Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Spam

Spam is Back With A Vengence 510

Ant writes "The Red Tape Chronicles reports that just last December (2006), the FTC published an optimistic state-of-spam report. It cites research indicating spam had leveled off or even dropped during the previous year. It now appears spammers had simply gone back to the drawing board. There's more spam now than ever before. In fact, there's twice as much spam now as opposed to this time last year. And the messages themselves are causing more trouble. About half of all spam sent now is "image spam," containing server-clogging pictures that are up to 10 times the size of traditional text spam. And most image spam is stock-related, pump-and-dump scams which can harm investors who don't even use e-mail. About one-third of all spam is stock spam now."
This discussion has been archived. No new comments can be posted.

Spam is Back With A Vengence

Comments Filter:
  • And most image spam is stock-related, pump-and-dump scams which can harm investors who don't even use e-mail. About one-third of all spam is now stock spam

    Until the SEC hasn't gone aggresively against one of the most blatant pump-and-dumps. nothing will change.

    • by smallfries ( 601545 ) on Sunday January 21, 2007 @09:15AM (#17701684) Homepage
      I don't see why image spam should be such a problem. While accurate OCR is difficult, detecting the presence of text in an image is quite easy. Given that 0% of images with text on them are genuine it shouldn't be hard for a spam filter to detect these messages and dump them. As long as the error-rate is low this can be done on the server, rather than the client and cut down on the bandwidth used.
      • Re: (Score:3, Informative)

        The images are being 'peppered' with background noise.
        • Re: (Score:3, Interesting)

          by J'raxis ( 248192 )

          The images are, ironically, using the same technique used in captchas [wikipedia.org].

          • Re: (Score:3, Insightful)

            by McFadden ( 809368 )
            In that case, the spammers have won. A lot of captchas have become so distorted these days, it takes me 2 or 3 attempts before I pass. Especially when they're case sensitive or use zeroes and ohs (0 and O). If the best OCR system known to man (the human brain) can't process it, god help technology.
            • by bhiestand ( 157373 ) on Monday January 22, 2007 @03:39AM (#17708622) Journal

              In that case, the spammers have won. A lot of captchas have become so distorted these days, it takes me 2 or 3 attempts before I pass. Especially when they're case sensitive or use zeroes and ohs (0 and O). If the best OCR system known to man (the human brain) can't process it, god help technology.
              Right, but if the spammers have to make their images that hard to read, the spammers lose. The idiots who actually buy stock based on "omg buy this stock" spam won't be able to decipher it either.
      • I don't see why image spam should be such a problem.
        • 1000 text-only spams - 20k
        • 1 image spam - 200k
        • Your mail quota and network responsiveness - pricelessly f*cked over

        • Re: (Score:3, Insightful)

          by smallfries ( 601545 )
          You're assuming that the mail is being filtered at the client-end. I did state quite clearly that these spams are so easy to detect (ie the false positive rate is so low) that it can all be filtered upstream. Decent server-level spam detection should be able to identity the first message as spam, and then blacklist the sending ip address for a few hours.

          I'd rather get one 200k message that I can identity with near 100% certainty as spam - than 200 1k messages with a 98% detection rate.
    • by rednip ( 186217 ) * on Sunday January 21, 2007 @10:55AM (#17702286) Journal

      Old fashioned 'pump and dump' scams were fairly easy to track, as they would go after the brokers who pushed the stock, and then it was a simple task to just follow the money. As we all know emails can be awfully hard to trace back to their creator.

      I used to wonder why people would fall for such scams, 'how could they fall for these things time and time again?'. Well, a couple of years back I was having a conversation with a woman who was distressed that an 'old friend' of her husband had contacted him again. Apparently, this guy has sold (taken) her husband on a variety of pyramid schemes, 'mlm's, and many other 'get rich quick plans. Later, ss nicely as possible I confronted him on 'why' he let this happen. He was a little angry with me, but without any hesitation, he told me that 'one day it will pay off' That day I learned a little something about some people's nature. He knew that these were scams, but he worked them anyways. To the best of my knowledge, he wasn't a crook, and he never approached me with those affairs. So I'm guess that he had hoped that if he just participated, someone else would do the dirty work which would make him rich.

