At work I’m getting repeated spams from one mob which send surprisingly similar emails about conferences and training from various domains, which include:
businessintelligencelive.com (added 2014-01-13)
enterprisearchitecturetrainer.com (added 2014-04-01)
mycloudcomputingtrainingnow.com (added 2014-04-07)
sixsigmaaccreditation.com — (added 2014-07-24 — also noted use of the brand name KnowledgeHut )
itilfoundationoceana.com — (added 2014-08-06 — still using KnowledgeHut name)
Sent by pmta90.dedicated.bmsend.com on behalf of BusinessAnalysisProgram.com (added 2014-08-18)
primeverastudy.com (added 2014-08-26)
mybusinesscasewriting.com (added 2014-09-16)
finance4nonfinace.com (added 2014-09-16)
ApacheHadoopbootcamp.com (added 2014-09-18)
pmtrainingPrograms.com (added 2014-09-18)
sixsigmaforbeginers.com (added 2014-09-26)
msptrainingnow.com (added 2014-09-26)
mspaccreditationnow.com (added 2014-09-30)
prince2bootcamptoday.com (added 2014-09-30)
pmprojectnplanning.com (added 2014-10-03)
myprince2certification.com (added 2014-10-13)
mspbootcamptoday.com (added 2014-10-15)
ITILfoundationgulf.com (added 2014-10-22)
financialmodelinginexcel.com (added 2014-10-27)
scrumbootcampnow.com (added 2014-10-30)
knowledgehutglobal.com (added 2014-10-30)
businesssuccesstrainings.com (added 2014-11-10)
primeveratraining.com (added 2014-11-14)
sixsigmaintialsquare.com (added 2014-12-09 — note it appears to misspell “initial”)
projectmgmttoday.com (added 2014-12-19)
businesscasewritingcourseware.com (added 2014-12-19)
mspadvancecoursefinder.com (added 2014-12-19)
agilescruminitiatives.com (added 2015-01-12)
fpasnap.com (added 2015-01-13)
itilfoundationstudy.com (added 2015-01-22)
financialmodelingnexcel.com (added 2015-02-17)
scrumaccreditationcase.com (added 2015-02-17)
I’m not sure the following domains are part of KnowledgeHut, but they use the same format.
pmcertin.com (added 2015-02-17 — includes “itilsearch.com” in unsubscribe links)
sixsigmalearnings.com (added 2015-02-17 — other domains mentioned include bmsend.com, bmetrack.com, alliancestudy.com)
Apart from using many different domains, these guys also continually change the address within the domain, and Outlook doesn’t appear to be able to consign an entire domain to the blocked senders list.
They do include this footer:
You are receiving this e-mail because you happen to be either our client or were added to our comprehensive database on account of your contribution in the IT domain. However, should you no longer wish to receive any further mails from our side, please Click here Unsubscribe iCMG | Level 9, Avaya House, 123 Epping Road, North Ryde, NSW.| Phone +61 2 8005 0977
…but of course I’ve tried that and it doesn’t work… it probably only served to prove to them that mine was a live address.
I have been putting these domains into the spam senders list in Exchange, but they still get through. I can only assume that the list in Exchange is a “soft” one.
I have, of course, passed on a spam message to the ACMA spam reporting people… but I don’t hold out much hope of any success there.
Adding additional domains as they come up. It’s interesting to see that some of them include spelling errors; most are just semi-random buzzwords stuck together.