A New Kind of Spam?

[RJM62]

For the past week or so, I've been getting some spam that seems to be very tightly targeted to me based on recent Internet research I've done. For example, I've been researching various kinds of insurance, new cars, and investment instruments of late, and the spam targets those interests.

The odd thing is that all the spams are directed to my business address, which I don't use for personal research or correspondence. But the targeting is too precise for me to believe that it's coincidental.

Another thing that's unusual is that the sites referenced in the spam seem to be legitimate inasmuch as they actually do sell the items or services or refer the user to vendors who do, usually through affiliate links. I've stripped the identifying information out of the hyperlinks and visited the sites over a proxy, and they're all real sites. In addition, the sending email addresses all seem to be genuine and are on the same domains as the sites.

None of that makes a difference in terms of how I handle the spam. I report it to Spamcop immediately, and because the return addresses seem real, I bounce them as well. Screw 'em. Spam is spam.

Still, I'm curious as to how they're gathering their data. I've scanned my machines with multiple scanners and have turned up nothing. I also have most plug-ins disabled and limit most third-party cookies to the session.

'Tis a puzzlement.

Rich

 

[JOhnH]

They're good at that. I searched for hearing aids and now every other ad I see, regardless of which computer I am on, has ads for hearing aids. It has happened with cars and grass fed beef among other things.

 

[SixPapaCharlie]

Yep, I have done work specific searches at the office and ads related show up on my home PC.

Ads need to be smart enough to know when you have already sealed the deal.
I bought a camera lens online once and for 3 months, I got camera lens ads.

 

[RJM62]

Yes, but targeted ads are old-hat. I'm talking about actual emails sent to me, apparently based on my Web searches and research. And always in my business address, not any of my personal addresses.

The only time I search the Web while logged in under my business address would be when I'm doing SEO checks for my clients on Google, and then happen do some personal searching without logging out. Other than that, I don't use Google for search (or anything else, for that matter). Also, Google's and almost all other cookies are session-limited on my browser, and I don't give Google (or anyone else) permission to store Flash data, so they can't be re-spawning from there.

I usually use Duck Duck Go for search, and I don't think they even have a way to log in. Their cookies are session-limited, as well.

I think the bouncing has slowed the flow down to a trickle. I got more than a dozen of these spams one day earlier in the week, but today am down to three. Or maybe they just don't like being reported to Spamcop within a second or two of sending the spam.

Rich

 

[magyarflyer]

Tor or onion browser is the answer.
Searches take a bit longer but if you value your privacy, that's the route to take.

 

[wsuffa]

Since they can, and do, create a fingerprint of your browser, it's very easy to associate any login you do yo your browser, and use that association to spam. Cookies are very 2000-ish.

 

[LDJones]

Yep, I have done work specific searches at the office and ads related show up on my home PC.

Ads need to be smart enough to know when you have already sealed the deal.
I bought a camera lens online once and for 3 months, I got camera lens ads.

Just search "breast augmentation" periodically to at least keep the ads interesting.

 

[trepine]

Tor or onion browser is the answer.

Searches take a bit longer but if you value your privacy, that's the route to take.

Tor is a protocol, onion is a client that uses tor


Sent from my iPad using Tapatalk

 

[JHW]

Darn. Thought this was going to be innovation in canned meats.

 

[JOhnH]

I just got one.

Since I am almost 63 and planning my retirement budget, I was curious about how to budget for medical insurance, so I did a few searches on Medicare supplemental plans. I don't remember which browser I used, but it was most likely Firefox, or possibly Chrome with a slim chance it was IE. I didn't find what I was looking for.

Today I received an email about medicare and the first sentence in the email included almost exactly one of my search phrases. And the email it sent this to was one I hardly every use. I created it for testing purposes a few years ago. I only saw the email because my iphone shows all of my email accounts at once.

 

[EppyGA]

Getting emails from the NSA huh Rich

 

[RJM62]

Getting emails from the NSA huh Rich

Meh. Other than for reasons of principle, I personally don't care what the NSA knows about me. I don't like their snooping around, but they'd mainly be bored by my browsing habits.

The spam is an interesting thing, though. I've done all kinds of scans which have turned up nothing in the way of malware. I'm not sure how the web-to-spam connection was made, but it sure seems like that's what happened. It could also be coincidental, but it seemed too targeted for that to be likely.

The one possibility that came to mind, but which would be a little tricky to implement, was that a brilliantly-crafted script could scrape and analyze the targeted ads that showed on pages monetized with Adsense, Adversal, etc.; deduce the user's recent searches from the ads rendered; and store the user's information in a cookie. The cookie would then wait for the user to log in to a another complicit site that either uses an email-based login or which has the user's email address stored. The email address could then be associated with the recent searches.

That seems a bit far-fetched, but it's doable by someone with the right skilz. If that's how it was done, then the complicit site in my case almost certainly would be an Internet advertising company. I deal with many of them and I use my business email address for them. The companies are all as "reputable" as Internet ad agencies get, which is to say not very; so it wouldn't surprise me in the least if they were in cahoots with targeted spammers.

Rich