- Paul Willies, website designer of executiveguild.com
and Internic listed Technical Contact for executiveguild.com
CC:
- S.E, Nezle, spammer, none60@JUNO.COM, P.O Box 145567
Dallas, TX 75244 US, Phone (817) 772-7772, Internic
listed contact for cyberdue.com domain. Phone number
is almost certainly bogus, as is name. PO Box may be real,
but what can you do with that?
- A mailing list full of people who seem to enjoy tons of junk
in their inboxes, so won't mind one more.
- info@coder.com, contact email at Prescient Code of Ithaca NY,
the providers of the Mailform utility.
SUBJECT:
I just got an ANNOYING spam mail, included below, ripping
off Executiveguild.com, using Prescient Code (coder.com)'s
Mailform utitlity (without their knowledge).
DETAILS:
Following the link provided in the spam-mail -
http://www.cyberdue.com/whoswho/apply.html
shows that it is a copy of your page
http://www.executiveguild.com/apply.html
It would
appear to be someone ripping off your "Executive Guild" website
in order to collect information from gullible persons, presumably
to resell it or target these suckers with yet further spam. What
made this spam interesting was (a) its pitch is seductive
enough to follow the link (b) they're stupid enough to have
left enough hints on the forged page to allow easily tracking
back to the legitimate site being duped.
Your cgi script
<FORM method="post"
action="http://executiveguild.com/cgi-bin/mailpost.exe/appform.txt">
Is replaced by
<FORM ACTION=http://www.coder.com/code/mailform/mailform.pl.cgi
METHOD=POST>
coder.com is a legitimate site, and offers a free mailform
processing cgi script (see http://www.coder.com/code/mailform/)
which "is targeted for people who do not have access to CGI scripts
on their site."
They claim that "users must register their email address. This is to
prevent people from exploiting this service to send anonymous email. "
Nonetheless, it seems that their tool is indeed being
exploited by these cyberdue jerks. I'm cc'ing this to
info@coder.com so that they can delete the bozo with ID "Who_3abe"
as in:
<INPUT TYPE=HIDDEN NAME=MAILFORM_ID VALUE="Who_3abe">
I am presuming here that ExecutiveGuild are the innocents being duped,
which is why I'm telling you nicely. Then again, your
service looks pretty dubious to me too - simply inviting people
to add information about themselves to your database - uuggh.
What do YOU do with the info? Where are YOUR disclaimers about
who you resell your database to? Don't expect anyone but
suckers to sign up with that kind of pitch.
Regards,
Ron Resnick (resnick@interlog.com)
Anyway, here's the spam I got, complete with headers:
> Received:
> from inf1.infoserv.net (inf1.infoserv.net [200.34.71.213]) by mail.interlog.com (8.8.8/8.8.8) with ESMTP id JAA16737; Wed, 13 May 1998
> 09:15:05 -0400 (EDT)
> Date:
> Wed, 13 May 1998 09:15:05 -0400 (EDT)
> From:
> WhoisWWHoz@mci2000.com
> Message-ID:
> <199805131315.JAA16737@mail.interlog.com>
> Received:
> from hotmail.com ([12.67.80.155]) by inf1.infoserv.net (post.office MTA v2.0 0813 ID# 0-11679) with SMTP id ACS3058; Tue, 12 May
> 1998 22:41:05 -0600
> To:
> WhoisWWHoz@mci2000.com
> Subject:
> Whois Who!
> Content-Type:
> text
> X-UIDL:
> e56cdbdf1cda9406faa612255324e829
> X-Mozilla-Status:
> 8001
>
>
>
>
> Dear Candidate,
>
> You have been selected as a potentially qualified candidate for
> inclusion on the latest state of the art, The International Executive
> Guild's Who's Who CD-Rom.
>
> Our researchers gather information from many recognized sources
> including professional associations and societies, trade organizations,
> newspaper and magazine articles, web presence, and referrals from
> existing members.
>
> As a highly respected professional in your field of expertise, we
> believe your contributions merit very serious consideration for
> inclusion on The International Executive Guild's Who's Who CD-Rom.
>
> To maintain the highest level of accuracy we ask you to click on
> the web address below and fill out the brief bit of information on
> our application form. THERE IS NO COST OR OBLIGATION FOR INDIVIDUALS TO
> BE EVALUATED FOR INCLUSION AND ALL APPLICANTS WILL RECEIVE A FREE GIFT
> COMPLIMENTS OF THE INTERNATIONAL EXECUTIVE GUILD.
>
> http://www.cyberdue.com/whoswho/apply.html
>
> My Sincere Thanks,
>
> Cathy Howell
> Office Of Public Affairs