The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Sunday, July 30, 2006

New passport phish; what does it mean?

Here's a new one on me, sent by my brother:

Received: from web57112.mail.re3.yahoo.com (web57112.mail.re3.yahoo.com
[216.252.111.125])
by ultra5.xxxxxx.com (8.13.6/8.13.4) with SMTP id k6THena8011788
for <xxxxxx@xxxxxx.com>; Sat, 29 Jul 2006 10:40:58 -0700
Received: (qmail 72126 invoked by uid 60001); 29 Jul 2006 17:40:49 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;

h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:
Content-Transfer-Encoding;
b=JvaHjb3KFCxW/9He9jd9WXBo8fdbZbLJ4W1GysSOV5EKZwHHfrmNk9MwKwCEkSjFuqy01XCaqRxu8kA5sMhH15qbtaWr5/
lTcFepH70dRcEdSmm24nkzve2q7eLrXWqFbl0PNtOfRUR3Y8XHBKEZxMqacQTCiWfb4e6UiQw0AtE= ;
Message-ID: <20060729174049.72124.qmail@web57112.mail.re3.yahoo.com>
Received: from [196.3.62.3] by web57112.mail.re3.yahoo.com via HTTP; Sat, 29
Jul 2006 10:40:49 PDT
Date: Sat, 29 Jul 2006 10:40:49 -0700 (PDT)
From: alberto finandis <alberto_fff005@yahoo.com>
Subject: INFORMATION YOU MUST READ
To: alberto_finandis@yahoo.com
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-117646250-
1154194849=:57137"
Content-Transfer-Encoding: 8bit
X-UIDL: AJ`"!f:T"!(QA"!7)l!!

29/07/06
Dear Sir,

I am Mr. Alberto Finandis, i write to you concerning your consignment with
us which is now due for delivery. We have tried everything to reach out to
you with the contact information you gave to us but i means to get to you
was not with any luck.

Few days back, we received a mail from a man (i will not disclose his name)
how says he is you business pathner in the United States of America. He said
that you have given him the go ahead to provide us his address where the
consignment will be delivered, which he has.

A day later, we received another mail from a lady concerning the delivery of
the consignment and she wants it delivered to her home. We told her about
your friend and then she said he is my husband.

I will need you to act as fast as possible, thus furnish me with your
current contact information, so that i can start swiftly the process. Ensure
to send me a scanned copy of your international passport to this address;
<mailto:alberto_finandis@yahoo.com>alberto_finandis@yahoo.com

Pls send your reply to the address above. Have a nice day.

Mr. Alberto Finandis


Want to be your own boss? Learn how on
<http://us.rd.yahoo.com/evt=41244/*http://smallbusiness.yahoo.com/r-index>Yahoo!
Small Business.


Why someone wants to steal photocopies of passports is anyone's guess, but whatever it is, this spammer is up to no good.

Saturday, July 29, 2006

There's no free Porsche or Mustang on Craig's list

An attack by a disgruntled spammer on news.admin.net-abuse.email is answering the age-old question: why are people stupid enough to fall for 419 scams?

Spammer Bill Stanley, owner of ironserver.com, offering "bulletproof" hosting is having a great deal of trouble keeping his site on line, thanks in no small part to Steve Linford of the Spamhaus project, and other spam-fighters who coordinate their work through the above-mentioned newsgroup.

In retaliation, Stanley is posting advertisements for a free or very cheap Porsche car on Craig's list (he switched to Mustangs as the Craig's list community caught on). Posing as a woman seeking revenge on a cheating husband, Stanley says "she" wants to sell her cheating husband's beloved sports car for $1, and interested persons should post to news.admin.net-abuse.email to get in touch with her.

As might be expected, the newsgroup has been completely flooded with people begging to be chosen as the lucky recipient and tripping over themselves to commiserate with the aggrieved "Suzie" and tell her what a louse her husband is.

Why anybody would be stupid enough to think that the seller of a car would want to be reached through an anti-spam newsgroup is left to an exercise for the reader, although the obvious answer is that people will believe in anything they desperately want to be true.

