Medical Marcom

The Bad Man is Doing Bad Things to You

4 min reading time

I got 300 subscribers in one day! Oh, that’s good!

But it was all spam. Oh, that’s bad!

It didn’t affect my database at all. Oh, that’s good!

But the 300 subscribers didn’t realize they registered to my list. Oh, that’s bad!

Nothing bad happened when they subscribed to the Journey. Oh, that’s good!

But there was a more nefarious reason.

A hacker signed them up.

the bad man

And that is very, very bad.

I was part of the problem.

When I first saw a spike in subscriptions, I thought, “Woo hoo!” Maybe an influential person recommended me!

But I wasn’t sure. So I sent this email to the newest subscribers:

Very unusual

Hey, it’s Joe. You subscribed to my blog in the last 24 hours and I appreciate it.

But I have to ask, How did you find me and how did you subscribe – because I had an unprecedented number of registrations in the last day.

Would you tell me how you found out about me and why you subscribed?

Really, anything that would help me understand what happened!

I checked my statistics. Almost no one opened the email.

And then I got a reply. From Angels Professional Grooming Centre in New Zealand!

Chantelle wrote,

Re: Very unusual

Unfortunately we were the target of a spam attack where our email address has been used over a thousand times to subscribe to things we have never heard of.

So you are most likely on a hacking list where all your recent subscribers are people who are having their personal account used for fraudulent purposes and then been hit with 1000’s of emails from websites all over the world.

I wish it was better news!”

Why would anyone do that?

I thought to myself, “Okay, so some guy signed you up for 1,000 things. That’s annoying, but how did that hurt anybody? And how did he benefit?”

Here’s how.

His victims got FLOODED with notifications. In the confusion, they may have just deleted or ignored all those emails.

Including the ones that exposed them to danger.

“David the Geek” explained in an email how the attack affected his client.

  1. My client used reused passwords across the Internet.
  2. Hackers signed into his American Express account with a reused password.
  3. They started a bot-network to start blasting form fields across the Internet with his e-mail address from 1 am to 6 am. In that time, 2000-5000 “thanks for signing up for my newsletter” autoreplies came flooding in).
  4. In the middle of the thousands of e-mails, the hackers converted his American Express points to Nordstrom gift cards.
  5. His client got the American Express notification. He never saw it.

David explained, “Your form not having reCaptcha protections on it allowed the bot-network to generate a “valid” autoreply. You were just one of thousands.”

To learn more on this topic, see his article, The 5 Passwords of life – Keeping your Digital Persona Secure and Avoiding Identity Theft in the Modern Day.

Why did I tell you all of this?

For three reasons.
> One, don’t reuse passwords.
> Two, if you get thousands of emails, that’s why.
> Three, protect your forms on your medical device website.

Is there any “real damage” to your brand if you don’t take this precaution?

Probably not? But I’m not sure.

At a minimum, hundreds of bogus subscribers paint a misleading picture of your true open and click rates.

And, at a penny a name per month, why pay to store bogus names?

Conclusion: Add reCaptcha forms to the forms on your website.

The Family That Plays Together

I’ve introduced you to Matt Barnett a coupla times. He helps me build and maintain websites. Plus he’s an excellent remote resource that can “dial in” to your computer and fix it remotely. Let me know if you need someone like that.

Anyway, Matt is in town this week, visiting family. He stopped by the house and we took Matt (a twice-weekly billiards player) to a local pool hall. Luke came along and picked up a few pointers.

It was a really nice afternoon.

Fast Round

  • The 10x Medical Device Conference. Joseph Anderson, who specializes in operational excellence, has been pushing me to define the 10x experience more clearly.

    With his help, I wrote, “10x events are designed to be the world’s most useful medical device conferences – bringing all players together for the industry – to help our community do their best work, with the smartest resources, and a group of people who genuinely care about relationships and doing good work together. Plus, we make it fun, with ice cream, videos, music, and camaraderie.”

    So, two questions. One, do you like it? Two, will you come?

    It will be in San Diego on May 15 and 16. I should have the agenda pulled together in a matter of weeks.

  • An introduction to Pay-Per-Click (PPC) advertising. See this if you seek more website traffic.

  • How does your email perform relative to 2018 benchmarks? If this is interesting for you, you may want to access this benchmark report. (No form required.)

    I was pleased to hear the presenters endorse a metric I track (but isn’t typically provided by email providers); namely, what is your open-to-click-through rate.

    That is, among those who opened, what percent clicked? It looks as though I’m averaging around one-in-eight readers.

Thank you for joining me on The Journey.

In thanksgiving ???? for your sharing precious time with me, let me offer this service: What is the single biggest obstacle you’re facing at work?

I probably know someone who can help you. So write me back! ????

P.S. Mom’s here! That means special Thanksgiving recipes. See you a few thousands calories from now!

Was that a worthwhile read?

Then sign up for more insights!

By signing up you are agreeing to our Privacy Policy.

Tom dos Remedios said… what?!

Tom dos Remedios

Safeco Insurance

Joe was amazing to work with at Safeco. He quickly learned the insurance world to become the “voice of Safeco” in all our internal and external communications.
more >>

email me