E-Mail Spam Goes Artisanal

An anonymous reader writes: Spam filters have come a long way over the past two decades — but spammers have, too. Though email providers are better than ever at blocking spam, it's still big business, with a lot of money to be made. Security researchers are seeing a new trend in spam: less volume, and better targeting. The article mentions "snowshoe" attacks, which occupy the middle ground between massive spam campaigns and tiny phishing attacks. "Craig Williams, a senior manager at Talos, said the amount of snowshoe spam has more than doubled in the past two years and now accounts for more than 15 percent of all junk messages distributed globally." Security researchers have been pushing for a unified registry to help deal with these mid-range spammers, but it's hard to get a significant portion of providers on the same page, particularly when many are fond of running their own solutions.

spam? like from the 1990's?

Do people get spam still? I thought we all learned in the Spam Wars of the 1990's to use different disposable addresses for pretty much everything, burning them to the ground if they start to receive any spam.

I can't even remember the last time I've gotten a spam email. Must be over 15 years. It's a 1990's problem, not a 2016 problem, unless you're doing something very wrong. Spam is optional.

Nobody should be surprised by this

[damn_registrars]

Of course the spammers will find ways to get around the filters, they make money by doing exactly that. The companies behind the filters are patting themselves on the back right now because the volume of read spam is down, but they aren't bothering to tell you that the false positive rate keeps creeping up over time. The critical measurement lies there, in the signal to noise ratio.

Any time the spammers can push down the signal to noise ratio, they win. It means a few more messages get through, and a few more sales are made. Alternatively, it means a few more non-spam emails are caught in filters, which causes people to adjust their filters to let more borderline messages through. The whole time, everyone on the internet is paying to be on the losing side of this arms race.

At the end of the day, as I have said many many times here, spam is an economic problem. No technical, legal, or spiritual solution will stop it. As long as people can make money as spammers, they will keep sending out spam, with no concern for where or to whom it goes. There is only one way to stop spam, and that is by making sure the spammers don't get paid. As soon as the money stops coming in, the spam stops going out.

If only they WOULD email the bill

[NotQuiteReal]

I wish they would email the bill. Alas, most just email you telling you that you HAVE a bill... then you have to go to their site to see it. (What? it's a security issue if my email gets intercepted and someone learns I need to pay the gas company $16.49?)

What a hassle - another site to sign up at, more ridiculous and changing password rules to make you pick "good" passwords (if your favorite characters are even allowed).

At least some of them DO send the bill to my e-bank, so that I can see the bill on the same site I am paying it.

That said, I do auto-charge some to a credit card, like the land-line (wife needs it for FAX), toll road, couple of others. And guess what? As long as the amount looks about right, I never look at the bill. It's diabolical, they could be slamming me with small amounts that they no nobody will bother to quibble about, and now, I never even see the details.

(And it does happen. The Long Distance carrier for that land-line comes to $3.68 per month, with Zero services used. That's right, $0.00, plus Federal universal service fund + Fed Telecom relay service + Federal regulatory recovery +Property Tax recovery +interstate services fee. Most if Federal, but CenturyLink has found a way to steal a penny here, a nickle there, every month, from every customer. I am sure it adds up.)