Two new Data Champions spam domains presented to us are datalists.net and seo-groop.com. As usual, these fake companies don’t have a web site and were just registered recently.
Spam from datalists.net and elead.biz was sent out from Data Champions’ superiorns.info (ackermanequities.com) spam servers. Spam from seo-groop.com is being sent from a spammy server called hosthat.com [67.228.226.102], which they’ve used regularly for their spamming in the recent past.
More spam domains on our “recent” list include eglobesearch.com (sent from texserver13.net and mdl220.com spam servers), usdatatrust.biz, usleadzone.com, and krystallistonline.com–sent from bluehost.com. Bluehost.com hasn’t traditionally been a source of spam, but that looks to be changing.
After updating our SpamAssassin B2B rule sets covering Data Champions/Sloan Marketing spam, they look something like this:
describe B2BL_SL B2B Email addresses for sale (SL)
full B2BL_SL /(seo-groop|alliedconsumerservices|pdteam|saynopapers|outgrow(leads|business)|360appending|mdl220|(healthcare|ready|source|tech|append|market)[0-9-]?(leads|profit)|data(manager|finder)|winn?consolutions?|(infinity|web)-intellectual|jaguarsus|emaillean|leadspackage|intersoftech|e(mail)?(lead|source)(lead|source)?s?|(infoe|wie|edg|iba|co|send4|p-d|pro|datum|express)-?mails?|trackmye|us(datatrust|leadzone)|futuristicinc|fortify-initiatives|krystallistonline|crystalcommunicationinc|newsproexpress|(targeted)?(b2b|email|marketingdriven|value|m2p|data)(data|lists?|analytics)(group|planet|web|division|source)?|targetleadz|mercurydesk|businessinvites|invitebusinesses|initiateventure|database-media|prospect(advert|unlimited)|e(globesearch|mailslist)|specificroi|roi(emails|marketingcenter)|mails([i1]|eone)|globalitsearch|(e|it)dataweb|stillvisitmedium|(eddy|auth)mailer|webinarsrule|aboutwebinars|acquire(datanetworking|leads)|paper2green|worldwidemailaccess|erpusers|atcontactworld|(crunch|(the|my)green|ez|uslist|tailored|jade)-?(market(ers)?|firms))\.(com|biz|net|us|org)/i
score B2BL_SL 20
describe B2BL_SL_SRV Domain touches/sends B2B spam (SL)
full B2BL_SL_SRV /((eddy|auth|iba)mailer|beetalhosting|serveridream|idreambiz|teraboard|ackermanequities|glazingm|salespass|superiorns|interactiveone|\b(tex(as)?|data|e)server[0-9]{0,3}|junipertechconsulting|authsender|host(key53|hat|server045)|dns342|webhosting(cloud|noida)|greenwebhost|srteck|stechblr|mail-zap|mailhostbox|hostforweb|mailbox29|nseasy)\.(com|net|info|biz|us|in)/i
score B2BL_SL_SRV 20