16 September 2023

E-mail harvesting in public schools

When I was a student in primary school, we did some fundraising for our yearbook by selling magazine subscriptions.  For homecoming football games there were button sales, car washes, concession stands, etc.  Apparently nowadays, students are conned into collecting email addresses...
It started Tuesday with an urgent email barrage... from the 5th and 6th grade principal who told parents they needed to send a “Please Donate” message to 10 email addresses so our child would ‘Win’ a prize that could be a piece of plastic, another piece of plastic or some other piece of plastic.

All we have to do is send out those 10 email addresses, via the fundraising site, which is run by some fundraising company subsidiary that has a mailing address that tracks to a mailbox at a UPS store in a suburban Colorado strip mall.

Seems legit. Or not.

10 emails, no obligation to donate, the principal’s email read. The funds raised go to the school! Parents do not learn how much of the cut the strip mall mailbox company earns off the donated money.

So sell out the grandparents, the aunts, the uncles, etc. so this company with a mailbox at a UPS store will then have tens of thousands of emails at their disposal. What does the company do with the emails? I work on the Internet, I can make a guess.
There are some Facebook responses but no other details at Outkick.  Is this common?

11 comments:

  1. This seems to be the trend. Middle school parent here. I entered 10 fake email addresses and directly donated to school. I am not going to verify my family's and friends' email addresses for future spam and fishing.

    ReplyDelete
    Replies
    1. I did the same. Our schools have a "donation pitch" email you're supposed to send out that basically runs "go to this site/ scan this QR code to see all the great things we are doing with your donations! Pictures of your kid/ school included!" It leads to a fundraiser site where you have to input an email in order to access anything and then it's just generic pics of the school and yard signs the fundraiser company puts up along the parent pick up line with the same QR code and a list of prizes.

      We check with guidance and donate supplies needed by teachers or kids in need. We even stopped doing PTA donations since half their budget last year was spent on an end of year food truck rodeo and party. (But hey, they got a portable speaker for the music dept. too so they could blast music at the rodeo!!!)

      Delete
  2. Just noting how tragic it is that public schools need to fundraise at all. They are PUBLIC schools. They should be covered. Other than an annual charity drive (for an actual charity, not the school), there should be no need, no thought of fundraising.

    This only happens because too many keep voting for people who are out to destroy public education. And they're succeeding. Not only in the US: https://apnews.com/article/crumbling-schools-aerated-concrete-closed-safety-children-942b668d2888f7a8aa9fee960034c8d5

    Finally a note on linguistic corruption. This is not fundraising. This is just swindling people out of their personal data for the financial benefit of (underfunded) schools. Words have a meaning. We should not let their meaning be corrupted.

    ReplyDelete
    Replies
    1. Linguistic corruption amended in the title. Tx for the heads-up, Nepkarel.

      Delete
    2. That's very fast. Please know, it's not personal.

      Delete
    3. au contraire, mon frere. I treasure comments from readers that improve the blog posts, and the Nepkarel name has been part of that process for as long as I can remember. :-)

      Delete
    4. It's an old name, meaning Fake Charles. When I was a student (last millennium), we had one roommate who's family would call, not introduce themselves on the phone, and ask for that roommate. As they called internationally, I could hear whether it was them by the click (remember old land lines?), so when it was them, I'd introduce myself as Karel (Charles), that not being my name, as a way to return their anonymity. It caused much confusion with my roommate as his family would occasionally ask how Charles was doing and he had no idea who Charles was. So FakeCharles/Nepkarel became my anonymous internet name. It's also a pretty unique word, so generally available.

      I was wayyyyyy ahead in the fake business.

      Delete
  3. Oh yes, data poisoning is going beyond a personal benefit and becoming a public duty. Never give true information to the the large social media aggregators, because then you can't tell who they're selling it too. But if you give them false information, and you give each company different false information, you CAN tell. And to a corporation, legitimate-looking false information appears just as valuable as true data. Therefore, give them false information. Or without even doing that, if you own your own domain, and your email is set up so that all domain emails come to you, then you can give out email addresses such as facebook@example.com, twitter@example.com, icloud@example.com and so on, and then as the spam rolls in you can tell where they got the address from. You can't differentiate if you give them all the same legit address.

    ReplyDelete
    Replies
    1. I started doing an equivalent maneuver decades ago with print media. In response to claims that "we never sell or share our subscriber data," I started a print magazine subscription with a fake middle initial. As recently as yesterday I have been receiving the occasional solicitation to subscribe/join/donate in snail mail bearing the totally fake middle initial.

      Delete
    2. Gmail allows you to add +whatever to your e-mail. That is very handy to differentiate. So you can use yourname+facebook@gmail.com for Twitter and yourname+twitter@gmail.com for Facebook, so that everybody gets nicely confused. When you've done that, you can even set-up filters that catch all the e-mail you get at yourname+pleasesellme@gmail.com.

      Delete
  4. Of course, modern-day Google is very firmly embedded in the Big Pile of Corporations Not to Trust. So that's a great trick, but if I signed up to Google I'd also make sure 'yourname' was not my name and that I was suddenly interested in lots of spurious stuff. (Apparently the user account of a pregnant woman is one of the most desirable demographics for companies to advertise to, so that's probably what I'd set up as.) And hey, accounts are cheap, maybe I'd set up several. I presume another thing that makes accounts valuable is their age and their activity levels, which are harder to fake but can also be manipulated somewhat.

    ReplyDelete