LWD - Spam's Empire

Chapter 8 - The never ending story, and what we will be talking about now

--- If you have missed the rest of this story or wish to comments on it, please visit the Forum Topic in LittleWhiteDog Forums ---

Article by: EdisonRex

The original seven chapters of Spam's Empire, in which we detailed the naming and shaming of Oleg Karabanov as a small-time, unrepentant, and persistent spammer, turned out to be quite popular articles for LittleWhiteDog. And after a good long break, both to do more research and to do other things, it is time to bring back Spam's Empire. We won't be talking about Stars' Empire or Oleg anymore. Since we banned all of the IP blocks he normally uses for his spam runs, we aren't bothered by him. We're very happy about that. We've always said he is free to operate his game. We always objected to the advertising methods. No, really, we did, despite the lameness of the game.

We do still get spammers, though, and this article, and further articles, will discuss their techniques and motives. We'll be writing about ISPs that actively support spammers, and we'll be writing about ISPs that tacitly support spammers. We'll also write about big ISPs with clueless abuse departments, who by their inability to act quickly, make themselves look like idiots. We'll publish the network blocks of the worst offenders, and we'd love comments from the ISPs that refuse to respond to abuse mail, since so many don't acknowledge forum or blog spam as an offense. We will also publish as a matter of record, those ISPs or domains which have been helpful and responsive to the problems.

More topics which we will be discussing are the changing laws around the world, and what it means for the spam industry. And we will write about what spam, phishing, splogs, spyware, malware, and botnets are, and the people who get caught writing and maintaining them. Spam's Empire will become a regular feature of LittleWhiteDog, and as we get ourselves more educated about the technology of spamming, we will tell it like it is.

Spam, Phishing, Splogs, what do they mean?

Most people still know Spam as a luncheon meat, manufactured by the Hormel Company. The link between unsolicited commercial emails and Hormel's product can be traced to a skit done back in 1970 by the now legendary Monty Python's Flying Circus. Those familiar with the skit know that Vikings singing about Spam ultimately drown out all other conversation in the restaurant. The first usage of the term "Spamming" for referring to unwanted commercial advertising drowning out true discourse was on the pre-Web Usenet, which was all but killed by being drowned by overzealous commercial exploitation.

The key point, and why spam is always a flood and not a trickle, is because it doesn't cost the spammer anything to send the messages. This is important, and goes a long way towards explaining why on average 85% of the world's electronic mail traffic is unsolicited commercial email. Because it costs very little to send emails, just like it cost very little to post on Usenet, unethical (and other) advertising firms can collect databases of valid email addresses and "shoot" advertising runs over the Internet at millions of people, flooding mailboxes with all sorts of come-ons for products and services that would otherwise be found, and ignored, in classified ads in the back of cheap newspapers.

At work is the economic probability of someone, somewhere, actually sending money to these people. 1% of a half a trillion emails is actually a rather alarmingly large number, and though it is probably unrealistic for spammers to achieve even 1% response, .01% is still an impressive number too. And there are many more ways for people to make money using spamming techniques. We will discuss more of these techniques throughout the series. Many times, the recipient of the email isn't even the source of the income. Naïve but legitimate web advertisers fall for spam scams through affiliate schemes, as do not so naïve ones.

Got Phish?

Phishing is a relatively new take on an old con. It used to be difficult to impersonate someone, before we were all connected electronically. Now it is relatively easy for someone to gather information on you, and it's even easier when you volunteer it. Using spamming techniques, a carefully crafted email that purports to be from your bank arrives, saying that someone has tried to access your funds (or some other dire, frequently poorly-worded urgency) and you need to log onto "their site", right away, and verify your details. Of course, it's not your bank you are connecting to, it is some hijacked, or just plain dodgy, site collecting your data, should you be so foolish as to ignore your bank's advice and give such details out. The technique has been used in telephone scams with varying success over the years too, but laws governing wire fraud are generally better defined when dealing with telephones, and the World Wide Web removes those pesky borders and long distance charges, and with them, jurisdictions of law.