OK, repeat after me:

I didn't win $500 from gmail.
I didn't win any lottery I didn't enter.
There's no free Porsche on Craig's List.
There's no Santa Claus*

Wednesday, July 26, 2006

Rule #1 when doing PR for an anti-spam vendor: Don't spam

*Sigh*. Some people are just too stupid to be allowed on the internet. PR firm Rocket Science uses spam to advertise their client Singlefin. Read the whole sorry story at Network World. I know who I won't be going to for my anti-spam needs.

See also discussion at Slashdot.

The danger of autoresponders

Submitted for your approval: SpamHuntress explains in as succinct a way as possible the inherent dangers of using auto-responders: The danger of autoresponders

Monday, July 24, 2006

Email list thief faces up to 55 years in prison

One final item to cross my desk today: One William Bailey, Jr has been indicted in Philadelphia with 11 counts of computer intrusion. Bailey operates dr-411.com which sells professional organization member databases, presumably to spammers.

In particular, Bailey is charged with gaining unauthorized access to the computer at American College of Physicians and downloading their membership database.

In theory, Bailey faces up to 55 years in prison and $2.75M in fines.

See ChatMag.com for the full story.

FBI files charges against Rambam.

Brian Krebs in his Security Fix column in the Washington Post has the lowdown on the arrest of Steven Rambam, who was arrested at the Hope hacker conference on Saturday.

In short, Rambam is charged with obstruction of justice and witness tampering. In particular, it is alleged that he impersonated a federal investigator at the request of Albert Santoro, a former Brooklyn assistant DA currently charged with money laundering, who had hired him to locate a government informant. In other words, earlier speculation that he had outed someone in the FBI's witness protection program may not have been too far from the truth.

See Brian Krebs' article or the original complaint (pdf) for more details. It's a pretty seedy story and we can expect that Rambam will be kept very busy for the next few months (if not years.)

.eu domain registrar takes action against fake registrars; 74,000 domains suspended.

I didn't cover the story when it happened back in April, but maybe I should have. In short, when the .eu top-level domain went live, they came up with a round-robin registration system to try to manage the inevitable land rush. The idea was that authorized registrars would take reservations for domain names from their customers, and then take turns registering them.

But what really happened was that just three companies — Ovidio Ltd, Fausto Ltd and Gabino Ltd — created hundreds of fake registration companies in order to jump the queue and squat on over 74,000 domain names. The registrar GoDaddy blew the whistle on the scam even as it was happening. You can catch up on the details of the story in Register article EU domain registry hijacked, claims GoDaddy.

Luckily, Europe doesn't consider this kind of theft to be "business as usual" and has taken action. All of the 74,000 domains registered by the 400 fake registrars have been placed on hold, and should become available again for legitimate customers around the end of the year.

For the full story, see 74,000 .eu domains suspended.

Sunday, July 23, 2006

E-Gold phish underway, beware

This just crossed my desk: Someone is apparently trying to phish E-Gold accounts. The m.o. seems to be the same in all cases: You get an email from someone out who claims to have mysteriously received a great deal of e-gold, possibly from you, and then lost it. The phish asks you to help them straighten the problem out and includes a "screenshot" to show you what the problem is.

I haven't seen a copy of the phish myself, but I wonder if perhaps there is some sort of virus riding in the screenshot.

Anyway, be careful out there.

Update: a reader informs me that the phish does in fact contain a virus. It's not clear yet whether the phish or the virus is the real payload. Most likely both.

Steven Rambam of Pallorium arrested

Steven Rambam, AKA Steven Rombom, was arrested yesterday by the FBI just as he was about to lead a panel at the HOPE Hacker Conference. Speculation runs rampant in the online forums as to the cause, but so far the FBI isn't saying. The most intriguing theory is that Rambam had outed someone in the FBI's witness protection program, but this is still just rumor. The truth may be much more mundane, and it's even possible that this was a simple publicity stunt by the FBI. See also Slashdot and BoingBoing threads.