      I suspect that the reason why these latest 'pump-and-dump' scams seem to work (otherwise why would you be seeing so much of it), is not action by those easily duped, but by those who hope that they could exploit the 'opportunity'.

  • by BigJim.fr ( 40893 ) <jim@liotier.org> on Sunday January 21, 2007 @09:08AM (#17701642) Homepage
    Last month I installed the FuzzyOCR on my Spamassassin setup it and I can now testify that rare is the image spam that gets through. I wrote a article about it if you want more detail : http://serendipity.ruwenzori.net/index.php/2006/12 /19/fuzzyocr-hits-debian-unstable-and-eradicates-i mage-spam [ruwenzori.net]
    • Filtering is wrong (Score:5, Informative)

      by Dion ( 10186 ) on Sunday January 21, 2007 @10:49AM (#17702244) Homepage
      What you are doing to filtering, it is wrong because all it does (when it works) is to keep you from reading spam and cost you CPU time.

      The bandwidth already been spent once the spam reaches your filter.

      A much better approach (IMHO) is to use greylisting along with a few fast spamtrap driven RBLS, this way the mail doesn't even get transmitted to my server and I save both CPU, bandwidth and time.

      Since I switched I have gotten a max of 2 spams pr. day, some days the count is even zero.

      There are two reasons this approach is so great:
      1) The greylisting on its own will weed out all the non-compliant MTAs, most spammers use zombies that don't care if their payload gets delivered, so they never retry.
      2) The real MTAs that spam might get to me before hitting a spamtrap, but the greylisting tells them to come back a bit later, by that time they have hit one or more spamtraps and get blocked by an RBL.

      I have yet to think of a way for spammers to defeat this scheme and the cost to legitimate mail is a 10 minute delay the first time someone sends me mail.
      • Re: (Score:3, Insightful)

        by Tony Hoyle ( 11698 )
        Greylisting helps, but not much since most spam is retried multiple times.. when I tried it the volume of spam didn't drop by more than a few %, and I lost quite a bit of legitimate email (MS Exchange servers mostly as they treated the nonfatal error code as a bounce).

        The biggie for me is sender verification (in postfix, probably in other MTA's too) - the MTA looks up the MX for the sending domain and basically says 'do you know who cheapviagra@foo.com is?'. This catches over 80% of spam before it even rea
      • by gvc ( 167165 ) on Sunday January 21, 2007 @11:23AM (#17702500)
        One of the great features of email is immediacy. I want that receipt for my airplane ticket right now, not in a few {minutes, hours, whatever}. If a colleague in Europe or Asia sends me a message and it gets delayed a few {minutes, hours, whatever} it can easily cost a day's delay in our correspondence. I'll tolerate none of that.


        We have no way of knowing how many legitimate delivery failures are caused by greylisting. That's because, as the parent points out, messages are rejected a priori and there's no quarantine to check. If you reject and for whatever reason it is not retransmitted, your mail is lost. Maybe this "shouldn't" happen but it does, and it happens often enough that it is not entirely obvious that its false positive rate is less than that of a spam filter.


        It is also trivial for a spammer to defeat greylisting. Perhaps they don't at this time, but at any moment they could flip a switch and render your approach useless. Contrary to popular belief, state-of-the-art spam filters aren't so easily defeated.


        Blacklisting doesn't suffer from the immediacy problem of greylisting, but it shares the problem of an unknown false positive rate, and mediocre false negative rate.

        • One of the great features of email is immediacy.

          Whoever sold your email as a realtime medium clearly has no idea what he was talking about. Or he did and you fell for it. Want to buy a bridge?
        • Re: (Score:3, Informative)

          by dodobh ( 65811 )
          Email has never been about "immediate, guaranteed delivery". Email can and will be delayed.

          If you want immediate, use IM or make a phone call.
        • Not really (Score:3, Informative)

          by Dion ( 10186 )
          Two points:

          1) Email has never been an instant messaging system, I've tried getting people to stop asking for an IRC/ICQ/MSN/AIM/whatever chat and just use email, but nobody listens.

          2) Any mail server that doesn't retry when given a temporary failure code is broken and needs to be replaced, sooner rather than later.

