Mailing List Archive

"Please send us a quote..."?
Can anybody explain to me the reason behind the blind "please send us a
quote for your product XXXXX" emails? I mean, I know they are somehow a
scam, but I can't figure it out how it's supposed to work when the
target isn't a business...

--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Think Microsoft cares about your needs at all?
"A company wanted to hold off on upgrading Microsoft Office for a
year in order to do other projects. So Microsoft gave a 'free' copy
of the new Office to the CEO -- a copy that of course generated
errors for anyone else in the firm reading his documents. The CEO
got tired of getting the 'please re-send in XX format' so he
ordered other projects put on hold and the Office upgrade to be top
priority." -- Cringely, 4/8/2004
-----------------------------------------------------------------------
8 days until Thomas Jefferson's 278th Birthday
Re: "Please send us a quote..."? [ In reply to ]
On 5 Apr 2021, at 21:30, John Hardin wrote:

> Can anybody explain to me the reason behind the blind "please send us
> a quote for your product XXXXX" emails? I mean, I know they are
> somehow a scam, but I can't figure it out how it's supposed to work
> when the target isn't a business...

A vast amount of spam can only be explained by including the fact that
spammers are for the most part not very bright.

Most examples of that which I have in my archives include lures to get
the target to download a "real" RFQ/RFP file or otherwise visit some
website of indeterminate legitimacy. The others are indeed impossible to
understand without postulating that the sender truly has no idea who
they are mailing.

--
Bill Cole
bill@scconsult.com or billcole@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
Re: "Please send us a quote..."? [ In reply to ]
On 4/5/21 7:30 PM, John Hardin wrote:
> Can anybody explain to me the reason behind the blind "please send us a

> quote for your product XXXXX" emails? I mean, I know they are somehow a

> scam, but I can't figure it out how it's supposed to work when the
> target isn't a business...

I chalk this up to list washing or similar address verification.



--
Grant. . . .
unix || die
Re: "Please send us a quote..."? [ In reply to ]
I’d agree it’s address verification, as with the Unsubscribe link at the bottom.


Peter West
pbw@ehealth.id.au
“He has risen…”

> On 6 Apr 2021, at 12:30 pm, Grant Taylor <gtaylor@tnetconsulting.net> wrote:
>
> On 4/5/21 7:30 PM, John Hardin wrote:
>> Can anybody explain to me the reason behind the blind "please send us a
>
>> quote for your product XXXXX" emails? I mean, I know they are somehow a
>
>> scam, but I can't figure it out how it's supposed to work when the target isn't a business...
>
> I chalk this up to list washing or similar address verification.
>
>
>
> --
> Grant. . . .
> unix || die
>
Re: "Please send us a quote..."? [ In reply to ]
lso figure it's nearly free to email everybody in a loosely, often very loosely,
defined geographic area. A microscopic number of such emails hit a marketdroid
or a CEOdroid whose brain misfires at the thought of a new contract. Then the
scam is on.

This is a question I keep asking myself. I have to rerun the swag level
computations in my head again.You send 100 million emails. Half of them go to
second and third accounts the same person owns, perhaps. So you have fifty
million emails. One in 100,000 might hit the real target audience and one on ten
of those may reply. Depending on the scam even one reply can feed the scammer
for a year or more. I call it my "firebug" calculation. If they are one in a
million the Los Angeles California area has more than ten of them lurking around
for optimum fire conditions. That's a good part of how we burn ourselves up each
year.

{o.o}

On 20210405 19:18:25, Bill Cole wrote:
> On 5 Apr 2021, at 21:30, John Hardin wrote:
>
>> Can anybody explain to me the reason behind the blind "please send us a quote
>> for your product XXXXX" emails? I mean, I know they are somehow a scam, but I
>> can't figure it out how it's supposed to work when the target isn't a
>> business...
>
> A vast amount of spam can only be explained by including the fact that
> spammers are for the most part not very bright.
>
> Most examples of that which I have in my archives include lures to get the
> target to download a "real" RFQ/RFP file or otherwise visit some website of
> indeterminate legitimacy. The others are indeed impossible to understand
> without postulating that the sender truly has no idea who they are mailing.
>
Re: "Please send us a quote..."? [ In reply to ]
On Mon, 5 Apr 2021 18:30:31 -0700 (PDT)
John Hardin wrote:

> Can anybody explain to me the reason behind the blind "please send us
> a quote for your product XXXXX" emails? I mean, I know they are
> somehow a scam, but I can't figure it out how it's supposed to work
> when the target isn't a business...

