Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The Significant Decline of Spam

CmdrTaco posted more than 3 years ago | from the no-just-stop-it dept.

Security 263

Orome1 writes "In October Commtouch reported an 18% drop in global spam levels (comparing September and October). This was largely attributed to the closure of Spamit around the end of September. Spamit is the organization allegedly behind a fair percentage of the world's pharmacy spam. Analysis of the spam trends to date reveals a further drop in the amounts of spam sent during Q4 2010. December's daily average was around 30% less than September's. The average spam level for the quarter was 83% down from 88% in Q3 2010. The beginning of December saw a low of nearly 74%."

cancel ×

263 comments

I have a solution (5, Funny)

elrous0 (869638) | more than 3 years ago | (#34710190)

Just set up some email routers to automatically append text that insults Muhammad to all SPAM messages. Pretty soon the spammers will all have their buildings burned down, their families threatened, etc. You just use one set of assholes to attack another set of assholes--the perfect solution.

Re:I have a solution (1)

devxo (1963088) | more than 3 years ago | (#34710316)

Just set up some email routers to automatically append text that insults Muhammad to all SPAM messages. Pretty soon the spammers will all have their buildings burned down, their families threatened, etc. You just use one set of assholes to attack another set of assholes--the perfect solution.

Or tell USA there is oil to be robbed where the spammers live.

Re:I have a solution (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#34710426)

Spammer's lipids could be converted into biofuels...

Re:I have a solution (0)

Anonymous Coward | more than 3 years ago | (#34710674)

Russia and Nigeria have oil.

Re:I have a solution (0)

devxo (1963088) | more than 3 years ago | (#34710982)

Russia and Nigeria have oil.

But Nigeria's oil industry is already owned by Shell. And they're working with US government to plant agents inside the Nigerian government [guardian.co.uk] so that the cheap oil keeps flowing.

Re:I have a solution (5, Interesting)

fridaynightsmoke (1589903) | more than 3 years ago | (#34711308)

Russia and Nigeria have oil.

But Nigeria's oil industry is already owned by Shell. And they're working with US government to plant agents inside the Nigerian government [guardian.co.uk] so that the cheap oil keeps flowing.

The linked leaked cable doesn't say that. What it does say is that Shell are/were concerned about Russia giving missiles and/or other weaponary to rebels intending to attack Shell helicopters and other installations etc, with a view to Gazprom taking over Shell's oil wells in Nigeria. Shell asked the US Gov. if it knew anything.

Re:I have a solution (0)

Anonymous Coward | more than 3 years ago | (#34711568)

I think it should be this cable [cnn.com] .

Re:I have a solution (1)

Belial6 (794905) | more than 3 years ago | (#34712320)

Good thing the cable was leaked so that we can read the actual cable and see that you are correct instead of listening to hear say.

best quote (1)

Mr 44 (180750) | more than 3 years ago | (#34712294)

The best quote from that cable:

Pickard has repeatedly told us she does not like to talk to USG officials because the USG is "leaky." She may be concerned that by telling us the true impact of the attack, more bad news about Shell's Nigerian operations will leak out.

Re:I have a solution (2, Funny)

MillionthMonkey (240664) | more than 3 years ago | (#34710574)

Just set up some email routers to automatically append text that insults Muhammad to all SPAM messages.

Your post advocates a

(*) stupid ( ) technical ( ) legislative ( ) market-based (*) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. Aaaah who cares; I have to go to work.

Re:I have a solution (1)

holamundo (1914310) | more than 3 years ago | (#34711540)

If they find out who set up the routers ... ;)

Don't be so quick to claim victory (1)

BadAnalogyGuy (945258) | more than 3 years ago | (#34710214)

Like a frozen metal pole, licking spam is only the prelude to a much longer, more terrifying ordeal.

Re:Don't be so quick to claim victory (0)

Anonymous Coward | more than 3 years ago | (#34710372)

Like a frozen metal pole, licking spam is only the prelude to a much longer, more terrifying ordeal.

Eventually ending up in the porn business?

Re:Don't be so quick to claim victory (1)

Tarlus (1000874) | more than 3 years ago | (#34711466)

I've found the same to be true of actual canned SPAM, as well.

Re:Don't be so quick to claim victory (1)

slick7 (1703596) | more than 3 years ago | (#34711670)

I've found the same to be true of actual canned SPAM, as well.

There's nothing wrong with SPAM that a frying pan can't fix, especially with brown gravy.

Who rules America? (-1)

Anonymous Coward | more than 3 years ago | (#34710240)

THERE IS NO GREATER POWER in the world today than that wielded by the manipulators of public opinion in America. No king or pope of old, no conquering general or high priest ever disposed of a power even remotely approach- ing that of the few dozen men who control America’s mass media of news and entertainment.Their power is not distant and impersonal; it reaches into every home in America, and it works its will during nearly every waking hour. It is the power that shapes and molds the mind of virtually every citizen, young or old, rich or poor, simple or sophisticated.

The mass media form for us our image of the world and then tell us what to think about that image. Essentially ev- erything we know—or think we know—about events out- side our own neighborhood or circle of acquaintances comes to us via our daily newspaper, our weekly news magazine, our radio, or our television.

