“Questions About GDPR Data Access Process” Spam from Virginia

  • NOTE: See recent updates below the original April 2021 post!

The other day, I received the following email:

Subject: Questions About GDPR Data Access Process for [DOMAINNAME]
To Whom It May Concern:

My name is [REDACTED], and I am a resident of Roanoke, Virginia. I have a few questions about your process for responding to General Data Protection Regulation (GDPR) data access requests:

  1. Would you process a GDPR data access request from me even though I am not a resident of the European Union?
  2. Do you process GDPR data access requests via email, a website, or telephone? If via a website, what is the URL I should go to?
  3. What personal information do I have to submit for you to verify and process a GDPR data access request?
  4. What information do you provide in response to a GDPR data access request?

To be clear, I am not submitting a data access request at this time. My questions are about your process for when I do submit a request.

Thank you in advance for your answers to these questions. If there is a better contact for processing GDPR requests regarding [DOMAINNAME], I kindly ask that you forward my request to them.

I look forward to your reply without undue delay and at most within one month of this email, as required by Article 12 of GDPR.



It’s a confusing email, but as it turns out, one received by many other website owners. In fact, there’s a thread about it on Reddit.

GDPR deals with processing personally identifiable information. Non-compliance can lead to stiff fines. It even applies to companies outside the EU if they process personal data of EU residents.

If you get a request regarding personally identifiable information from a EU resident, you will need to answer promptly or you can face fines. However, no such requirement exists under GDPR regarding data of individuals outside the EU.

I don’t know what the intention of the sender of this email email is, but I have my suspicions.

The email was sent from an address at “potomacmail.com”, a recently registered domain (2020-03-02). It was sent from an Amazon EC2 host ( The HTML portion of the email contains an image reference to a single pixel “web bug”, an image loaded from the potomacmail.com website that will cause the IP address of the browser to be logged on that server when you open the email with a web client that doesn’t automatically block images from untrusted senders:


The URI contains a unique value (it was something other than 1234 in my case) that presumably identifies the recipient of the email. In other words, the senders of this email themselves collect personally identifiable information which, if the recipient happens to be in the EU, is subject to GDPR and its potential fines.

UPDATE (2021-12-11)
There is a similar spam e-mail going around recently, with almost identical wording but mentioning the California Consumer Privacy Act (CCPA) instead of the European GDPR:

Subject: Questions About CCPA Data Access Process for [DOMAINNAME]

To Whom It May Concern:

My name is [REDACTED], and I am a resident of San Francisco, California. I have a few questions about your process for responding to California Consumer Privacy Act (CCPA) data access requests:

1. Do you process CCPA data access requests via email, a website, or telephone? If via a website, what is the URL I should go to?
2. What personal information do I have to submit for you to verify and process a CCPA data access request?
3. What information do you provide in response to a CCPA data access request?

To be clear, I am not submitting a data access request at this time. My questions are about your process for when I do submit a request.

This email was sent from an address at “yosemitemail.com”, a domain registered on 2020-03-02 with the same registrar at the exact same time as the “potomacmail.com” domain used in the GDPR variant of this spam:

Registry Domain ID: 2498859495_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com
Updated Date: 2021-03-08T03:30:04Z
Creation Date: 2020-03-02T02:15:46Z
Registry Expiry Date: 2022-03-02T02:15:46Z
Registrar: NameCheap, Inc.

Registry Domain ID: 2498859494_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com
Updated Date: 2021-03-03T22:25:43Z
Creation Date: 2020-03-02T02:15:46Z
Registry Expiry Date: 2022-03-02T02:15:46Z
Registrar: NameCheap, Inc.

As you can see, the creation time is the exact same, down to the second and the Domain IDs of the two domains are actually consecutive. Both sender domains were obviously created by the same registrant who uses them for the same purpose.

As far as I can tell, whether you are in California or outside, you are under no obligation to reply to this email. I would not advise replying to it.

