Click HERE
to return to

Identify the sender

Before you can make a demand for payment you have to know to whom to make your demand. Some spams make the sender more obvious than others. In the old days, nearly every spam message contained a web address. The web address contained a site with contact info or it was an easy process to simply look up the contact info of the owner of the domain name through whois records.

Nowadays the sender is more difficult to determine.

Federal law defines the sender of a commercial email as the person who actually pressed the “Send” button as well as the person or company that provides the goods or services advertised in the email. So, basically, if you own an online bookstore and you hire some spammer to send out your email that contains your “book specials” then you are the sender just as much as the guy who actually hits the send button.

A lot of times it is impossible to determine the sender even by going to the web site advertised in the spam. We received a ton of spam from LeadTerminus (or an affiliate thereof) that contained the web address “”. While the site is no longer online, it had no contact info or company name available anywhere on the site. This is what is commonly known in the lead generation business as a “landing page”.

To determine who is benefitting from the spam you may have to set a Canary Trap for the spammer.

Setting a “Canary Trap”

The novel Patriot Games, by Tom Clancy, introduces the term “Canary Trap”. A Canary Trap is a counterintelligence technique that is used for exposing spies. Suppose you have four people in positions of trust, and you think one is betraying you. You entrust each with secret information, but you give each a unique version of the information. If the information later shows up in the possession of the enemy, you know who to put on trial for treason.

This technique also might be usable for privacy issues. Suppose you give your address to organizations or companies A, B, C, and D, each of which promises not to share the information with junk mailers. Your real address is 123 Pine Road, Anytown PA 17002. But you give organization A the additional line, "Attention Department 1," Organization B "Attention Department 2," or something similar.

Then if you get junk mail addressed to "Department 2," you know that Organization B has not respected your privacy and has sold your address to junk mailers. You can treat Organization B accordingly (discontinuing purchases from them if they're a business, quitting if they're an organization, and possibly warning everyone you know about their practices).

Set a Canary Trap for spammers

You can expose the identity of the sender of ambiguously sent spam using a similar technique. To understand the purpose of the canary trap regarding its use with spammers you need to be aware of two things:
  • Canary Traps help you determine who sent (or responsible for sending) the spam you receive
  • Canary Traps are NOT used to cause a spam to be sent in the first place
Spammers are now sending out spams that do not reference a particular company (or they portray a really generic sounding company) and send you to a “landing page” where detailed info about you, your mortgage info, balance, percentage rate, payments and a host of other information is collected and sent off to “multiple loan officers” or whatever the claim may be. In almost all cases, filling out one of these landing pages will result in several mortgage companies calling to get more info. The only way you can tell who sent the spam is to click the link in the spam and fill in the info requested. Do it and wait to see who calls.

Trapping spammers into disclosing their identity using the Canary Trap technique is easy. When you get a spam email click the link in the email and fill out the form on the web site that is being advertised (or linked) in the spam email.

When you fill out the form at the web site advertised in the spam, use unique information that is only used on that ONE particular web site. Use the name “Hu Gepenis”, for example, but use your real street, PO Box or whatever mailing address you normally would use if you were requesting the information for real.

For example. We at used the identity Mark Myers III on June 23, 2004 in order to connect AmeriQuest Mortgage Corp with all of the mortgage spam we’ve been getting. We have used a few other ids to connect them and eLeadz together. We have them on tape. We record all of our calls.

So click a link in a spam, fill out the form at the site and then see who calls you back. Whoever asks for “Hu Gepenis” is the company who bought the lead from the company that bought the lead from the spammer, etc, etc, etc. You will want to keep careful documentation every step of the way.

Use the map below to see what your spam law is by clicking on your state. The links below will take you directly to the web site where you can read your state’s spam law. Click a state below to get started.

Copyright © 2005,