Spam salesmanship

WHAT SHADE DO you get when you mix white with gray? In the spam world, it appears to be a murky, slimy green.

Adding to the ever-growing spam problem is a deluge of junk e-mail advertising Symantec's Norton SystemWorks2002 Professional Edition -- "a $300 value," according to the spammers -- for $29.99. While spewed out by a seeming army of bulk e-mailers, the SystemWorks spams are all similar in appearance and phrasing.

Although they ship their goods in an unmarked or "white box" package, the spammers brazenly displayed the retail packaging for all the products in the SystemWorks suite, either in the HTML message itself or on a URL for customer orders. The materials looked so much like a Symantec advertisement it led some readers to wonder whether Symantec really was involved in the spams. If not, they wondered, why didn't Symantec shut down the spammers for software piracy, trademark violations, copyright infringement, etc.?

"It's not like these guys are hard to find," wrote one reader who had easily traced one of the main bulk e-mailers to a Florida location and phone number with just a few WHOIS database queries. "How come Symantec doesn't sick the software Gestapo on them -- too busy threatening innocent customers to raid some real slimeballs? ... It's very interesting that these e-mails for SystemWorks 2002 started flooding the Internet just before Symantec brought out SystemWorks 2003. Maybe this is just Symantec's new way of holding a clearance sale -- let the spammers sell it all."

While it struck me as improbable that Symantec would countenance their brand being marketed this way, it was puzzling that they didn't appear to be doing more to stop the spammers. The reader was certainly correct in saying the spammers were easy to track. One of the SystemWorks spams that's been in circulation for months even has an 800 number. I called it and, thinking I was a customer who wanted to send them a check, they readily gave their mailing address as the same Florida location the reader had identified.

When I asked the spam house how I could be sure their SystemWorks CD was a legal copy, they even gave me the name and the number of the distributor from whom they purchased their CDs. The distributor, an Oregon company that advertises itself as an "OEM software" supplier, was reluctant to talk to me after I told them who I was. From their Web site, though, it's clear the company claims its software is "gray market" -- legal copies sold through channels not authorized by the manufacturer.

Now, I've got no problem with real gray market and/or white box software. While software publishers profess to consider it absolutely criminal, in fact many wink at the gray market because they know it's a necessary safety valve when the channel is over-supplied. And if Symantec was involved with dumping unsold goods on the gray market, it wouldn't be the first time a software publisher has done so.

But a considerably darker shade of gray is involved when you're talking software being sold via spam. With spammers, after all, you don't even know if they have goods of any sort to ship you, much less whether it's legal, counterfeit, or something in between. They just want you to mail them a check or, better yet, give them your credit card number.