          In any case, I do review my mail logs (well I did the first two weeks of using the new system) and I saw exactly zero false positives.

          The spamtrap driven RBLS I use all list and delist servers qui
        • Re: (Score:3, Informative)

          by mpe ( 36238 )
          One of the great features of email is immediacy.

          This is not in the spec.

          I want that receipt for my airplane ticket right now, not in a few {minutes, hours, whatever}

          Whilst this may happen there are plenty of reasons for it not happening. Including having outgoing email checked by a human being and sent as a batch job.

          We have no way of knowing how many legitimate delivery failures are caused by greylisting. That's because, as the parent points out, messages are rejected a priori and there's no quaran
      • Greylisting doesn't work anymore. You might block a few spammers but I do greylisting with the latest version of postgrey and I still wind up with about 50 spams a day that get through to my spamassassin... Spammers take non-fatal error returns and add them to the end of the list. X-Greylist: delayed 58065 seconds by postgrey-1.27 at xxxxx; Mon, 15 Jan 2007 10:58:49 UTC X-Greylist: delayed 48829 seconds by postgrey-1.27 at xxxxx; Mon, 15 Jan 2007 11:42:10 UTC X-Greylist: delayed 8054 seconds by postgrey-1
        • Greylisting + RBL (Score:3, Informative)

          by Dion ( 10186 )
          You seem to have missed the "+ RBL part".

          Most spammers seem to hit a number of spamtraps with each zombie at some point, so using spamtrap driven RBLS in front of greylisting means that the RBLs will take care of the verified spammers.

          greylisting gives the spamtraps some extra time to get hit, so rather than do actual blocking itself it augments the RBLs.
  • by CheeseburgerBrown ( 553703 ) on Sunday January 21, 2007 @09:08AM (#17701650) Homepage Journal
    I'm sorry but your message from articles.slashdot.org was REJECTED because it has been flagged by our system as spam. You may not be the source of the spam, but our servers do not respect SPF flags and therefore accept, process and then bounce almost any old slutty slice of bits that get hucked our way. We blame you, the owner of the spoofed domain.

    To get a hard copy of this message please send $1 to Happy Dude, 742 Evergreen Terrace, Springfield.

    Promotional consideration has been provided by the Russian Mob.

    • How to tell a message is NOT flamebait

      1. Satire: Perhaps the most confounding form of humor, note the subtle reference to the discussion embedded in a story about something else. This wasn't flaming slashdot, it was about how spam that appears to originate from your domain (but doesn't) can get you blacklisted by site admins as clueless as the moderators who flagged the parent as flamebait. Here is a good example of satire:

      I'm sorry but your message from articles.slashdot.org was REJECTED because it has been flagged by our system as spam. You may not be the source of the spam, but our servers do not respect SPF flags and therefore accept, process and then bounce almost any old slutty slice of bits that get hucked our way. We blame you, the owner of the spoofed domain.

      For further reading, see the wiki [wikipedia.org].

      2. Obligatory references to The Simpsons [wikipedia.org]

  • Comment removed (Score:4, Informative)

    by account_deleted ( 4530225 ) on Sunday January 21, 2007 @09:09AM (#17701660)
    Comment removed based on user account deletion
    • by antifoidulus ( 807088 ) on Sunday January 21, 2007 @09:29AM (#17701762) Homepage Journal
      SpamAssasin is great, but it only solves part of the problem. We installed SpamAssasin where I work in July and it's a good thing we did it then, we have seen the spam we receive on a daily basis rise at an exponential rate starting in August(we have maybe 100 or so users). It does solve the spam problem from the end users point of view, SpamAssasin has almost no false positives or false negatives, but the increased volume of spam has still caused headaches. The bandwidth is obviously one, but another is that we installed spamassasin on an older server, naively thinking we wouldn't see said exponential increase in spam. However, now that 90+% of the messages that we receive are spam, the machine is starting to struggle. We are still ahead, but the fear is that if this rate of growth keeps up, the messages will come in faster than we can process them, which means more spent on hardware, manpower, electricity etc. The costs of spam are really being forced on the users of email.....
    • http://groups-beta.google.com/group/news.admin.net -abuse.sightings/topics [google.com] should give anybody enough to get the filters educated real fast.
    • ok the problem is that people/people worrying about spam are not publishing callerid and DKIM in DNS

      before we blame ISP's for not doing it by default we must (those people who read slashdot) ask out hosts to do it
      make sure we have done it for our domains