Rambam is perhaps best known in spam circles for the unsuccessful lawsuit he launched against volunteer anti-spam organization osirusoft.com when they listed his open server on their open servers list. In other circles, he is perhaps best known as the owner of jewishmafia.org.

Even if the charges are bogus, Rambam may be looking at some serious legal problems, and can look forward to a taste of what he put Orisoft through.

Tuesday, July 18, 2006

Beware of Google Toolbar updates not from Google

Another round of spam is hitting mailboxes. It purports to be from Google, encouraging you to download the latest version of their toolbar.

Date: Tue, 18 Jul 2006 15:22:09 -0500 (PDT)
From: Google Updates <tutelage@patent-ideas.com>
Subject: New Google Toolbar Released

Take the power of Google with you anywhere on the Web Google Toolbar Gets Personal

Users Can Now Customize their Search Experience with Latest Version of Google Toolbar

The beta versions of Google Toolbar for Internet Explorer and Google Toolbar for Firefox are currently available in more than 16 languages. Both versions of Google Toolbar - Standard and Enterprise - run on Windows XP and support Internet Explorer 6.0 and higher.

More information on the new versions of Google Toolbar is available at http://toolbar.google.com/.

Needless to say, the link at the bottom of the spam doesn't actually take you to Google, but instead to a site in Portugul (already 404-compliant — nice to see somebody on the ball somewhere) that looks like Google but almost certainly contains malware of some sort.

Remember boys 'n girls, always check to see where a link takes you before clicking on it.

FTC calls for Openness and Accessibility in WHOIS databases

Something good to hear: FTC Calls for Openness, Accessibility in Whois Database System.

In a nutshell, the FTC is concerned by the increasing trend of the registrars to treat their whois data as private property. Are they trying to somehow maximize their profits? Keep spammers from harvesting their databases? Who knows. But the problem is that they're making it harder for law enforcement and the rest of us to track down spammers when they close off the databases.

Comcast and net neutrality

I thought I was done writing about net neutrality in June, but one more thing has crossed my desk today:

A recent Nightline episode covered the website consumerist.com which carries articles and videos about consumer blogs which complain about poor service from large corporations. It included a small segment about Comcast.

When Comcast carried that Nightline episode on their internet service, they actually censored the broadcast to remove the unflattering content.

Are these the people you want running the internet unregulated?

Monday, July 17, 2006

Mortgage companies sued by ISP

A pleasant article crossed my desk today. ASIS Internet Services was hit with a large burst of mortgage spam in October of last year, tracked down the mortgage companies responsible, and took them to court.

The spamming lenders include Aegis Lending, American Home Equity, Quicken Loans, Stateside Mortgage, Northstart Financial and National Fidelity Funding.

Also named were Optin Global, Vision Media, Rick Yang and Peonie Chen. The spammers were fined by the FTC in April.

As for the responsible mortgage companies themselves, they of course pleaded ignorance, claiming they didn't know where the leads came from. (Although Quicken Loans admitted to dealing with Azoogle, a known major spamhaus.) The judge dismissed the claims against the mortgage companies, citing sloppiness in ASIS' filings. ASIS allowed to re-file, which they did on Friday.

Even if this suit against pink mortgage companies doesn't prevail — and I hope it does, I think we all owe a great vote of thanks to Nella White, the president of ASIS for bringing down a major spam gang.

Read more in c|net article Mortgage 'spammers' sued by ISP. Original legal brief available as a pdf file.

Tuesday, July 11, 2006

UK may be getting serious about shutting down spammers

I've mentioned this before, but not stressed it as much as it needs stressing — the number one reason we have spam is because the ISPs let their customers get away with it.

Now, it looks like ISPs in the UK are getting their act together.

Computer Weekly reports that the 200 members of the London Internet Exchange have gotten together around a plan to crack down on spam. They've agreed to principals laid out in a paper on spam-busting techniques written by Cambridge University internet security expert Richard Clayton. The gist of the paper seems to be that spammers can be identified through traffic analysis techniques without violating anybody's privacy. Calling Captain Obvious to the white courtesey telephone.

