Slashdot Mirror
NYT on Spam Cops
yet another coward writes "The New York Times reports on new measures against spam. (Sperm sample required, sorry ladies) Microsoft has increased efforts to track and prosecute spammers. Hotmail receives 2 billion (2 * 10^9) spam messages per day. In a twist of weirdness, the Direct Marketing Association is funding investigators who cooperate with the FBI on spam investigations. Spamhaus also gets a mention."
The problem with spam is that it's too easy to send. With even a 56k modem you can fire off MANY messages in a matter of minutes. I think a good solution would be on the ISP end of things, and have them throttle connections to port 25 on remote machines. There will always be plenty of open relays, as idiots who just want to allow access to their mail server as quickly as possible will usually just allow relaying from everybody. The spam "hash sites" are great, but the problem with them is not enough people actively submit spam for them to be as effective as possible (not to mention there are numerous, non-centralized ones)
Hopefully, some day people will realize bulk mail isn't effective, but for now, since it is so cheap and easy to send, nothing is going to stop it anytime soon.
Props to GNAA!
Stories like this seem to indicate that spam is becoming more of a "real, get sent to jail" kind of crime with cops and detectives tracking done spammers. Naturally one hopes that violent criminals won't be neglected by this new focus on spammers. Nevertheless, the prospect of real jail time and big fines may deter some from entering the spam market.
Of course, one effect of rounding up the stupid ones will be leaving behind to true spam geniuses. Going after those guys and girls should be real entertaining. Heck, maybe there's a reality based tv show in there somewhere. So you heard it from me first! Anyone got Fox's phone number?
To the making of books there is no end, so let's get started
Microsoft has increased efforts to track and prosecute spammers.
: //POS_SPAM.com
S PAM2.com
Stop letting people use your redirect service to spam. You too Yahoo, you hear me?!!!
http://g.msn.com/0US!s5.31472_315529/HP.1001?http
http://rd.yahoo.com/barrage/card/ovum/*http:/POS_
How about we start prosecuting services that allow people to spam through them, huh?
Dont you think it's pretty strange that, out of the "more than 100 people around the world" employed by Microsoft to trace spammers, this article focuses on the one investigator with a name that resonates quite loudly in the IT community?
In any case, yes, three cheers for Sterling (can we call him "Sterl"?) McBride
It's time for some RICO investigations! Let's throw some people from ISPs and banks into the mix as well -- spamming and scamming really is a racket, and these people need to do some hard jail time. Dragging in people from the "legitimate" business world will go a long way towards making spam hard to do and keep spammers from the support systems they need to do business.
The banking angle is especially important! If these scammers can't do credit cards, they will be hard pressed to run their businesses. While I'm sure there are people dumb enough to send cash, most people can't be bothered to do that much work.
Not all direct marketing is spam, of course they want to get rid of the idiots who hurt their industry.
Circuit City emails me flyers all the time, because I've bought stuff online from them. That's direct marketing - but it's not spam. I also reasonably believe that if I opted out, they'd stop sending it.
I don't need no instructions to know how to rock!!!!
I got an interesting one yesterday. It came into my hotmail account, which is set to "only allow users from my contact list." The address, which wasn't in my list, was listed as from microsoft.com. It was a bit hard to read due to heavy obfuscation (to avoid filters), but it seemed to be advertising underage pr0nography.
I'm assuming that it didn't come from an actual MS address... but one must wonder since if hotmail is simply allowing any email claiming to be from @microsoft.com that's pretty dumb. Not sure how to view headers in hotmail either, and I don't really feel like forwarding something so file to my home account to check them.
MS's online contact thing isn't working either, so I can't ask them. Anyone have any ideas?
(normally I wouldn't bother, but the fact that this spam is particularly vile and somehow manages to bypass a whitelist makes it a special case for stomping)
why can't the companies that are paying for spam be targetted for prosecution/persecution? They can't easily hide since they have to engage in commerce, AKA money changing hands, to do their business, thus requiring valid contact information. Just follow the money.
"Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain
"Do the Right Thing. It will gratify some people and astound the rest." - Mark Twain
Obviously these are the wonderful Nigerian, and now apparently Democratic Republic of Congo, email scams but his point was that these were frauds and to never respond to these emails.
My question has always been not why aren't we going after these people (well, not these people because they are in a foreign country) because the products they are pushing are fake but rather why aren't we going after them for using a false identity?
Just a thought.
In this case, it is being done for different reasons. Some DMA members operate semi-legit email lists. They may annoy people, but at least they are not using some of the most harmful tactics, such as relaying messages through other people's servers and forging headers. Anti spam efforts make it very difficult to operate any kind of mailing lists, as we have discussed on Slashdot before. If the DMA can cut down on the worst offenders and eliminate some of the 'competing spam', their members' marketing campaigns will be a lot more effective. I'm not saying I am a fan of the DMA or anything, but I can understand why it makes sense for them to do this.
