Hello,
Why is comodo paying affiliates to send unsolicited spam?
We frequently receive piles of unsolicited commercial email from “affiliates” marketing comodo. Why is that, and, would the comodo AntiSpam actually BLOCK spam from comodo?
Let’s dig deeper to substantiate this claim:
Here’s the body of the spam, of which we received about 75 today:
http://img819.imageshack.us/img819/7010/commodo1.jpg
Yes, that’s the Comodo logo including “creating trust online” - literally attached to unsolicited spam… but let’s look closer still
The headers:
Received: from mx1.secure-online-back-up.com (199.30.65.98)
by a.b.com (172.16.1.70) with Microsoft SMTP Server id 14.1.355.2;
Sun, 5 Aug 2012 19:42:21 -0400
Subject: Complimentary cloud storage
From: IT Solutions itsolutions@secure-online-back-up.com
To: x@y.com
Reply-To: IT Solutions itsolutions@secure-online-back-up.com
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=“----=_NeRtPart_164_48C5_13R8CP21.M400SX2”
Message-ID: 6d2f5d7a-2195-400a-9a2f-ca3c91d562cd@a.b.com
Return-Path: itsolutions@secure-online-back-up.com
Date: Sun, 5 Aug 2012 19:42:21 -0400
X-MS-Exchange-Organization-AuthSource: a.b.com
X-MS-Exchange-Organization-AuthAs: Anonymous
Obviously they’re coming from 199.30.65.98.
Who owns that?
Fork Networking, LLC in Portland, OR.
Seemingly unrelated, so let’s look at the url’s being spamvertised:
http://secure-online-back-up.com/1e8642546c448fd7681b7016ddd101C
which redirects to:
https://securespecialty.com/cc5/?utm_type=click
http://img717.imageshack.us/img717/7991/comodo2.jpg
Seems generic enough - but who owns it?
Both the redirect and the destination are tagged to:
Mountain Peak Solutions
John Henderson (mountainpeaksolutions@gmail.com)
+1.8774964314
123 Town Square Pl
STE 175
Jersey City, NJ 07310
Which is oddly close to comodo themselves:
Paul Lee
1400 Newport Tower 525 Washington Boulevard
Jersey City, NJ 07310
In fact they are practically neighbors:
http://img839.imageshack.us/img839/5885/comodo3.jpg
Let’s look at who they sent FROM and how many we received… notice all of the MADE UP ‘FROM’ ADDRESSES (violation of the CAN-SPAM act)… and notice they are sending to ENTIRE CITY distro groups at our company. Obviously no user would sign up with their entire city distro address on our internal server:
http://img528.imageshack.us/img528/2043/comodo4.jpg
So, I restate my original question: Why is comodo paying affiliates to send unsolicited spam?
You are literally paying people to RUIN YOUR BRAND IMAGE.
Now, I associate “comodo” not with “creating trust online” but with SPAMMERS.