There’s a guy in my “network” who keeps on joining one network after another. And he always sends me invitations. They go straight in the “half spam” bucket.

The latest invitation piqued my curiosity. It was from mydailyflog.com, and it said:

Hi!
I would like to invite you to visit MyDailyFlog and see my latest photos.

And then the link, which was on this format:

http://www.mydailyflog.com/go/invite_register/randomusername/somenumber

Hmm, this doesn’t look to me like the link to a post with his latest photos? Because if he was sending me an invitation to view his latest photos, I’d be inclined to go check them out. But invite_register? That sounds awfully like fanbox behavior. How do I know they won’t create a profile for me just from that link? I had to test it, but not with my own e-mail address - I don’t want to encourage them to keep spamming me, so I find a random invitation in Google (yes I know, it’s ethically questionable, but Google has followed a bunch of those already, so…).

And yes, they have the e-mail address filled out, and are just waiting for my password.

Oh, and he has no photos at all yet, so this wasn’t a specific invitation to me, which I wouldn’t mind - for specific photos he manually invited me to see, but an attempt to get me to sign up.

I also checked the Terms of Service, and they state among other things that:

…You are solely responsible for any use of or action taken under your password on the Site. Your password may be used only to post Posted Content, review information regarding potential and completed transactions and otherwise access and use the Site and Services in accordance with these Terms and Conditions…. …You accept full responsibility for all transactions and other activity placed or conducted through your account and agree to and hereby release MyDailyFlog from any and all liability concerning such transactions or activity….

There’s just one problem with that… The e-mail I received was not sent by my friend, but by the dailyflog system - which means he either expressly gave them my address, or gave them access to his address book, presumably by giving them his webmail password.

So… Dailyflog sends out invitations, and you’re responsible. Now, why does that sound familiar?

Update: Very funny, I now got an invitation with a link identical to the one I put into this blog post. Serves me right for including the number at the end, which was identical to the number on the first invitation I got. So it’s possible that the number identifies a specific e-mail address regardless of who the “inviter” is?

I’ve sent out a few newsletters recently, and got one reply that raised my suspicions. It was a vacation reply that hawked a website, and it looked like spam. Although I don’t know the person who owns the e-mail address, I suspect she was hacked, and somebody turned on her vacation response and filled it with their spam.

hi:
Heya, how are you doing recently ? I would like to introduce you a very good company which I knew. Their company homepage is www.sugefa.com. They can offer you all kinds of electronical products which you need, such as motorcycles, laptops, mobile phones, digial cameras, TV LCD,xbox, ps3, gps, MP3/4, etc. Please take some time to have a look at it, there must be something you ‘d like to purchase.
Their contact email: sugefa@188.com.
MSN: sugefa@hotmail.com
TEL: +8610-80973507
Hope you have a good mood in shopping from their company!
Regards

I’ve found the same sentences on the net, on a blog that seems to use e-mail to post. The owner probably didn’t send some of those posts from September and October.

Here’s a report on this spammer/hacker.

If you see a vacation response like this, please notify the person it came from, maybe via Facebook or another address as well if you can. They’re usually so mortified they got hacked, so they might not reply to you, unfortunately. Getting hacked is no longer something to be ashamed of. There are so many ways they hack people, you’ll have to be VERY good with computers and very lucky to avoid ever being hacked.

More people talking about this phenomenon:

Computerhope
taint.org

Estdomains, home to lots of spam domains, is now history. Good riddance!