Reunion.com dupes new members into signing up by sending them an email that pretends to be from an acquaintance who’s been looking for them (on Reunion.com, naturally). After signing up, the site sucks in your contacts and immediately begins spamming them to join by sending out a similar email. If one of those people then signs up at Reunion.com, their contact list is scooped up and the cycle starts all over again, like a social engineering version of a virus or parasitic infestation. Maybe this is why Reunion.com can claim to register about 1 million new members every month.
The LA Times traces how the process works through one accidental member’s experience:
West L.A. resident Elaine Schmidt experienced Reunion.com’s aggressive marketing for herself when she received an e-mail the other day that appeared to be from a longtime acquaintance.
It said: “Hi, I looked for you on Reunion.com, the largest people search service — but you weren’t there.” The e-mail instructed her to click on a link to see who else has been searching for her.
Curious to see if her acquaintance had left a message, Schmidt, 44, clicked on the link and found herself at Reunion.com’s site, where she was prompted to register so she could see who’d been searching for her.
You know the rest. Elaine had to end up emailing 250 people to apologize for the intrusion. She also discovered that she’d been spammed by Reunion.com because someone she knows had fallen for it earlier that day:
In Schmidt’s case, the e-mail that prompted her to open her address book to the company appeared to come from Vera Eck, a Santa Monica psychotherapist whom Schmidt has known for a while.
“I wasn’t searching for her,” Eck told me.
Just an hour or so before Schmidt received her e-mail, Eck, 46, said she received a message from what appeared to be the father of one of the kids in her son’s Cub Scout pack. Curious to know why he was searching for her, she registered at Reunion.com to see if her acquaintance had left a message.
Eck provided access to her Gmail address book as part of the registration process. And so it goes.