Slashdot Mirror


Google Says Spam Volumes On the Rise

alphadogg writes "Despite security researchers' efforts to cut spam down to size, it just keeps growing back. The volume of unsolicited email in the first quarter was around 6 percent higher than a year earlier, according to Google's e-mail filtering division Postini. Security researchers have won a few significant battles against the spammers in the last year, first against those hosting the spammers' control systems, and later against the control systems themselves, but they will have to change tactics again if they want to win the war. In the first half of last year, security researchers concentrated their efforts on identifying the ISPs or hosting companies that allowed command-and-control servers to operate, and shutting these botnet purveyors down. The success of that tactic was short-lived, however."

8 of 187 comments (clear)

  1. If One Person Clicks, We All Lose by eldavojohn · · Score: 5, Insightful
    If you are successful at combating spam, you will see a rising volume. Here is the chain reaction that takes place:
    1. A spammer has an established source of income that he profits from his operations. Let's say it's ten grand a month. Everything is going well--he kicks back and watches watches the money machine.
    2. You implement a better spam blocking program or a better educate users or do something so that the five hundred clicks he gets a day drops to four hundred clicks a day.
    3. The spammer now finishes at eight grand at the end of the month and notices something is wrong.
    4. The spammer is certain that he can grab back those clicks and all he (did you ever notice how spammers are always men?) has to do is crank up the volume whether it be by getting more e-mails to spam or sending more frequent spams or revolutionizing his spamming tactic and adding new templates and variables to trick people or get around blocks.
    5. In the end we see spam rise.

    Now, maybe he makes that two grand back in his push and maybe he don't. Maybe your new method reduced his clicks from five hundred to five per month. Either way the best we can hope is that at some point that income shrinks to negative or so little it's not worth his time. The problem is that even if 0.0001% of his spam messages generates a click, he's making bank.

    The battle for clean e-mail should be fought on a number of fronts. Public awareness is the key weak link in the chain in my opinion. And as a new net savvy generation arises, that will come naturally.

    No matter how much I tell my friends and family to be safe on the net, my friend in Cairo had ten credit cards opened in her name and I had to help her clean it up over here. To make sure it didn't happen again we went over smart procedures like if your bank sends you an e-mail you should read it and then open up your browser by hand and type in the bank's URL as you know it by hand and look for the corresponding information on the site. Yeah, it's a pain in the ass but if you can't find it you can always just call them. Don't click the e-mail link and drop your username and password into some site you don't trust. If I had to guess how she got tripped up, it was when she went to Cairo for school she couldn't afford to talk on the phone and had gotten lazy and careless with doing all her banking online.

    --
    My work here is dung.
    1. Re:If One Person Clicks, We All Lose by eldavojohn · · Score: 3, Insightful

      We need that kind of will in the fight against spam. It is expensive at first, but less expensive as people get out of the business.

      The problem with your analogy is that kidnapping is a binary operation. You're either doing it or you're not. It's also often coupled with extortion and bodily harm and a host of other very serious crimes.

      Spamming, on the other hand, is very hazy. What is unsolicited e-mail? People don't take the time to read shit. They just "click click oops, why am I getting these e-mail?" So if they clicked an ad and entered their e-mail address to get thirty thousand acres in farmwars by putting in their e-mail and checking a box that they understand ... where was the failure there?

      I just got five messages in a minute from Boingo this weekend. Followed by an apology letter. It was some database template test process run amok that informed me about my account (which I don't have with them). I used them once in an airport. They apologized to me today in another e-mail I didn't ask for! Do we vigilantly hunt them down and jail them?

      The problem with your vigilance is that it's often objective to draw the line where spamming stops and legitimate business e-mails start. The crimes that come with spam aren't on the level of human trafficking ... you get tax evasion or another white collar crime at best. Sometimes theft or grand larceny across all victims. But come on, the FBI isn't going to get the resources from the federal government to chase that rabbit down its hole when they need back hoes to dig up the whole internet.

      The government's CanSPAM act has increased the severity of it when we're sure you were doing it. That's the most you can ask for ... not a special FBI initiative to relentlessly track everyone who spams. Enforcement should be increased but not to the level of tracking kidnappers.

      --
      My work here is dung.
    2. Re:If One Person Clicks, We All Lose by Tom · · Score: 3, Insightful

      Yes, because the inconvenience of mashing the 'delete" key a few times is exactly comparable to the inconvenience of having a family member kidnapped and held against their will.

      You have heard about scaling factors sometime during your education, haven't you?

      A small crime done to millions sums up. The math has been done before. The "few seconds" times the amount of spam just one of the major spammers sends out in a month comes to easily an entire human lifetime.

      --
      Assorted stuff I do sometimes: Lemuria.org
    3. Re:If One Person Clicks, We All Lose by courteaudotbiz · · Score: 3, Insightful

      Learn to use the internet safely or stay off it.

      Unfortunately, staying OFF the net completely is becoming more and more difficult. From making your homework at school to searching for products for your job, it becomes increasingly hard for Joe Average NOT to use the Internet.

      I think that we eventually will get most people aware of how to act safely on the Internet. But as in real life, there will always be fools who can't be educated.

  2. Re:What about... by Jaysyn · · Score: 4, Insightful

    It still has to travel thru email servers & routers costing money via electrical & bandwidth costs.

    --
    There is a war going on for your mind.
  3. Re:What about... by Shakrai · · Score: 3, Insightful

    It still has to travel thru email servers & routers costing money via electrical & bandwidth costs.

    Aren't people around here rather fond of making the claim that bandwidth doesn't cost money, at least whenever we see a story pop up about some ISP wanting to impose caps or metered billing?

    The bandwidth and electrial costs of spam are negligible. You would have made a better argument by pointing out the lost productivity when humans need to divert time away from useful tasks to clean out their inbox.

    --
    I want peace on earth and goodwill toward man.
    We are the United States Government! We don't do that sort of thing.
  4. Re:collateral damage by clone53421 · · Score: 3, Insightful

    Sounds like you switched to a less-than-reputable host...

    --
    Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
  5. Re:collateral damage by clone53421 · · Score: 3, Insightful

    Contact your host, or switch. It isn’t Google’s fault if you signed up for a host which got its entire IP range blacklisted by allowing its customers to send spam and ignoring the subsequent spam complaints. I’m not saying that’s definitely what happened, but there’s a good likelihood it’s exactly what happened.

    It’s unreasonable to expect Google to start white-listing customers from a sleazy host on an individual basis. Screening customers is the host’s job and they failed; now they got blacklisted and all their customers suffer. Yell at the hosting company, not Google. If enough of their customers leave because they aren’t cracking down on the spammers, they’ll suddenly realise that not doing anything about the spam is hurting them economically just as much as terminating a few spamming customers would. And if they don’t realise this, or if it wouldn’t... that isn’t the sort of host you want to be associated with.

    --
    Alexander Peter Kristopeit bought his basement from his mommy for one dollar.