Picking Apart a Bogus Survey

Some of my neighbors recently grew interested in a text-borne survey. It caught my attention when I saw people pushing friends & family to find it and fill it out. With a quick glance, I knew better and dismissed the message as junk. But I can do better than that. Maybe my picking apart this bogus survey can help you spot the next rubbish that comes to your door:

Above is an example of what folks in my county were receiving. For those that clicked through, it led to a 20-question survey that started with softball questions about political preferences and ended with sophisticated questions about data centers. More on those later…

First, though, consider that this survey does not announce who sent it. Official surveys from your local government would typically say so. And more and more, your elected officials will give you a heads-up notice before they send out questionnaires and send it through legitimate channels. The survey shown on this post lacks specifics, only mentioning “Frederick County”.

Hazard #1

The first big problem with this piece of spam is that many people are going to click on the link, thinking it trustworthy. They’ll see a survey with easy questions and continue to trust it, when the damage is already done. By tapping on the link, they’ve activated the tracking built-in to the URL.

If you look closely at the URL in that text, it begins with a domain name and then shows some other characters. What comes after the question mark is a unique tracking code. That code is different for each phone number it is sent to. When someone taps their survey link, it reports back to the spammer and tells them who triggered that URL.

By the end of the week, the spammer has an improved list of spam victims, because he can mark off that half of the phone numbers are active and verified and someone on the other end willingly opens their messages. This is how people attract more spam, by interacting with spam just a little bit!

Hazard #2

I played with this survey for a time. I was able to visit the link as many times as I wanted. I could still visit it after deleting the tracking from the end of the URL. And I loaded the survey site after modifying the tracking code to something long and random and absurd. None of my URL changes mattered.

It also didn’t matter how many times I filled out the survey. It wasn’t tracking my IP address or asking me to provide any unique info before proceeding. If I wanted to, I could’ve submitted the survey over and over again with bogus answers. Or written a program or bot to do that for me. So what then, is the purpose of a survey that has no security or safeguard against abuse? Did they care about the answers at all?

That’s when I started to learn that it wasn’t a survey. it was a “push poll“. It was a piece of propaganda, dressed up as a survey.

Looking at those later questions about data centers, I began to see that they were dodgy. Some of them were leading, others were hypothetical in their wording, in order to avoid alleging anything specific. Example: “If you knew that data centers would not result in any increase in your utility bills, and might even result in lower property taxes, would you consider allowing them into your region?”

As I studied this propaganda further, I chopped more at the survey’s URL. I tried to visit just “a.publicstream.org”, and was redirected to “surveygizmo.com” and then re-redirected to “alchemer.com”. Alchemer is a company that offer surveys and other marketing services, all powered and backed by AI. Go figure. A mystery person, using an AI company trying to steer people into supporting data centers.

Leave a Comment