      ANTISPAM NEEDS YOU

      simple

      if you send mail from a domain make sure it has a callerid and if possible use DKIM

      ISP's who sell domains and put a MX record in by default Without at least a callerid record are wrong... lets correct ours and then ask them to corre
  • Comment Spam (Score:4, Interesting)

    by Anonymous Coward on Sunday January 21, 2007 @09:13AM (#17701674)
    Akismet [akismet.com] is what a lot of Wordpress users (and many other bloggers) use to prevent comment spam. They've got a pretty neat stats [akismet.com] page that shows the volume of spam they have blocked from their creation. They are relatively new, so the fact that the graph trends upwards so quickly also has to do with the fact that their userbase is still growing. But it's unquestionable how large a spike I saw in the end of November and December. Particularly over the Thanksgiving/Christmas holiday weekends. I have a personal server in my house that was MELTED by the amount of hits to my dinky little blog. It would go up and then 30 seconds later would be unresponsive and have to be forcefully rebooted. It even killed my D-Link router.

    I'm posting AC so slashdot doesn't melt my server again...
  • What's a Vengence?
  • Stock Spam (Score:3, Interesting)

    by inode_buddha ( 576844 ) on Sunday January 21, 2007 @09:19AM (#17701708) Journal
    Well, spam is a technical issue driven by human nature and social ills, IMHO. So I think it would be good to have the various trade and exchange regulators deal with it, at least somewhat. For example, the SEC or various national/international trade blocs could have a task force which more actively does something about stock spam. For example, company XYZ appears in a spam message in country ABC. If the company originated the spam or paid for it, then they are barred from trading in country ABC for a length of time. If they did *not* originate the spam, then the task forces would track down the originators with assistance from local law enforcement. The overall idea is to remove the incentive to spam.
    • Re: (Score:2, Insightful)

      by archen ( 447353 )
      Are you referring to the pump in dump scams in which the company has nothing to do with the spam email, because I don't see how that's going to help them. It also sounds like a great way to limit your competition by sending spam emails on behalf of your competitors.
    • Re:Stock Spam (Score:5, Interesting)

      by beakerMeep ( 716990 ) on Sunday January 21, 2007 @10:09AM (#17701984)
      While it's nice to think regulators would fix it I found there were a few reasons why this wouldnt happen. I did a little research on those stock spams. since there had been so many, it got me curious as to what was going on to stop them.

      1) many of the companies that are promoted in the pump and dump schemes are not involved and often dont know for months that they are also victims of the spam. basically its hard to know who really is (spam coming from open relays etc)

      2) most of these stocks are what they call pink slip or OTC (over the counter) stocks not traded on exchages like the NYSE or CME, thus not falling under the SEC (i think, please correct me here im no stock expert)

      3) it appears that these spams are more of a scam to drive people to brokerages, or stock advisors. if you google one of the symbols in the spams, you will find very shady looking, hastily constructed sites who's sole purpose is to grab the #1 google ranking for the word "spam" and the symbol in the email.

      I could be wrong about the purpose but I think there is more to this scam than pump and dump. ymmv.

      • Re:Stock Spam (Score:5, Interesting)

        by El Torico ( 732160 ) * on Sunday January 21, 2007 @10:40AM (#17702212)
        I see you did your homework, and I would mod you up, but I don't have mod points today.

        it appears that these spams are more of a scam to drive people to brokerages, or stock advisors. if you google one of the symbols in the spams, you will find very shady looking, hastily constructed sites who's sole purpose is to grab the #1 google ranking for the word "spam" and the symbol in the email.

        I wonder if these "pump and dump" schemes are still working? This round of image spam has been going on for months now, so I'd expect that people just delete them. Even shorting these stocks may not be profitable at this point, which is why I think you are right, there is something else going on here. I wonder if this is some type of money laundering scheme?
        As for retribution, if these are "shady looking, hastily constructed sites", then they are your targets. If I was more skilled and so inclined, I would be "analyzing" those sites.