UPDATE (2021-12-13)
The GDPR mails sent in the name of a person in Russia are sent from a domain registered via a different registrar about one month after the other two domains:

nserver: ns1crv.name.com.
nserver: ns2ckr.name.com.
nserver: ns3cjl.name.com.
nserver: ns4fpy.name.com.
person: Private Person
registrar: RU-CENTER-RU
admin-contact: https://www.nic.ru/whois
created: 2020-04-06T05:35:06Z
paid-till: 2022-04-06T05:35:06Z
free-date: 2022-05-07
source: TCI

Another domain used for sender addresses is “envoiemail.fr” which was registered a day after “yosemitemail.com” and “potomacmail.com”

domain: envoiemail.fr
status: ACTIVE
hold: NO
holder-c: ANO00-FRNIC
admin-c: ANO00-FRNIC
tech-c: RT12727-FRNIC
zone-c: NFC1-FRNIC
nsl-id: NSL82816-FRNIC
registrar: 1API GmbH
Expiry Date: 2022-03-03T20:45:06Z
created: 2021-03-03T20:45:06Z
last-update: 2021-03-03T20:45:07Z
source: FRNIC

All four domains have their email hosted at Google. That is not unusual, lots of domains use Gmail for mail hosting these days. It is still worth pointing out though.

POTOMACMAIL.COM. 3600 IN MX 1 aspmx.l.google.COM.
POTOMACMAIL.COM. 3600 IN MX 10 alt3.aspmx.l.google.COM.
POTOMACMAIL.COM. 3600 IN MX 10 alt4.aspmx.l.google.COM.
POTOMACMAIL.COM. 3600 IN MX 5 alt1.aspmx.l.google.COM.
POTOMACMAIL.COM. 3600 IN MX 5 alt2.aspmx.l.google.COM.

YOSEMITEMAIL.COM. 1799 IN MX 1 aspmx.l.google.COM.
YOSEMITEMAIL.COM. 1799 IN MX 10 alt3.aspmx.l.google.COM.
YOSEMITEMAIL.COM. 1799 IN MX 10 alt4.aspmx.l.google.COM.
YOSEMITEMAIL.COM. 1799 IN MX 5 alt1.aspmx.l.google.COM.
YOSEMITEMAIL.COM. 1799 IN MX 5 alt2.aspmx.l.google.COM.

NOVATORMAIL.RU. 300 IN MX 5 alt1.aspmx.l.google.com.
NOVATORMAIL.RU. 300 IN MX 5 alt2.aspmx.l.google.com.
NOVATORMAIL.RU. 300 IN MX 10 alt3.aspmx.l.google.com.
NOVATORMAIL.RU. 300 IN MX 10 alt4.aspmx.l.google.com.
NOVATORMAIL.RU. 300 IN MX 1 aspmx.l.google.com.

envoiemail.fr. 1799 IN MX 10 alt3.aspmx.l.google.com.
envoiemail.fr. 1799 IN MX 10 alt4.aspmx.l.google.com.
envoiemail.fr. 1799 IN MX 5 alt1.aspmx.l.google.com.
envoiemail.fr. 1799 IN MX 5 alt2.aspmx.l.google.com.
envoiemail.fr. 1799 IN MX 1 aspmx.l.google.com.

I am told the GDPR reply period of one month under Article 12 of GDPR only applies to data access requests, which the email specifically clarifies this is not.

UPDATE (2021-12-15)

It turns out that these deceptive emails using fake identities were sent out by a researcher at Princeton University as part of a study into how website operators implement GDPR and CCPA. In the most recent mails to website operators, the senders are now disclosing their background instead of using fake identities.

These GDPR and CCPA emails created great anxiety amongst the recipients (nobody wants to pay huge fines) and that should have been clear to the senders from the very beginning, yet they went ahead and spammed us as if we were human guinea pigs.

