Sainsbury's, Virgin say sorry over spam
But have they learned something useful?
Several Register readers have now received apologies from Sainsbury's supermarket and Virgin Wines for spamming them. And both companies seem to be serious; in one case, Sainsbury's has offered a £20 voucher along with the grovel. This certainly indicates sincerity, but suggests that Sainsbury's still hasn't entirely grasped the impact of a major spam run, and therefore figured out how many times £20 it could add up to.
The two companies' mailshots went out around two weeks ago, and seem to have been fulfilled by the same third party using either the same or similar lists. Spews.org does some tracking work here, and from the information supplied to The Register by aggrieved recipients it is abundantly clear that this was not a 100 per cent exercise in 'permission-based marketing.' If, indeed, such a thing could be said to exist.
Many of the email addresses used were lifted from Usenet postings or scooped from web sites, and the non-UK ones included were superlatively inappropriate for companies attempting to sell mobile phone services (Sainsbury's) or wine (Virgin) in the UK. Both companies seem to have been burned in that they were aparently unaware that the lists bought or rented on their behalf weren't kosher, and both have possibly learned something, even if it's only what spam is, and how angry people get with you when you do it.
Virgin seems to have been fairly quick off the mark in apologising, and in the case of at least one person passed on the contact details of the managing director of eachweek.net, which would seem to be connected to the matter in some way. But Sainsbury's was caught flat-footed, and denied the spam run for quite a while before confessing. Last Monday, one reader contacted Sainsbury's Mobile to complain: "They claimed to know nothing of any problems, and said they were convinced that their email-shot was entirely legit. They assured me that all the addresses were legitimately collected. They tried persisting in this view even when I said it couldn't be true." As some of the addresses used are used by the recipients solely for Usenet postings, or for administrative purposes (e.g. email@example.com), this clearly could not be true.
Another reader checked the privacy section of the Sainsbury's web site, and phoned the number given there: "I rang them and told them that I objected to them spamming me and would they remove me from their mailing list for such stuff. Needless to say, no-one had a clue what I was on about. In the end they took my details (I'm a loyalty card holder FFS) and a supervisor would ring me. I think you can guess what has happened since."
The most heroic contribution we've had so far however shows how heroically unaware of the issues Sainsbury's was until last week. The reader phoned the customer care line for Sainsbury's Mobile, and was referred to the 0800 number you would dial if you were responding to the email in order to buy a mobile phone. And a nice touch of customer care here: "When I asked for her name, she went 'Yeah, it's <click>'." Undaunted, he dialled the sales number, where "a polite Irish fellow" called Jerry told him to take copies of the email into his local store, and speak to a manager about them. Jerry apparently has a fine appreciation of how major companies who haven't altogether got the internet yet operate: "He said they will have to file it, and it will then go to the head office."
There's clearly an 'innocents abroad' aspect to cases like this. People at the commissioning company may be naiive, largely unaware of the internet or overly optimistic, and this will frequently go for the 'marketing specialists' they're commissioning as well. And the longer the chain the list is passed down, the more inevitable it is that somebody will have just lied, saying a pile of miscellaneous IDs scooped from who knows where are 100 per cent opt-in and relevant. Some innocent/idiot then believes them, and the list's value goes up until it's proven otherwise. After getting burned several times reputable companies who don't want to alienate their customers may get themselves some expertise and confine themselves to using their own lists, or lists from outfits they really trust (who they? - Ed), but they'll no doubt go through a lot of pain before they get there.
An informant from SpamCop explains another method use to garner email addresses that might help their education, and indeed induce them to set up spam rapid response teams. Sometimes, you see, spam apparently from a major company isn't from them at all - it's sent out in order to establish that you really exist, and if you respond, you're on the list, and for sale.
"The gig is this:
"They send an email to a Spam list, purporting to be from some well-known brand. These people have used Pizza Hut and Seagram's in mails that I have received, and now they are using Sprint.
"The deal is to entice users to request that they do not receive mail. This has, in the past, been done in the form of a coded URL that confirms the email address, and enters it into a high-value Spam list.
"Needless to say, the poor punter does not get removed from a mailing list.
"Instead, they get put onto a very high-priority list, and receive more Spam than they ever thought existed.
"Unfortunately (or fortunately), these guys aren't exactly the brightest bulbs in the chandelier. Tracking them down is child's play." But there are plenty of them about... ®
Sponsored: Virtualization security practical guide