November 16th, 2016 Brian Herzog
Earlier this year, when the woman who used to be in charge of all our email newsletter retired, I became the library's primary contact for our Constant Contact account. This meant I started getting the weekly emails about how many new subscribers we had, confirmation that messages were sent out, and I was the one to get the billing notices.
All of that is fine, except that after just a couple weeks, our bill jump. A lot. And I had no idea why.
After a little digging and a few phone calls to Constant Contact, it turned out that the number of contacts in our account had grown so much that we crossed into the next higher pricing tier. We were now over 10,000 contacts - that sounds great, but the price different was tremendous, and wasn't something we had budgeted for nor could we afford.
After the dust settled, the obvious occurred to me: Chelmsford's population is about 33,000 - there's no way that enough people in town could have signed up for our email newsletter to grow our contacts list that much.
So I started looking at the weekly new subscribers notification more closely, and notice something - see if you see the same thing I did:
To me, all of these looked like fake email addresses. Not just the .ru, .pl, .top, .site, etc, but even the yahoo.com accounts looked bogus. And we were getting 100-200 new subscriptions a week, so yes, it makes sense then how we could grow from a sensible subscriber base to over 10,000.
So now of course, I needed to figure out how to delete all these fake addresses out of our account to bring the total number of contacts down so Constant Contact would drop us down to the lower pricing tier again. Their Customer Service people I spoke with were friendly, helpful, and understanding, and gave us a grace period to get things under control.
I hadn't used Constant Contact much before this, but I quickly became familiar with their Contact Management area and deleting contacts. My first strategy was just to search for things like "*.ru" and "*.pl" and delete any address that came up, because I sincerely doubt that we have any patrons in Russia or Poland. I built myself quite a list of top-level domains to search for and delete every week, and even though it helped, it still required a lot of of my time.
The first day I started working on this, I deleted something like 2,000 contacts. That was a good start and gave us some breathing room to stay below 10,000, but I knew there were lots of other junk addresses in there that I needed to figure out how to eliminate.
I also wanted to stop the flow of new signups. I talked to Constant Contact again, but they said there was no way to block signups by country or domain. They said all I could really do was require First Name and Last Name during signup, and also use "confirmation opt-in" (where patrons must click a link in an email sent to them after they filled out our web form before they are actually subscribed to the list). I did turn on the first name/last name requirement, but didn't want to use "confirmation opt-in." That extra step annoys me, and it bugged me that real patrons would have to suffer (and possibly not get signed up) because of the jerks out there. Not to mention, there is no guarantee that this would keep the jerks out.
So I kept looking in the Contact Management section for something that might help. At one point I tried figuring out where these fake signups were coming from - we only have one signup form on our website, and that's it. No Facebook form, no other apps, nothing, but I figured these fake accounts must be coming from some kind of script somewhere.
On the Advanced Search screen, I saw one of the options was "Contact Source:"
That made me think that if I could just figure out the source, I could easily search for those and delete them. Nice.
Oh, and then on list of contacts, I noticed there was a way to change the view, and the second option included the source. Ha - it's all coming together now.
After skimming through pages of our contacts, I noticed something: the source for the real contacts were either "Added by you" or "Website sign-up form." The source for everything that looked like a fake address was "Embedded JMML."
I had no idea what "Embedded JMML" or where it was to be abused like this, but at least there was some commonality. Now all I had to do was an Advanced Search for Source=Embedded JMML and everything is fine.
Except: Embedded JMML was not one of the options in the Source dropdown box in Advanced Search. Arrgh.
But, I think I solved it anyway. Using a combination of Advanced Search fields, I was able to filter out all good records, and so the results were only records with the Embedded JMML as a Source:
And there were THOUSANDS of them. I skimmed through pages of the contacts to make sure no real addresses slipped through, but they all looked fake.
So I selected them all, braced myself, and deleted 4,000 contact from our account. Whew. At least now we're back down to a realistic number, and they all seem like legitimate addresses.
I contacted Constant Contact once again, asking if they can block the "Embedded JMML" as a source for signups, or at least tell me where these signups were originating. At first all answers were no, but the support person who got my ticket really stayed with it, and convinced the development team to look at adding this as a feature. Which is great. For awhile I was beginning to think it was a big Constant Contact conspiracy to make it impossible to manage our contact list, because their pricing structure is set up to charge us more for high numbers of contacts - but that seems crazy even to me.
I know this is kind of dumb, but it really was a problem. And oddly, I didn't see anything on the internet about other people experiencing this same issue, so maybe we're just unlucky. Still, I thought it was kind of interesting and wanted to share.
So, the end result of all of this is that I still have to spend five minutes each week setting up this Advanced Search and deleting all the JMML signups, but at least it's a functioning method to get what I want, it keeps our contact list accurate and clean, and patrons don't have to jump through unnecessary hoops to get the library's email newsletter. Maybe that's the best I can hope for.
Tags: bot, constant contact, delete, embedded jmml, fake, libraries, Library, newsletter, public, signups, spam
April 18th, 2015 Brian Herzog
This week's question is really only funny because of an amazing coincidence, and for the ensuing internal embarrassment.
On Thursday this week, a young woman with an Eastern European accent came up to the desk and said she had something she needed to print. She could see it in the email on her phone, but not when she logged into her Yahoo account online - so what could she do?
