Briviclaim continued
It seems most visitors are coming here because of my Briviclaim/Carphone Warehouse/Charles Dunstone post of a few days ago. Thanks for dropping by! If Google has referred you here then chances are it's spilt off the bottom of this page of the blog, so click to read the start of the conquest. Here's the latest on my investigation.
Since the first post, I've received two more emails (that have got their way through the spam filters) with the same text, this time dropping Tony Blair's name into the 'From:' or 'Subject:' fields. As mentioned before, the IP address that all these messages are originating from is 209.203.207.141. I said it was based in Fort Lauderdale, but chances are it isn't, because there's conflicting information on the WHOIS database as to who actually owns the IP block...
steve@giles:~$ whois 209.203.207.141
PG & C Leasing, INC PGCNETBLK (NET-209-203-192-0-1)
209.203.192.0 - 209.203.223.255
Expedite Marketing Corporation EMC-NET (NET-209-203-192-0-2)
209.203.192.0 - 209.203.207.255
# ARIN WHOIS database, last updated 2005-04-06 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
steve@giles:~$
PG & C Leasing don't exist any more, but still have data floating around on WHOIS databases. They actually haven't existed for four years, as this page notes (notice the 'Inactive' and 'Dissolution' remarks). The block is now, so far as we can tell, owned by Expedite Marketing Corporation - but it was previously hijacked by an ISP in Florida which specialised in grabbing IP blocks from defunct ISPs (allegedly).
Anyway, Expedite Marketing Corporation have a web presence. They do a variety of things, including hosting and 'opt-in' email marketing and things. But their terms and conditions are nowhere to be seen, so it's nigh-on impossible to work out whether Briviclaim is in violation of them. But we can find out.
I suggest this - forward all spam from Briviclaim to abuse@expeditemg.com with a covering note saying that it has originated from a server in their IP block and that you have never opted in to receive libelous emails from anyone. It's okay - this email address turns up on the WHOIS information for Briviclaim. There's a phone number provided in the WHOIS, which is invalid, so save the effort. No fax number either - tch.
As to Briviclaim themselves, well... I thought I'd take this opportunity to create a new email address (thanks to the glut of Gmail invites I have) and email to try and find out why they're doing this. From a respectable online advertiser (my friend works for one) you'd expect a response pretty sharpish... but so far, nothing. And the new Gmail account (which I've not used for anything else or publicised) means that if spam turns up there, I know who to blame.
If anything more comes of this, I shall let you all know!
3 Comments:
They've been hitting my email too, I have a collection of 17 briviclaim spams, since 18 March, variously claiming to be the DTI, Tony Blair, Offcom and then Ofcom, the mysterious "C Dunstone", and just "official".
I don't think there's much point sending reports to Expedite Marketing Group, they are listed in spamhaus.org's Register Of Known Spam Operations, see http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=ROK3077 and the entries linked from there. The best place to send complaints is probably their upstream ISPs, xo.net, eli.net, and broadwing.com
Hmm, you're right, of course. I'd Spamhaused Briviclaim but not Expedite. Further digging through that data shows that the phone number given for Briviclaim is actually Expedite's phone number, but with +44 instead of +1.
So... does this mean that Briviclaim is a UK front for Expedite?
I've received three more Dunstones today as well... *sigh*
Only three? I've received 10 in the last two days. Which is more than a little annoying.
I just wish there was a way of stopping spammers permanently.
A.
Post a Comment
<< Home