It is not just the heavy-handed suppression of certain news stories from our newspapers or the blatant propagan- dizing of history-distorting TV “docudramas” that charac- terizes the opinion-manipulating techniques of the media masters. They exercise both subtlety and thoroughness in their management of the news and the entertainment that they present to us.

For example, the way in which the news is covered: which items are emphasized and which are played down; the reporter’s choice of words, tone of voice, and facial ex- pressions; the wording of headlines; the choice of illustra- tions—all of these things subliminally and yet profoundly affect the way in which we interpret what we see or hear.

On top of this, of course, the columnists and editors remove any remaining doubt from our minds as to just what we are to think about it all. Employing carefully developed psychological techniques, they guide our thought and opinion so that we can be in tune with the “in” crowd, the “beautiful people,” the “smart money.” They let us know exactly what our attitudes should be toward various types of people and behavior by placing those people or that behavior in the context of a TV drama or situation comedy and having the other TV characters react in the Politically Correct way.

Read more [natvan.com]

So... (4, Insightful)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#34710264)

Are we winning the war on spam, or are spammers(and their comparatively low returns) just being priced out of the botnet market by more lucrative cybercriminals, the DDoS extortion set, espionage agents public and private, various ideological axe grinders?

Given the fairly low-effort, fairly low-return nature of spamming, I imagine that it is sort of the botnet equivalent of a "screensaver" mode. More valuable than doing nothing; but priced out of the market once a more serious set of criminals comes along(especially now that there are relatively few fully legal spamming locations. This isn't the old days when the world's spam king was some American prick with multiple T1s running to his house, sending spam quite openly right out of his home jurisdiction...)

Re:So... (3, Interesting)

garcia (6573) | more than 3 years ago | (#34710438)

They can claim that spam is going down all they like but I haven't seen any reduction in my inbox and I have seen a HUGE increase (quick estimate is five-fold) in the spam comments which appear in my Akismet filter for Wordpress.

Re:So... (0)

Anonymous Coward | more than 3 years ago | (#34710828)

Wordpress.

Well there's your problem.

Re:So... (0)

Anonymous Coward | more than 3 years ago | (#34710856)

The article is only about email spam. Comment spam is unquestionably getting significantly worse, and very little is being done about it. As for not seeing a reduction in your inbox, most likely the vast majority of spam that hits your mailserver never reaches your inbox.

Re:So... (1)

dwinks616 (1536791) | more than 3 years ago | (#34711462)

Which provider do you use for your email? I use gmail, and among the hundreds of spams my oldest account receives, it's exceptionally rare for any to make it past the filter, perhaps 2-3 a year. For a while, a couple years ago, I would get 2-3 a week on that account, then google sprinkled some googledust on the servers and it's now practically non-existent.

Re:So... (1)

juasko (1720212) | more than 3 years ago | (#34712194)

Somhow my Mac fixes it for me nicely... Don't get much spam at all, being sencitive where i give my mail, or use 10 minute mail. But also the mail app in osx is pretty good after a few months training.

Re:So... (4, Interesting)

arivanov (12034) | more than 3 years ago | (#34710548)

1. At some point this summer FDA started looking into food supplements and actively removing "body builder" supplements which actually were a supplement for that muscle that is not quite muscle tissue and is affected by various sildenafil salts. A lot of SPAM was advertising these semi-legit operations and it is logical for it to reduce in volume as they get closed down.

2. Facebook, LinkedIn and their like have become easier routes than mail with higher success rates.

I would expect SPAM to decrease as a result of both of these even without major operations being taken down.

Re:So... (1)

Inda (580031) | more than 3 years ago | (#34712330)

Spam from LinkedIn...

I saw an increase in spam from this site; a site I've never visited.

LinkedIn's response to my complaint, after the 4th piece of spam from one of their users, who was advertising decorating services, was that I should be happy someone in the world wanted to make contact with me. You should be thankful we exist, Mr Inda. Without us your life would be poorer.

I don't normally complain but LinkedIn emails get past Gmail's filters too easily.

You can get your address blocked from LinkedIn by sending them an email.

Re:So... (1)

cakeslam (1965246) | more than 3 years ago | (#34710916)

Given that the younger generation no longer uses email for anything other than paying bills, it's obvious that the spammers are being priced out by low returns. Only us old timers are using email for communicating, and we are unlikely to buy things from spam.

Re:So... (4, Interesting)

Anonymous Coward | more than 3 years ago | (#34711478)

While I'm not a spammer in the legal sense, because I'm CAN-SPAM compliant. Most people here would consider me a spammer, because of some mental disorder about curing the world of whatever it is they don't like (in this case marketing). I've made well over 200k this year. Yes, it is down a bit, but that's mainly due to some recent changes in spam filtering, but now those filters have been figured out. Next year will be great again.

I'm in Las Vegas (spam beach west@!#$!!) and recently there was a guy arrested here for sending scam. It's reported he made over $500k this year and it's completly believable. That's something the antis don't understand there's LOTS of money in it and it's because of them. The tighter the filters get the more money we (that people who can get past them) make.

This time of year there's 2 schools of thought. The first school of thought says mailing this time of year isn't worth the reward / risk, because most people are traveling and not in front of their computers. Where the risk is getting your ips hammered by blacklists before the new year. The other school of thought says mail as much as you can so your offers fill up their inbox / junk folders and have more ips than normal in reserve for when you get nailed for the increased volume.

