Spam Is Back (theoutline.com) 154
Jon Christian, writing for The Outline: For a while, spam -- unsolicited bulk messages sent for commercial or fraudulent purposes -- seemed to be fading away. The 2003 CAN-SPAM Act mandated unsubscribe links in email marketing campaigns and criminalized attempts to hide the sender's identity, while sophisticated filters on what were then cutting-edge email providers like Gmail buried unwanted messages in out-of-sight spam folders. In 2004, Microsoft co-founder Bill Gates told a crowd at the World Economic Forum that "two years from now, spam will be solved." In 2011, cybersecurity reporter Brian Krebs noted that increasingly tech savvy law enforcement efforts were shutting down major spam operators -- including SpamIt.com, alleged to be a major hub in a Russian digital criminal organization that was responsible for an estimated fifth of the world's spam. These efforts meant that the proportion of all emails that are spam has slowly fallen to a low of about 50 percent in recent years, according to Symantec research.
But it's 2017, and spam has clawed itself back from the grave. It shows up on social media and dating sites as bots hoping to lure you into downloading malware or clicking an affiliate link. It creeps onto your phone as text messages and robocalls that ring you five times a day about luxury cruises and fictitious tax bills. Networks associated with the buzzy new cryptocurrency system Ethereum have been plagued with spam. Facebook recently fought a six-month battle against a spam operation that was administering fake accounts in Bangladesh, Indonesia, Saudi Arabia, and other countries. Last year, a Chicago resident sued the Trump campaign for allegedly sending unsolicited text message spam; this past November, ZDNet reported that voters were being inundated with political text messages they never signed up for. Apps can be horrid spam vectors, too. Repeated mass data breaches that include contact information, such as the Yahoo breach in which 3 billion user accounts were exposed, surely haven't helped. Meanwhile, you, me, and everyone we know is being plagued by robocalls.
But it's 2017, and spam has clawed itself back from the grave. It shows up on social media and dating sites as bots hoping to lure you into downloading malware or clicking an affiliate link. It creeps onto your phone as text messages and robocalls that ring you five times a day about luxury cruises and fictitious tax bills. Networks associated with the buzzy new cryptocurrency system Ethereum have been plagued with spam. Facebook recently fought a six-month battle against a spam operation that was administering fake accounts in Bangladesh, Indonesia, Saudi Arabia, and other countries. Last year, a Chicago resident sued the Trump campaign for allegedly sending unsolicited text message spam; this past November, ZDNet reported that voters were being inundated with political text messages they never signed up for. Apps can be horrid spam vectors, too. Repeated mass data breaches that include contact information, such as the Yahoo breach in which 3 billion user accounts were exposed, surely haven't helped. Meanwhile, you, me, and everyone we know is being plagued by robocalls.
Re: (Score:3)
Bill G is a very generous man. He's going to pay me $.25 every time I forward the email I just got from him.
Re: (Score:1)
When I answer my phone (Score:2, Insightful)
And it's a spam caller, I set the phone down and wait for the call to end. Make those guys use some of their resources.
Re:When I answer my phone (Score:5, Interesting)
And it's a spam caller, I set the phone down and wait for the call to end. Make those guys use some of their resources.
I receive more and more calls that are voice-recognition bots. They ask questions, and are programmed to respond to the replies. If I go "off script" and start asking questions or giving nonsensical replies, they will loop a few times and hang up. They will also loop and then hang up if I just stop replying.
If your caller is one of these bots, then they aren't using any human time. If you want to cost them, you need to give a few "right" answers so you can be transferred to a human.
These bots are clearly the future of robo-calls. They will get more sophisticated, and it will get harder and harder to tell that you aren't talking to a human. The obvious countermeasure is to have your own bot answer your phone and screen your calls before passing them on to you.
Re: (Score:2)
The obvious countermeasure is to have your own bot answer your phone
That's what I do. If I don't recognize the number, I'll let the answering machine take the call.
