A while ago I wrote about how spammers can make use of the “email a friend” functionality of photosharing sites to send spam. In reality, any web site that allows you to email someone else can be abused to send unsolicited email. Here’s a new example, in which a message touting replica watches has been embedded into a realty web site, homefeedback.com. The spammer used the support ticket email functionality to send out the email:
When the user clicks on the link, s/he is brought to the apparently legitimate site Homefeedback.com, but the support ticket is actually an ad for a watch replica site:
I browsed through other sections of the site, and it has all the appearance of a legitimate web site, with lots of FAQs, and even a very clearly worded traditional anti-spam policy. I’ll let their anti-abuse team know about this blatant violation.