Splogs are a relatively new phenomenon, but one must never underestimate spammers for ingenuity. Splogs are weblogs entirely made of spam. It also now means spam comments in legitimate weblogs. They are closely related to forum spam, and memberlist spam. They are put in, not specifically for humans to read, but, parasite-like, associate the spammer's reference website with your website, so that search engine rankings for the spammer's site are enhanced. It can be a lot more complicated than that, but in its essence, that is the basis of splogging, and forum (especially memberlist) spam. They actually rely on being ignored by humans, since the game is entirely played by scripts trying to entice robots. We will, in future articles, write about how to prevent your forum from being part of the problem, especially if you don't have time to manage your forum. We also publish a list that you can use to remove a lot of the less persistent spammers from even getting to your forums. We update it frequently.

Unfortunately, as much as people hate it, spam isn't going to go away anytime soon. The vectors that enable spam in its many forms, the motivations of the people making money from it, and the lack of any credible laws (along with the lack of proper education of most people using the Internet) ensure that we will be seeing unwelcome and unwanted emails, forum postings, blog comments, and forum member profiles for a long time.

It's a Big New World

The Internet was designed to be open, because at the time it was designed, the Cold War was on, and they needed to be sure that even if extensive pieces of infrastructure were surgically (or otherwise) removed, the "organism" would survive. Some of the many RFCs (Requests for Comment) which make up the specifications of the numerous Internet Protocols were naÃ¯ve in retrospect, especially considering how easily they have been corrupted by people who understand not only the design and intent, but how to abuse it for gain.

The openness that is the World Wide Web is specifically what makes it vulnerable to spammers. The academics who designed it did not take abuse into account, at least that kind of abuse. They were not instructed to. The problems with some of the protocols, for example SMTP (Simple Mail Transport Protocol) are so endemic that it will be impossible to really cause any meaningful reform to the protocol which doesn't eliminate the freedom envisioned by the writers of the protocol. The freedom to innovate is part of the allure of the Internet, and spammers are certainly good at innovation. Additionally, it is unclear if any protocol which allows for globally distributed nameservers (which is a keystone of the resiliency of the Internet) can keep rogue nameservers from being found to host spammers. Not that spammers need rogue nameservers all that much; plenty of Internet Service Providers are not too careful about who they rent space to. We will be talking about this problem, especially the Russian and Chinese problem, a lot, since there is the ancillary problem of countries where technology has more capabilities than the local culture is used to. To be fair, individuals can operate in such environments with a lot of ease, and because prosperity comes to the third world ISP, such an arrangement might look good, until the rest of the "free world" removes those IP blocks from the routing tables.

The Internet Is For Porn

Social Engineering has long been a tool of the folks who are making a lot of money from the Internet. The convergence of hackers, exploiting security holes in the dominant operating systems prevalent on home use machines, with porn vendors, arguably one of the most successful cottage industries on the Internet, and the spam gangs, is the big story. It used to be porn dialers, and simple credit card frauds. Now botnets are worth more, and dropping trojans and other malware, and harnessing them into botnets to provide dynamic, untraceable spam distribution networks is worth big money to them. Add keyloggers to help identity theft, and remote control capabilities to allow botnets to be harnessed to perform Distributed Denial of Service (DDoS) attacks; blackmail on betting sites has become a big business in the past year.

It is all related. And it all comes from the same places. Unfortunately some of the places are big, stupid American companies that would rather not admit that there is a problem, or are bureaucratically resistant to admitting that they are a vector, or have their corporate heads in the sand. We will be talking about them too.

The best way to develop a solution to a problem is to understand as much as you can about it. We hope that you will learn from this series, and we hope that as you learn you will teach your children, your mothers and fathers, and your friends about why they shouldn't click on "Click me now" popups, and become more streetwise about the Internet.

And we will continue to tell it like it is.


Telling it like it is...