Of course, this could all be wishful thinking. I'll see if I can't get a copy of this paper to see for myself.

Domain name scammer Brad Norrish declared bankrupt

On the principal that no spammer can be too broke or too hungry, comes some good news.

Brad Norrish of Australia engaged in the process of "domain slamming". Similar to the practice of phone slamming, domain slamming is the process of fraudulently changing a victim's domain registration to your own registry. In Norrish's case, the slamming was accomplished by obtaining a list of competitors' customers and sending them 50,000 fake invoices.

Last year, the Australian Federal Court awarded $1.3 million in damages against Norrish and his business partner Chesley Rafferty.

Norrish's bankruptcy does not put an end to things, however. The business has been taken over by his brother Blair Norrish.

For more on the story, see The Age article Domain name entrepreneur declared bankrupt and Domain Watch blog.

Scumware vendor 180solutions at it again

(Via Slashdot) this just in from vitalsecurity.org: scumware vendor 180solutions is tricking Myspace users into installing spyware onto their web pages for others to download.

In short, Myspace users are given free videos which they can add to their profiles. However, vistors to pages which use these free videos are prompted via popup to download the "Zango Search Assistant" toolbar in order to watch the video. Needless to say, this toolbar is actually spyware/adware. If the visitor so much as clicks the "Play Now" button, the software is installed.

More on the story from iTnews.

Monday, July 10, 2006

Brendan Battles makes news in New Zealand again

Brendan BattlesBrendon Battles, a spammer who is reported to have once sent 50 million spams per day, and who once participated in a SLAPP Lawsuit against anti-spam activists, has surfaced again in New Zealand.

I previously wrote about Battles in March, when he was found spamming for wireless companies in New Zealand.

According to the New Zealand edition of Computerworld, Battles has been hired by the Web Developers Association to help hawk their service. Many web developers contacted by Computerworld were unhappy about the news, to say the least.

The decision to hire Battles, and defend him against criticism, was made by CEO Dennis Smith, who has the distinction of having once been the owner of the only domain name registrar in New Zealand to be de-authorised by the Domain Name Commissioner.

Update: It seems I've been scooped by reader Sarah King who posted a comment an hour ago. Here's a link to her review. Scroll down to read some interesting comments.

You did not win $500 fromGmail

And speaking of phishing sites, there's a new one making the rounds. It claims that you've won $500 at random from Gmail. The link leads to a standard phishing page.

Here's a rule to remember: If you didn't enter a contest, then you didn't win it.

New DNS servers to help fight fraud and spam?

Interesting article in WiReD this morning. A new service, called OpenDNS is launching which is an alternative service to the DNS servers you're currently using. The advantages is that the database is being purged of phishes, frauds, and (hopefully soon) typo-squatters. IP caching is used to help popular sites load faster. Common typos are corrected for you.

The company will make its money by redirecting non-existent domain names to advertising pages, much as Verisign tried to do three years ago. The tactic was considered unethical and was condemned by ICANN when Verisign did it, but perhaps the market will be more accepting of OpenDNS because a) they're a DNS service not a registrar, and b) because it's strictly opt-in.

The comments on Slashdot have been mostly negative, pointing out all the ways in which this violates networking standards, may break existing infrastructure, lead to confusion, and win the war for the axis. The fact that spamming and phishing are being replaced with on-line advertising is not considered a great improvement.

Perhaps the biggest fear, at least for me, is that this is also a tool for censorship. Let's see if sites critical of OpenDNS have trouble loading in the future.

As for me, I think it's a good idea with some real potential. Let's see how things play out in the real world.

Saturday, July 08, 2006

Cell phone spam coming to America

Yes, yes, I know it's already here, but it's going to get worse.

Yesterday, I wrote that you should stay away from web sites that give away "free" ringtones. Here's why:

In May, one Scott Springer, a vice president for SmartReply*, writing for CRM Magazine, wrote that cell phone spam was the "new frontier for retailers". The gist of his article is that in his mind, direct mail, email spam, voice messaging, and text messaging are all just variations of the same wonderful thing called Direct Marketing. He grudgingly admits that sales calls and text messages to cell phones are regulated by law, and that you can only send these ads once the consumer has opted in.