Re: (Score:1)
Yep, I started screening all my calls as well.
One interesting tid-bit, is they seem to like to match my area code, and the first 3 digits of my number when calling, I guess to make the number look more authentic? To me it's a suspicious coincidence that tips me off.
Here's the funny thing though: ... ... ... I'm not here right now... etc."
I let it go to my machine, and my message is setup to piss people off.
"Hello?
Before I set it up my voice mail, they would just hang up if it went to VM. Now I often times g
Re:When I answer my phone (Score:4, Insightful)
One interesting tid-bit, is they seem to like to match my area code, and the first 3 digits of my number when calling,
I have noticed this quite a bit as well. My default assumption now when I see my area code and the first 3 digits of number on CallerID is that it's a spam call, and I don't answer. The call-number spoofing problem has gotten out of hand.
Re: When I answer my phone (Score:3)
I do the same as I have moved 4 different times since I received my cell number. So unless it comes up as family I ignore it.
Each time I moved it was to a new area code.
Re: (Score:3)
Would love to get a dialer option to reject the low-hanging fruit that is (xxx)yyy-nnnn with a single checkbox. Unfortunately phone companies make some cash on blocking features such as autoblock hidden numbers (aka private callers) and that's something I've only seen on landline providers anyway. My cell company used to have a web-customizable SMS spam blacklist but it mysteriously went away
Sucks that I also can't blacklist numbers until AFTER they've called... Regex functionality would be nice, and the be
Re: (Score:3)
I set my default ring to silent, and only give an audible ring to those I know. If I ignore a genuine call they can leave me a voicemail. I put ignored calls on my auto-refect list.
I wish Verizon would allow two default rings, one for callers on your contact list, and one for other callers.
Re: (Score:3)
That's why I answer calls from unrecognized numbers in Classical Latin. Nobody programs bots for it. Hell, nobody programs PEOPLE for it - it's not in their script anywhere.
And it's a really beautiful language for telling people to go fuck themselves in.
Re: (Score:2)
Re: (Score:2)
It's mostly that Latin has a bunch of different words for "fuck", not just one, and they vary by "configuration". It's like if we had words for "ass-fuck" and "face-fuck" without having a general "fuck".
So one might say "pedica se", to tell them to go fuck their own ass (with an implication of pederasty), or "irruma sororem tuum", to tell them to go skull-fuck their sister (or possibly cousin, because the Romans had weird priorities when it came to giving things words). You've also got "cevere" for "get fuc
Re: (Score:2)
I like Catullus' novem continuas fututiones.
Re: When I answer my phone (Score:2)
whitelist. Unless I know you already, you are a spammer.
Re: (Score:2)
LOL... if I had some robot screening my phone calls when I call my friends, they wouldn't be my friends anymore.. seriously... only a nerd can think of something like this and get away with it.
Re: (Score:2)
I have a personal database of spam callers and when such a number calls, I just pretend the phone rings but it doesn't. After a while, they are sent to a spammer voicemail box that sounds just like my real one. I review this voicemail box once in a while just in case since I also send anonymous caller there.
I have a special number that I only give to people I know that have anonymous showing up as their callerID. They need to enter a special code on top of this to join me.
I don't answer when I don't recogni
Re: (Score:2)
Here is what's boring brother;
http://www.cbc.ca/news/politic... [www.cbc.ca]
http://www.bbc.co.uk/news/tech... [bbc.co.uk]
https://www.theguardian.com/te... [theguardian.com]
https://en.wikipedia.org/wiki/... [wikipedia.org]
"Scam Likely" calling.... (Score:3)
Does anyone else get these a lot on their cell? It seems as if Mr. Likely calls me daily. I wish I could just block him but he changes number frequently.
Re: (Score:2)
I believe that's a feature of the T-Mobile network. I don't know how it works, but I like it!
