Readers should be aware that blogs these days are absolutely flooded with Spam comments (advertising on-line casinos, insurance, prescription drugs, Viagra, and porn-sites). NYM receives hundreds a day, and Spam filtering software is not completely effective. Faute de mieux, I have recently started running multiple Spam filters. In most cases, comments not simply eliminated wind up in temporary storage, and I have to glance over them before they are allowed to appear. Consequently, a posted comment may not show up for most of a day sometimes. My apologies, but this state of affairs will prevail for a while (until I find a better solution).
Spammers are a parasitic plague upon the Net, but when it comes to their mastery of social engineering and manipulation, sometimes you just have to stand back in admiration.
One of the most popular and effective techniques for stopping spammers from, say, automating the creation of new, bogus e-mail accounts is the use of CAPTCHAs â€” a step in the sign-up process that presents a picture of a word distorted in such a way that a human can read it and enter the information correctly, but a machine canâ€™t. From the spammerâ€™s standpoint, what you really need to get around this is a bunch of human volunteers to decipher the CAPTCHAs and send back the results. But how do you persuade people to do your evil bidding for free? Why you just tap a primitive urge wired into the male brain â€” the caveman voice that says, â€œMust â€¦ see â€¦ naked â€¦ women.â€
A couple of security outfits have now found evidence of the technique in the form of a virtual striptease â€œgameâ€ that is activated when Windows IE is run on an infected machine. The program presents a partial picture of â€œMelissa,â€ who invites you to see more by deciphering a CAPTCHA. Answer correctly and you get a peek at another piece of Melissa and a new CAPTCHA to solve, and so forth.
Some of the worst spammers in the United States could be in for a rude surprise shortly, as Unspam Technologies has taken the first steps in tracking them down, with help from the ISPs.
The company filed a lawsuit yesterday in the Eastern District of Virginia seeking the identities of spammers under the U.S. CAN-SPAM Act and the state of Virginia’s own anti-spam statute. The suit seeks damages that could potentially reach $1 billion, but Unspam said it would be happy with driving spammers out of business.
The idea of suing spammers may seem as ludicrous as suing God; where do you deliver the subpoena? But Jon Praed, the lawyer on the case, founding partner of the Internet Law Group and one of the top lawyers involved in spam suits, said not to think that way.
“We cannot fight them by treating them as if they are everywhere, because it lulls us into a false acceptance of the inevitability of the outcome,” he told internetnews.com. “If we focus on what they are using or make it hard to use those tools, we’re going to beat them. We are not fighting Acts of God, we are fighting criminal acts.”
Unspam’s secret for dealing with these non-deities? Project Honey Pot, a trap for spammers. Spammers use crawlers to crawl through every page on a Website for valid e-mail addresses, and then add these addresses to their database.
Any Website operator can download the Honey Pot software and it will set up a dummy page that gives a fake, unique e-mail address to the crawlers. When spam comes in to that unique address, it’s a double gotcha; both the IP address of the crawler that harvested the fake e-mail address is known, and Honey Pot also scores the IP address of the sender of the spam.
As a result, Honey Pot has collected 2.5 million IP addresses of spam senders and 15,000 IP addresses of crawlers. Now comes the one-two punch. The company has released what it calls the http:BL, a blacklist of the 2.5 million compromised computers.
Most spam today is sent out by a compromised computer with a zombie, or bot (define) installed on the computer. The users of these computers almost always have no idea they are compromised, because they have no antivirus software installed to stop such infection in the first place.
Well, with the http:BL they will find out. The blacklist can be installed on any Apache-based Website, so when one of the 2.5 million IP address with a botnet running on them visits that site, the site can deny them access to the home page and inform the user of their infection.
Punch number two is for the 15,000 IP addresses of crawlers. Those are the people collecting and selling e-mail addresses. Harvesting is a slow process and botnets are expensive to rent by the hour, so the spammers do it themselves, on their own computers with a constant connection, since one is needed.
Gotcha, said Matthew Prince, CEO of Unspam and Project Honey Pot. “Those will be some of the first targets from this litigation,” he said. “We’ve identified very specific targets. In some cases have a good sense of who these people are. Then we can bring the full weight of the law down on these people who are breaking it.”
The worst offender for spam crawlers is the U.S., with 22.7 percent of harvesting coming from U.S. IP addresses. Romania is second and Japan is third, both with less than ten percent of the harvesting addresses.
The lawsuit grants subpoena power, which the ISPs wanted. …
Russia has the bad reputation for spam and viruses, but Prince said there is a delineation between spam of U.S. and foreign origin. “I would say that in terms of selling physical products, anything that has to be shipped, they tend to be here. Mortgage types are here too. The ones in other countries are committing straight fraud, like the Nigerian princes or fake bank account,” he said. …
Praed doesn’t expect to squash all spammers but he does hope to make life rotten for a lot of them. “We don’t have to catch them. We just have to make it so costly for them that they move on,” he said. “We know we have limited resources and it’s one lawsuit, but we realize acts of spam are not like Acts of God. By targeting the case on the worst of the worst we think we can have an impact.”