  • Moo (Score:2, Interesting)

    by Chacham ( 981 )
    Obviously this won't work, i just don't know why, or at least not clearly.

    There are only a few ISPs that connect at cross-network access points. All other ISP, buy their service from up-level ISPs.

    As has been suggested before, why can't every ISP have a policy (start at the top (the access points), and the rules will trickle down) that any ISP sending spam has to turn off access within a few hours or be shut down.

    Ultimately, the low-level ISP, who actually connect to the users would be forced to recognize t
    • Re:Moo (Score:5, Interesting)

      by HairyCanary ( 688865 ) on Sunday January 21, 2007 @09:41AM (#17701840)
      and i'l bet they will be *happy* to know they're a problem, and how to get better.


      I can see you've never worked at an ISP. A customer who is cut off could not care less about why, all they want is to be reconnected immediately and with no work on their part. They will threaten leaving your service, lawsuits, and practically death threats if you do not reconnect them.

      Seriously, why won't this work?

      Primarily it becomes an issue of volume. One call to a customer with an abusive machine will eat up the profit from that customer for months. You can't just call them and say "fix it", you have to handhold them through the process or you will almost certainly lose their revenue altogether.

      • Re: (Score:3, Insightful)

        by metamatic ( 202216 )
        One call to a customer with an abusive machine will eat up the profit from that customer for months.

        Sounds to me like your pricing scheme is part of the problem.

  • new spam methods (Score:3, Insightful)

    by edxwelch ( 600979 ) on Sunday January 21, 2007 @09:22AM (#17701726)
    There's an interesting artical at Extreem tech about the wave of spam that hit us last year:
    http://www.extremetech.com/article2/0,1697,2060277 ,00.asp [extremetech.com]

    Most admins were able to find ways to eliminate that eventually: http://blog.fastmail.fm/?p=580 [fastmail.fm]

    but now I notice a new trend. Some spammers are actually putting news headlines in the subject field.

    On top of that the black hats are now finding ways to spam emule search results.

    Every search you make in Emule will return a fake hit... something like *_using_emule_multimedia_toolbar.exe. If you exectute that program your machine will be infected with a virus.

  • by gvc ( 167165 ) on Sunday January 21, 2007 @09:23AM (#17701734)
    The volume of spam is definitely up, and most of it is pump and dumps from a very few distinct sources. In December, about 20% of the 30,000 spams I received were for one particular stock.

    http://it.slashdot.org/article.pl?sid=06/12/21/231 4241 [slashdot.org]

    But it is wrong to say that this new spam requires radical new filtering techniques. That's what the spam solution vendors (whose press releases drive these /. articles) want you to believe so you'll buy their products. In general, word salads, obfuscated words and image spam do not defeat state-of-the-art statistical filters.

    See, for example, the recent TREC tests: http://plg.uwaterloo.ca/~gvcormac/trecspamtrack06 [uwaterloo.ca]

    These results show that filters achieve about the same results on 2006 spam as on 2004 spam, and those results are pretty good. Ongoing tests show that the effectiveness of filters is unchanged for 2007. In general, the volume of spam has increased, and spammers have tried various methods of defeating spam filters. But their efforts have not been particularly successful against statistical filters.
    • Re: (Score:3, Insightful)

      by Animats ( 122034 )

      Yes. The key point is that there aren't that many spammers left. The number of different spams, and especially the number of different stock spams, is quite small.

      What's needed is to push on the SEC to find out who's behind the stock spams. They can do it. The number of people buying those penny stocks before the spam started is tiny, and following the money will eventually lead to the spammer. Yes, they may be working through intermediaries, but that's what FinCen and the money-laundering people tra

  • by sygin ( 659338 ) on Sunday January 21, 2007 @09:24AM (#17701738)
    I think an interesting study would be to harvest spam,
    scan for pump and dump, and buy stock based on verious
    factors. If you refined you algorithm perhaps you could get
    an application that would buy and sell pump and dump
    stock on your behalf, and make money in the process

    I would practice with virtual stock at first.

    Could an application buy and sell stock without
    human intervention?