Re: (Score:2)
I believe that's a feature of the T-Mobile network. I don't know how it works, but I like it!
Some people have apparently even mis-credited Apple [payetteforward.com] for the feature.
Unfortunately all these features ("Scam ID" and "Scam block" and "Name ID") require a post-paid plan to work - https://explore.t-mobile.com/c... [t-mobile.com]
Their Prepaid service has a static monthly price tag but lacks Visual voicemail and the above features.
Re: (Score:1)
Paragraphs went the same way as capitalisation, apparently.
Oh? (Score:2)
I never knew it decreased. When I check, I see that I still get tons, but my spam filters keep it at bay for the most part. If anything, the new kind (random phone calls on my cell/mobile everyday) is even worse than the old kind.
Re: (Score:2)
That's why one has throwaway addresses, be it foo+bar@gmail.com, or aliases on your own domain, so you can pinpoint which group of schlubs decided to break their pinky promise of not spamming, as well as to just delete the alias or filter it to /dev/null. Some places, I just use mailinator.
You just have to assume that if you give your phone or E-mail address out, it will be hawked to third parties and spammed to Hell and gone.
Re: (Score:2)
Re: (Score:2)
Why TF would anyone want an email receipt? I was taken aback when I was first asked if I wanted one, it is so obviously for collecting addresses for spam. It surely takes longer for you to give them your email address than it does for them to give you a paper receipt anyway.
Pay me to read it. (Score:2)
We need a micropayment system where all messages contain some payment. I then set my email reader to only preserve messages that contain at least 10 cents. My friends can pony up that money if they want me to read something.
And do not post the "why your email solution won't work" check list. That is perfect being the enemy of good.
Re: (Score:3)
Get Google to implement it with Google Pay, and integrate it into Gmail. Other email services could opt-in using secure payment tokens in email headers.
The micropayments should roughly balance... just not for spammers.
Emails which don't include a micropayment can continue to be spam-filtered as usual.
Re: (Score:2)
>And do not post the "why your email solution won't work" check list.
So you already know your solution won't work, you've been told many times, and yet you still propose the same, unworkable solution.
Why?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Great idea! You first. Set up a server and start by paying other people to read your E-Mail.
I'll wait.
Re: (Score:1)
Your post advocates a
( X ) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the mo
Re: (Score:2)
We sort of have that with Outlook creating a postmark which served as a proof of work. However, with spammers having plenty of CPU cycles available, this seems to have been phased out.
What might be interesting might be a proof of work system with a very small granularity, so one could mine a unit of currency with a relatively small amount of CPU spent, and then send that as part of the E-mail. That way, one could set E-mail thresholds fairly easily, and even if the message was crap, it at least added some
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
You should switch. You'll live longer.
Re: (Score:2)
Re: (Score:2)
I administer the spam filter / email relay at work and our spam volume is one one-hundredth what it was in 2010. So that's at least antidotal evidence that spam volume is down.
As a mail server admin, my observation is that spam is perhaps slightly down, but scams are rising. Almost all sent through botnets.
What has helped me the most is scoring e-mail based on which countries the e-mails are relayed through, and what timezone they were apparently sent from, and where URLs lead to.
The currently worst ratio of spam/scam to legitimate e-mail are:
Timezones: +0530, +0800, +0700, +0300, +0200
Relay countries: CN, DE, IN, AR, IR
URL countries: DE, GB, RU, AR, CN
So if you get an e-mail
Junk mail is worse than any e-spam... (Score:5, Insightful)
Junk paper mail -- the local grocery stores all sending out circulars to "current resident" telling me how much ham costs -- is a worse plague than anything electronic. There are no laws against it (since the USPS gets cash from the spammers), there's no way to filter it (since it's physical), you're required to constantly check it (or else the box gets full and USPS gets butthurt), and you can't stop using that communication channel (since the government uses it, and if you don't get their shit then they get butthurt and they have guns).