It may just be an attempt to soften-up the spam filtering. TxRep, for
example, is vulnerable to that tactic.
Re: "Please send us a quote..."? [ In reply to ]
On 2021-04-06 10:13 a.m., RW wrote:
> On Mon, 5 Apr 2021 18:30:31 -0700 (PDT)
> John Hardin wrote:
>
>> Can anybody explain to me the reason behind the blind "please send us
>> a quote for your product XXXXX" emails? I mean, I know they are
>> somehow a scam, but I can't figure it out how it's supposed to work
>> when the target isn't a business...
> It may just be an attempt to soften-up the spam filtering. TxRep, for
> example, is vulnerable to that tactic.

Replying in many cases also adds the recipient to the local user
whitelist/address book which improves the chance of future inbox
delivery on subsequent messages.

~

MV
Re: "Please send us a quote..."? [ In reply to ]
John Hardin wrote:
> Can anybody explain to me the reason behind the blind "please send us a
> quote for your product XXXXX" emails? I mean, I know they are somehow a
> scam, but I can't figure it out how it's supposed to work when the
> target isn't a business...

Most of the examples I've seen are arguably virus emails, on the basis
of an attached archive file with a .exe in it.

-kgd
Re: "Please send us a quote..."? [ In reply to ]
On Tue, 6 Apr 2021, Kris Deugau wrote:

> John Hardin wrote:
>> Can anybody explain to me the reason behind the blind "please send us a
>> quote for your product XXXXX" emails? I mean, I know they are somehow a
>> scam, but I can't figure it out how it's supposed to work when the target
>> isn't a business...
>
> Most of the examples I've seen are arguably virus emails, on the basis of an
> attached archive file with a .exe in it.

*Those* are easy enough to figure out. I was asking about the ones with no
attachments, no links, nothing obviously exploitable.

--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Activist: Someone who gets involved.
Unregistered Lobbyist: Someone who gets involved
with something the MSM doesn't approve of. -- WizardPC
-----------------------------------------------------------------------
7 days until Thomas Jefferson's 278th Birthday
Re: "Please send us a quote..."? [ In reply to ]
> On Apr 6, 2021, at 8:20 PM, John Hardin <jhardin@impsec.org> wrote:
>
> On Tue, 6 Apr 2021, Kris Deugau wrote:
>
>> John Hardin wrote:
>>> Can anybody explain to me the reason behind the blind "please send us a quote for your product XXXXX" emails? I mean, I know they are somehow a scam, but I can't figure it out how it's supposed to work when the target isn't a business...
>>
>> Most of the examples I've seen are arguably virus emails, on the basis of an attached archive file with a .exe in it.
>
> *Those* are easy enough to figure out. I was asking about the ones with no attachments, no links, nothing obviously exploitable.

I had one of them, they wanted to buy 300 hard drives from us, and were spoofing a DOD contractor. Wacky stuff (we don’t sell hard drives).

Had a back and forth with them, it was a pretty slick scam - had a full website that was like the spoofed contractor but a different TLD, US phone and fax numbers and were very eager for us to send them some drives. I just forwarded all my correspondence on to the spoofed contractor.

Not totally clear on the scam as it went no further than saying “yeah bud, we have the drives, how would you like to pay?”.

C

>
> --
> John Hardin KA7OHZ http://www.impsec.org/~jhardin/
> jhardin@impsec.org pgpk -a jhardin@impsec.org
> key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
> -----------------------------------------------------------------------
> Activist: Someone who gets involved.
> Unregistered Lobbyist: Someone who gets involved
> with something the MSM doesn't approve of. -- WizardPC
> -----------------------------------------------------------------------
> 7 days until Thomas Jefferson's 278th Birthday
Re: "Please send us a quote..."? [ In reply to ]
On 4/6/21 6:38 PM, Charles Sprickman wrote:
> Not totally clear on the scam as it went no further than saying
> “yeah bud, we have the drives, how would you like to pay?”.

I've seen a few where they are asking for samples prior to --
purportedly -- submitting an order.



--
Grant. . . .
unix || die
Re: "Please send us a quote..."? [ In reply to ]
We get that from face-to-face leads from hell.

-------- Original Message --------
On Apr 7, 2021, 03:27, Grant Taylor <omitted> wrote:

I've seen a few where they are asking for samples prior to -- purportedly -- submitting an order.