    • The pattern of you buying and selling all the stocks that are involved in pump and dump scams would make you look like you were part of orchestrating it and would catch the SEC's eye
      • The pattern of you buying and selling all the stocks that are involved in pump and dump scams would make you look like you were part of orchestrating it and would catch the SEC's eye

        I doubt it. How many people have bitched about SCO's pump-and-dump, and nothing, nada, zip, squat, zero, rien ...

    • The stocks used in spam pump-and-dump are usually thinly traded penny stocks. Your own purchases and sales will affect the stock price, making your virtual trades inaccurate. You'll need to see bid/ask prices and quantities, not just price history, to make a more nearly valid test.
    • I recall someone claiming that they had *made money* based on stock spam. The strategy was really simple: they shorted whatever stock that was being pushed by spam. Shorting a stock means you borrow shares of the stock and sell them. If the price of the stock drops, you buy shares to fulfill your short contact at a lower price than the ones you borrowed. You make money on the difference. Sounds simple but you're screwed if the price of the stock goes up.

      Example: You "borrow" 500 shares of Pump-n-dump E
    • An underlying assumption is that these stock schemes are pump'n'dumps fostered by someone who has actually risked money on buying the stock. I don't think that's generally the case.

      Whether a pump'n'dump succeeds or not, the broker handling the transactions will take his commission. Anyhting that increases a broker's transaction volume will increase his earnings, including shorts; he always takes his cut. A "shrewd" broker, like the ones known for calling nursing home residents to encourage them to day tra

  • Adopt technologies like Spamassassin and SPF.

    Use polices that check the senders address and validity. Seems to work on my hobby system. Oh, I get some, but the kill rate is quite good and the false positives are quite low to non-existent. I virtually get none of the botnet spam, which is a big chunk.

  • block .gif images? (Score:3, Insightful)

    by spacemky ( 236551 ) * <nick@@@aryfi...com> on Sunday January 21, 2007 @09:30AM (#17701766) Homepage Journal
    Why not just block e-mails that contain .gif attachments?
  • In /. before (Score:2, Informative)

    This shouldn't come as a surprise to anyone One Last Spamhaus Warning Before The End [slashdot.org]
  • by ParraCida ( 1018494 ) on Sunday January 21, 2007 @09:37AM (#17701818)
    Who is even dumb enough to make their purchases based on spam mail. I mean, surely everyone must know what spam is by now? How can one be so dense as to trust a completely random, badly worded, illarticulated e-mail full of spelling mistakes from someone you don't know to make informed decisions about what stock they should buy?

    It simply makes no sense to me. As long as people remain so completely clueless that they will fall for spam, there will be spam.
    • Who is even dumb enough to make their purchases based on spam mail. I mean, surely everyone must know what spam is by now? How can one be so dense as to trust a completely random, badly worded, illarticulated e-mail full of spelling mistakes from someone you don't know to make informed decisions about what stock they should buy?

      Maybe the government can advertise V14GR4 and C14L15 via spam, but actually supply birth control pills. In a couple of generations, the average intelligence of the planet would go *w
    • Re: (Score:3, Insightful)

      Who is even dumb enough to make their purchases based on spam mail.

      Apparently, plenty. It only takes a few suckers to justify the time and effort to set up a spam campaign. I'd like to think that some day everyone will be aware enough that pump-and-dumps, nigeria scams, and the myriad other flavors of spam simply won't work any more because nobody will fall for them. Unfortunately, I do not believe that is a likely outcome [wikiquote.org].

    • Re: (Score:3, Interesting)

      by metamatic ( 202216 )
      Who is even dumb enough to make their purchases based on spam mail.

      There's a saying in Europe:

      "You know how dumb the average American is? Well, half of them are even dumber than that."

      Seriously, though, people still fall for 419 scams all the time, and I'd think you'd have to be much dumber to go for that than to think you could make money on some stock you heard about in a spam e-mail.

    • by Incadenza ( 560402 ) on Sunday January 21, 2007 @02:24PM (#17703968)
      Who is even dumb enough to make their purchases based on spam mail. I mean, surely everyone must know what spam is by now? How can one be so dense as to trust a completely random, badly worded, illarticulated e-mail full of spelling mistakes from someone you don't know to make informed decisions about what stock they should buy?

