Slashdot Mirror

← Back to Stories (view on slashdot.org)

Personalized Spam Rising Sharply, Study Finds

Posted by CmdrTaco on from the no-i-don't-want-a-yearbook dept.

designperfection9 writes "A new study by Cisco Systems Inc. found an alarming increase in the amount of personalized spam, which online identity thieves create using stolen lists of e-mail addresses or other poached data about their victims, such as where they went to school or which bank they use."

8 of 142 comments (clear)

  1. 30% of all Web traffic? by alain94040 · · Score: 5, Interesting

    From the article:

    The latest study was based in part on [Cisco's] ability to monitor 30 percent of all Web and e-mail traffic

    I hope the journalist misunderstood something, otherwise all my fears about the NSA just got crunched.

    --
    iPhone Apps review site looking for bilingual testers

  2. reunion.com by fprintf · · Score: 2, Interesting

    My father just kicked off a flurry of spam from his inbox, and I have been helping him to reach out to his entire address book to stop it from spreading any further. According to him:

    "I receieved an email from my dearest friend from England, who I have not spoken to in some time, asking me to join Reunion.com. I clicked on the button in the email and sent me to a site giving me the option to sign up for the service. Until I got your call, I had no idea that it sent out emails to everyone in my address book. It was a nicely worded email and didn't seem like spam at all.

    Now that they have his email address, one that he does not want to give up, I am afraid he, and everyone on his address list, will now be the target of even more personalized spam. I hope my gmail filter catches most of everything, but I have no doubt in a few months I'll be looking for pen!s enlargement devices, v!agr@ etc.

    --
    This post brought to you by your friendly neighborhood MBA.
  3. Re:What bothers me more is by zappepcs · · Score: 3, Interesting

    What you are saying is true, but it can't be legislated. It can, however, become a vocation. Yes, for just 3 easy payments of $19.99 we'll teach you how to be safe on the Internet.... blah blah

    An internet driver's license seems like a good idea till you think about all the absolutely retarded drivers you saw on the way home from work recently. Then it sinks in: some people are NOT trainable.

    If you think of the Internet as a huge data warehouse and spend some time with a scripter it will not take long to find out that you can personalize millions of spam emails with little to no effort other than writing a script or two. All you need is for 1-2% of those to reply and enter logon details and you have a profitable business plan, albeit illegal.

    When so little return can still make you profitable, it's hard to discourage spammers. Internet driving licenses would not prevent that 2-5% of the population that can't be taught to tie their shoes from answering unsolicited emails. There is a base or root value where crooks and con artists will always be able to find prey, whether they are selling gilt edged bibles or offering better sex or longer life. Hell, there are those that are flogging lame do-nothing anti-spyware software in an effort to fleece them of their money.

    As long as there are humans and an Internet there will be spam problems. You could even set up a business as an online retailer clearing house where people would send you money to pay for things for them, trusting you to tell them when it is a con job. There are those would would pay for it... say $2.50 per event to be sure they didn't get conned. How's that for a scam?

    See... this problem won't go away anytime soon. Washington? Are you listening? New laws will only make this situation WORSE, not make it go away.

    --
    Support NYCountryLawyer RIAA vs People
  4. Re:What bothers me more is by Anonymous Coward · · Score: 1, Interesting

    I totally agree that email clients should not be able to read or display HTML email.

    When a person has to copy and paste a link from their email then there is at least a implied consent buffer.

    Sorta like a person can drink a lot of beer but still has to figure out how to use the car keys to get in the car and turn it on ( in keeping with the car analogies ).

  5. Re:What bothers me more is by xaxa · · Score: 4, Interesting

    A bigger problem is when you can't provide a decent, random string for the "security question". I opened a bank account online last week, but had to go to a branch to prove my identity (fair enough). The banker didn't like where her PC said I'd put "438@@/arcCHK" as my mother's maiden name, and asked for a real name. I'm waiting for the online banking activation codes to come through, I hope it doesn't depend on this value.

  6. Re:What bothers me more is by Anonymous Coward · · Score: 1, Interesting

    Simply, this is not going to happen. Haven't this been tried for at least 10+ years?

    Spam happens because too many people look the other way. Google for McColo to understand what I mean.

    Spam is not going to stop my "educating people". Nor is spam going to stop by taking 2 or even 3 spammers to court a year.

    Spam is going to stop if "we" make the middle man pay dearly. It's crazy that something like "McColo" has to be taken down with the help of the Washington Post.

    And as long as "we" keep thinking about McColo as an exception, and that spam is mainly a non-USA problem, it will grow and grow. Check the stats at spamcop.net, and you can see it yourself.

  7. Re:Not just them by Sfing_ter · · Score: 3, Interesting

    Of course they do, it's just that if they don't do as NSA says, then they don't get to continue to rebuild their monopoly. It be Bidness, and the constitution gets in the way of Bidness.

    --
    A computer once beat me at chess, but it was no match for me at kick boxing. Emo Philips
  8. Re:What bothers me more is by inviolet · · Score: 2, Interesting

    The real problem is people visiting Web sites through email links, and replying to unsolicited email (from companies they recognize or not). Banks don't conduct business through yahoo email addresses. The real issue is educating consumers, or having consumers educate themselves. One does not drive a car without knowing the rules of the road (despite what people may think of cliched analogies), and email clients shouldn't be Web 2.0 browsers.

    In real life this "don't talk to strangers" / "don't buy from some guy in a back alley" issue is solved with our eyes and our sense of context. There is no context or visual aid when browsing to a website or reading an email... hence, people will click anything. They are still subconsciously relying on their vision ("a normal-looking email message") and context ("here safe in my home") to judge the safety of interacting.

    So let's stop trying to fix people, rowing upstream as such, and instead go with the flow. Write a web browser and an email client that change their appearance based on trust chains or certificates or whatever we use to authenticate known-good entities. When reading an email from a stranger, or an email from bankofamerica.com that lacks the proper signature, the email window turns black and gets covered in spikes. Same with the web browser.

    Or bring back clippy, and have him appear as a shady-looking guy in an overcoat, standing next to the email, and he opens his coat to sell you something if your mouse hovers over a link. Or whatever. Point is, work *with* humans' natural authentication mechanisms, rather than whine about how users are clueless.

    The real cluelessness is us programmers who ignored our knowledge of existing human authentication systems when we wrote email clients and web browsers. Gee, "let's make all web pages appear equally clean and safe, and then expect users to not click the mean ones!"

    --
    FATMOUSE + YOU = FATMOUSE