I suspect that the drain on the environment from paper spam is orders of magnitude higher than for e-spam, too.
Re: (Score:1)
Paper spam at least can be useful for tinder, protecting surfaces while doing dirty work, stuffing into shoes and many more. Can't say the same for electronic spam.
Re: (Score:2)
Re: (Score:1)
1 simple law and a sticker on the mailbox solve this problem effectively. http://community.expatica.com/... [expatica.com]
Re: (Score:2)
Congrats to the Dutch for actually making a solution to this.
Re: (Score:3)
Re: (Score:2)
Yes, and I've tried talking to the post office and mail carrier. They insist that they are being paid to deliver junk mail and that no action on my part can make them stop delivering it.
Re: (Score:2)
Yes, PS Form 1500 can stop junk mail (Score:3)
That's not true: there's a way to stop them, if you want to take the trouble to implement it. You might have to google around for it, but I'll provide a link to get you started.
So, basically, your post office has a form that you can fill for blocking "erotically arousing or sexually provocative" junk mail: PS Form 1500.
You must be
Re: (Score:3)
Re: (Score:2)
I actually like getting the junk mail. More than once I have seen something in the junk mail that has caused me to go to a different supermarket that's further away because they have meat or other things at a significantly cheaper price than either of my local supermarkets.
Re: (Score:3)
It's like your entire country has never heard of No Junk Mail stickers.
Amazing.
Re: (Score:1)
Spam never went away (Score:5, Informative)
Filtering cannot solve the spam problem, as it only creates a race to the bottom of the signal:noise ratio. Spammers keep working on ways to get around filters by changing how they craft their messages; eventually making it so that more emails that should pass are not - at which point people start to complain that the filters aren't working.
Similarly, law enforcement cannot solve it either unless there is a single set of international laws against it that apply to all people equally regardless of where they or their targets are. Obviously this will never happen. People call for all kinds of terrible things to be done to spammers but not only will that not happen it won't make the situation better as there is a nearly endless supply of spammers out there ready to fill the void.
The only thing that works is to approach spam as the economic problem that it is. We need to stop pretending that spammers send out spam to piss people off; that is one of the dumbest lies on the internet. Spammers send out spam to make money. If you don't want spam, you need to do something to prevent spammers from getting paid. Cut off their cash flow and they go on to doing other things with their botnets instead.
Re: (Score:2)
The only thing that works is to approach spam as the economic problem that it is. We need to stop pretending that spammers send out spam to piss people off; that is one of the dumbest lies on the internet. Spammers send out spam to make money. If you don't want spam, you need to do something to prevent spammers from getting paid. Cut off their cash flow and they go on to doing other things with their botnets instead.
Or find way to employ the people who create spam such that the creation of said spam is less economically tenable. The idea of targeting them economically is a great idea but instead of doing so in a way which will leave them poorer why not try to employ their creativity in ways which benefit everyone?
It might be harder but it would seem like a better choice for long term stability. Set a trend which demonstrates how spam creation doesn't lead to the fulfillment desired and you've now cut off air to the nex
Re: (Score:2)
The only thing that works is to approach spam as the economic problem that it is. We need to stop pretending that spammers send out spam to piss people off; that is one of the dumbest lies on the internet. Spammers send out spam to make money. If you don't want spam, you need to do something to prevent spammers from getting paid. Cut off their cash flow and they go on to doing other things with their botnets instead.
Or find way to employ the people who create spam such that the creation of said spam is less economically tenable. The idea of targeting them economically is a great idea but instead of doing so in a way which will leave them poorer why not try to employ their creativity in ways which benefit everyone?
That is a noble idea but it requires knowing who the spammers are and getting through to them on some sort of personal level. If you make it so that they cannot pay their bills by creating and sending spam, wouldn't you accomplish a similar end? I don't seek to harm the spammers though I do acknowledge that some of them are pretty awful people [krebsonsecurity.com], who I probably don't want to associate too closely with.