Even if somehow it wasn’t clear to them in the beginning, public blog posts and forum discussions after the April spam run should soon have shown them that this wasn’t going to end well. Why did they continue with the same mode of operation more than half a year later? And why did their university let them do that?

Normally I would expect to be able to easily distinguish between online scams and academic research but I guess, not any more. We are living in strange times.

1-518-684-5177 Domain Owner Spam

Today I received the following spam message:

Attention: Important, DOMAIN SERVICE
Domain Name: [MyDomainNameHere]

Call: 1-518-684-5177

ATT: Domain Owner JOE WEIN

Requested Reply Before
January 7, 2019


Attn: Domain Owner JOE WEIN
As a courtesy to domain name holders, we are sending you this notification for your business Domain name search engine registration.

This letter is to inform you that it’s time to send in your registration and save.

Failure to complete your Domain name search engine registration by the expiration date may result in cancellation of this proposal making it difficult for your customers to locate you on the web.

Privatization allows the consumer a choice when registering. Search engine subscription includes domain name search engine submission.

You are under no obligation to pay the amounts stated below unless you accept this proposal. Do not discard, this notice is not an invoice it is a courtesy reminder to register your domain name search engine registration so your customers can locate you on the web.

This Notice for: WWW.[MyDomainNameHere] will be terminated on January 4, 2018 Act today!

[ ] 1 year 01/07/2019 – 01/07/2020 $75.00
[ ] 2 year 01/07/2019 – 01/07/2021 $119.00
[ ] 5 year 01/07/2019 – 01/07/2024 $199.00
[ ] 10 year -Most Recommended- 01/07/2019 – 01/04/2029 $295.00
[ ] Lifetime (NEW!) Limited time proposal – Great value! Lifetime $499.00

Payment by Credit Card or Check
Call our New York main office: (518)684-5177

At the bottom was the following disclaimer, separated by many blank lines to make it unlikely that anyone would read it:

By accepting this proposal, you agree not to hold DS liable for any part. Note that THIS IS NOT A BILL. This is a solicitation. You are under no obligation to pay the amounts stated unless you accept this proposal. The information in this letter contains confidential and/or legally privileged information from the notification processing department of the DS. This information is intended only for the use of the individual(s) named above. There is no pre-existing relationship between DS and the domain mentioned above. This notice is not in any part associated with a continuation of services for domain registration. Search engine submission is an optional service that you can use as a part of your website optimization and alone may not increase the traffic to your site. If you do not wish to receive further updates from DS reply with Remove to unsubscribe. If you are not the intended recipient, you are hereby notified that disclosure, copying, distribution or the taking of any action in reliance on the contents of this letter is strictly prohibited.

Harvesting contact details for domains via WHOIS for spamming is illegal under the terms of service.

This spam is deceptive advertising. Some people will make payments because they mistake the spam email for a domain registration renewal reminder, which it isn’t. Never do business with spammers!

trafficads.net scam ads: “Googleユーザーのあなた、おめでとうございます!”

For a few months I have been seeing sudden popups in the middle of visiting various websites. The ads are hosted on URLs such as http://trafficads.net/graun/?pubads={some-hexadecimal-number} and the back button will be disabled – there is no way to get back to the article that had been reading.

The ads are in Japanese (I am accessing from a Japanese IP address) and tell you that you can win an iPhone X, iPad Air 2 or Samsung Galaxy S6. They then ask some easy questions about who founded Google, in what country it is based and what year it was founded. Regardless of your answers, it will tell you that they were correct and that you have won an iPhone X 64 GB. You are then asked to give your credit card to pay for shipping. I strongly recommend you do not give them your credit card!

Before I started seeing the ads in trafficads.net, I think saw them on a number of different domains that kept changing. For several weeks, one consistent domain has been used instead.

I do not know yet how those ads get injected into the Chrome browser. However, I have seen them on three different machines, one of them a Mac, the others PCs. I doubt all three of them could be infected with the same malware. There’s got to be a different mechanism.