Our Print from Anywhere service allows people to submit print jobs by email, so I explained how to do that. It's kind of a long email address to type, and when I pulled out our brochure which has the email on it, she said thanks and took it over to a nearby table to actually send the message.
A few minutes later she came up and said the email was sent. I logged into the web print queue and scanned the list to find an email job (by far most of the jobs come through the web interface, so the emailed ones stand out). I saw one, saw it hadn't been printed yet, and released it.
As I picked it up off the printer, I glanced at the front to make sure it printed okay, with no smudges or anything. There weren't, but what I did notice (which is more than I should, I know), was that it was an email from someone named Olga saying she was from Russia and found me attractive. In fact, this is what it was*.
What? I blushed and just handed it to the patron. I thought, well, maybe she doesn't speak English well, and was more comfortable taking time to type all of this out instead of saying it to me. I thought maybe if I just handed it to her we'd avoid that awkward yet common patron-hitting-on-librarian situation. We've all been there, right?
So she took it from me, and then immediately said,
My name's not Olga. This isn't mine.
I took the print back from her, and went back to the print queue. I refreshed it, but no other email print job was listed. Hmm.
We looked at her phone, and sure enough, she hadn't actually sent her message yet. So she did, it showed up, I released it, and she was happy.
Two more comments about this:
- I know this is a common type of spam, but sending it to a library's print queue and letting it lie in wait for a single male librarian to accidentally print it is impressively strategic thinking.
- I don't think the patron picked up on any of this, because she just wanted her print job. I, on the other hand, immediately started looking forward to sharing my ridiculous ego with you.
*I blacked out our web print email address, just in the hopes of cutting down on any future spam sent to it.
May 13th, 2010 Brian Herzog
A funny thing happened to me on Twitter - someone started impersonating me.
What? I'm not famous. I know there's more than one person with my name, so I wasn't too surprised to see another Brian Herzog start following me. But when I clicked into the profile to see read their tweets, it turned out that someone had duplicated my account. Their username was @syuhaedah, but were using my name, the same bio line and same location - the only difference was their website was a tinyurl (which I never clicked, but was able to preview).
It kind of freaked me out, so here are the steps I took:
- Click the "report as spam" link in the email from Twitter you get when someone starts following you
- Read their Privacy Violations and How to Report Spam pages
- Found Twitter's Impersonation Policy and opened a ticket to report it
Within a few hours I got a follow-up response from Twitter, and by the next day that account had been suspended. I feel bad bringing the hammer down like that, but it definitely felt like a spambot or other violation of both me and Twitter.
And how bizarre - I can see when someone sets up a fake Barack Obama or Conan O'Brien Twitter account, but me? So, be careful with both your own identity and that of your organizations.
I got lucky in that this account started following me, or else I may have never known about it. I guess I'll start to periodically use Twitter's Find People and Advanced Search (with operators) to check for this sort of thing.
May 6th, 2010 Brian Herzog
Here's something neat - and vital for library staff, both for those who directly provide computer help to patrons and for anyone else who uses a computer in their daily life:
A recent Slashdot post linked to a test to see how well people can identify spam, scam and phishing email messages (which can happen to anybody).
The test is provided by SonicWall, and would be a great for:
- taking as a group during a staff meeting or training day
- testing new employees to help protect your network and increase their tech competency
- showing to students and computer literacy classes to teach them to evaluate websites and email messages
After you're finished, be sure to click the "why" links on the test results to see exactly what looks suspicious and what are the red flags - that is the most helpful part of the test.
Tags: competencies, competency, email, libraries, Library, phishing, public, quiz, scam, scams, security, spam, test
August 18th, 2009 Brian Herzog
After reading Jessamyn's post about the spam and scams she gets through her website, I started actually reading the spam comments that come in here.
Most are caught by the filters and I just delete them. But reading them can be interesting, in a forensic sort of way. And some, like this one, were just downright entertaining:
It’s not so simply to bring a good written essay, essentially if you are concerned. I advise you to notice buy your essays and to be devoid from distrust that your work will be done by essays writers
Irony: it linked back to "quality essay dot com." I didn't visit the site, but the domain was registered through an ISP in California although the IP traced to The Netherlands.
Spam amazes me. If people didn't fall for it, spam might not be so prevalent. But you'd have to be pretty desperate to fall for an essay-writing scam with such poor grammar.
July 16th, 2009 Brian Herzog
The recent article about graffiti at the University of Chicago Library has finally given me a chance to clear out links in my "to blog" folder.
So, graffiti - when does it cross the line? Graffiti commonly seen in academic libraries can be ugly, but it can also be part of the culture and community of the campus. It's a way for students to communicate with their peers - even those that come years later. That's unique, and interesting.
In the public library world, I more often see graffiti (a.k.a. "annotations") in books. On first blush, it's annoying, but is it really that bad? And in fact, is it a good thing?
These things are not too distant from Web 2.0 tools allowing comments and reviews, really. Same rules apply: leave your opinion for others, don't be offensive, can be removed at any time, etc. The marginalia of life can add a great deal of value to life (just ask a genealogist).
It might not all qualify as "art," and any open forum will attract spam, but that doesn't mean graffiti doesn't offer some unexpected value - it can bring a smile, answer a question, provide experience-based assistance, or just make a connection with an unknown predecessor.
I know this is a never-ending debate, so in the meantime, here are some graffiti- and anti-graffiti-related links I've been collecting:
Spam ("Inbox Graffiti")