At some point, the spam wants money, mainly by a credit card. Why not set up a credit card account only to be used to purchase whatever product the spam is touting, and follow the trail to the account collecting the funds.
Its done for drug busts, so I know the Feds have cash, at least, they have a lot of mine. Put it to use!
Pete Carr Owner Chatmag.com
OK, this is tangential to the topic, but... My spam has increased by almost 10x just in the last couple of weeks. Now, well over 1000 a day! Many are the same message over and over and over. The only thing I did recently was upgrade to the new version of SpamKiller... coincidence? Anyone else seeing this?
Of course Microsoft wants to fight spam, or more accuratly spam where the spam 'provider' has not paid Microsoft. Now MS has set up there white list system where spammers (sorry, advertisers) pay MS for sending spam (sorry, adverts) they want anyone who sends unsolicited email to pay them - that way they dominate the spam (cant get the hang of this, sorry advertising) market. By fighting non-MS spam they are simply increasing there dominence on the world in yet another way.
#1. Buy the pills (in the article, they're already saying that they do that) and pay with a CHECK.
#2. Find the bank that accepted the check.
#3. Call the local field office and have them meet with the bank manager.
#4. Local agent picks up the name, address and social security number of the person who has the account that deposited that check.
#5. Profit?
Well, I guess there are a lot of problems with spam. My problem with spam is that I receive hundreds of spams a day. Our company uses a very nice spam filter, and almost of these things get labeled as spam, buried in an attachment, and a local filter moves them to a 'probably spam' folder. But since there are hundreds of them per day, and in order to read them I have to open the attached email, I don't read any of them, I just delete them. So, my email used to be 100%, but the spam's gotten so bad that now its only about 99%. Small chance there, but if you send me an email, I might not get it. Meanwhile, I have to make it less convenient for everyone, everywhere to send me email. I used to have my email address (a different one, it was overwhelmed with spam long ago) right on my web page. That thing got so many spams that I had to quit using it. So now I have a gmail address on my web page, but not a convenient 'click here to email me' sort of thing. Rather just a description of what my email address might sound like, and if you can figure it out, launch your email client, type in the solution to this little puzzle, *then* you can email me, and... then I might get it, because if it doesn't make it past gmails spam filters I'll never see it. I've found myself relying on web-board forum postings and the like for that sort of non-spammed email communications. The best way to reach me now is to post on a forum I visit with "HEY YOU, READ THIS!" as the title. Crazy. To the point though, is email, as a concept, just fundamentally flawed? I've thought about putting a convenient clickable email address on my webpage that requires an occassionally changing subject-title 'password' in order to actually be delivered. i.e. The first time you send me an email, you have to put [password] in the subject. If you don't, then I won't ever see the email. Once I receive the email, then I'll add you to a contact list which allows you to email me without the password. Then if I ever get spam with the password for the subject, then I'll change the password. If you are in my contact list and I get spam from you, then I'll delete you from it. But that still wouldn't work, would it? I mean, I'd still get whatever viruses-spawned emails spoof your email address or use contact lists for distribution... And I'd never be able to use the email address for things like registering accounts with online newspapers. I'm making the assumption that most spammers get their email lists from those guys, no matter what they say. If they're sharing my email address with anyone, they're sharing it with everyone. Anyway, this battle with spam seems like a lost cause. I'm thinking the problem is with email. Like, we need something else.
Jeff Freeman
You are correct. The DMA does not itself send spam; it's an organization of people who do.
The DMA itself actually predates spam; it started in 1917. Its members are also responsible for junk mail and telemarketing. Any sort of "direct marketing", as opposed to broadcast advertising.
In other words, their purpose is to be irritating, but not so irritating that they get what they do made illegal.
They've always been considered a legitimate, if somewhat unpleasant, business.
So long as the marketing target bears the costs not only should the lists be opt-in but they should be excluded from any sales. Selling a physical mailing address is one thing, selling a cellphone #, an SMS ID or an email address is something entirely different. Along a tangential line, anybody who responds to a lead generated by unsolicited email should be required to honor any promises made in that email. This means that I should be able to get a $200,000 loan at $350/month - the spam specifically said "you have been approved" at those rates. By the same token, any loan officer to responds to my response to an email that reads "your lo.an app.lication has been denied" should either provide, in writing, the reason for the decline or lose their license for participating in fraud. I'll take 5 of those $200,000 loans, please - a $1,000,000 mortgage for just $1,750/month isn't such a bad deal. And the loan officer will think twice about purchasing spam-source leads again in the future.
If the g'vt kept the data on you that google does you'd better believe you'd be calling it "doing evil"