Re:So... (5, Insightful)

CohibaVancouver (864662) | more than 3 years ago | (#34712222)

I could probably make a lot of money scamming little old ladies, or working as a hitman or a pimp - However I choose not to because it's morally wrong. Just because I have no respect for you because you can make tons of cash spamming doesn't mean I have a mental disorder - It just means I have you in the same category as cowards who scam grannies.

Thanks again, Gawker (1)

durkzilla (1089549) | more than 3 years ago | (#34710266)

Well, I WAS seeing a decline in spam until my email address got released by Gawker (along with my crappy throwaway password). I'm getting several hundred a day again now.

Uhmm.... (1)

Skull_Leader (705927) | more than 3 years ago | (#34710302)

Then someone needs to tell the spammers this because over the past month I've been hit harder on my personal url accounts than ever before. From 2-4 message a night to 25 is a significant jump. Then they keep coming throughout the day. And that is using a black list and spam assassin. I would like to personally offer my current kidney stone as a gift to the spammers...

Re:Uhmm.... (1)

nullifi (1085947) | more than 3 years ago | (#34710432)

Yeah.. I've been experiencing even more spam these last few months. It's actually making it into my gmail inbox. A few, have even made it into my "priority" inbox too. Gmail was so great at spam filtering I only saw five or six pieces of spam a year. I've seen about 8 in the last 2 months.

Re:Uhmm.... (1)

compgenius3 (726265) | more than 3 years ago | (#34710732)

Interesting, my gmail is down to under 500 spam messages from the last 30 days. That's the lowest I ever remember seeing it and actually was quite a shock when I noticed it a few days ago. My usual has been somewhere around 1000

People not clicking any more? (1)

Culture20 (968837) | more than 3 years ago | (#34710308)

Perhaps the people who once bought v146r@ ch3ep are tired of getting tired of getting billed monthly for one bottle of placebo? No more financial incentive means greatly reduced spam?

Re:People not clicking any more? (0)

Anonymous Coward | more than 3 years ago | (#34711934)

CNN had a story a few weeks ago - I can't find it now - but the gist was that people don't really *use* email much any more. Everyone (well, 500 millions anyway) is using Facebook as a replacement for traditional email, and spammers are starting to focus their attention more on that medium, because that's where the most people are.

Only email spam? (1)

Carnivorous Vulgaris (1964964) | more than 3 years ago | (#34710322)

This only covers email spam. I'm guessing facebook and twitter users get spammed quite a bit to their profiles, as these are used more and more for daily communication.

Re:Only email spam? (4, Insightful)

mlts (1038732) | more than 3 years ago | (#34710694)

Comment spam hasn't slowed down. I think its because E-mail spam is starting to have such a low return ratio compared to getting spam in front of eyeballs via Facebook or Web forums.

For a spammer, cracking into a Facebook account, posting links up to a malicious website to distribute malware is far more lucrative than just spewing out and hoping the outgoing ISP, the relays, the user's mail server, and the user's MUA doesn't stomp the spam first. A FB account is almost guaranteed to be read, and oftentimes, the link clicked on.

Re:Only email spam? (1)

antifoidulus (807088) | more than 3 years ago | (#34711800)

Are cracked accounts being used to send spam? The only ones I have ever seen have been used for phishing, probably a much lower hit ratio but almost infinitely higher payout. The facebook spammers tend to be people who either join random groups and post their spam or search for random people and send direct message spam.

Re:Only email spam? (1)

mlts (1038732) | more than 3 years ago | (#34712440)

I have seen some accounts cracked. Usually one or more of three things happen:

1: All friends of this person get the archetypal "OMG, I'm in a gaol in London, I need $750 to get put, please wire some cash", from an account whose owner who doesn't even have a passport.

2: All friends of this person get inundated with wall postings about various sites; all of which are dummy domains apparently trying to serve up malware.

3: Friends on the cracked account list get called or mass-texted if they are dumb enough happen to have their number on FB.

All this can make an account cracker a good amount of cash (either directly or a commission from the malware downloads), because people will tend to send money to a friend who sends a plausible sob story. Since the crackers are likely in another country who doesn't give a rat's ass anyway about people in the West, they can do what they please, and there are no chances of repercussions.

Re:Only email spam? (1)

dgatwood (11270) | more than 3 years ago | (#34712280)

People put up with spam. People get violently angry at people who crack into their accounts. If they keep pulling these stunts, one of these days, somebody is going to lose it, track them down, buy a baseball bat, go to their address, and beat the ever-living s*** out of them. Fifteen bucks for a child-sized baseball bat is a small price to pay for such revenge.

Odds are, if someone bludgeoned a Facebook cracker, he/she would not even be charged with a crime because it would never get reported. After all, if the dirtbags reported it, their cybercrime would be uncovered, and they would rot in jail. In short, these people are basically taking their lives into their hands when they do this.

P.S. To the scumbag in Florida who cracked my Facebook account last month, do it again, and I swear I'll post your in situ address on /b/, then hire a crew to film your address and post clips on YouTube so that everyone you've hurt can watch and enjoy the carnage.

Re:Only email spam? (1)

clone52431 (1805862) | more than 3 years ago | (#34711460)

This only covers email spam.

