inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #51 of 103: one big petri dish (jnfr) Wed 2 Feb 05 11:19
    
I don't use system filtering where it's offered. I use my own 
pre-filtering program before I download my mail. One thing it will do if I 
ask it to is send bounce messages to every spam source. Since I've started 
doing that my spam has dropped to a quarter of what it was.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #52 of 103: Brian McWilliams (bmcwilliams) Wed 2 Feb 05 13:54
    
jnfr, since spammers usually forge the "from" and "reply-to" lines in
spam, don't you run the risk of hurting an innocent third party when
you "bounce" messages back to the (apparent) source?
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #53 of 103: Brian McWilliams (bmcwilliams) Wed 2 Feb 05 13:59
    
Betsy wrote:

>Many sites apply spam filtering to all user email without user
>control, and the result is that email is becoming less reliable, as
>valid email disappears into "black holes". 

No kidding. I did some testing last month and found that Hotmail will
delete email if it contains certain "spammy" keywords in the subject
line. I don't mean Hotmail files it into the spam folder. The service
simply doesn't deliver it. 

I believe the subject line I used was something like "viagra oxycontin
sex lolitas stock alert teens penis." Message body simply had the word
"test." 
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #54 of 103: Dan Mitchell (mitchell) Wed 2 Feb 05 14:35
    
I'm set up really well: spamassassin on the Well, then Speakeasy's
filter, then Eudora's. Maybe 5-10 spams a day make their way to my
machine, and more than half of those go into Eudora's spambox. 
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #55 of 103: The Phantom of the Arts Center (tinymonster) Wed 2 Feb 05 14:48
    
<I believe the subject line I used was something like "viagra
oxycontin sex lolitas stock alert teens penis.">

I can't wait to see who takes that as a pseud first.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #56 of 103: viagra oxycontin sex lolitas stock alert teens penis (rosmar) Wed 2 Feb 05 15:42
    
Why do I so often need someone else to point out good pseud
possibilities?

Thanks.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #57 of 103: one big petri dish (jnfr) Wed 2 Feb 05 16:40
    
I'm sure a bounce message will hit real people some significant portion of
the time, and I'm sure those poor folks are getting lots of bounce
messages, along with a ton of complaints. I feel for them, but I still
bounce, because as I said it's cut my spam enormously.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #58 of 103: Betsy Schwartz (betsys) Wed 2 Feb 05 19:07
    
Instead of bouncing, most sites just drop on the floor these days,
because if you bounce a mail containing a virus, you're propagating
the virus. And also, if some innocent person gets his or her name
used, they can get *flooded* with email (often called a "joe job")

I hate just dropping email, because it breaks the RFC's, but I do it.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #59 of 103: Brian McWilliams (bmcwilliams) Thu 3 Feb 05 12:45
    
Speaking of joe-jobs, Hawke and other spammers in Spam Kings often put
random return addresses on their spam messages. I heard from a couple
victims who were absolutely steamed about having to handle all the
bounces, complaints, etc. generated by the spams. One guy was going to
try to sue Hawke over it ... I don't know whether he had any success.

Then there are the victims of "dictionary" and "brute force" spam
attacks. In chapter 5, I tell the story of Karen Hoffmann, a web
designer who received over 100,000 spams over the course of two days.
Her ISP had to disconnect its mail server from the Internet. Apparently
some spammer's software had gone berserk trying to pepper her domain
with possible valid addresses. Guinness Book material?
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #60 of 103: Gail Williams (gail) Thu 3 Feb 05 12:48
    
The Guinness Book of Spam Records.  The mind boggles.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #61 of 103: Cynthia Dyer-Bennet (cdb) Thu 3 Feb 05 13:02
    
(NOTE: Offsite readers who have comments or questions can send email to
inkwell-hosts@well.com and we'll add 'em to this discussion. Please be sure
to note "Brian McWilliams discussion" in the subject line. Thanks!)


Brian, I'm intrigued by the names spammers create for their "from" lines.
Names like "Digression G. Saltiest" and "Guadalupe Butts" and "Socorro 
Quintero" and "Sequencer J. Stomached."

The names are obviously sooooooooooooo phony that I can't imagine anybody
thinking they're legitimate, yet it seems to be a technique that's
becoming more and more popular. What's the point of these bizarre names?
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #62 of 103: Dan Mitchell (mitchell) Thu 3 Feb 05 14:08
    
I think you answered your own question:

>I'm intrigued by the names

Not that you fell for it, but drawing attention is the goal.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #63 of 103: Brian McWilliams (bmcwilliams) Thu 3 Feb 05 14:25
    
Cynthia, often those strange names in the "from" line are hard-coded
into the spam software by developers, not chosen by the spammers
themselves. Like Dan says, it seems to me a way to intrique recipients.

