Everyone get so many unsolicited commercial emails these days that you just become blind at them, at best. Sometimes they are clearly, expressly commercial. Other times, they try to pass through your attention and your spam checker by disguising themselves as legitimate emails. I have a little story about that.
A couple of weeks ago I got yet another spammy mail. It was evidently sent through a mass mailing and, as such, also included an unsubscribe link, however the guy was trying to legitimate his spam by saying that he approached me specifically because a colleague referred me to him; in addition, I felt that some keywords were added to his message only to make it sound “prettier” or even more legitimate.
I usually don’t spend time on spammers, but when I do I try to do it well. And in this occasion I had a little time to spend on it, and I did.
On October 30th I was walking to my eye doctor’s while I saw an email notification on my phone. The email said the following (note: the highlights are mine):
Marco,I was sent your way as the person who is responsible for application security testing and understand XXXXXX would be of interest to Telenor. To what lies within our next generation penetration testing abilities, XXXXXX can bring to you:
- Periodic pen tests in uncovering serious vulnerabilities and (lack of) continuous application testing to support dynamic DevOps SDLC.
- An ROI of 53% or higher with the ability to Identify, locate and resolve all vulnerabilities
- Averaging 35-40% critical vulnerabilities found overall, others average 28%.
- Over 500 international top class security researchers deployed in large teams of 40-60 ethical hackers.
We have pioneered a disruptive, ethical hacker powered application testing approach deploying large teams of senior security researchers with hacker mimicking mindsets to rapidly uncover exploits in your applications.I would like to find some time for a conversation during November, to give you the insight into why Microsoft and Hewlett-Packard Enterprise have invested in us and why SAP is our top global reseller.Many thanks,Geoffrey XXXXXXBusiness Development Manager
Now, we have our mailboxes on GMail and my usual method of procedure for such spammy crap from clueless salespeople is:
- block the sender
- unsubscribe
- report the mail as spam
But now it’s different: first, this guy is probably trying to legitimate himself with lies for sending shit to me that I had not requested; second, despite the “personal” approach, this was clearly a mass-mailing so the whole story was clearly a lie; third, I am going to sit and wait at the doctor’s for some time. I could invest that time to run down the guy. My reply:
Kindly let me know who sent you my way, so that I can double check that. Then, maybe, we can talk.
The guy replies soon after. New mail, new lie:
Hi Marco,
Apologies for not including that in the email and I am more than happy to say how I got to you.
I have spoken to Ragnar Harper around how this may become beneficial to Telenor and he has mentioned your name during the conversations. As I have been unable to get back in contact with Ragnar I thought it best that I could gain your input into this moving forward by having some time aligned in our diaries to discuss more?
[…additional crap redacted…]
Not only I had never met or talked with any Ragnar Harper: the guy was not in our Company’s ERP. In my eyes, Mr.Geoffrey was lying right down the line. Time to get rid of him:
There is no Ragnar Harper here
Your emails will hereby be blocked and reported as Spam
Goodbye
— MM
You may think he stopped there. Well, he didn’t:
Apologies but I just phoned the switchboard and he left last month.
Above is his linkedin profile as well.Sorry for the confusion.Geoff
You just picked up a random name. You are trying to sell me something for security, which should entail a certain amount of trust in your company, and you start the interaction with a lie: not bad for someone moved by an “ethical hacking” spirit.
There can’t be any trust between me and your company. Your messages are already landing in my spam folder and that’s where they shall be. Just go and try your luck with someone else, “Geoffrey”.
The king is naked, they say. Now he gotta stop, you think. He didn’t:
Thank you for your time Marco and I am sorry that you feel that way.
If you believe that it has started on a lie then that may well be your choice as I have been in contact with Ragnar since my days at YYYYYY before joining XXXXXX and we have yet to catch up this month since he has now departed. I shall head elsewhere as requested as that is not the kind of reputation that we uphold here.
Best wishes,
Geoff
Uh, wait a minute. Did I beat the guy for no reason? Could it be that he actually knew this ex-colleague Ragnar Harper and I am assuming too much? Is it all a misunderstanding? If it is, I want to know and apologise. As said, I had never met or talked to Ragnar Harper, but I can still try to contact him through LinkedIn:
Question from an ex colleague
Hei Ragnar. My name is Marco Marongiu, I am the Head of IT in Telenor Digital. I apologize for bothering you, it’s just a short question: have you referred me to a Sales person called Geoffrey XXXXXX from a Security company called XXXXXX?
This person approached me via email. Long story short, he says he knows you personally and that you sent him my way (to use his words). Is it something that you can confirm?
We two have never met in Telenor so that sounded strange and I handled him as a spammer. But if that is actually true I do want to send the guy my apologies. Thanks in any case
Med vennlig hilsen
— Marco
I am grateful that Ragnar took some time to reply and confirm my suspect: he had never known or met the guy. I thanked Ragnar and stopped talking to “Geoffrey”. At the same time I thought it was a good story to tell, so here we go.
A sysadmin's logbook 
As usual, you are my hero 🙂