Inside Links
Sponsored Links
Recent Entries
- 50 Billion Spam a Day
- Hong Kong makes an effort to crack down on spam
- Anatomy of spam
- MySpace Scam Emails
- Spammer Profile
Ad Content
Search Spamblogging
Recent Comments
- Eric on MS Exchange anti-spam review
- Duncan on MS Exchange anti-spam review
- Eric on WORM_SOBER.S Virus
- Libbe on WORM_SOBER.S Virus
- J. Kutkowski on WORM_SOBER.S Virus
Archives
Creative License
Feeds
The Buttons
October 13, 2006
50 Billion Spam a Day
Regardless of whether this is FUD or not, there is growing talk in the IT/email world over whether or not a US court blocking Spamhaus (via removal of ownership rights to their domain name through ICANN).
This all stemming from Spamhaus marking a company (e360insight) as a spammer in their blacklist database that is published for the world to see and use for their own blacklist purposes. e360insight then sued Spamhaus for over $17M in damages, claiming that they are not spammers and due to this improper listing they have lost legitimate revenue, and a US court has sided with e360insight. Spamhaus then essentially said that since they are not a US group, they see no reason to pay. This is where the concern that instead the US court will step in and block their domain via the ICANN.
Opinions range on the outcome of this, as you can imagine a lot of them varying in severity by how much the person/group giving the opinion stands to benefit from the spam problem getting significantly worse due to this.
Posted by Eric at 08:35 AM | Comments (0) | TrackBack
October 11, 2006
Hong Kong makes an effort to crack down on spam
As reported by WebProNews, Hong Kong has made an effort to really crack down on spam. Unfortunately, they have gone forward into this effort with so much gusto that they have essentially made an commercial email at all illegal under the wording of their law.
From the article:
Under the bill's current form, however, an invoice sent to a customer featuring a company logo would be against the law.What about that product recall notice you received via e-mail offering to replace that faulty lithium-ion battery with a new one?
You guessed it, completely criminal under the proposed legislation.
...
A key difference between the Hong Kong bill and US anti-spam legislation lies in legal recourse against companies who are in violation of the law. Only Internet service providers and government agencies can initiate legal proceedings against spammers in the United States, whereas any individual can initiate a lawsuit against a company under the Hong Kong bill's current verbiage.
Posted by Eric at 03:43 PM | Comments (0) | TrackBack
Anatomy of spam
The BBC has an article up pointing out the anatomy of spam. Things that are common sense and obvious to those who are in IT and work with email a lot, but perhaps less so to the average reader of a news site.
Things like why the names used are chosen, how to spot a fake email address, an image in the body, and extra text at the end among other things - all used for two reasons: 1) to get by the anti-spam tools, and 2) to get the message in front of you, so that you will open it and perhaps buy whatever they are selling (or fall for their scam) - which is really what #1 is going for as well.
Posted by Eric at 03:30 PM | Comments (0) | TrackBack
October 09, 2006
MySpace Scam Emails
A company who makes money offering technology services to avoid spam and email scams, Espion International Inc., has announced that they have found a MySpace Scam Email circulating and they say it is the first of that particular type.
From the press release:
The trapped email looked like a legitimate message from MySpace with the subject reading - "New message from Richard on MySpace sent on Oct 05 15:40:00 -4 2006". The spoofed message even contained real MySpace addressing, copyright and privacy information taken from legitimate MySpace "New message" notifications."When someone sends you a message on MySpace, your registered email account is sent a notification email containing a link to your new message. In this case, the link is malicious and tries to steal your personal information," said MySpace user Kurt Thayer. The MySpace Scam Site was taken offline soon after the email was trapped due to an overwhelming amount of traffic."
As it says there, the original site was taken offline, but there are potentially more on the way like this. This is not really anything new - there are always new scams coming out based on whatever is popular at the moment since that is what is likely to get people to read the email and act on it.
Also note that this is a press release from a company who makes money off of you paying them to help you prevent seeing emails like this.
