2005.03.07

21:48:45
Spammed by 'Spamalot' (3)

A few weeks ago I signed up for the mailing list for the new Monty Python musical "Spamalot." As is my usual habit I gave them a unique e-mail address (in this case, my initials followed by 'spamalot' @ this domain name). Last night I received the first message sent to that address. It insisted that I submit information about my (nonexistent) Washington Mutual account to some server in China.

In other words, I was spammed by a musical featuring a song about spam. Except that technically I was phished, and Iím thinking this was most likely a result of bad virus protection on the machine handling the mailing list, and not Eric Idle trying to raid my bank account. Or maybe it's a really weird marketing campaign.

Iím planning to follow up on this, so in the unlikely event that you have had a similar experience, Iíd like to hear from you. Full text of the generic phishing e-mail is below. (Update: I removed this.)

03.12 Update: I ended up writing a story about this: What to Expect of 'Spamalot'? A Lot of Spam.

03.15 Update: According to the developer of the "Spamalot" site, the following message went out to the list Friday night. I did not receive it.

SpamAlot Security Alert

Dear Spamalot Newsletter Subscriber,

It has come to our attention, that the database containing your subscription
information may have been compromised during an attack on our servers by
internet hackers. As a result of this theft, you may receive unsolicited emails
to the account you submitted including fraudulent emails that appear to come
from financial institutions. Since being informed of the potential problem, we
have taken additional security precautions which will prevent this type of
attack from succeeding in the future.

We apologize if this has caused you alarm or inconvenience. If you have any
questions or concerns, please contact us at newsletter (at) montypythonsspamalot.com.

Sincerely,

Website Manager

03.17 Update: I got this message yesterday, as did some other people on the list.


Comments

This is why I use a Yahoo mail address for these kinds of newsletters and announcements. You are probably correct that their email database was stolen via some virus or exploit.

The guy who designed their Flash-heavy site is named Mark Stevenson of Stevenson Studios in NYC: http://www.thestevensonstudio.com/ or http://www.markstevenson.com

He might have a clue as to why their email database is being used by spammers/phishers.

Posted by: Cameron Barrett at March 8, 2005 11:14 AM

I also use a unique address for most lists and find it interesting to see how quickly the various addresses end up on spam lists (including phishing). The quickest I've had an address result in spam was six days. Unfortunately, I don't know the exact source of spam in that case, because I used the address to post messages on all sorts of mailing lists and on a Web site. I think the highest volume of spam I have received from a unique address is the one associated with the annual conference of this academic organization.

I suspect you're right about the bad virus protection in the case of this production.

Posted by: eszter at March 8, 2005 4:19 PM

Cam and Eszter: Thanks for the feedback, and stay tuned for updates...

Posted by: David at March 10, 2005 5:39 PM
Post a comment









Remember personal info?