Refer to AC replies to my post for proof of this.

clone gets embarassingly "shot down in flames"? (1)

Anonymous Coward | more than 3 years ago | (#34711594)

http://it.slashdot.org/comments.pl?sid=1927208&cid=34689212

Hmmmm? Did Your big mouth and skimming get you into a jam again?? Absolutely. You tried taking on your betters, and your skimming and your stupidity did you in, promptly. How embarassing for you clone. It was totally hilarious watching you run away! There will be NO burying this clone, for your trolling others here repeatedly, and under your other registered username here too of clone53421 (1310749) as well.

Re:clone gets embarassingly "shot down in flames"? (1)

clone52431 (1805862) | more than 3 years ago | (#34711692)

QED. Thanks, AC. Come back soon.

Junk filters make it less effective (2)

Trip6 (1184883) | more than 3 years ago | (#34710324)

When I first got email in the late 1800s there were no junk filters. Today, I specify a single spam mail as junk and I never see that type of spam again unless I want to.

Spam less effective = less of it sent.

Re:Junk filters make it less effective (5, Funny)

Anonymous Coward | more than 3 years ago | (#34710376)

When I first got email in the late 1800s there were no junk filters.

I should say not. If the Pony Express rider went to all that trouble to deliver the letter, it would be rude to throw it out.

Re:Junk filters make it less effective (1)

kesuki (321456) | more than 3 years ago | (#34710784)

i don't think he's joking i think you've been misinformed

Re:Junk filters make it less effective (4, Funny)

morgan_greywolf (835522) | more than 3 years ago | (#34711302)

I am so getting off Trip6's lawn. You should, too.

Re:Junk filters make it less effective (1)

khr (708262) | more than 3 years ago | (#34710402)

When I first got email in the late 1800s there were no junk filters.

Did you get it by telegraph?

Re:Junk filters make it less effective (1)

multipartmixed (163409) | more than 3 years ago | (#34710416)

> When I first got email in the late 1800s there were no junk filters.

Holy crap, I never go e-mail of *any kind* until the late 1980s. And here I thought I was pretty hip! I never imagined that somebody would have me beaten by over 80 years!

Re:Junk filters make it less effective (1)

KingRatMass (1448233) | more than 3 years ago | (#34710420)

When I first got email in the late 1800s there were no junk filters.

Junkmail filters in the late 1800's were called Winchester repeating rifles.

Re:Junk filters make it less effective (0)

Anonymous Coward | more than 3 years ago | (#34710484)

Oi! So it was you on the other end of that magick stick!

I always did wonder why you kept ignoring my calls. "Invite Trip to dinner," said the wife, "I sent a call on the magick stick," I said, "but he never returned the favor."

See if I offer to stable your horses again.

Re:Junk filters make it less effective (1)

JustOK (667959) | more than 3 years ago | (#34710734)

He's using military TIME not date.

Re:Junk filters make it less effective (1)

juasko (1720212) | more than 3 years ago | (#34712260)

military time, americans are so funny, what is so military about 24h clocks, the whole world except the english speaking world uses 24h time.

I guess any non American would qualify for US army, they can handle a clock... :p

Re:Junk filters make it less effective (0)

Anonymous Coward | more than 3 years ago | (#34710866)

Spam less effective != less of it sent.

There fixed it for you. And I hope that explains the problem with spam.

bah (1)

Blymie (231220) | more than 3 years ago | (#34710408)

ROTFL.

Quite a few percentages quoted, but no marker to base those percentages against.

When are all these ups and downs being compared to? The article doesn't say. The summary doesn't say.

Statements like "The average spam level for the quarter was 83% down from 88% in Q3 2010." clearly indicates that there is some point being tracked, prior to a half year ago.. but when? If spamit closed in September, why are figures from July-Sept showing a downtrend?

Bah!

Re:bah (0)

Anonymous Coward | more than 3 years ago | (#34710512)

Those percentages are of total email sent for period.

Re:bah (0)

Anonymous Coward | more than 3 years ago | (#34710532)

The 'average spam level' is the percentage of all email traffic that consists of spam.

Re:bah (2)

higuita (129722) | more than 3 years ago | (#34710824)

i cant give you those answers, but i see a similar trend, spam is dropping since end of August/start of September

check the graph (rejects and spam tags are spam):

http://picpaste.com/spam.png [picpaste.com]

in the previous years, i would see a big increase of spam since November until Christmas, this is the first time in years that i get less spam in Christmas than the rest of the year... i see now that i'm not the only one

i have a usual level of spam of 60% during the year and its now on a spam ratio of 25% (but this week is usually a slow week for spam every year)

better graph showing the spam drop (2)

higuita (129722) | more than 3 years ago | (#34711212)

Even better, this university gets a lot more spam than i and check the graphs

http://picpaste.com/mx-fx7b1NOG.png [picpaste.com]

Seasonal variation (5, Interesting)

oobayly (1056050) | more than 3 years ago | (#34710478)

I've noticed that spam & dictionary attack are seasonal. Over Christmas I saw less than 20% of the usual attacks on our servers. I'm guessing this is due to peoples bot-ridden machines not being switched on as much.

What really gets me is the amount of of dating spam that gets sent to an account I use for FreeBSD porting & CPAN. One would think spammers would avoid certain domains as they're only used by techies. Then again, maybe we're so desperate we'll jump at any chance of talking to a bird.