Perhaps if we could incentivize more beneficial applications of their talents, then we could get there
Re: (Score:2)
Indeed, my suggest relies heavily on some assumptions that may not bear out after further examination. Such as the spam isn't being conducted by a state actor for propaganda or other nefarious reasons. Which certainly exists and presents an entire different category of problems to handle.
It seems like the first step to any solution would be to see who exactly is doing it.
Re: (Score:2)
Re: (Score:2)
That is a noble idea but it requires knowing who the spammers are and getting through to them on some sort of personal level.
Agreed. My guess is that the vast majority of people are clever un(der)employed Africans and Eastern Europeans who don't give two shits about using their knowledge for public welfare. They are either greedy organised criminals or people wanting to put food on the table for their families. Unfortunately, spam is one phenomenon emerging from a multifarious global social problem (poverty on the one hand, brilliant physicists/mathematicians/computer scientists who lost their jobs when the USSR collapsed on the
Private Numbers (Score:1)
Re: (Score:2)
Even worse--fake numbers. Only real numbers should be allowed on caller ID. At least there you have some chance of blocking and someone who constantly changes their phone number can be identified as a potential spammer/scammer.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Spam "is back"? (Score:3)
It never left... at least, if my email is at all representative.
Really the only thing CAN-SPAM changed is that, now, the spam I get mostly contains "unsubscribe" links which take you to a non-functional web form (on those rare occasions I even bother to check).
Spam advertising (Score:2)
Progressive orgs are pretty bad about this (Score:3)
I was signed up to Change.org's mailing list at one point. They would send out email alerts with links to petitions, sometimes from other progressive orgs. When you signed those petitions, you were automatically added to those other org's mailing lists.
After about a week of this, something like 30% of my email was petition requests.
I understand that getting the message out and making people aware of certain issues is important, but that just completely turned me off and I am no longer subscribed to ANY of those orgs.
I also realize that these particular emails are not *technically* spam, since they do notify you in the fine print at the bottom of the petition, but my point is that these types of emails have become the new "spam" for me. Gmail filters the "normal" spam for me. I never see it, but these chain-mailing-list progressive orgs have got to stop. "Hey, thanks for signing that petition! As a reward, here's another progressive mailing list subscription for a cause you don't really care that much abut!" The one GOOD thing about these is at least they obey unsub requests.
All political orgs do that (Score:2)
Is this an article telling me that spam exists? (Score:2)
...As if I didn't already know.
Robocalls (Score:5, Informative)
About the only spam that bothers me is the robocalls. They are getting pretty bad. It ranges from 1-5 calls a day now. Very obnoxious. Do-not-call does seem to help, but the idiots who implemented that, it's expires after like what 6 months or a year, I dunno, but as soon as it expires, the calls skyrocket like the same day.
What I'd really like to have on my smartphone is a whitelist for callers. I'm just done with these idiots. Not in my contact list: shunt to voicemail and pretend it never happened.
Re: (Score:1)
Do-not-call does seem to help, but the idiots who implemented that, it's expires after like what 6 months or a year, I dunno, but as soon as it expires, the calls skyrocket like the same day.
The FTC Do Not Call Registry does not expire [ftc.gov]. What you may get is idiot companies thinking it does, or spammer groups adding you to their list without checking the list. Report violations [donotcall.gov]. The FTC really doesn't have any way to go after violators if they aren't reported. It's rather quick to do online, and in my experience it does help eventually. (I imagine with enough people reporting a certain robocaller, the FTC eventually tracks them down and fines their ass into oblivion.)
Re: (Score:2)
Do-not-call does seem to help, but the idiots who implemented that, it's expires after like what 6 months or a year, I dunno, but as soon as it expires, the calls skyrocket like the same day.
