Slashdot Mirror
How the Spam Industry is Sustained
mOoZik writes "The BBC has an interesting article about spam and why it's still around. According to a survey, nearly 1/3 of users have clicked on spam messages and 1/10 have bought products advertised therein. "If no-one responded to junk e-mail and didn't buy products sold in this way, then spam would be as extinct as the dinosaurs.""
"The list of words most commonly hidden by the spammers from anti-spam software reveals that most spam is about the old favourites: money, drugs and sex," said Mr Cluley.
The article says 1 in 10 people buy stuff from spam.
This is an average of course. Slashdot obviously isn't the average, but it's still likely SOME of you have bought something from spam (even if it's 1 in 100 slashdotters).
So fess up. Whose being buying stuff from spam?
Ok, I have to know who these guys were surveying, because I'm inclined to think it was the population of a mental institution.
I really have to disagree with TFA on this one. I don't think it's "bad email behavior" keeping spam alive (viruses are a different matter, but lumped in together).
It's the stupid and unethical businesses who will pay a spammer $100 for a 200,000 user spam blast. The spammer doesn't give a rat's posterior whether or not the victim buys or clicks. All he cares about is not getting bounced. Then he gets paid.
to educate users. If somebody signs up for a free-mail account (could work for ISPs in general as well), they are automatically send a couple of fake spams. If any link in the spam-emails is clicked, the account of the user will be closed (with an educational warning message). That will teach them...
Credit: Some MS guy I talked to. Unfortunately Hotmail-management was kinda opposed to that idea...
Reguardless of how effective spam ads may be, that doesn't excuse them from modifying the spam so that the people running filters still have to see it. If you're filtering spam, you not only don't want to buy anything from them, you don't want to even see it. I've been training spambayes for months now, and some stuff still gets through as 0% spam. Those are the people who need to be shut down, its easy enough to ignore the rest.
So, given the thousands (tens of thousands?) of spam I've recieved, I've clicked on the link from one. Suddenly 1 in 10,000 doesn't look as good as 1 in 3.
Of course, the real way that spam is funded is through scams (which only need a minute click-through rate) and by convincing one company after another that the click-through rate isn't minute. The recipients aren't the only ones being scammed.
I've always wondered why we , as a community,
don't beat them at their own game. There is
more of us then them, so if only 10% of us
would carpet bomb them with fake requests,
calling their 800 numbers, whatever they
want back, wouldn't that piss them off.
In fact, you start with one company
(my current favorite is Gevalia Coffee,
who can't stop mailing me despite repeated
phone calls and email requests, they hired
a 3rd party to "spam"), and work you way down
slowly and methodically. THat will teach normal
companies to stop doing it.
There probably are a few hard cases to crack,
but it seems there aren't all that many companies
around who do it.
I think the fact is that most people really don't care that much. They just accept spam the same way they accept junk snail-mail.
So they throw it out? That doesn't sound like what you're saying, but that's what people do with junk mail. This article is about people paying attention to it instead just because it's online.
-N
I've nothing to say here...
In addition, you have to wonder what ended up counted as "spam" in the survey. There's lots of bulk email that's legitimate insofar as the recipient checked a box (and didn't uncheck one) once upon a time. One wonders if some recipients counted those too. Between the false positives and the false negatives I wouldn't put a whole lot of faith in the survey numbers. But 10% having responded at one time or another to something they referred to as spam doesn't seem totoally out of line to me.
Spam is an economic problem and requires an economic solution.
This story focuses on one side of it, but the amount of profit is *NOT* the problem as long as the spammers think they can divide by zero as far as the costs are concerned. Email is not and never has been free, but by designing SMTP to pretend email is free, spam is the inevitable result. If the spammer thinks another 10 million spams cost nothing, but will possibly find one more sucker to send in $39.95, then the RoI looks infinite. BROKEN economic model!
The only option that will solve the spam problem is a sound economic approach that puts a non-zero cost on each email message. I think that could be done by requiring prepaid postage. I don't know about you, but I would certainly opt in for a system that was absolutely guaranteed not to get any mass-of-stinkage spam. (This could be done transparently and compatibly with the existing SMTP email system.)