Re:Seasonal variation (1)

Spad (470073) | more than 3 years ago | (#34711436)

The spammers don't care who their mail goes to. Email spam isn't a carefully targeted marketing strategy, it's a fire-and-forget statistical return strategy because it's so cheap to do that it's not worth the hassle to work our who's worth spamming and who isn't.

It's the same with "personalised" phishing; automation technology has advanced to the point where it's no longer necessary to specifically target your attacks for the best returns, you just let your software target *everyone* for no additional cost (money or time-wise).

person+foo@domain.com (2, Informative)

Anonymous Coward | more than 3 years ago | (#34712076)

What really gets me is the amount of of dating spam that gets sent to an account I use for FreeBSD porting & CPAN. One would think spammers would avoid certain domains as they're only used by techies. Then again, maybe we're so desperate we'll jump at any chance of talking to a bird.

That's why I like using the "+" separator whenever I can. It allows easy filtering and I know exactly where it was received from.

Unfortunately a lot of web form validation systems don't accept the format "person+foo@domain.com" as valid, and I have to end up removing the "+foo". When I was more active on Usenet I used a date-based format for my posting ("person+unetYYmmDD@domain.com") that I updated semi-regularly. I then created a ".forward+unetYYmmDD" that put things into /dev/null once the address was harvested after a few months.

I believe Gmail supports the +foo modifier, but my company exchange system sadly does not.

Re:Seasonal variation (1)

flyingfsck (986395) | more than 3 years ago | (#34712144)

No, it is due to the spammers going on holiday to some place where they got to pay for internet access. Spam always reduce on American holidays.

FWIW, my personal spam has dropped by 90%. (1)

PhineusJWhoopee (926130) | more than 3 years ago | (#34710496)

Maybe I was "lucky" to be mostly targeted by Spamit.

ed

Poor detection (4, Interesting)

OiBoy (22100) | more than 3 years ago | (#34710508)

I've been getting significantly MORE spam in the last month. I would assume that they base their metrics on how much spam was caught and identified. Since apparently more is getting through to me now, the article should really be titled "Significant Decline of Spam DETECTION".

Re:Poor detection (1)

jo7hs2 (884069) | more than 3 years ago | (#34710662)

I've been getting significantly MORE spam in the last month. I would assume that they base their metrics on how much spam was caught and identified. Since apparently more is getting through to me now, the article should really be titled "Significant Decline of Spam DETECTION".

Me too. Almost all of it is "enhancement" related. Started about two months ago, steady rate, similar message. Every year or so this seems to happen. The last group to get through en masse were the random letter and misspelling ones. I'm somewhat surprised these are getting through, since they are not well disguised.

Re:Random Letter (1)

TaoPhoenix (980487) | more than 3 years ago | (#34712428)

Why can't we just have a rule that any email that has more than 3 spelling errors gets nuked?

Re:Poor detection (1)

higuita (129722) | more than 3 years ago | (#34710914)

i see spam detection dropping and i'm not seeing more spam entering the filters (other than the Christmas cards emails from all our partners and clients ;) )

check http://it.slashdot.org/comments.pl?sid=1929880&cid=34710824 [slashdot.org]

so this isnt just a failing in detection, its really less spam entering

Re:Poor detection (1)

thomst (1640045) | more than 3 years ago | (#34711014)

I've been getting significantly MORE spam in the last month.

I've been getting almost NO spam the past few days. Maybe it's my mail host, maybe it's just vacation time for spammers, but still ...

Re:Poor detection (1)

Speare (84249) | more than 3 years ago | (#34711480)

I've been getting a lot of MAILER DAEMON "rejection" notices... either I'm actually being joe-jobbed, or they're just sending messages to get past my current set of filters.

Re:Poor detection (0)

Anonymous Coward | more than 3 years ago | (#34711628)

I've been getting insane amounts of spam for the last month or two ... lots caught in my filters, but also a lot getting through. I've had to write a procmail recipe to dump all the following straight to /dev/null -

* ^Subject:.*how are u hun|wasssup|How u doing|how u doing|howdie|hey whats up|hey there heh|well hi again|howdie hunny|how u doin bebe|whats shakin babe|whats going on|well hi there|hey hows it going|whats cookin|whats shakin babe|well hi hun|hi how are you|hows it goin|hello how are ya|Hey babe how r ya|wasssssup|Whats goin on bebe|helllllllo|hey there|hi babe|for my sepcial one|Hey You|whats goin on|hey babe|hey sweets|whats up babe|well hey hey|well hello there|hey sweety|hi hun|HI YOU|hows it hangin lol|hey sweety|well hello.*

Not sure what they were advertising as I didn't click any of the links, but at one point I was getting 50+ a day.

Malware & Botnets More Profitable (1)

wiredmikey (1824622) | more than 3 years ago | (#34710524)

Spam is declining for a few reasons -- Anti-spam technology is getting better and more widely deployed. sure with massive volumes and good spammer technology plenty is still getting through -- but it's becoming more challenging for spammers to reach the inbox these days. Cybercriminals have switched to focusing on using malware and botnets as these much more profitable over time than the basic spamming. Why would you waste time trying to get someone to buy viagra from an online pharmacy when you could capture their credit card or online banking details instead? Successfully capturing a few dozen credentials like this would likely be more profitable than reaching a million users with a spam message. Massive volumes of spam will still continue but overall the spam industry just ain't what it used to be!