The FTC Do Not Call Registry does not expire [ftc.gov]. What you may get is idiot companies thinking it does, or spammer groups adding you to their list without checking the list. Report violations [donotcall.gov]. The FTC really doesn't have any way to go after violators if they aren't reported. It's rather quick to do online, and in my experience it does help eventually. (I imagine with enough people reporting a certain robocaller, the FTC eventually tracks them down and fines their ass into oblivion.)
Pardon me a moment while I laugh hytserically. OK, all good. You really think Trump's FTC is going to give a flying F? They're probably working to dismantle the do-not-call list.
Re: (Score:2)
Spam is back (Score:2)
Re: (Score:2)
Re: (Score:2)
I've been getting a fair amount of weird spam too, in addition to the typical vi@ggraa and c1a!as spam. A lot of it is in Spanish, and from what I can it's mostly B2B type spam targetting businesses in Latin and South America selling things like bulk wine for restaurants (huh?), training for HR departments (umm..??), and consulting services for dealing with regulatory issues with selling cosmetics (uhh...what???).
At first I thought that maybe this stuff was a mistake or my email had somehow mistakenly got
Re: (Score:2)
Re: (Score:2)
I find it odd too. Note that it's almost entirely Latin/South America, though I do occasionally get something that looks like it might have to do with Spain.
I do get a fair number of Spanish spam from spammers trying to sell me "targeted" lists of email addresses. Amusingly many of these spammers seem to party like it's 1998, with free email dropboxes to contact them (Hotmail, Yahoo, etc.) and it appears that the lists themselves would to mailed on CD or DVD should someone actually buy them. I can only a
Re: (Score:2)
Re: (Score:2)
Blame Russian for spam infestation? (Score:1)
It's bullshit statements like the above that only tend to discredit slashdot. The primary source of spam on the planet is all those compromised Microsoft Windows out there being co-opted into DDOD attacks and spewing email spam to the Internet.
SPAM phone-call killer (Score:1)
At the risk of promoting a commercial item, I will nonetheless recommend the Sentry 2 device for VOIP phones. It rejects (without ringing through) ALL robocalls and calls from its own list of spammers. Your friends press 0 to go through and be whitelisted ONCE. If a telemarketer lies and presses 0 you can do what you want and then press REJECT so he's added to the blacklist. We used to get half a dozen telemarketer/robocalls per day. Now it's down to one or two lying bastards a month. Best $50 I ever
but lobbyright is c00 (Score:1)
Google (Score:3)
Gmail apparently doesn't distinguish between a.b@gmail.com and ab@gmail.com
Now I get many emails that are similar to mine, but different names....so if mine was JPDough@gmail.com, I get emails to J.PDough@gmail.com, JP.Dough@gmail.com, JPD.ough@gmail.com with the correspondence referencing John, Jason, Jerry, etc.
Invariable is it is some legal, medical, or insurance thing that requires my signature...so click this link.
Re: Google (Score:2)
Gmail also doesn't distinguish jpsmith@mail.google.com and j.psmith@mail.google.co.uk. very well either.
I get emails from Australia Canada and uk to people with the same or similar username all the time.
Re: (Score:2)
You are correct, in that Google ignores periods in gmail account names. a.b.c@gmail.com, ab.c@gmail.com and abc@.gmail.com are all the same account.
Re: (Score:1)
I constantly get those in Gmail also. That's the main reason I NEVER use Gmail for anything 'sensitive". I never get those kinds of emails in Yahoo or Hotmail, ONLY Gmail.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
I have this same problem. I routinely get mail for someone with the same name but he has no punctuation. Lots of legal stuff too.
Part of the reason I'm getting off of Google.
The biggest spammer on slashdot complains? (Score:1)
A man who made $600 spamming slashdot comments complains when someone inappropriately monetizes their relationship? Oh the irony.
Remember when you said that buying a child bride was "getting the most for your retirement dollar"? I remember that. Maybe you could make it into an ad campaign for a human trafficking service?
Re: (Score:1)