Slashdot Mirror
Russian Minister Gets Spammed, Spams Back
elhim writes "According to an article in the Moscow Times: 'Spammers last week got on the wrong side of the wrong man, and quickly found themselves with a taste of their own medicine. The man? Deputy Communications Minister Andrei Korotkov. Tired of the endless spate of unsolicited messages that clog e-mail systems everywhere, [Korotkov and others devised] ...an audio message to be volleyed nonstop to the telephone numbers listed in the... [email] spam messages.' Sometimes Russia reminds me of the Wild West."
What is the point in advertising a language course, putting a phone number in the message for interested people to call, and then put in a fake number?
A spam message that attempts to start a transaction usually includes some way to contact the sender (or at least, the one that wants his product advertised). This is a lead to stop the spam by abusing it.
Very arrogant putting Russia among the communistic dictator countries it is a democratic country with free elections just as US.
China and N. Korea however are NOT!
Wasn't there an article some months ago about something simimlar happenning in china? 'Entrepreneurs' would illegally put up advertisements (i.e. posters) all over the place where you have to phone a number to get the product. (Typically these would be mobile phone numbers that were prepaid so there was no name on the account.)
The law enformenet officials would leave an endless loop of messages on tht moble's answering machine that they must turn themselves in and such. I doubt that they actually expected anyone to turn themselves in, but it made all those posters with the number on them useless and thus discouraged putting them up in the first place.
I wonder if this russian fellow was inspired by that action.
Yes and no. Spam almost never contains valid automatible contact information for the Spammer, but the Advertiser absolutely has to have some way of being contacted. It's hard work chasing spammers, so there's my usual anti-spam technique - piss off as many "Spammer Customers" as I can. I appear to have been removed from spam lists several times just for hassling a few CEOs...
Forget thrust, drag, lift and weight. Airplanes fly because of money.
If you have 800 number service for any phone number when you get your bill from the telco it will list all of the phone numbers of the people who called your 800 number, even people with Caller ID blocked as the phone company *must* tell you the phone number of everyone using your 800 number services.
Pretty neat, eh?
1. That **ing American English Center send out its REAL phone numbers. It's Runet's curse for months now - all civilized attempts to get them down failed. They change mails everyday writing something like 'Tsent rAmerican sko goAngliy skogo' instead of 'Tsentr Americanskogo Angliyskogo' or 'Amer icanEngli shCen ter' to get the filters fooled.
Still I don't expect broken windows, masked armed men in their office and Militia (our local police) officers showing them a prescription to 'clean out' from there... It is a dream of almost everybody here, but it is not going real any day.
And their management which is 'very far, too far from here to get phone calls' - these people seem to be just insane i-net villains, striving not for business, but to 'show these Russian swines' who is the king of the hill around.
2. Read the article more accurately: even Andrey Korotkov had to confirm: that resounding measure didn't bring much good. God or not, but the problem remains.
...remember that there are some (lots of) spams out there that make money on the price-per-minute of the phone line you're trying to flood!
"We can confirm that Debian does *not* ship the version with the trojan horse. Our version predates it." [CA-2002-28]
It probably doesn't make a huge difference these days, as most spam seems to be HTML email embedded with webbugs (1x1 image tag pointing at a logging script) so they know your address is valid as soon as you open the email if your client renders HTML. It's still a good idea not to reply, but it's a better idea not to open it in the first place.
In this case though, the article was about calling phone numbers listed in the spam, which if nothing else, at least increases the cost of doing business for the spammer. I'd imagine the parent poster was talking about the same, as email replies aren't likely to impose much of a burden on the spammer. It's a lot cheaper to glance at an email and hit shift-delete than to have an inbound phone circuit and operator tied up while somebody rants at them about the evils of spam.
A few months ago I was ready to open up a project based on a variation of this method but decided not to. The reason was simply that there didn't seem to be a bulletproof way for the action to *not* be interpreted as an attack from the legal/moral perspective. Yeah, in most cases the vendors are only slightly less scummier than the spammers but an acceptable solution would need to take the high road to be used widely enough.
:)
In any case, here's the thought process I (and probably lots of others) have gone through so maybe others could clean it up and iron out the wrinkles.
It seems that one could make the method acceptible by framing the app as a way to increase traffic to the target sites. i.e. an app+site that's sole purpose is drive traffic to the vendors under the guise of a push directory for lack of a better term.
Outline mode:
- Application is a standalone executable with an embedded browser which downloads a number of "Sites of the Day" from (let's say) www.iluvspam.com.
- The "Sites of the Day" are the freshest sites gleaned from an inbox and *provably* spammed. All headers are saved and dropped emails documented. Or maybe couple it with a voting scheme for "most valuable products" at the iluvspam site. Obviously, there's lots of ironing need here to meet the high road philosophy.
- If you're really interested in making your penis larger and don't want to miss out on any late breaking penis enlargement breakthroughs, set default reload (with nocache of course) for every 30 seconds. This seems fair because if a stunning breakthrough is posted then its likely that they'd sell out of it that quickly.
- Or to be really sure that you're catching the latest breakthroughs for all of the fantastic products being offered by spam, the app auto scrolls through the list of sites and reload each.
- The application shouldn't be run as a transparent background service. Remember, its purpose is to serve as a useful tool for users to become aware of important products by reaching the sites. Otherwise it is simply a program the eats bandwidth with no other plausible purpose. So the purposes is no different than searching Yahoo and clicking on the URLs to those sites. Of course the value added feature is that it's better because it goes a step farther by reloading them so you always get fresh information on the products being offered.
- Allow disabling of the (default) auto reload setting. There might be some vendors who would complain about getting so much interest in their product so it's only fair to offer a way to disable reloading their site.
- The Sites of the day could be set for daily download. The link provided would need to be scrubbed to a raw url.
There are a number of other considerations and all of this is just a "cute" way of justifying a (insert more appropriate term than DOS here) attack. But what kept my interest in this scheme is that it could be rationalized and all it would take is 100k slashdotters running it to bring a majority of spam product sites to a halt.
Not to mention that the code would be simple and transparent; a few lines of cross platform code that could be trusted since it it's open source.
Of course the problem is that www.iluvspam.com would most likely be DOSed by some script kiddies hired by the larger spammers. Also, the maintainer of the iluvspam server will be the target of any legal mortars lobbed at them. Getting around that problem is left as an exercise for the reader