Which brings up a kind of sad point. Many bright minds are being drawn
into the software side of the spam business -- especially on the spam
filtering side. I attended the recent spam conference at MIT and was
amazed at the brain power being focused on beating spam. Seems like
such a waste. (Yet I'm glad they're on the job.)
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #64 of 103: Betsy Schwartz (betsys) Thu 3 Feb 05 16:34
    
I watched last year's SPAM conference and remember hearing one of the
participants say something like that:when you were studying so hard to
get your degree did you think you'd be using it to fight penis pills?
Something like that.

The SPAM Conference is available on the web at
http://spamconference.org
Usually makes fine watching
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #65 of 103: Brian McWilliams (bmcwilliams) Thu 3 Feb 05 19:19
    
Yes, if you tune into the beginning of session three, you can watch me
muddle through my presentation about Spam Kings and the Achilles heel
in spam filtering: the spam folder. 
http://spamconference.org/webcast2005.html

I discussed the results of some unscientific research I recently did,
which showed that many people click links in spam messages even after
they've been filtered into their spam folders. To me, this means that
(some) spammers can survive even if spam filters are 100% effective and
in universal use.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #66 of 103: Betsy Schwartz (betsys) Fri 4 Feb 05 04:09
    
For spammers to truly survive, it has to be profitable. 

This is one reason I was rocked a bit to hear that some spammers are
shipping so much product, because that probably makes it so much
harder to prosecute them.

Do you think there's anything to be gained by addressing this from the
credit card company side? It should be harder for a credit card
scammer to charge money to a card, I think.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #67 of 103: Betsy Schwartz (betsys) Fri 4 Feb 05 04:16
    
I also want to comment some more on the book, and on Shiksaa. I do a
lot of enduser support and training, and I'm deeply interested in how
people learn about computers (and how women in particular navigate the
technical scphere) so I was particularly struck by how *fast* Shiksaa
seemed to go from being an AOL end user, the naivest of the naive, to
a member of an elite group.  This is very unusual. As you point out,
even her name was against her, having an AOL address, and "newbies"
tend to get flamed out of technical groups. Was this a case of a
person discovering an inner gift, or did she get particularly good
help, or what? You narrate the path she took but I'd like to hear more
about successfully got past the inevitable obstacles.

Also, one thing that particularly struck me about the book was the
absence of lengthy semi-technical digressions. SO many books feel
obligated to *explain* everything about the Internet, and drop into
side tours that really should be set in the margins in little
boxes. Inevitably, these are too annoyingly vague for people who
understand the technology, but not enough for the non-technical to
grasp. The DNS tree in 250 words or less! TCP/IP in half a page! I
thought you did a particularly nice job of mentioning what the
technology *was*, without getting sucked away from the story.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #68 of 103: Brian McWilliams (bmcwilliams) Fri 4 Feb 05 07:18
    
Betsy asked:

>Do you think there's anything to be gained by addressing this from
>the credit card company side? 

Possibly. As I chronicle in the book, getting a credit card merchant
account with a high limit is essential to spam success. At one point in
late 2002, Hawke's partner, Brad Bournival, was only able to spam for
a couple weeks each month because he so quickly reached the maximum
number of transactions allowed on his merchant accounts. He and Hawke
had a major breakthrough a few months later, when they lined up a shady
deal for an unlimited merchant account.

If merchant account issuers had a no-spam policy and enforced it, they
could dry up a lot of spam very quickly.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #69 of 103: Brian McWilliams (bmcwilliams) Fri 4 Feb 05 07:32
    
>I thought you did a particularly nice job of mentioning what the
>technology *was*, without getting sucked away from the story.

Betsy, thanks. Regarding your question about how Shiksaa, the AOL
newbie, became an anti-spam goddess:

>Was this a case of a person discovering an inner gift, or did she get
>particularly good help, or what? You narrate the path she took but
>I'd like to hear more about successfully got past the inevitable
>obstacles.

I think Shiksaa picked up on her own a few technical tricks that
reliably enabled her to gather dirt on spammers. (E.g., their tendency
to leave ftp logs lying around and allow their directories to be
listed.) She also told me she got some good guidance along the way from
techies who took her under their wing. 

But Shiksaa also became a master of non-technical sleuthing. She
discovered lots of good online resources for looking up corporate
registrations, legal documents, etc. She also had an excellent memory,
and could keep track of the myriad aliases and m.o.'s of the various
spammers. Plus, she just spent a lot of time talking to spammers
online. They sometimes gave her dirt on their competition or enemies. 