There are a number of Japanese web postings that discuss these fraudulent ads masquerading as prize wins to get people’s credit cards, but none of them explain how the ads are injected or what countermeasure there is, other than closing the tab of the ad once it appears.

Swisscoin (SIC) Crypto-Currency Spam

When crypto-currencies like Bitcoin (BTC) were first introduced, they were claimed to offer the potential of a low-cost, frictionless international payment system. This has not really happened, as BTC turned out to be severely restricted on the volume of transactions it could handle. From then on, it increasingly became a vehicle for criminal transactions (including fraud) and speculation.

In the past twelve months, people have been buying BTC and other crypto-currencies primarily because of the expectation that they could later sell them at a profit. This has allowed existing holders of crypto-currencies to do precisely that. This is very much how “pump and dump” scams operate, usually involving unlisted (OTC) stocks.

“Pump and dump” scams used to involve selling by phone, but in recent years many switched to email spam. Now we are seeing crypto-currencies being advertised via spam. One example is Swisscoin (SIC), as in this email received on 2018-01-16:

It’s probably not news to you at this point if I tell you that bitcoin has made tons of people tons of money. Something else you probably already know is that it will never go up like crazy again. Its time to shine is long gone. That’s why we must look into what the next big thing is, and the truth is that there have been plenty over the last few months. Can you jump on the next huge one before it soars? Swiss coin {SIC} is the most likely candidate for a fifty thousand percent return this year. It has the support of the Switzerland government. It is already considered as legal in the country. It’s the type of coin that you can buy a thousand bucks of right now, sit on for a small period of time and you could make out crazy wealthy when all is said and done. SIC has already doubled since Saturday. This long Martin Luther King weekend could bring you even more upside if you act quickly. For those of you who know what this means- you can get it for under 50 satoshi right now. And if you have no clue what this means, it basically means that you can get in on the ground floor How do you get some? You just need an account at coinexchange. Read the currency’s official page to find out more info: https://swisscoin.eu/sic-deposits.html

The truth is, far from “having the support of the Switzerland government”, Swisscoin / swisscoin.eu is listed on a warning list by FINMA, Switzerland’s independent financial-markets regulator. The Swiss company listed in the FINMA warning did not have an office there. It was founded with a capital of only CHF 20,000. Its officers are based in Leipzig, Germany.

There is no “ground floor” opportunity for Swisscoin. It has been marketed via MLM since 2016 and various people called it a Ponzi scheme. The Dynamoo blog writes in a recent post:

There are questions as to whether Swisscoin is actually a cryptocurrency or a Ponzi scheme. Honestly, I don’t know and I’d advise you to do your own research. However, this has all the markings of a pump-and-dump scheme, so it’s quite possible that someone who bought Swisscoins at their peak wants to pump the price up so they can sell off their holdings. Given that the spam is being sent out from a network of hacked machines and does not comply with anti-spam laws, you can pretty much guarantee that this is not legitimate and should be avoided.

Never buy anything advertised via spam!

Bitcoin Phishing Spams Cashing in on the New Tulip Mania

As a spam and scam research I watch new domains being created for malicious purposes. The following domains are look-alike domains of blockchain.info and blockchain.com, two legitimate Bitcoin-related domains:

