While doing some spam research a couple of years ago, we did a series of test purchases from spam e-mails.
We bought pills, software, cigarettes, et cetera. We were a bit surprised that almost all of the orders went through and actually delivered goods. Sure, the Windows CD we got was a poor clone and the Rolex was obviously fake, but at least they sent us something.
We were carefully watching the credit card accounts we created for our tests but we never saw any fraudulent use of them.
The most surprising outcome from this test was that we didn’t see more spam to the e-mail addresses we used to order the goods.
One of the most interesting details in the study is this: almost all spam sales worldwide are handled by just three banks.
The banks? They were:
• DnB NOR (a Norwegian bank)
• St. Kitts-Nevis-Anguilla National Bank (in the Caribbean)
• Azerigazbank (from Azerbaijan)