"Spim" is Latest Online Annoyance 292
Pcol writes "The Washington Post reports that 'Spim,' as people are beginning to call unsolicited instant messages, is the latest sign that online marketers will seek to take advantage of other communication tools, not limiting themselves to spam or pop-up ads. The good news is that it's not easy for spimmers to send unsolicited instant messages. Instant message providers like AOL, Microsoft and Yahoo have a lot of control over their instant message networks, and since they look at their IM offerings as gateway services that help draw customers in to their paid Internet offerings, these firms are already committing resources to making sure the spim problem never reaches the same scale as spam." Even without the providers assistance, many people who use IM systems are smart enough to limit incoming messages to those from their buddy lists. Still, there must be enough of a success rate to move spimmers to continue messaging users.
This has been going on for years (Score:5, Informative)
Re:Light on details (Score:0, Informative)
Comment removed (Score:5, Informative)
Strangers are just spimmers you haven't met yet.. (Score:5, Informative)
Re:Light on details (Score:3, Informative)
I'm assuming with ICQ they just run through all numbers from about 5 digits to 9 digits (or whatever ICQ's up to these days). With MSN IM most people use their hotmail address as identifier (because you don't have to go through the process of registering another email with MSN, IIRC). Hotmail addresses are easily obtained, through a variety of methods (guessed, harvested, purchased...). I'm not sure how hard it is to obtain AIM or Yahoo screen names. I don't think it has to do with the protocol being open or not, though. I think the people at Trillian and Gaim have basically opened all the protocols. I think the "spim"ers aren't using protocol exploits (although I could be wrong), I think they're just obtaining screen names.
Re:Obscenity through Obscurity - Hoopla! (Score:4, Informative)
Now, gentleman, this gallant Nicholas
One day began to romp and make a pass
At this young woman, in a mood of play,
Her husband being out down Osney way.
Students are sly, and giving way to whim,
He made a grab and caught her by the quim
And said, 'Unless I have my will of you
I'll die of secret love -- O, darling, do!'
Then held her haunches hard and gave a cry
'O love-me-all-at-once or I shall die!'
The Miller's Tale, Geoffrey Chaucer
Re:This has been going on for years (Score:4, Informative)
Better option yet... Don't let anyone contact you that isn't on your list. If they can't search for you in the first place it won't matter if they can't contact you if they happen across your AIM screen name.
Flashback... (Score:2, Informative)
digging deep into my 14-year-old-loser-in-his-parents-basement history, I remember the days when you could run a "phish"ing program in AOL. It would scrape the screen names from a couple dozen chat rooms, and mass-IM them a message saying "AOL billing has lost your password, just reply with it or your account will be disabled". I know we're talking about aol-ers here, but those retards would reply about 1 in 50. Eventually AOL added little red text to the bottom of every IM saying "we will never ask you for your password" but even then it was still very effective to just IM about 2000 people. The thing is, it only took three people "reporting" you for your account to get disabled.
So AIM now seems to have this mostly under control with the rate-limiting. Getting people's IM names will happen much the same way emails are harvested, forums, personal web pages, etc.
Here's an annoying little brain teaser. Imagine every ISP had standardized on something like Jabber and we didn't have this proprietary mess we do now with AIM/MSN/Yahoo. How would we provent spim then? Wouldn't it be just as subject to being raped as SMTP?
Re:Light on details (Score:2, Informative)
Yahoo has it's 'user directory' - which you can opt out of.
However, the biggest offense on Yahoo is the 'chat rooms'. I can't count know how many times that 'marketing bots' have wandered into one of the totally innocous chat rooms and spew 'porn-o-matic' messages into the room (complete with links) and vanished.
I also suspect that the 'spam bots' on yahoo chat rooms do 'profile lookups' of people in the rooms they see and do an email harvest.
It's not a hard fix to get rid of - but it has to be done by Yahoo. Messenger has an 'ignore feature, and if you had an option to 'auto ignore' anyone who spoke a URL aloud (ok, you MIGHT get real people too - but how often do YOU state URLs in casual convertaion. Maybe a bad question to ask
However, Yahoo provides a free service - so there is no real incentive to fix it. There a few 'third party' proxy programs that allow you SOME of this added functionality. Perhaps such anti-spim features will be in an 'upgraded' pay service
Semi-offtopic ... but ... audio spam (Score:2, Informative)
Any thoughts on blocking this? The fact that it continued to play makes me wonder what's going on.