      Well, a lot of it just has to do with the psychological wiring of homo sapiens. We have to think that our actions are meaningful, that our victories are entirely our doing and that our failures are caused by bad luck. Failure to think this way will make you feel very very depressed.

      So, in the case of these stock options scams, there's a lot of people that *know* it is a scam, but, if they're quick enough, they might profit as well from the clueless hordes that will buy the stock later on. My bet is that the largest stake of these stock buyers thinks along theses lines. People might try that a couple of time before they realize they loose every time - and by that time new clueless humans come along.

      Then, there's that pitfall of familiarity. We tend to like things we already know. This is what advertising is based on. Show me 10 advertisements for 'Toothpaste Brand A' and none for 'Toothpaste Brand B' and when I'm in a shop, I will pick brand A (even if I very consciously know that that preference is based solely on advertising). A lot of people will think along the lines "It can't be that bad if they offer it to me this often - it must be the real thing" I once read an interview with a women that suffered severe dental problems after buying teeth whitener form a tell-sell channel, and she literally said "I thought: they advertise so much for it, it must be a good product".

      And then there's just basic greed: "This offer is so good, I don't want to spoil it with disbelief."
      And shame: "I can't ask Viagra to my doctor, this might be a rip off, but it might also be the right thing. I won't know until I try it".
      And the-only-change: "They don't sell penis enlargment kits in my pharmacy, I know it is shady, but I can't get it anywhere else"
      And the list goes on... We are o so great in fooling ourselves.

    • Re: (Score:3, Informative)

      by CodeBuster ( 516420 )
      How can one be so dense as to trust a completely random, badly worded, illarticulated e-mail full of spelling mistakes from someone you don't know to make informed decisions about what stock they should buy?

      Greed can be a powerful motivator for some people, enough to overwhelm their sense, what little they have anyway, of logic and reason which tells them that this is a scam or that an investment promise is too good to be true. Why do people play the Lottery when they know or should know that they have
  • And I'm wondering; how do I bill these companies for my time? Would there be a government department willing to help me out with that, or perhaps a friendly lawyer (apologies for the oxymoron) interested in starting a class action suit? These fucknuts will only cease when it starts costing them to do this.
  • by BillGatesLoveChild ( 1046184 ) on Sunday January 21, 2007 @09:50AM (#17701882) Journal
    It happens, but not that often. When they catch one, law enforcement does a dog and pony show and we applaud wildly. But they just keep coming.

    Arrests don't seem to happen that often. Do a google for "spammer arrested", and most of the hits are about the Buffalo spammer. He was arrested back in 2003 to much fanfare. However my mailbox is still full of. Maybe there is more than one of them out there?

    I'm guessing spammers spam because they know the chance of them being caught is nigh on zero. Yet, this is a criminal racket just like any other criminal racket. If some serious money is put into law enforcement, then spammers might finally get the shakes. Apart from pump-n-dump stocks (get off yer asses SEC), spammers aren't hard to catch. Consider Mortgage spammers. If you reply to a Mortgage spam (I am told) you will later be called by a seemingly unrelated mortgage agency. They have bought your contacts off the spammers. Everything can be traced, and if we have the feds seeded spammers with 1-use-only phone numbers, buying stuff and tracking it just like they do any other illegal contraband, of course they can bust it. Make receiving spammed contact details an offence too: The recipient must be reasonably confident that the leads they received are not spam. Harder to prove, but if there is a reasonable chance of prosecution buyers of spam harvests will become shyer and the market dry up. Lets make it a legal requirement that ISPs have to report spamming users to the feds.

    And let's get beyond "fines" for offenders. Fines for any profitable business are merely an operating expense. What really scares company directors is Jail time. This has been used in L.A. to force companies comply with laws they'd otherwise have simply paid out. If a spammer thinks there is a 0.0001% chance of him being caught (and then let off with a warning), they will do it. If they think they probably can't sell their harvest, have a 50% chance of being caught and will definitely go to Jail, they won't!

    So why isn't this happening? (1) It's not an issue for politicans. I want to see Obama/Hillary/McCain arguing about Spam!!! and so... (2) The money isn't budgeted for law enforcement. With some Elliot Nesses on Spam, I reckon we can crack this. How do we let the politicians know this is an issue for us?

