Slashdot Mirror

← Back to Stories (view on slashdot.org)

Good News: A Sustained Drop In Spam Levels

Posted by timothy on from the vienna-sausages-are-also-pretty-good dept.

Orome1 writes "Industry and government efforts have dealt a significant blow to spam, according to a Commtouch report that is compiled based on an analysis of more than 10 billion transactions handled on a daily basis. The sustained decrease in spam over the last year can be attributed to many factors, including: Botnet takedowns, increased prosecution of spammers and the source industries such as fake pharmaceuticals and replicas. However, spam is still four times the level of legitimate email and cybercriminals are increasing their revenues from other avenues, such as banking fraud malware."

5 of 75 comments (clear)

  1. Better Email Blocking by jellomizer · · Score: 5, Insightful

    Even though there is less spam, I have found that most email clients Such as Gmail have gotten very good at filtering out Spam. We forget how much we suffered back in the early 2000's where once we get too much spam our only choice was to change your email address to a name that is more cryptic then a password and only give it to people who you want. And wait until someone gets a virus and starts spamming you again. The email address I have been using for a long time now is an easy email to give however Gmail captures almost all the spam.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  2. "It depends" by AgentPhunk · · Score: 5, Interesting

    We have 5000+ users going through Google's Postini service, and up until about 6 months ago spam levels were within normal tolerances. Over the past 6 weeks we are getting CRUSHED with phishing attempts that make it through their filters. The quality of the phishing emails is excellent (they're basically just re-using an actual email from Verizon Wireless, American Express, etc, and substituting their malicious links.) Google shows absolutely no interest or concern - it seems they're looking at this as a commodity service, and trying to get everyone to move over to fully-hosted email in the cloud. Well, that's not us. We're looking at alternatives, including Cisco IronPort and Proof Point. Anyone care to weigh in on pros + cons, and also on cloud vs on premises?

  3. Filtering != Stopping by damn_registrars · · Score: 5, Interesting

    The article is talking about stopping spam, as in preventing it from being sent. Filters do not do that. Filtered spam still costs people money as it still consumes resources and takes up storage space on servers on the internet. Filters have to be adjusted and trained, and they consume CPU time as well.

    In short, filtering will never, ever, solve the spam problem. The summary of the article mentions techniques that are effective at stopping spam, and there is a reason why filters are not on that list.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
  4. Re:I still get a lot of spam by ArcherB · · Score: 5, Informative

    What I have found is that after clicking the "unsubscribe me" button on letters I end up getting even more spam from other places. I think they use that as a way to confirm its a real email address to spam you with other junk.

    Well, the unsubscribe button works quite well if the email is something you actually subscribed to or it's a company that you purchased something from in the past. For example, Zag sends me about two or three emails a week. I have no problem using the "unsubscribe" button because I actually bought something from them. ProFlowers.com is a notorious spammer if you've ever purchased anything from them. I hit unsubscribe on their emails because I bought something from them. They know my email address is legit. The unsubscribe works in these cases.

    However, when someone sends me a viagra or other obvious spam, I simply ignore and delete. Since these people do not know who I am and I did not give them my email address, clicking the unsubscribe button will simply confirm your email address. They are simply throwing stuff against a wall to see what sticks. Don't be that sticky thing.

    --
    There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
  5. This is, at best, wishful thinking by Arrogant-Bastard · · Score: 5, Interesting

    Those of us who have spent the past few decades in the trenches dealing with spam know that this -- at very best -- wishful thinking. The long-term trend line is up, with the only real debate being over the shape of the curve. Momentary decreases, such as the one reported here, are either (a) an artifact of the measurement methodology -- and many methodologies are horribly flawed or (b) real, but unimportant.

    Low-end spammers are now fully integrated with malware authors, botnet operators, phishers, purveyors of illicit/illegal content, data brokers, and carders. High-end spammers are now quite successful at assuming the mantle of "respectable corporations" while continuing to do what they've always done. In both cases, the profits are huge, more than enough to encourage them to continue in fact of the largely-insignificant threat of prosecution. (Only the stupid ones get caught, and there is some evidence which suggests that they're being caught because their fellow spammers set them up.)

    Have their been some temporary, isolated successes in fight against spam? Sure. But the key words are "temporary" and "isolated". As others with long experience in the field have said, we're only at the beginning of the spam fight, and it's going to get MUCH worse: there are known techniques that spammers have only just begun exploiting, and when they become pervasive, they're going to break every anti-spam methodology currently deployed. (Which is kinda the reason they were developed.)

    When will this happen? Dunno. Crystal ball cloudy. But when it does, it's going to catch the ignorant newbies and incompetent amateurs at a number of commercial "anti-spam" operations completely by surprise, because they're too busy selling overpriced, worthless crap to actually do this thing we call "research", where, you know, you LEARN things about your adversary so that you can actually have a decent chance of anticipating their next move instead of getting blindsided by it. To put it another way: if you're running your own anti-spam setup using a combination of firewalls, 'nix, open-source MTA, DNSBLs, etc. then you're in a decent position to adapt quickly when the need arises. If you've made the horrible mistake of outsourcing to the chumps out there who are in it for a quick buck, then you're going to be really screwed.