The classic mistake when emailing a large number of people is to include all of their addresses in the cc: field rather than the bcc:
Doing that means that everyone gets to see everyone else’s email address.
Which is fine if you don’t mind complete strangers (including perhaps spammers, fraudsters, and pushy sales people) knowing that you’re a subscriber to the newsletter and how to contact you.
But Virgin Media didn’t make the cc: blunder. Instead, it screwed up in a different way.
Virgin Media wanted to advise customers of changes that were being made to how they could log into Google services (including YouTube, Chrome and Maps) with their virgin.net email addresses in future.
But when the company sent their newsletter out yesterday, it used a mailing list which wasn’t configured properly.
As a result, anyone who *replied* to the message would have their response forwarded – via the mailing list – to all of the other people on the list.
And then, of course, people would inevitably reply to the unsolicited message with their own message – which would then get forwarded to everyone on the list again.
Before you know it, you have a snowball effect.
Unimpressed with Virgin Media's e-mail cock up … inbox clogged with irate messages from others complaining about the volume of e-mail.
— Andrew Whitehouse (@awhitehouse) April 16, 2014
Users turned to Twitter to vent their annoyance, and Virgin asked people not to respond to the emails.
A small proportion of our customers have received an email from one of our suppliers which, if they reply-all, it is sent to a wider group. We’re investigating exactly what has happened and, in the meantime, advise people not to respond to this email. We apologise for the inconvenience caused.
The good news is that no-one appears to have exploited the company’s messed-up mailing list by intentionally sending a phishing message, or a link to a malicious website.
But the people who joined in on the email storm, were – in the process – exposing their email address to others. Those addresses could then be scooped up by a spammer who might want to launch an attack posing as, say, Virgin at a later date.
Even though it doesn’t appear as anyone abused the screwup maliciously, it clearly was a nuisance for people on the list as they would have received hundreds of messages in their inbox, effectively drowning out their legitimate mail.
If you run a mailing list, please be very careful with how you set it up. Otherwise, you might find yourself like Virgin Media – having to say sorry, over and over again.