Slashdot Mirror
Microsoft Wins $3.95 Million from Spammer
LehiNephi writes "A Washington, D.C. judge fined Daniel Khoshnood, a major spammer, for pretending to be Microsoft in order to attract customers. Specifically, he registered windowsupdate.com (not to be confused with windowsupdate.microsoft.com), then sent out mass email encouraging users to download a toolbar from that website. Although the suit was not specifically about spamming, the mass emails (and subsequent complaints) were what caught Microsoft's attention. So far, Microsoft's campaign against spam has netted them $54 million from six judgments, one dismissal, four settlements, and two bankruptcies. The article doesn't mention whether the toolbar actually lived up to its claims of automatically applying security patches."
Obviously it'll never happen, but it would be nice if all the proceeds of these victories against the scumbags were given to anti-spam projects and organisations to develop more robust hosting (to deflect spammer/virus author DDOS attacks) and improve the filtering software. It would also really annoy the spammers to see such projects getting massive cash injections ;-)
I recently added rbl support (spews and spanhaus), spamassassin and the mimedefang milter to our company incoming mailserver and it's REALLY making a difference! Since I have a corpus from hundreds of people too, the bayesian side is already extremely good. It still lets the odd scam through, but being a company I can't afford to block anything by accident.
Code, Hardware, stuff like that.
Talk about conflicted. I'm not sure who to root for. Did the spammer use Linux?
So, what do you do when evil is fighting evil?
1. Write a popular mail client which automatically executes arbitrary code.
2. Sue the people who hijack PCs via the above mentioned mail client.
3. Profit!
The enemy of my enemy is my friend...
I feel confused.
bash$
Most companies probably don't want to go down the route of registering all the keywords related to their business to stop third parties abusing the fact that the words are well known and recognised. If they did then scammers would use mispellings and 1337 variations, it could cost quite a bit to register all of them. For MS it's possibly easier to take just to take legal action when abuses do occur.
Decode these
I'm not at all surprised by that, considering that Microsoft can't even remember to register their own domain names ;-)
While I think it's great that yet another "identity thief" (sort of) has been busted, this does little to stem the flow of spam. What we truly need are more cases that are strictly based on the sending of unsolicited commercial e-mail. We've got some great and not so great legislation out there to protect us... why aren't we using it? Because it costs too much?
And yes, I know that there have been a few landmark cases recently, but a few big falls aren't going to convince spammers as a whole to stop spamming. An concerted effort to shut them down via thousands of small lawsuits from you and I would be much more likely to have an effect, in my humble opinion.
Other articles on this story say that the spammer used the domain windowsupdatenow.com, which is owned by:
Well Microsoft does get to pay Hotmail's bandwith bills, email storage costs, and employ people to deal with abuse reports? Don't forget that they also get to deal with all the spam that is undeliverable, bounced, or dropped by user's filters etc. Per individual spam, Microsoft may well be paying less than a recipient, but there is definitely a very real price tag attached.
Unfortunately however, under CAN-SPAM, only ISPs and not end-users can use the legislation to go after spammers through the courts. As the owner and operator of Hotmail that would naturally include Microsoft. Of course, the statement that the actions has "netted them $54 million" means the courts have awarded them that much, they will actually see far less of it than that.
It would certainly be nice if Microsoft (and others in a similar position) would make at least a token contribution to the anti-spam groups out there. Spamhaus operates almost entirely on contibutions and sponsorships, Spamcop has a legal defence fund, Spam Assassin is now under the auspices of the Apache Foundation... the list goes on.
UNIX? They're not even circumcised! Savages!
It's unclear what you mean, but have you seen:
http://www.proxypot.org/ ?
They don't sue the people (yet), but they do try to get ISPs and LEAs interested in the evidence collected. Often the ISP approac succeeds. It is also useful to create a list of ISPs who will not act on abuse reports.
As a bonus, none of the spam that the spammers try to send through them reaches any victim.
For this approach "popular mail client" is meaningless. Spammers don't start with a list of mail servers, they start with the IP address space and go looking for abuable servers (for proxypots the abusable entities are open proxies.) What is run doesn't have to be a real MTA (or real proxy server), just look enough like one that the spammers accept it as one. For the cleverer spammers it is useful for it to look exactly like some historic abusable MTA, like many of the earlier versions of Sendmail. Whether you need to gear your attack to defeating the cleverer spammer isn't known, but it's probable that you can have a huge effect just by going after the dumbest spammers (that's a big group.)
It shocks me that (1) so many people don't know how spammers operate and (2) so many of those who do know (that is, recognize that spammers have to look for systems to abuse) never seem to be able to grasp the importance of that knowledge. It's like knowing a burglar favors basement windows but doing nothing to set a trap for a basement window burglar - just bitch about all the people with insecure basement windows. Stake out a few basement windows and some evening soon you may be face-to-face with he burglar. Stake out a few IP addresses and some time soon you may gather information that leads directly to the spammer's IP address. Poof! There went the supposed anonymity.
Registering a domain name is negative money. Letting someone else register it and then suing them is positive money. You might even be able to get the domain thrown in with the settlement.
"Because Science" is one step from "Because old book". Try "Because of my experiment testing my falsifiable assertion".
The article doesn't mention whether the toolbar actually lived up to its claims of automatically applying security patches.
No but from this article on The Register:
"In reality, the toolbar loaded a utility called called BrowserAid/QuickLaunch which bombarded users with random, unrequested pop-up ads."
Did they click on the blinking monkey?
My new