xn--blckchain-66a.info (blóckchain.info)
xn--blckchain-66a.net (blóckchain.net)
xn--blckchain-m8a.info (bløckchain.info)
xn--blckchain-wxb.info (blōckchain.info)
xn--blckchai-w3a03f.info (blóckchaiń.info)
xn--blckchaln-66a.com (blóckchaln.com)
xn--blckchan-81a8d.com (blóckchaìn.com)
xn--blckchan-i2a8c.info (blóckchaín.info)
xn--blckchin-eza9o.info (blóckcháin.info)
xn--blckchin-m7a96e.info (blōckchāin.info)
xn--bliockchai-s1b.com (bliockchaiņ.com)
xn--bliockci-o8a35ayl.com (bliockcħąiņ.com)
xn--bliokchai-3eb86d.com (blioċkchaiņ.com)
xn--bliokci-u4a5c4s9l.com (blioċkcħąiņ.com)
xn--bliokhai-49ab66d.com (blioċkċhaiņ.com)
xn--blioki-00a0cb4z9l.com (blioċkċħąiņ.com)
xn--blocchai-gmb8m.info (blocķchaiņ.info)
xn--blocchain-orb.com (blocķchain.com)
xn--blocchain-orb.info (blocķchain.info)
xn--blocchin-m7a15c.info (blocķchāin.info)
xn--blockchan-dob.info (blockchaīn.info)
xn--blockchan-ipb.info (blockchaįn.info)
xn--blockchan-n5a.info (blockchaín.info)
xn--blockchin-12a.info (blockchäin.info)
xn--blockchin-61a.info (blockcháin.info)
xn--blockchi-n7a50e.info (blockchāiņ.info)
xn--blockchin-c3a.info (blockchåin.info)
xn--blockchin-ccb.info (blockchāin.info)
xn--blockchin-hdb.info (blockchąin.info)
xn--blockchi-o8a54d.info (blockchąiń.info)
xn--blockchn-fza4j.info (blockcháín.info)
xn--blockchn-n7a43b.info (blockchāīn.info)
xn--blockhai-obb78c.info (blockčhaiņ.info)
xn--blokchain-xdb.info (bloćkchain.info)

These so-called IDN domains substitute characters for easily confused look-alikes. There will be sighted in links inside spam emails as part of Phishing scams.

Phishing is just one of the pitfalls around Bitcoin and other crypto-currencies. Scammers have revamped the old so called “High Yield Interest Programs” (HYIP), which are really just a Ponzi scheme, to hitch a ride on the publicity around Bitcoin’s stratospheric rise in 2017. If you deposit Bitcoins into an online investment scheme, the scammers can just walk away with your deposit and cash it out into dollars, euros or rubles without being traced.

The latest exchange rate push beyond US$10,000 came on the heels of the cancellation of the SegWit2x fork, a proposed upgrade to the underlying technology that not the entire Bitcoin community was prepared to follow. The driving force behind the upgrade was the urgent need to handle more transactions, if Bitcoin was truly going to be used as a payment vehicle competing against credit cards, wire transfers and PayPal. If new Bitcoins are constantly being mined and the value of Bitcoin goes up but the average purchase the crypto-currency is to be used for doesn’t change much then the system needs to be able to handle more individual transactions.

By cancelling the upgrade, a split of the community has been avoided, but at what cost? It’s really a vote for Bitcoin as speculation object and against it as a viable payment method.

A friend of mine expressed it best when he mentioned that it reminded him of “Pump and Dump” stock scams, only that in the case of Bitcoin it is legal. With all this publicity, existing Bitcoin holders
will be able to offload their existing tokens at huge profits. Then, when people realize that Bitcoin is no longer able to work as an efficient payment system (except for scammers, drug dealers and money launderers who value anonymity), the bottom will fall out and all the recent investors will lose billions. It’s Tulip mania all over.

See also:

Bitcoin Scams – Stay Away!

The relative anonymity offered by virtual currencies such as Bitcoin (BTC) makes them an attractive vehicle for criminals.

Recently we’ve seen some scams that involve spam inviting you to send money to a Bitcoin address, offering ridiculously high rates of interest on this supposed investment. It’s a new take on the old High Yield Investment Program (HYIP) ponzi schemes.

In reality there is no way to ensure you get repaid once you’ve sent (virtual) money or that the scammers will be held accountable for the fraud. At best some early “investors” will have interest paid from deposits of later “investors”, who will definitely get stiffed. The scammers can simply exchange any deposited BTC into dollars at a Bitcoin exchange and walk away with the money.

Subject: blockchain doubler.