Posted by Eric at 06:09 PM | Comments (0) | TrackBack
Spammer Profile
As spammer Christopher Williams Smith is going through various criminal cases filed against him by a variety of different law enforcement bodies (bragging about not filing taxes never seems to work out, does it?), the Twin Cities Pioneer Press has an article up about him.
It generally covers the items he has been in the news over lately, specifically those things ending him in jail like tax evasion, sending out spam, using a stun gun on his employees, and selling prescription drugs online among other things.
From the article:
Prosecutors say Smith's attempts to thwart the investigation escalated to a murderous plot in March when he allegedly tried to put out a hit on a witness while awaiting trial in the Sherburne County jail. Smith now faces a separate charge of witness tampering, but prosecutors want to play the recorded jailhouse conversation during the conspiracy trial.
You just can't make up stuff like that. Giving employees drugs, using a stun gun on them, hiring a hit man, etc - sounds like this guy needs his own TV show.
Posted by Eric at 12:31 PM | Comments (0) | TrackBack
October 05, 2006
Earthlink wins case against spammers
ZDNet reports that the two men charged in a lawsuit Earthlink filed have pleaded guilty. They now face up to three years in jail and up to $250,000 in fines.
From the article:
The two were identified in an investigation last year by EarthLink's fraud and abuse team into activity at its PeoplePC subsidiary. The team discovered more than 25,000 junk e-mails had been sent through 10 PeoplePC accounts that originated from Miami. The e-mails contained such subject headers as "I'm finally back home" and "I just got back in town," and contained messages that marketed herbal supplements.
The fines in this instance are interesting since they are pretty high considering the article states 25,000 messages were sent. Normally they are catching people sending out millions, so it would seem these two guys were small time. I didn't read the actual case, so perhaps their herbal supplement spams broke other laws themselves - being actual scams instead of "just" unsolicited email.
Posted by Eric at 10:05 PM | Comments (0) | TrackBack
Hormel just can't catch a break
The company who produces SPAM, the spiced ham food product, tried to enforce trademark law so that the current negative connotation of junk email will not be correlated to their name.
But that isn't really working out so well for them, at least in the legal sense. I really don't think their sales have changed specifically due to changes in unsolicited email trends.
Posted by Eric at 12:04 PM | Comments (0) | TrackBack
October 02, 2006
Geek spam on the rise
According to MessageLabs, there is an increasing trend in "Geek spam". From the press release:
In recent weeks MessageLabs has noticed an increase in the number of spam emails that are specifically targeting individuals within the technology sector by using social engineering techniques. Called “geek spam,” this type of spam includes technology-related keywords within the email to dupe recipients into believing that the spam is actually something more relevant, such as a bug report. This targeted approach using hidden keywords can help to pollute the Bayesian filters often used by technology professionals. The use of technology buzzwords, such as .NET, cpan, xss and Java, hidden inside the body of the spam can ensure that the mail looks convincing enough for limited anti-spam software to allow it through.
I'm curious as to why the spammers chose this route. I would imagine that it is a combination of the fact that "geeks" are more likely to get a lot of email, buy things online, and read bug reports.
Perhaps "geeks" are otherwise a tough market for spam since they otherwise would not click through much of the seemingly obvious spam.
Posted by Eric at 03:27 PM | Comments (0) | TrackBack
Gmail tip
Speaking of Gmail, one tip that I ran across recently (apologies to whoever pointed it out, I am not recalling off the top of my head where I saw this) was that if you want secure access to Gmail, use this url: https://mail.gmail.com/mail. The Gmail link from Google puts you on a secure login, but then redirects to a non-secure Gmail page - going to the above link encrypts the login and the main page. This is nice if you are on a connection that you don't trust, like an open wi-fi hotspot.
As far as I know, this does not yet apply to the mobile interface for Gmail.
Posted by Eric at 03:07 PM | Comments (0) | TrackBack
Google's Gmail is good at blocking spam
Not only is Google's Gmail service great at blocking spam - it is also good at not blocking opt-in emails. This is one of the worries of companies who make their money from legitimate email services, and Gmail seems to be the best of the free email services at still getting those messages into your inbox.
Read the full report at Lyris for more in depth discussion.
Posted by Eric at 03:03 PM | Comments (0) | TrackBack