Bottom line, she had a strong drive to be good at anti-spamming, and
desire can overcome a lot of obstacles.
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #70 of 103: Rafe Colburn (rafeco) Fri 4 Feb 05 09:14
    
 I think that fighting spam is such a compelling problem for techies
because it appeals to the programmer's sense of laziness, as defined
by Larry Wall:

Laziness
    The quality that makes you go to great effort to reduce overall
energy expenditure. It makes you write labor-saving programs that
other people will find useful, and document what you wrote so you
don't have to answer so many questions about it. Hence, the first
great virtue of a programmer, Also hence, this book. See also
impatience and hubris. (p.609)

 I think people look at the time and effort that is spent deleting
spam one by one and think, if I could write a filter that would save
me this effort, in the end it would save me time.  Sifting through
your email to get rid of garbage is a boring repetitive task, exactly
the kind of task that programmers love to automate. 
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #71 of 103: Brian McWilliams (bmcwilliams) Fri 4 Feb 05 11:06
    
>I think that fighting spam is such a compelling problem for techies
>because it appeals to the programmer's sense of laziness

Rafe, really interesting point. 

Too bad that programmer laziness is a double-edged sword. Some techies
are being enticed to join the spam trade (as spamware developers,
sysadmins for spam kings, virus writers, and as spam kings themselves)
out of laziness -- or at least the desire to make a quick buck!
 
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #72 of 103: David Adam Edelstein (davadam) Sun 6 Feb 05 16:04
    
Clearly we need to make it more entertaining to fight spam (or work
for a legit company) than it is to write spamware!

One thing that I've noticed in the media is that most of the
discussion of spam is largely US-centric.  What's the spam situation in
the rest of the world?  How much spam do they get in other countries?

I suppose the corollary to that is to ask about spammers working
outside the country -- how much of our spam in the US comes from
offshore operations, or from spammers in the US using offshore server
farms?
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #73 of 103: Berliner (captward) Mon 7 Feb 05 03:08
    
Back when I was with Compuserve, I had an ID number they gave to
non-US accounts. When spam really started up, I got tons in Cyrillic,
often with pictures. There was lots of perfume (presumably
counterfeit), quite a few odd machines (no idea what they were: I don't
read Russian), and lots and lots of learn-English offers. 

One of my current accounts is with GMX, which has a crappy spam
filter, and most of the spam is in English, the usual penis/Rolex/dope
spam. There are, however, cyber-hookers operating in German, with a
"I'm a 27-year-old student studying to be a beautician, and I just want
a man to call my own" pitch. I assume these are Russians in Germany
working their girls. 
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #74 of 103: Brian McWilliams (bmcwilliams) Mon 7 Feb 05 06:56
    
>One thing that I've noticed in the media is that most of the
>discussion of spam is largely US-centric.  What's the spam situation
>in the rest of the world?  How much spam do they get in other
>countries?

David, I don't have stats handy. But USA users may get a
disproportionate amount of spam for a couple reasons. For example,
until recently, AOL.com was the most frequently targeted spam domain --
in part because America Online users were seen by many spammers as
receptive to spam. Spammers also like to launch "dictionary" and "brute
force" attacks against large Internet providers, and the USA has some
of the biggest targets. Finally, spammers are less likely to harvest
off the Internet and compile lists of email addresses that end in
anything other than dot-com and dot-net. When spammers sell each other
so-called "general Internet" email lists, they're usually free of
country domains such as dot-tw or dot-jp.

>how much of our spam in the US comes from
>offshore operations, or from spammers in the US using offshore server
>farms?

According to Spamhaus.org, six of the top 10 spammers in the world
right now are based in the USA. (Russia, Ukraine, and Brazil have the
other four spots.) But what's most shocking, I think, is that most of
the spam we receive is coming from USA Internet addresses. The USA has
over three times as many addresses on the Spamhaus Block List as the #2
country, China. And USA-based MCI is the #1 provider worldwide of
services to spammers. http://www.spamhaus.org/statistics.lasso
  
inkwell.vue.236 : Brian McWilliams, "Spam Kings"
permalink #75 of 103: Brian McWilliams (bmcwilliams) Mon 7 Feb 05 07:14
    
>One of my current accounts is with GMX, which has a crappy spam
>filter, and most of the spam is in English, the usual
>penis/Rolex/dope spam. There are, however, cyber-hookers operating in
>German, with a "I'm a 27-year-old student studying to be a
>beautician, and I just want a man to call my own" pitch. I assume
>these are Russians in Germany working their girls.

Interesting anecdotes, Berliner. Sounds like some kind of (rare)
attempt at target marketing by spammers. 

I think many of the Nigerian (aka 419 or Advance Fee Fraud) spammers
also practice some amount of geographical targeting as well. But on the
whole, the economics of sending email make it expedient just to send
your spams far and wide rather than hone them for a specific audience. 

I can't believe the amount of spam I receive that's written in Chinese
or other character sets that my computer doesn't have. And I'm pretty
sure there are lots of women receiving those "Have you ever wanted to
impress your girl with a huge cumshot?" spams that recently cropped up.
:(
  

More...



Members: Enter the conference to participate. All posts made in this conference are world-readable.

Subscribe to an RSS 2.0 feed of new responses in this topic RSS feed of new responses

 
   Join Us
 
Home | Learn About | Conferences | Member Pages | Mail | Store | Services & Help | Password | Join Us

Twitter G+ Facebook