Malware & Botnets? NOT A PROBLEM! How? (0)

Anonymous Coward | more than 3 years ago | (#34711070)

Simple: Secure yourselves against it, & the single easiest ways are the following:

1.) Limit javascript usage to ONLY sites you trust or, absolutely NEED it running on (this is doable via NoScript in FireFox, or, Opera's "by site preferences", where you can set exceptions to javascript running, but otherwise, leave it OFF for all sites, globally (you can make exceptions as you need to, for say, ecommerce sites doing database access)).

2.) Use a custom HOSTS file, for added "layered security" (and, more speed too: BONUS)!

(This works, as a "blacklist" of KNOWN BAD SITES, because what you can't touch, can't touch YOU, online, this way)...

Hosts files offer a LOT more than say, adblock &/or DNS do (& hosts also overcome & "shore up" both those programs' "short-comings" in security bugs, or lack of abilities in certain cases (see list below in my P.S.)).

---

Others here have also, for example, found the same as I have:

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

FROM http://tech.slashdot.org/comments.pl?sid=1907528&cid=34532122 [slashdot.org]

---

So, in combining the usage of HOSTS files & limiting javascript (see SECUNIA.COM, it'll show you that MOST of what infests people is malscripted sites & malscripted adbanners (evidences of that are below, very current too)), & this security guides' points -> http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

You can dismiss the possibility of botnets OR malware, "getting to you" (along with using GOOD "common-sense" & safety online)!

E.G.-> I haven't had a malware get to my systems in more than 15++ yrs. in fact, because of the above... &, I go MUCH FASTER online too! Plus, as you can see? I am NOT the only person enjoying this... others are also.

APK

P.S.=> 20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/ [blogspot.com]
http://www.malware.com.br/lists.shtml [malware.com.br]
http://www.stopbadware.org/ [stopbadware.org]
http://blog.fireeye.com/ [fireeye.com]
http://mtc.sri.com/ [sri.com]
http://news.netcraft.com/ [netcraft.com]
http://www.shadowserver.org/ [shadowserver.org]

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
http://someonewhocares.org/hosts/ [someonewhocares.org]
http://hostsfile.org/hosts.html [hostsfile.org]
http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
http://hosts-file.net/?s=Download [hosts-file.net]
https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org]
http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org]

8.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTY than any ring 3/rpl3/usermode app can.

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code. With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in).

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

HACKERS USE ADBANNERS ON MAJOR SITES TO HIJACK YOUR SYSTEM: -> http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com] [wired.com]

THE NEXT AD YOU CLICK MAY BE A VIRUS: -> http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org] [slashdot.org]

NY TIMES INFECTED WITH MALWARE ADBANNER: -> http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org] [slashdot.org]

MICROSOFT HIT BY MALWARES IN ADBANNERS: -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] [apcmag.com]

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

2 MAJOR AD NETWORKS FOUND SERVING MALWARE: -> http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

HOSTS files are NOT BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked, proving HOSTS files are a better solution for this because they cannot be blocked & detected for, in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

* MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik, which IS a form of array)) - mvps.org covers that in detail and how to easily do this in Windows (this is NOT a problem in Linux, & it's 1 thing I will give Linux over Windows, hands-down). Relatively "smallish" HOSTS files don't have this problem (mvps.org offers 2 types for this).

D.) HOSTS files, once read/loaded, once GET CACHED, for speed of access/re-access (@ system startup in older MS OS' like 2000, or, upon a users' 1st request that's "Webbound" via say, a webbrowser) gets read into either the DNS local caching client service (noted above), OR, if that's turned off? Into your local diskcache (like ANY file is), so it reads F A S T upon re-reads/subsequent reads (until it's changed in %WinDir%\system32\drivers\etc on Windows, which marks it "Dirty" & then it gets re-read + reloaded into the local diskcache again). This may cause a SMALL lag upon reload though, depending on the size of your HOSTS file.

E.) HOSTS files don't protect vs. BGP exploits - Sorry, once it's out of your hands/machine + past any interior network + routers you have, the packets you send are out there into the ISP/BSP's hands - they're "the Agents" holding all the keys to the doorways at that point (hosts are just a forcefield-filter (for lack of a better description) armor on what can come in mostly, & a bit of what can go out too (per point 18 above on "locking in malware")). Hosts work as a "I can't get burned if I can't go into the kitchen" protection, for you: Not your ISP/BSP. It doesn't extend to them.

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock, &/or NoScript (especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

APK

P.S.=> Some more notes on DNS servers & their problems, very recent + ongoing ones:

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even GOOGLE DNS, & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Photobucket's DNS records hijacked by Turkish hacking group:

http://www.zdnet.com/blog/security/title/1285 [zdnet.com]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECUNIA.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS! ... apk

Re:Malware & Botnets? NOT A PROBLEM! How? (1)

juasko (1720212) | more than 3 years ago | (#34712478)

If this wouldn't have been informative I'd hostfiled that message id.

Well nice work even if you over did it. Copy paste spamming forum threads?

Couldn't even buy their product (1)

British (51765) | more than 3 years ago | (#34710528)

I remember getting the occasional spam, and actually out of curiosity seeing how they would even complete their objective. Their objective? Sell you something that they are advertising. Many moons ago, I got one spam that had an 800 number. I called it and I couldn't even leave a message since the mailbox was full.

