Strange e-mail

Yesterday, whilst perusing one of our spam traps, I came across a strange email. The body of it consisted of this:

“hey
call me when you get this mail.
I can not reach you.

bye”

No request to send money to the prince of Nigeria, no offer to purchase breast implants (they never seem to get the gender right!) or fake Rolexes, just that cryptic request to call. Some web research produced very little hits. After some cogitating, I’ve come to the conclusion that this is a form of “list validation” that relies on social engineering.

The spammers have a list. They want to see which email addresses are used, and current. They send this weird email to the whole list. Some of the recipients reply asking something along the lines of: “Who is this?”

Now the spammers have a much smaller targeted list of live targets, distilled from the original list.
That list is much more likely to yield better results. The spammers then mount a new campaign, this one only sending emails to the people who replied, knowing that the list they are using has been validated.

This is the only valid explanation I can come up with for this strange email. When I researched the “from” field in this email, I received confirmation that many other people had received the same e-mail.

Pretty smart.

The lesson to take away from this is not to reply to strange email from unknown people, even if the social engineering aspect is very strong. (unknown woman asking you to call…)

Hey, at least they got the gender right this time…

Addendum:

I further discussed this tactic with Co-workers, who happen to read our blog, and I have come to the conclusion that this “validation” technique is more effective against males.
Random email from unknown woman = I wonder who this could be?
Random email from some guy = creepy!

Jean “TinFoilHatMan” Taggart