Does Spam “Work”?
Scrolling through hundreds of messages in my spam mailbox I have a tough time understanding who spam works for / upon. With all the spelling mistakes, broken links/images, unclear messages, I can’t fathom that there are people out there who see spam and think “oh I want to buy whatever this person is selling”. Am I crazy? Is there some other purpose for spam (other than the obvious phishing attempts which don’t seem to be as common as just plain junk spam)?
Some spam messages claim to have hacked the recipient's computer and camera and have sordid videos. They then reveal a password that has been hacked in the past from e.g. Yahoo, LinkedIn, DocuSign or other, to make the threat more convincing. Others impersonate legitimate companies, such as Amazon, Apple, and so on. These can be scary to many people. In my case, I get almost no "pure" spam (stuff with no apparent phishing goal), perhaps because my ISP's are filtering it, but phishing emails manage to go through. I forward them to the impersonated company "abuse@", "phishing@", with both full headers and message source. Some come from apparent home addresses, indicating hacked home computers. My guess is that the pure spam ones are to verify email addresses that they got somehow or generated. Might have a tracking pixel or image. Just guessing.
The spelling mistakes are there to filter out the people who won't fall for it.
There is a very small minority of people that will fall for these schemes.