Spam = advertising. Advertising leading to the sale of a product or service. I noticed about 99% of the time there was no logical or easy way to make a call/visit a site,etc to present me with a product where I could buy it. You think grandma is going to de-obfuscate a URL(like slashdot's stupid email addy obfuscating filters) , visit the URL & buy your fake Lewis Vitton bags or whatever. Some spammers I swear are just spamming for the sake of spamming. Where's the money in that? There's ways around that like recommending I buy some junk stock that will be worthless in a month.

Then there was some Chinese individual who personally spammed me trying to sell me electronics. I carried on a good convo with him for a week until he told me to go to hell for wasting his time. He refused to tell me how he got my email address. In a funny coincidence, my gmail got hacked, sent spam mail out to everyone in my address book, including the spammer. He replied back saying he wasn't interested. yes, spam emailed spam.

BTW slashdot quit forcing me to preview, wait 2+ minutes to make a damn post on here. Or should I just go to reddit?

Re:Couldn't even buy their product (1)

Dachannien (617929) | more than 3 years ago | (#34711714)

Some spammers I swear are just spamming for the sake of spamming. Where's the money in that?

Spammers are essentially playing suckers against suckers. They make money by convincing the morons who are selling a crap product that people actually read/see spam these days, and that it's advantageous to spend money to advertise via spam. In other words, spamming itself is the business, not the sale of knock-off products.

Re:Couldn't even buy their product (1)

tepples (727027) | more than 3 years ago | (#34712364)

Spam = advertising. Advertising leading to the sale of a product or service. I noticed about 99% of the time there was no logical or easy way to make a call/visit a site,etc

A commercial for Coca-Cola need not explain where one can buy Coca-Cola.

Why not go after the companies hiring the spammers (4, Insightful)

pak9rabid (1011935) | more than 3 years ago | (#34710564)

What I've never understood is how come the governments haven't ever gone after the companies hiring these spammers to spam their shit all over the Internet? I mean, if we're so gung-ho about stopping spammers, you'd think the obvious place to start would be the companies that are hiring these scummy assholes to do their bidding for them (I'm sure the spammers aren't just advertising other companies' products out of the kindness of their hearts)...\/1@gr4, I'm looking at you.

Re:Why not go after the companies hiring the spamm (0)

Anonymous Coward | more than 3 years ago | (#34710970)

If you're talking about going after all the shady pharmacies that are probably funding the spammers, more power to that.

If you're talking about the drug manufacturers I think you're into conspiracy theory territory there. While drug companies do a lot of crappy things, I doubt they're funding spammers.

Re:Why not go after the companies hiring the spamm (1)

gartogg (317481) | more than 3 years ago | (#34711098)

That's not the point; if they actively benefit because of spammers, and their distribution method currently allows it, then they could stop it. This means that economic pressure on manufacturers will stop the spam.

But it's not true, and manufacturers don't like it. Drug producers don't like people buying knockoffs and Canadian drugs at reduced prices.

Re:Why not go after the companies hiring the spamm (1)

scorp1us (235526) | more than 3 years ago | (#34710990)

Because most of that isn't real Viagra, it's Canadian/Indian knock-off Viagra.

I love the IBM commercial where "10% of the worlds medication is counterfeit" and they go on about tracking and safety. What it is really about is profits. They don't want counterfeit meds hitting the shelves. While this sounds good, the "counterfeit" meds aren't as dangerous as they seem. Some countries are not respecting patents so India and Canada can produce their own. Since it is sold and labeled as "Viagra" but isn't produced by the patent older or license, it is technically counterfeit. But it is just as safe as acetaminophen is to "Tylenol".

*Note: there has been a push for India and other countries to respect patents, I don't know where these efforts currently stand. These countries just don't want to pay the extortion rates from the patent holders.

Re:Why not go after the companies hiring the spamm (2)

gutnor (872759) | more than 3 years ago | (#34711598)

Even if they could produce the real stuff, that is far more profitable and less cumbersome to sell sugar pills - or nothing at all.
That is a bit like fake rolex. Rolex-quality level fakes exist, stolen rolex exist, but the half homeless vendor with his blanket at the corner of the street is not the guy where you can get those from.

Re:Why not go after the companies hiring the spamm (1)

DCFusor (1763438) | more than 3 years ago | (#34711366)

That would take actual legwork, you know, doing what we pay them for, rather than sitting around eating donuts or watching pron at work. Someone would have to actually read the spam, pretend to be a customer, spend a little money, watch where it goes, and generally do basic cop work, which is a fair PITA.

Too many people have been too affected by TV cop performance. In truth, there aren't any super-detectives that always find the guy, most cops are content to come and clean up after some major crime has happened, and most perps just get away with whatever.

There is no Columbo, no Kojak, no Jack Bauer, no CSI -- that's all fantasy. Maybe that's good, maybe not. Most departments are run by politics, and jurisdiction here is a real hairy issue. Probably the feds ought to take a little time off the "war on this and that" and do some real war on things that actually matter, rather than things that get press -- and in this case they might be surprised how much positive press they'd get were they effective. It probably looks too much like whack-a-mole to them at this point, because even though it costs everyone money, it only costs any one entity "some" but not huge money as a fraction of operating costs. I'd bet a bunch of these companies are actually pretty small outfits that move around a lot. I mean, how much setup does it take to be a pusher of fake sex drugs? One guy with an idea and a box of fake pills in mom's basement? Things like that are hard to catch up with, and seem like too-small busts to make some cop get a promotion, even though setting an example with a few might cool their jets nicely. It's how the IRS works for example -- a few really public busts, a few threats of audits, and everyone lays down and pays taxes out of fear.