9/23/2017 12:58:33 from blockchain support

We are pleased to announce a new product – Bitcoin Doubler,
This is limited offer , 5-10 days.
Bitcoin Doubler is active from 23 September 2017 18:00 Pacific until September 29, 2017 18:00.

You can deposit today 0.2 minimum Bitcoins. Maximum amount of deposit by a natural or legal person is 50 Bitcoins. This is an amazing opportunity to win up to 40 Bitcoins if you invest 20 Bitcoins.

How do you double my bitcoins?

Our automated system gathers information from the blockchain transfers and cryptocurrency exchanges to study and predict the bitcoin price, our servers open and close thousands of transactions per minute, analyzing the price difference and transaction fees, and use that information to generate profit.

Investors who want to apply and invest on Blockchain, please make a Bitcoin transfer to:


How long does it usually take to receive doubled bitcoins?
We pay to you 10% every hour for 100 hours.
HINT : users who deposit more the 10 bitcoins will get bitcoins doubled in maximum 5 minuts.
users who deposit lower then 10 bitcoins will get bitcoins doubled after 6 confirmations.

To trace your investment please send an email to bitcoin-doubler@blockchain.info , And subject to put your Bitcoin address. The Bitcoin address must be the same as you used to invest. If you put in the email a Bitcoin address you not used to making investments, you will only receive an email with your status. If you submit a correct email with a correct address Bitcoin (the same used to make your placement), you will receive an email with the total Bitcoin invested and the date and time of your payment will be made.

Hurry up! This is a Iimited license, unique opportunity.

Here’s another one, using the name of one Bitcoin exchange:

Subject: WEX. important news!

WEX. Rising ex. BTC-e,

9/22/2017 13:20:27 from admin

Team of WEX is glad to welcome you on our new platform!

This is our first official announcement!
We thank all ex-users of BTC-E for their patience at such a difficult moment for all of you guys.

All users who deposit on our platform will get in 2 days , 40% bonus.
Clients who want to apply now on WEX, please make a Bitcoin transfer to:


Hurry UP ! 4510 clients allready deposit , we have now 4110.562 BTC
Due to a large demand among our customers, we expand our bonus for 10 days.

Check status here : https://blockchain.info/address/1QGbpENUv3xJCtiqTcUPM1Vvnwx5FRR6uZ

We will refund your first deposit with dividends withing 2 days at 00:00 Pacific Time. (For example: investing 3.00 Bitcoins today will return 5.20 Bitcoins after 2 days at 00:00 Pacific time) The profits are withdrawn immediately and Blockchain or WEX waives all rights for 1st level investments.

To trace your investment please send an email to btc-invest@wex.nz , And subject to put your Bitcoin address. The Bitcoin address must be the same as you used to invest. If you put in the email a Bitcoin address you not used to making investments, you will only receive an email with your status. If you submit a correct email with a correct address Bitcoin (the same used to make your placement), you will receive an email with the total Bitcoin invested and the date and time of your payment will be made.

Hurry up! This is a Iimited license, unique opportunity.

Thank you, that you believed in us. Thank you that you are with us.
With respect, WEX team.

Any offer arriving via spam that mentions Bitcoin: Stay away from it!

The Latest “Pump and Dump” Stock Scams

For a while it was quiet about stock spam pushing penny stocks, but recently they’ve been making a comeback. Recently we’ve seen these campaigns:

  • 2017-03-20: Incapta Inc (INCT)
  • 2017-04-11: Quest Management (QSMG)

If you receive spam pushing shares, beware! Never buy stock based on “information” sent out as spam. The only people making money on such stocks are the scammers, who wait for the spammed buyers to offload their near worthless shares at grossly inflated prices. Reselling such stock is near impossible and and usually will lead to great losses.

