I got a letter at work yesterday, and our admin, as he handed it to me, said "Looks like a bill". As indeed it did. This is curious, because I have all my real mail sent to my home. On opening it, it did indeed look like every bill I've ever received. It had a "Notice Date" (March 31, 2004), "please remit payment on or before April 5, 2004", a "Customer Number" (NX440427), instructions on "HOW TO MAKE PAYMENT", etc. The thing is, it was from some outfit called the Internet Corporation Listing Service (icls.net --- I won't give 'em a link, but check out the Google cache of their terms and conditions), which I'd never heard of in my life. Examined closely, it turned out to be a solicitation to pay thirty-five dollars to have bactra.org, a domain name I own submitted to "14 major search engines" and supposedly get quarterly reports on how well it ranked on "eight keyword/phrase listings".
Suddenly all was clear: when I registered the domain, I gave my work address as the administrative contact; somebody was obviously mining the whois database for the credulous. (Including, perhaps, those who, like me, have learned the hard way to respond to every bill with a check right away.). Let's do the math. You're not supposed to mine the registry databases this way, but it'd not be hard at all to write a Perl script to do it. (I could.) The same script would prepare and print the letters, which were bulk mailed. Call it $0.50 per letter. (They give their address as "245 8th Avenue, #366", New York City --- I have no idea what the rent would be, and rather imagine that's a mailing store.) Income per successful letter: $35, plus whatever they can get for the name, address and e-mail of a confirmed sucker. The break-even point, then, is one positive response in 70. If they get 1 in 50, or 2 percent, they make $0.20 per letter mean profit, or 40% on expenditure, which to me sounds pretty good for doing squat-all. (Of course, the only way they'd actually do something is, maybe, if a mark complained about not getting a quarterly report. They would then run another, even simpler Perl script, and said mark would be immediately shopped to the nearest boiler room.) It's not a very artistic scam, involving only the first two of the seven underlying forms of fraud, but I don't imagine they're complaining.
A little googling reveals that lots of people have been getting these letters ---- somebody has put up scanned images (1, 2) --- and that they've been doing this for a while, but that last year they were charging $37.50 for their services. Times are hard.