His article discusses ways in which a consumer can be tricked into opting in. His favorite seems to be to offer the consumer ringtones, screensavers and other promotional incentives.

In his view — and the law may be on his side — the mere act of giving your phone number to anybody is an act of opting in to a lifetime of text message spam.

Well, I could go on, but I think James Bennett at Marketing Punk said it best with his blog entry Scott Springer of SmartReply is an Evil Jackass.



*I've been unable to figure out what SmartReply is, other than that entering 'SmartReply spam' into Google was an educational experience. They seem to be some sort of multi-level marketing system [update: the MLM company seems to have been a different, now defunct, company using the same name — see comments] that manages auto-responders or distributed spamming systems. It's pretty clear from visiting their web site that they specialize, or want to specialize, in answering machine and cellphone spam, both of which are illegal under USC 47.

World Spam News

A british judge has ruled that email bombing is illegal, and email bombers could face up to five years in jail. It will be interesting to see if this ruling will be applied to spam as well.

Kristian Eide has a really nice comparison of Bayesian spam filters, with great graphics. I would have liked to see them include crm114 in the test, but perhaps they weren't familiar with it. At any rate, he settled on testing SpamBayes, POPFile, SpamTUNNEL, and Python Anti-Spam Proxy (PASP). For other reasons, he rejected SpamTUNNEL and PASP, leaving him with only SpamBayes and POPfile to test. He further declined to test the built-in filter in Mozilla. Bottom line: SpamBayes won handily.

The Enquirer reports that South Korean authorities have arrested a man who was sending 18 millions spams/day via a zombie network.

Text message spam in the news again with the announcement of anti-spam software for your Nokia.

And speaking of text message spam, IT Wire reports that cell phone users are in danger of massive phone bills if their phones become compromised and wind up as part of a cellphone botnet. Yes, you read that right — cellphone botnet. It's still theoretical, but if cellphone viruses become a reality, cellphone botnets won't be far behind.

TMCnet reports that Philippine regulators are set to legalize cellphone spam.

Bulgaria is instituting fines for spamming.

Calling Captain Obvious: consumers found to lie online to avoid getting spam. Direct marketers worried about the integrity of their databases. You mean those databases with our data in them?

Germain IT magazine Heise Online reports that consumer groups are unhappy about a new law that will hamper anti-spam efforts in Germany.

More encouraging news from China: Nanfang Daily reports that The Ministry of Information Industry of China is taking serious steps to stop spam from within China. See also China Tech News article for more details.

Grand Cayman is considering anti-spam legislation.

Washington Post reports that Mexican presidential candidates used spam in the presidential election. It's not surprising; American politicians have done the same.

Word from Australia is that their tough anti-spam law can be credited with causing Australia to drop from 10th to 23rd worst spamming country.

The Channel Register reports that three men have been arrested in the UK and Finland for using spam to distribute software trojans.

And the spam-law trifecta is complete with this news that Hong Kong legislators are considering a sweeping anti-spam law. The focus is on cellphone text message spam and junk fax as well as on email.

Friday, July 07, 2006

Net Neutrality redux

From a fact sheet on the Cingular – AT&T Wireless Lawsuit:

After the merger, Cingular implemented a deliberate scheme to dismantle the AT&T Wireless network in order to degrade the service provided to AT&T Wireless customers and induce them to "transfer" to the Cingular network

Do you want the internet run by these people?

Spitzer goes after Direct Revenue

In April, New York State Attorney General Eliot Spitzer filed a lawsuit against spyware vendor Direct Revenue, based in New York City. There is an excellent article about Direct Revenue in Business Week: The Plot To Hijack Your Computer.

According to the article, Direct Revenue has installed their spyware/adware into nearly 100 million computers.

Direct Revenue's customers include Delta Airlines, Yahoo, Vonage, JPMorgan Chase, and Cingular.

