You Can Help Stop Spam

SpamalotYou’ve probably noticed a sudden recent rise in the amount of unsolicited email, or “spam”, you receive.

You’re not alone.

Spam continues to increase on the internet, despite the best efforts of governments and technologists. There was a marked 20% jump overall just last May.

A few factors have contributed to this rise.

Spammers recently refreshed their databases by identifying valid email addresses to attract new business. They’ve also begun to engage nefarious new tactics to slip their evil wares past defensive technologies. What’s more, they even forced a major anti-spam firm out of business earlier this year.

This past spring I noticed that a lot of the spam I received was just empty messages. It seemed odd to me that spammers would waste their time sending these out. Then I realized what they were doing: validating my email addresses.

Basically, if they sent me an empty message, or a message containing just a few words of text, and it didn’t bounce back, they knew it had been received and that my address was still valid. Any messages that bounced back to them were indications of defunct email addresses. It was an easy, if somewhat sloppy, way to improve the quality of their email address lists and demand more money on their resale.

The activity was observed and confirmed by BlackSpider Technologies, a security research firm. They noted that the “directory harvest attack” peaked on June 9.

Another trend I’ve noticed lately is that spammers are inserting graphics that advertise products into their email messages just ahead of odd blurbs of text. To most people these graphics just look like regular text-based email messages. The subsequent text is typically hard to notice as it appears at the end of messages and, heck, who reads that far into spam? Other than me, that is.

At first I thought this was kind of cute. Spammers seemed to be sending folks some funky stream-of-consciousness poetry to enjoy as compensation for their constant annoyances. I actually spent time trying to make sense of some of it, until I realized that it was randomly generated, patterned word compositions based on common sentence and grammatical structures. Basically, it was boring anti-junk designed to relax the defensive systems on email servers.

In another sense, it was computer-generated poetry.

Most anti-spam software works by examining incoming messages for telltale pieces of text that identify spam, such as the words “viagra”, “cialis”, “XXX”, or “hot stocks”. By instead embedding these words into graphics, spammers are rendering them unrecognizable to pretty much all anti-spam software. The added “poetry” camouflages the messages even further.

Most unsolicited email originates in Taiwan, where there are somewhat more lax internet laws, and then most of that is amplified through a massive and ever-growing “botnet” of zombie “spambots” in the US and Europe. Spambots are regular PCs that have been infected with custom software that enables spammers to control them for their own purposes. Statistically speaking, your computer is probably infected now.

While primarily used for distributing spam, these zombies are often able to be leveraged for more nefarious purposes, too.

Earlier this year Israel-based Blue Security, a large email security firm, was forced to shut its doors after being blackmailed by spammers.

For the past few year Blue Security had sponsored an effort called “Blue Frog” that encouraged email users to actually respond to spam. The program generated massive traffic back to spammers and damaged many of their operations.

In retaliation spammers banded together and used their botnets to repeatedly bash Blue Security’s service provider with massive “distributed denial of service attacks”. This is a brute force way of shutting down networks and servers.

The spammers threatened to hit Blue Security’s hundreds of thousands of clients in the same fashion if the business didn’t cease all of it anti-spam operations. Rather than risk widespread internet mayhem, the company complied.

Interestingly, blackmail is a rising tactic of spammers. A majority of internet-connected PCs are infected with spambot software. Spammers plan to further enable their software with file encryption capabilities.

A spammer might then encrypt your entire photo library and demand a ransom payment of about $20 to deliver the decryption key. Or they might attack your work files and demand a little more. Until you pay up, those files would be inaccessible and useless. It’s a scary concept, and it’s already happening.

Most spam operations are part of massive criminal organizations. One is based in Halifax, actually, and is run by a guy named Tim Goyetche. Their methods are well planned, well organized and beyond the reach of law enforcement.

However, there is a subset of spammers often called “script kiddies” who sometimes get sloppy and end up in jail.

Last year, for example, an 18-year old Christopher Maxwell was arrested after his custom-made bot accidentally ended up on computers at Seattle’s Northwest Hospital and shut down the intensive care unit. Maxwell and his accomplices had made $100,000 over the previous year. They could end up in jail for 25 years and face $250,000 in fines.

While it’s encouraging to hear that these low-level spammers are sometimes getting mopped up, it means little in the grand scheme of things. Spam is a complex global problem spread across numerous legal and technical jurisdictions. In its vastly distributed state it’s a virtually unstoppable foe.

The best advice to combat spam may be the simplest: don’t buy anything through it. It may seem silly to say this, but consider that spam is just another advertising medium like newspapers and radio. If its effectiveness were diminished, likewise would its spread.

Somebody out there is buying Cialis, Viagra, and cheap penny stocks through spam; just make sure it’s not you.

First published in the Yukon News on Friday, August 11, 2006.

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 2.0 Canada License.

One thought on “You Can Help Stop Spam

  1. Great story Andrew.

    Would like to add another tactic to your already comprehensive list.

    Last year I got an e-mail that appeared to be from a clerk at Home Hardware, confirming a lumber order for someone. Or that’s what it appeared to be. I made the mistake of politely replying to one of these e-mails to let them know they had the wrong e-mail address.

    Recently I got one at my other northwestel.net address, and I was sure not to answer it.

    There is definitely many variations of “feeler” e-mails, just thought I’d add this one to the list.

Comments are closed.