Slashdot Mirror

← Back to Stories (view on slashdot.org)

Attacking the Spammer Business Model

Posted by Cliff on from the a-spammer-in-the-gears dept.

Stephen Samuel asks: "Spammers spam because it's an 'easy way to make money'. They send out millions of spams knowing that 99.995% of them will be ignored, but the other 0.005% of responses are pure gold (Andrew Leung at Telus has an excellent report on the economics of spam). Responses to mortage spams are reportedly worth $50.00 each. What would happen if, instead of technical and legal approaches, we simply started attacking their business model? If people started responding to just 1% of the spam we received, spammers would drown in the responses, and the mortage spam responses wouldn't be worth an email, much less $50. The Nigerian Sweet Revenge is an example of this. The nice thing about this sort of statistical approach is that it would start to reward spammers for sending out -fewer- emails. (fewer emails -> fewer bogus responses). What other ways can people think of to attack the spammer business models, and what are the expected downsides of such approaches?" Of course, the one major drawback to this is the likelihood of more spam, since you'll be giving them a valid email address. However, many of you may be receiving increasing amount of spam as it is (even through your filters) so might an organized spam-the-spammers movement work?

6 of 655 comments (clear)

  1. Filters that fight back... by RevJim · · Score: 5, Informative
    Paul Graham wrote an article about this regarding spam filters that fight back. If everyone installs a spam filter that detects spam and then automatically crawls any links listed in the spam, it would bring their web servers to their knees.

    Here's a link to the article.

    http://www.paulgraham.com/ffb.html

    1. Re:Filters that fight back... by grotgrot · · Score: 4, Informative

      All the schemes are easily overcome by a spammer. And it is still easy for them to pick on innocent bystanders. For innocent people, all they have to do is include their URLs in a spam message. Thousands of individual servers checking an innocent person's server even if they decide it is harmless will still be a DDOS against a good guy.

      So here are several ways a spammer can get around everything that is proposed:

      • Include several links in the spam message. For example point at the BBC and CNN as containing relevant content about whatever product you are spamming. (You can use CSS to hide the text behind images or pull other stunts to help obscure it)
      • Include links to your "enemies". Put them last since the automated tools will spider them, but users read sequentially. Again they can be obscured, but they will hurt whoever is on the end of those sites.
      • Always give legitimate content back the first time your web server is connected to from an IP address. You could even put a timer in it that redirects to the real spam page after 30 seconds. Are the crawlers going wait? Will a human spam checker realise it is a spammer site.
      • Put up legitimate content when you think a spam fighter is looking at your site. If the spam fighters are building good guy and bad guy databases, you could try to ensure they always see good content. You could figure out some of their ip addresses, you could be more cautious if the user has a Linux based browser, you could use a popup since more technical people are likely to have popup blockers.
      • Make extensive use of javascript to make it hard for programs to automatically fill out your forms. You can do the same with ActiveX controls, flash, java and various other tricks.

      It is way easier to do this stuff playing defense. Using RBLs etc when someone tries to get access to your mail server works pretty well. Worst case you deny legitimate email, and the only one hurt is you.

      When going on the offensive, you are trying to hurt others. How much collateral damage is ok? One poster in this thread posted their web site. If a spammer included that URL in several billion spams and you had hundreds of thousands of hits against you, how would you feel? How would you feel if your site was listed as a bad guy site? How would you feel if your system had done something automated as an offensive action against another site (eg trying to fill out name and address forms with bogus information) and it turned out that site was mistakenly listed as a bad guy site?

      And if you think it is easy classifying sites, try these two: jennifer and jamie (answers at Metafilter: jennifer and jamie).

  2. Re:The Best Way to Attack Spammers by sfe_software · · Score: 5, Informative

    You could always do what I do.

    Add all the spammers to an e-mail list and automatically forward any spam I get (using an address I use only for this purpose) to everyone on that list.

    Having recently been a victim of having my addresses spoofed by spammers, I don't think this is a good idea. Only if the SPAM actually says to reply for more information (or to make a purchase) would this work; in other words, only if you have a reason to believe that the address is in fact going to reach the spammer.

    The majority of SPAM I get does not come from a valid email address, but instead includes a URL to visit or a telephone number to call. Thus, forwarding SPAM to the From/Reply address will either just bounce, or worse, go to the unsuspecting person who's address was inappropriately used.

    I know that often the spammers just use a random address from their list as the From/Reply-To, but for a couple of weeks I was the proud recipient of many thousands of bounced SPAM messages, to the extent that I had to temporarily /dev/null my Postmaster alias (violating RFCs of course).

    --
    NGWave - Fast Sound Editor for Windows
  3. Re:Bogus spams? by Stephen+Samuel · · Score: 4, Informative
    Sorry, I don't think it will work. 90% of my spams are either gibberish or are otherwise not selling anything.

    This might be the result of blocking remote images in email, to avoid spam filters, some spammers now have an email consisting of little more than a pointer to an image on their (zombie?) servers. The image has all of the text in it.

    If you have images blocked, try reading the source and see if that's the case.

    --
    Free Software: Like love, it grows best when given away.
  4. Re:Richest spammers could afford to handle replies by einer · · Score: 5, Informative

    Now what about sending them bogus email addresses and phony information? That would send them on a wild goose chase.

    That would be form fucker

    The plan would work if enough people did it (the single reply, not necessarily the form fucker), and it would work for the same reason that spam makes my inbox useless. A poor signal to noise ratio. Someone has to dig through all of those garbage e-mails and harvest the truly interested parties (both of them).

  5. Re:Richest spammers could afford to handle replies by shird · · Score: 4, Informative

    Because they are often hosted on unsuspecting peoples hijacked machines, through worms and trojans etc. They are often only compromised for a short period of time, just enough to gather a few dozen responses. So there is no point in attacking these machines, they arent going to be sticking around for long anyway, and dont even belong to the spammer.

    --
    I.O.U One Sig.