Once you have a real economic model, then you can add all the bells and whistles, and actually I have nothing against legitimate advertising from legitimate companies--as long as I control the flow and especially if I can target what I receive. In particular, I'd like a system that would let advertisers bid for my time. Something like "I'll accept a small amount of advertising email, and I'm interested in these products. What's it worth to you to reach me?" By small in this context, I'd be measuring it in terms of time, say 15 minutes per day where each worthwhile ad will probably take 1 minute to read.
The email service provider would have some of my personal information to help "market" my valuable time. However, it would be strongly in their interest to carefully safeguard my anonymity, since leaking my personal information would destroy their own value. Also, since they would be getting a percentage of the take, it would of course be in their interest to maximize the advertising-related revenue I'd receive for those few ads.
However, none of this is possible without a REAL economic model underlying email.
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
I've posted it before and you've given me the opportunity to post it again.
I'm usually not in favor of the death penalty. However, not only am I in favor of the electric chair for spammers; I'd replace the switch with a dial. After rigourous (and fun I might add) trials on the many spammers it would be marked like this:
1. Mildly painful
2. hurts
3. really stings
4. excruciating
5. probable fatality
6. likely fatality
11. human boooowwwwbeeeecue
There's hours of fun to be had as mail admins take turns lovingly sweeping the dial from 1 to 4. The mail admins will of course charge admission to mail recipients.
The child porn purveyors can get the special wire that goes in the pants.
Ok so I take calls on a help desk. and every week or two i get a call from a customer, asking for a special spam request. They start saying I recieved this offsensive spam message. And I have descided I no longer want to receive spam. At this point i find it hard to not laugh. I proceed to tell them we have no control over who sends your emails, we can change your email address if you want. etc etc etc. Sometimes the customer gets incredibly angry that we can't just turn it off, and that we are the ones behind there spam etc. Its not like we dont try, because we run our mail servers with a pretty high anti spam protection with mutliple solutions, only a very small percentage of spam gets though.
Its amazing to me that people compare spam to snail junk mail, and they think its something simiple like a 'no junk mail' sign could suddently make them not receive spam. I recon these are the same people who are buying stuff they receive from spam.
then identify test messages, to let them through and let spammers believe that my honeypot is in fact an open proxy
How'd you manage this one? I'd be too afraid of letting the messages through to the wrong person.
I have never let it out of my box, but it definitely gave the spammers adrenaline enough to keep them around for longer ...
If a bunch of us ran something like this, wouldn't it greatly increase the costs to the spammers? In fact, if you hacked around with the raw IP packets, sending ACKs prematurely to make the spammers think you received the data even thought it was dropped, you could trick them into using up much more bandwidth than you. Sort of like a DDOS, except they're the ones initiating the connections.
So they throw it out? That doesn't sound like what you're saying, but that's what people do with junk mail.
Depends what the junk mail is. I've signed up for at least one credit card after getting junk mail advertising it. I'd probably do the same with junk e-mail, except for the fact that junk e-mail is pretty much universally a scam by some company I've never heard of.
If I'm offered a good deal, I'm not going to pass it up just because it was offered through junk mail. Of course, Discover Card (that "at least one" credit card company) is losing money from me. I transfer the max balance whenever they offer me 0%, and then pay it back before the offer expires.
That's actually not a bad idea.. Never underestimate the power of rumors.
I actually tested this once. I was talking to a friend of mine in the smoking area about how people pick up bits and pieces of other people's conversation, and then spread them on. We came up with a juicy, scandalous, and completely ficticious event and discussed it at an excited volume.. not enough that we drown out other people, but loud enough that anyone who wasn't talking could probably hear us. We didn't have to keep a straight face, because he story we came up with was something you'd laugh at anyway. We repeated it a few times, and the next day I went on vacation and forgot all about it.
When I returned a month later, the first thing I heard from a co-workers was, "Guess what happened while you were gone!" Yeah, the same story we made up in the smoking area. Had a good laugh over that one.
Granted, the rumor was probably isolated to, at most, the 1100 people I worked with, but that's because it was only relevant to those people. Your idea about spreading rumors that are relevant to the population at large might actually work.
https://www.eff.org/https-everywhere
No it's exactly what he's saying. Most people toss junk snail-mail. But enough buy the products to make the mailings worthwhile for the seller. Tragically with spam, it takes a much smaller response to cover the advertising costs.