McAfee estimates that nearly 75% of all sites listed in response to queries such as "free screen savers" or "digital music" will attempt to install spyware on your system.

The article goes into great detail about the techniques used by Direct Revenue's programmers to make it impossible for the owner of the computer to remove the unwanted software. Seriously, how do these programmers sleep at night?

According to the Business Week article, Direct Revenue's philosophy was heavily shaped by penis pill spammer Jesse Stein.

Direct Revenue's defense boils down to 'Hey, everybody else does it.'

I last wrote about Direct Revenue in April.

Spammers threatening sorbs users

Imitating the tactics that were used against Blue Frog users in May, Sorbs users are receiving emails threatening to mailbomb them if they do not stop using Sorbs. One typical email reads as follows:

Hey,

You are recieving this email because you are a member of sorbs
(http://www.sorbs.net).

You signed up because you were expecting to recieve a lesser amount of
spam, unfortunately, due to the tactics used by sorbs, you will end up
recieving this message, or other nonsensical spams 20-40 times more than
you would normally.

How do you make it stop?

Simple, in 48 hours, and every 48 hours thereafter, we will run our
current list of sorbs subscribers through sorbs~Rs database, if you
arent there.. you wont get this again.

We have devised a method to retrieve your address from their database,
so by signing up and remaining a sorbs user not only are you opening
yourself up for this, you are also potentially verifying your email
address through them to even more spammers, and will end up getting up
even more spam as an end-result.

By signing up for sorbs, you are doing the exact opposite of what you
want, so delete your account, and you will stop recieving this.

Why are we doing this?

Its simple, we dont want to, but sorbs is forcing us. We would much
rather not waste our resources and send you these useless mails.

Its simple, we dont want to, but sorbs is forcing us. We would much
rather not waste our resources and send you these useless mails, but do
not believe for one second that we will stop this tirade of emails if you
choose to stay with sorbs. Just remember one thing when you read this,
we didnt do this to you, sorbs did.

If sorbs decides to play fair, we will do the same.

Just remove yourself from sorbs, and make it easier on you.


As you can see, it is heavily cribbed from the emails sent to Blue Frog users in May.

It remains to be seen how effective these threats will be.

Google and Yahoo news get gamed by spammers

As reported by Jeremy Wagstaff in his Loose wire blog, comment spammers have managed to invade the news search. An example: search on Google news for "ringtones" shows the top hits are all spam.

I just tried it myself, and the results page is cleaner now, but spam still shows up on the first page. A cursory glance shows that the problem comes from Google crawling the comments on the news articles at vibe.com.

(By the way, as a side note: stay away from web sites that give away "free" ringtones. Nothing is free, and in the case, you'll be paying via all the text message spam you'll get for the rest of your life. I'll be discussing this in my next post.)

Thursday, July 06, 2006

Ameritrade customer email lists sold or stolen?

Item: a number of correspondants have informed me that tagged email addresses given to Ameritrade years ago are now appearing in spam. Source of the leak is unknown and probably unknowable. Ameritrade could have sold the list, or it could have been stolen. My money is that the leak ocurred within some third-party email service provider which Ameritrade hired to send email in the past.

National spam news

Spyware is becoming a problem on MySpace now, courtesy of — you guessed it — 180 Solutions. This time, they're using social engineering to trick users into downloading their spyware. See Gregg Keizer article Spam And Spyware Come To MySpace for details.

Search Engine Watch has an article about a tool which you can use to inspect your web site for spam sign. This with an eye to preventing your site from being rejected by the major search engines.

Speaking of which, Search Engine Journal has a nice little article about the tell-tale signs that a web page is a spam page.

A virus was sent out, apparently targeted at U.S. Soldiers, via spam with a faked Stars and Stripes email address. The email contains the subject line “FY07 Proposed 2.2 Increase Military Pay Chart" and contains a virus-ridden Excel spreadsheet. The article describes the virus in a bit more detail and gives advice on securing your computer.

New email filtering software on the block: OnlyMyMail. Conceptually similar to SpamSift, which I wrote about in April.