  • The first rule is that spam is an advertisement that benefits an advertiser. To advertise something secret is an oxymoron - there is a product that is being promoted and somehow the spam recipiant must be persuaded to buy the product.

    Broadly speaking, I see three types of spam at the moment creeping past the filters:

    • Drugs (usually sex or diat linked)
    • Penny shares
    • Money laundering

    For the first, I'm being invited to buy something, and I have to pay by credit card. If the use of spam to advertise is illeg

  • by Equuleus42 ( 723 ) on Sunday January 21, 2007 @10:20AM (#17702072) Homepage
    Perhaps the SEC could require stock brokers and other companies issuing penny/OTC/pink sheet stocks to log whoever buys or sells them. There should be a discernible pattern among pump-and-dump traders that the SEC could backtrace to identify the perpetrator. I would imagine the perpetrator would not purchase the stock too far in advance, as market fluctuations during that time could make their scheme fail. They probably buy the stock only a few days or maybe weeks beforehand, and then sell immediately after the spike. Their initial purchase is probably sizable as well, more than your average investor. For most people who never deal with OTC stocks, their privacy is ensured. For those who do choose to deal with these types of stocks, it would be part of the cost of business for dealing in such a risky and crime-ridden market. The SEC needs to figure this one out sooner rather than later...
  • SURBL (Score:3, Informative)

    by bcrowell ( 177657 ) on Sunday January 21, 2007 @12:24PM (#17702986) Homepage
    I implemented SURBL [surbl.org] recently, and it's helped a lot. Your filter extracts url's from the *body* of the e-mail, and checks them against SURBL's blacklist. The idea is that most spam is trying to get you to click on a link, and although they can forge the From: line, they're still constrained to give the address they want you to click on. This has been amazingly effective for me, and it's really nice because there are essentially no false positives. It won't necessarily work with pump-and-dump scams, though, since it's possible for them to say "buy SCOX," without giving a URL.
  • stock pump-n-dump (Score:3, Insightful)

    by jafac ( 1449 ) on Sunday January 21, 2007 @12:44PM (#17703142) Homepage
    Well, one can only hope that this leads to some wider sweeping reforms, because as it stands now, the market is way too influenced by widespread fraud and insider trading. It's not anywhere close to being a legitimate market, it's more like a casino where a few favored gamblers get the nod, and even fewer just get lucky, and the rest lose, and maybe this wave of spam will spur some real change on the law enforcement side.

    Or maybe mail servers will just start rejecting all binary attachments.
  • by Animats ( 122034 ) on Sunday January 21, 2007 @01:11PM (#17703388) Homepage

    A big problem with most spam filters, especially the open source ones, is that they're single user. They're trying to work out from the content what's spam. Systems like gmail (and Spamcop before IronPort bought it) look at spam addressed to a large number of addresses. When roughly similar material starts showing up at a few hundred different addresses, the probability that it's spam is very high.

    Here's a thought. Mail servers should, on receiving an SMTP connection from an IP address, probe that IP address to see if it's a Microsoft consumer-grade operating system. If so, reject the connection. That would put a dent in the zombie problem.

  • by drDugan ( 219551 ) * on Sunday January 21, 2007 @01:18PM (#17703454) Homepage
    Spam will effectively destroy email as we know it. Too many people, too many messages, and too easy to get to people.

    We will migrate to a system where a sender must have a "key" before email is accepted, and those keys are under the control of the reciever.

    This kind of system will work much like email, as it is so popular and so useful people will only migrate from it slowly. Default keys for new email users will be simple (like a "1"). Once someone is getting enough connection, enough email, then mail clients will communicate automatically with known good senders and create an individual, bidirectional keypair so that future communication with known friends continues, while spam is shut off. In the future, sharing someone's "contact" will be more akin to sharing the private key they have to connect to a person. Once you see a new email address use a known key of someone else, you would accept it once, automatically regnerate the key for the original person, and watch the behavior to determine if it was spam or a legitimate introduction of a friend to a friend. To most users this system could work exactly like email now - just need to add more functionality to the mail clients' spam processing ability.

The more they over-think the plumbing the easier it is to stop up the drain.

Working...