I consider myself to be a fairly well-educated, well-informed person, especially when it comes to issues of digital literacy. So, it is with great embarrassment that I confess to having accidentally spammed pretty much everyone I know.
Yesterday I received an email from a source who shall go unnamed–but who I also consider to be a very well-informed, level-headed individual–inviting me to be a beta tester for the Apple iPad through a program where I would be given an iPad to test. After two months of submitting reviews and feedback, the iPad would be mine to keep as compensation for my time. My first thought should have been that nothing in life is free, especially newly-released pieces of cutting edge technology. Instead I thought about how great it would be for The LAMP to have an iPad to use in workshops (corny, but true). And, since the email came from someone whom I respect a great deal, I followed the link and checked out the company, TestitandKeepit.com. It appeared to be completely legitimate, as I clicked through links with the company’s purpose, contact information and testimonials from people who had tested products from them. I went ahead and started the process of registering to beta-test the iPad.
At this point, I hadn’t done anything wrong. The only person I put at risk was myself, by giving my email address and name to the company. But, at Step 2, you are asked to provide the company access to your address book, so they can send emails to everyone you know and invite them to participate. And this is where I was just plain stupid, thinking they would show me a list of contacts in my address book and I would choose which people I wanted to receive the email. After all, the company doesn’t want to be accused of spamming, right? They only want to contact people who might be interested, right?
No. They sent automated emails to everyone in my address book, citing my email address. Think of all the people whose emails you have stored in your account, and that’s a lot. My book includes friends, family, business contacts and people I may have only emailed once or twice, and I had just given all of their email addresses to TestitandKeepit.com. Plus, it made my folly all the more public. The kicker was when I went on to the third and final step required to complete registration, and got an error message that the page did not exist. This is not a good sign.
Suffice it to say, this is all extremely embarrassing, but I’m sharing it as an example of how easy it is to be taken in by a spamming/phishing operation. I take only a little comfort in evidence that the spam industry continues to grow despite various education and security efforts. I thought I knew better. Apparently not.
To anyone from my address book who may be reading this…sorry.