Native ads, a race to the bottom for online media

Over the past year you will have seen a steady increase of so-called “native ads” while reading articles online. You know, those half dozen or more links with pictures to what at first looks like other articles recommended by the publisher. Only, they are really outside links. Many are click-bait ads, with pictures and headlines designed to grab your attention. They are introduced with tags like “From the web” or “Promoted stories”. The small print will mention companies like Outbrain, Taboola or Revcontent that place the ads in the space that they rent from the website owner.

At best, the advertised content doesn’t live up to the attention-grabbing ads. At worst, the advertisers try to sell you something utterly worthless through deception and lies, including miracle weight loss, anti-aging and anti-Alzheimer pills or promises of jobs that make thousands of dollars a month with no special skills required. Many of these offerings involve recurring credit card charges that are very difficult to get out of.

So why have reputable publishers like the Washington Post, Newsweek and The Atlantic embraced “native ads” on their websites? The answer of course is money. As the Internet grew, print advertising revenues have been collapsing for traditional media as much of the ads have moved online. What’s worse, with Google Adsense and Facebook ads, traditional publishers now have to compete for eyeballs against an almost unlimited number of websites and SNS, making it very hard to replace print ad revenue with online ad revenue. Companies like Outbrain and Taboola (both based in Israel) and RevContent (based in Florida) are offering better rates to site owners, but they can only do that because they seem to have few ethical problems selling anything that makes money.

Back in the 1990s I used to read High Times, which always carried pages of “fake pot” ads. The description for these products might lead naive readers to think that these legal products offered some of the effects of illegal marijuana, but it was really just bullshit and the High Times editors knew that. Their dilemma was that Congress had passed anti-paraphernalia laws that discouraged their traditional advertisers (e.g. for glass pipes) from advertising and the “fake pot” scammers were ready to fill the gap. When rival magazine Cannabis Culture pointed out the hypocrisy of High Times helping to defraud their readers, one of the editors offered an excuse along these lines: “If you don’t like these ads, why don’t you buy that advertising space yourself?” It’s not quite as simple as that.

While every business needs revenue to survive, I think ultimately, accepting money from unethical sources such as scammers does undermine your credibility. Gradually, more and more consumers will realize these “promoted stories” and “sponsored content” are nothing but deceptive junk. Taking money from these advertisers is a devil’s bargain that will damage the reputation of sites running unethical ads. If readers of reputable news sites lose faith in them, what will they have left that distinguishes them from fake news sites?


Never buy stock advertised via spam (especially penny stocks), such as this one:

Subject: This company is a rare opportunity to quintuple your money before Christmas.

Appswarm needs your attention. This is the only stock you need to buy today.
Keep on reading to find out why..

Appswarm (ticker: SWRM) is a mobile games developer that has built some of
the most popular games on the planet.

The games have been downloaded more than 100 million times and the company is
planning to launch 5 new titles in January 2017 (next month).

SWRM is extremely undervalued and there are serious rumors circulating that the maker of
Candy Crush (King, a multi billion dollar company) is about to buy it out for $1.17 per share before Christmas.

At this moment SWRM is trading at just pennies but a buy out from King will automatically
send it to over $1 in a matter of minutes.

This is your chance to buy a stock just days before a major acquisition and stand to
gain more than 1,500% just days before Christmas.

This is a scam, the only people making money on this stock are the spam senders who will be trying to offload their existing holdings.

“EU Business Register” spammers

Here is some spam sent to one of my mailboxes recently:


In order to have your company inserted in the EU Business Register for 2016/2017, please print, complete and submit the attached form (PDF file) to the following address:

P.O. BOX 34

Fax: +31 30 310 0126

You can also attach the completed form in a reply to this email.

Updating is free of charge!

A very deceptive offer, because even though updates may well be free (as stated), the offer itself is not: A careful reading of the small print in the attached PDF revealed it to be a solicitation for a three year subscription at 995 EUR per year, automatically renewing unless cancelled two months in advance. So filling and signing the form would cost you at least 2985 EUR.

A quick Google search showed that these guys are already known to Spamhaus, who think that they’re from Romania.