent
by persons who somehow feel that if *their* message is important
enough (as they see it), then their UBE (Unsolicited Bulk E-mails) --
whether blatantly commercial or not -- somehow aren't *really* spam.

We all know about this sort of spam, but I was still surprised this
morning when I received a message with the Subject: line proclaiming
in all caps:

GOVERNOR SCHWARZENEGGER AND FIRST LADY MARIA SHRIVER ANNOUNCE
CALIFORNIA HALL OF FAME 2009 INDUCTEES

This was then followed by a fairly long press release, noting twice
the involvement of Chevron Corporation and Accenture, and ending with
a line promoting the fact that Comcast is the "exclusive multimedia
partner" for the event.

While that e-mail was perhaps not blatantly commercial in nature, it
certainly contained commercial elements.  And why did I receive it at
all?  Was it sent by some "renegade" public relations firm?  Or was it
some sort of scam after all?

In fact, inspection of the message headers revealed that the message
actually did come from servers associated with the asserted From: 
line -- the Office of the California Secretary of State itself.  
The message contained no To: line -- pretty much a sure indication of 
a bulk mailing.

The next question -- why did I receive the message?  I've never
knowingly provided that e-mail address to the State of California in
the course of any personal or other business, and certainly not for
their press release mailings.

I sent a quick query off to the author of the message (apparently in
the office of the California Secretary of State) asking where she had
obtained my e-mail information.

A prompt reply arrived within a few minutes.  My e-mail address had
been obtained from the "Cision" media database, and I had been
included in the mailing as a technology blogger since one of the event
inductees was Intel CEO Andrew Grove.

In a response, I suggested that the mere presence of my "harvested"
e-mail address in a commercial database did not in any way represent
my permission to use that address for commercial or non-commercial
unsolicited bulk e-mails, and that when government (such as state or
federal) entities are involved in such abuses the issues are even more
acute.

In a followup note to me, the author then explained that she was not
actually part of the Secretary of State's office, but that "The
California Museum is a 501c3 non-profit that just happens to rent
space and IT equipment from the government."

Notably though, her e-mail address as shown on the original and all
subsequent messages was a straightforward "@sos.ca.gov" address, and
the message headers showed only State of California servers involved
in processing the messages before they reached my local e-mail
gateway.

In other words, every aspect of her messages were so arranged as to
appear to be official State of California e-mails, with no indication
that the state was acting as an agent for a particular non-profit
organization.

Spam issues aside for the moment, the use of official State of
California e-mail addresses and servers in such manners seems highly
problematic, especially when even detailed header inspection suggests
official mailings.

And obviously, whether from official sources or not, unsolicited
e-mails of that sort are not only unacceptable, but also not the kind
of mailings one would expect the State of California would want to
sanction under their official e-mail "banner" -- so to speak.

While I very much appreciate the quick responses I received to my
queries about this matter, the entire situation, both the sending of
the original spam e-mail press release and the use of State of
California e-mail addresses and servers in such ways, strike me as
most definitely inappropriate.

--Lauren--
Lauren Weinstein
lauren@vortex.com
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
   - People For Internet Responsibility - http://www.pfir.org
Co-Founder, NNSquad
   - Network Neutrality Squad - http://www.nnsquad.org
Founder, GCTIP - Global Coalition 
   for Transparent Internet Performance - http://www.gctip.org
Founder, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Twitter: https://twitter.com/laurenweinstein

Prev by Date: [ NNSquad ] Re: H.R. 3458, Rep. Markey's third bill proposing to regulate the Internet and ISPs
Next by Date: [ NNSquad ] Re: H.R. 3458, Rep. Markey's third bill proposing to regulate the Internet and ISPs
Previous by thread: [ NNSquad ] Verizon Wireless joins boycott of Glenn Beck
Next by thread: [ NNSquad ] Administrivia: "The Tim and George Show"
Index(es):
- Date
- Thread