Words by c.z.robertson

HugeCrush.com -- spamming sophistication

2002-07-15 01:00:00 UTC

This week's award for sophistication in spamming goes to... HugeCrush.com.

I just got an email with the subject "Someone has a huge crush on you" which I took to be spam as soon as I saw it and I very nearly deleted it. But just before I hit the delete key, the lonely yet optimistic romantic in me got the better of me and I stopped to check it out.

The email begins:

Dear Colin Robertson,

Someone has a huge crush on you.

hugecrush.com has registered that someone has a huge crush on you. To find out who, please click on: http://www.hugecrush.com?c.z.robertson@ndirect.co.uk

If the above link does not work, please visit http://www.hugecrush.com and login using your email address.

They know my name. That's a good start. But it's not a brilliant start. They've capitalised my name, which a lot of the people who know me personally know that I don't do. They've also used an email address which I haven't given out to anyone for a year or so and which is now pretty much left to the spammers. So while it could be a from a real person, it would have to be from someone who's known me over a year and who hasn't yet discovered that I have a new email address.

So my first assumption when I'm asked to log in using my email address is that they want to verify that the address exists and is in use, thus increasing the value of the address list they sell. I don't play their game. I log in using the distinctly implausible address mazzy@ordo.equilibrio.tv. Even more implausibly, I'm told that this address has one crush on it.

So I click through some of the clues to the identity of "mazzy's" secret admirer and all I get is a set of very generic statements: "I may already have a partner", "I wish I had met you years ago", etc. And I have the option of making a guess as to who this person might be by entering their email address.

There's also an "Open" button, presumably for finding out the identity of this person. I click on it and my browser asks whether I want to download a .exe file.

Yep, this is all far too suspicious to be believable, but you've got to admire their cunning. They send out a few emails to lonely losers like myself, the more gullible of whom will visit the site and, as they make their guesses, will enter a few more email addresses of people they know. Those people will then receive emails telling them someone has a crush on them and the process will be repeated. And the email addresses they receive will all be real, in-use addresses. It sure beats spidering websites.

Some other warning signs: The site carries no advertising. Unless someone is doing this as a labor of love, they must have some way of covering their costs. Also running whois hugecrush.com tells me that the domain name has been registered by someone in Hong Kong who gives their name only as "Crush, Huge".

The site also has a page from which you can send your own crush messages (though curiously hidden, as if they're expecting more of their visitors to be the recipients of the emails rather than the senders). So it may actually be possible that there's someone out there who does have a crush on me and has seen fit to tell me through this website rather than in person. It may even be the case that this website has actually recorded that information rather than just the email addresses involved. But sadly, I fear the chances are against it.

Fer

2003-09-26 00:48:32 UTC

And what does the .exe file do?

[permalink]

colin_zr - http://rtnl.org.uk

2003-09-26 18:15:24 UTC

Haven't got a clue. I use Linux.

...Even if I did have Windows, I wouldn't have run a random .exe given to me by a spammer.

[permalink]

Simon

2003-10-02 15:24:17 UTC

the exe does nothing. It appear as a dos .exe file, once open there is absolutely nothing. Btw, I didn't know you could register a dsn anonimously, interesting.

[permalink]

Wogo

2003-11-30 08:50:45 GMT/BST

Warning, this is spyware. It puts something in the registry, and something in your startup folder.

You can use a free program like "Spybot: Search and Destroy" to get rid of the mess.

http://www.safer-networking.org/

[permalink]

Spam-crush

Jeff

2003-11-28 17:48:18 GMT/BST

THere is so much garbage being thrown around these days. I hit on your site after beginning to see "maybe someone does have a crush on me." I shut down that as soon as they wanted me to download a file. I did a search and found your informative site. I applaud your efforts to fight spam. Sharing knowledge is one of those ways to reduce the effectiveness of spammers. People become more adapt at what they are hooking up to when they are more aware of the possible dangers and negative repercutions.

[permalink]

Spam Crush

Skyprincess

2003-11-28 22:07:48 GMT/BST

Hi I just got one too, thank god I found your comments before I even bothered checking who could possibly have a crush on me. Good job at keeping us safe from these e-vultures!

[permalink]

2003-11-29 02:51:18 GMT/BST

just a note ,got one of those crush things(same Co.) too none of you have a crush on me do you? just checking...

yep that one appeared to have some credibility glad I ran across this (one)site .I have a mac and cant open .exe s anyway.but was able to peek using the mac ver ms word. So it is just dos nonsense is that correct? I could make out a few distinguishable words about dos but otherwise garbled.

[permalink]

Wogo

2003-11-30 08:53:53 GMT/BST

Another sign it is a fake site:

If you "login" with any e-mail address, even e-mail addresses that do not exist, it will always tell you that you have 1 crush.

Presumably there is some less than honorable intention.

[permalink]

Xpi

2003-11-30 15:47:26 GMT/BST

i just got that same email from huge crush, and out of curiousity went and poked around the site for a bit.

i checked the 'FAQ's', and in it was a link to send a crush, but it didn't work; in fact, none of the links worked. some gave script errors, the others (including to send a crush) brought me back to the same page again where i could download 'open.exe'.

that's what tipped me off that it was a scam.

[permalink]

huge crush email

Natty

2003-12-13 04:25:59 GMT/BST

My daughter got one of these emails and unfortunately she opened it. Poor thing was disappointed when she realized that her secret crush didn't exist. I'm not sure how to get rid of it (whatever it is) off of the computer. Is there any evidence that this could have installed a virus onto our computer?

[permalink]

spam

iain

2004-01-08 14:35:01 GMT/BST

yes i got the huge crush email yesterday confused the hell out of me as no one who actualy knows me for real knows my email. i get alot of emails that are nonsense, like all mangled text eg.. 'riveara beaver king bison, move gently hose coffepot' and the subject will say 'have you heard? uifgrg' whats that all about? i still get the ones about recovering large amounts of money from 3rd world countries, then asking for bank deatails. has anyone been taken in buy these?

[permalink]

Here:

Next: Examination Board Decision

Previous: AudioGalaxy revisited

Main

Archives

RSS

colin z robertson

A part of RTNL

Powered by Catkin