Since it’s their job to protect customers from the darkest spawn of the Web, the brave, possibly foolhardy researchers at F-Secure decided to simply buy a bunch of products advertised in spam e-mails and see what happened. Though we don’t recommend that you try this at home, the results were not what you might expect:
While doing some spam research a couple of years ago, we did a series of test purchases from spam e-mails.
We bought pills, software, cigarettes, et cetera. We were a bit surprised that almost all of the orders went through and actually delivered goods. Sure, the Windows CD we got was a poor clone and the Rolex was obviously fake, but at least they sent us something.
We were carefully watching the credit card accounts we created for our tests but we never saw any fraudulent use of them.
The most surprising outcome from this test was that we didn’t see more spam to the e-mail addresses we used to order the goods.
They offer this sad addendum, however: “P.S. We never actually got the Rolex we ordered. It was stopped and confiscated by local customs as a pirated product. They ended up destroying it. With a hammer.”
See also: This new study on the worldwide spam business. [pdf]
Have a tip we should know? [email protected]