Interesting article in the Washington Post. Spammers have been spotted abusing tinyurl.com in order to cloak their URLs, presumably to evade spam filters. Luckily, tinyurl.com has an excellent anti-spam policy and enforces it vigorously.

More Uncounted Costs of Spam: c|net reports that a glitch in an anti-virus update to Barracuda's firewall appliance caused tens of thousands of customers to be without email for a couple of hours. No email was actually lost in the glitch. (I previously wrote about Barracuda in April.)

Direct Marketing News reports that two spammers pitching an envelope-stuffing fraud have been nailed by the FTC. It's always nice to see CAN-SPAM working.

Barry Schwartz of Search Engine Watch writes that the 'nofollow' attribute has had no effect combating blog spam.

Uncounted costs of spam, The Saga Continues: Information Week reports that Homeland Security Secretary Michael Chertoff has stopped using email because of all the spam. Of course, the article seems to be saying that Chertoff considered all that email about the levee breaches in New Orleans to be spam. Now that's reassuring. Luckily, Chertoff has minions to sift through that stuff for him.

CBS has protested a $3.3 million dollar fine from the FCC, pointing out that all of the complaints that led to the fine were in fact spam from the Parents Television Council and did not come from real people.

Uncounted costs of spam, The Saga Just Keeps On Going: The New Standard reports that in order to cut back on spam, Congress is setting up their web sites with simple math problems that constituents must solve in order to send messages. Of course, this is keeping legitimate constituentant email from getting through; especially that which is relayed through grass-roots organization web pages.

Fraudwatchers.org claims that 50 million users fell for an average of 1.4 scams each.

Could Iraqi peace be sunk by spam? Globe and Mail has an article about how the prime minister of Iraq published his email address to allow insurgents to contact him and be assured of confidentiality. The gist of the article is that he only mentioned it once, briefly, in order to avoid being flooded by spam. This may mean the address may have been missed by those who needed to hear it.

Wednesday, July 05, 2006

Another Final Ultimate Solution to the Spam Problem?

I just read a fascinating article in IT Observer. It profiles the work of Nobel Prize winner Ronald Coase's work on how property rights affect the functioning of an economy. In particular, Coase shows that when property rights are well defined, an equilibrium is reached between polluters and those harmed by the pollution.

In the case of spam, spam reigns out of control because the ownership of the internet has not been well defined. The assumption is that if the ownership of the internet could be established, then spam would be reduced to reasonable levels.

I'm not sure that I buy this theory though. Coase's model operates under the assumption that the polluter can be identified and held accountable. There was a time on the internet where a net abuser could always be tracked down, and net abuse was negligible. It wasn't until the advent of better cloaking techniques and — more importantly — negligent ISPs that spam started spining out of control.

Pitylak's tips for stopping spam

In an attempt to prove to the world that he really has turned a new leaf, Ryan Pitylak has published his tips on stopping spam. You can read them at Ann Arbor News. His tips basicly amount to 'hide your email address' and 'use the unsubscribe link'.

Ryan, are you reading this? How about this idea instead? Why not take all the information you have about your former partners in crime and give it to the authorities. Now that would help fight spam.

UBS phishing attempt

A new phish is making the rounds. If you happen to bank with UBS: no they do not need you to log on to an anonymous IP address and confirm your password. Just sayin'.

Interview with a Phisher

Hi all; have a nice long weekend? Mine was pretty good; managed to get out of the house for a change and see the big yellow thing in the sky.

Used to be that weekends and holidays were prime time for spam, since the spammers knew the abuse desks would be unmanned and they could operate with impunity the entire time. Nowadays, I can't tell the difference. Maybe they've learned that with the right ISP, they can operate with impunity every day of the week. Last night I noticed that Verizon had over 180 open cases at Spamhaus, including all of the biggest names in spamming. This puts them in the #1 spot as worst spamming ISP in the world, with more than twice the cases of their nearest competitor.

Anyway, I digress. Article in the New York Times has been making the rounds the last couple of days. It's a video interview with Shiva Brent Sharma, who is serving time in New York for identity theft. [part 1][part 2][part 3]