Today I got spammed by JC Penney. At first, I thought it might be a phishing scam. The link to click in the email was to jcpenneyem.com instead of jcpenney.com. When I checked the “whois” information, however, the domain jcpenneyem.com was, actually, registered to JC Penney. Instead of clicking on the provided link, which included lots of scripting code in addition to the domain, I just entered jcpenneyem.com in the browser address window. That resulted in a “Page Not Found” page. Suspicious. Then I cut and pasted the link out of the email, deleting the part with my email address (the address they used, by the way, is one of my spam addresses – it’s a very old address that has no purpose in the world except it’s on all the spam lists). And guess what — JC Penney, unless somebody went to an awful lot of trouble to duplicate the whole JC Penney website. The first page did have a section to “access your JC Penney account”, but when I investigated, it was the same page (more importantly, the same URL) as my bona fide JC Penney account page. The spammed email address, incidentally, is not the address that JC Penney has on file for my account; nor is it an address I’ve ever given them. The only way they could have that address is by acquiring one of the aforementioned spam lists.
I’m not sure how Becky is going to feel about the fact that henceforth we will never buy anything from JC Penney, but that’s my rule about spammers. I wish everybody who uses the internet had the same rule, and that this marketing decision would put JC Penney out of business. But, sadly, it seems mainstream business has now been sold on the marketing value of spam.