Re:Why not go after the companies hiring the spamm (0)

Anonymous Coward | more than 3 years ago | (#34711834)

> What I've never understood is how come the governments haven't ever
> gone after the companies hiring these spammers to spam

Why should governments care? All the spammers are doing is wasting people's time.

The workmen whose van blocks one lane of traffic during rush hour, whilst they pop into the cafe for some tea and sausage rolls, waste more potential man-hours of productivity than any spammer could achieve. Do we launch an international campaign against van drivers?

anonymous coward (0)

Anonymous Coward | more than 3 years ago | (#34710602)

We get Christmas and New Year off now so of course the spam tails off.
Back soon!

Of course, it's the end of the year! (0)

Anonymous Coward | more than 3 years ago | (#34710612)

Has anyone looked at the previous statistics? Spam always drops around this time of year (I guess the spammers go on vacation for the holidays). Starting in January it will crank back up. It does this every year.

Taking out a botnet or whatever sometimes produces lulls but they are always temporary.

Re:Of course, it's the end of the year! (1)

higuita (129722) | more than 3 years ago | (#34710946)

check http://it.slashdot.org/comments.pl?sid=1929880&cid=34710824 [slashdot.org]

in previous years i got more spam in November and first 20 days of December than the rest of the year... this year i get less spam during the same time

Re:Of course, it's the end of the year! (1)

MROD (101561) | more than 3 years ago | (#34711142)

Have a look at the statistics I've been gathering at work:

Oxford University Dept. of Earth Sciences spam statistics. [ox.ac.uk]

As you can see, both the volume and percentage of spam relative to legitimate e-mails is down to the lowest levels in a couple of years, by an order of magnitude (in terms of volume) from its peak in July 2009.

Was down for a while, but came back big (1)

aarenz (1009365) | more than 3 years ago | (#34710648)

I was noticing fewer items in my spam filter reports declining indeed in October. Looking at recent week or so, it has jumped to a level that I have never had before. This is based on my business account as well as an old email address that I use. I suspect that they have figure out a new method, or were able to breathe life back into all of the bots that they already control. This will be a continuing effort until there are swift and painful punishment for spammers when caught.

Spam will be stopped in the same way that drug trafficing will be stopped, by education and ability to make it profitable. As long as money is there, people will always step forward to rake it in.

What is the definition of "Spam" in this case? (1)

GJSchaller (198865) | more than 3 years ago | (#34710652)

I need to question the methods used to measure Spam, specifically what is being measured - while I can see the volume of spam emails dropping, the number of spam accounts attacking the forums I run is ever-increasing. Despite numerous tools (Blacklisting, CAPTCHAs, etc.), the sophistication and frequency of spam accounts and posts on forums seems to be increasing - to the point of humans joining communities and contributing in semi-relevant ways so that they aren't just auto-banned when they sign up.

I don't think that Spam is declining, I just think it's shifting methods to new ways that aren't being fully measured yet...

Imperceptible improvement (3, Insightful)

rickb928 (945187) | more than 3 years ago | (#34710726)

So instead of 332 spam messages a day, I'm only seeing 296 messages? Not really groundbreaking for me.

Playing Whack-A-Spammer is a losing proposition. Someone will start up a service at least as big as Spamit, and we're just as buried. I'm not at all hopeful that spam can be contained at all.

The only real solution is to go after the advertisers, the clients. I get occasional spam from what looks like mainstream advertisers, and if they get interested either in avoiding the bad press of spamming people OR they get interested in spammers using their trademarks without permission, maybe then we get some results.

But there's plenty of advertisers that don't care.

The ultimate solution is to make the spammers pay more than their clients will tolerate.

Compare apples to apples -- what about Q4 2009? (1)

pediddle (592795) | more than 3 years ago | (#34710792)

This article is rediculous:

The large amounts of pre-Christmas spam are something of a tradition, but here too the outbreak was smaller than most of the large outbreaks this year.

What about the Christmas outbreak last year? Was it different?

I get the feeling the author is just spinning the numbers. Who knows, there could be no decline at all unless seasonal trends are fully accounted for.

Re:Compare apples to apples -- what about Q4 2009? (1)

MROD (101561) | more than 3 years ago | (#34711258)

See the the comment I made above [slashdot.org]

Spammers moved to Facebook (0)

Anonymous Coward | more than 3 years ago | (#34710818)

Facebook users get something to click on, we get our peace of mind, everybody's happy. And here was I thinking that walled gardens are useless.

this is probably (1)

nimbius (983462) | more than 3 years ago | (#34711090)

the worst article ive ever read. source is not linked, the axes on the graph arent even fucking labeled, and the method by which the sampling was acquired was not disclosed. furthermore lets take this with a grain of salt; commtouch sells an anti spam product to large isps and service providers that costs upwards of a quarter-million dollars a year to license and run. If the metric is from their honeypots that might be OK, but if its from their appliances then i call foul.

spam isnt just from one source anymore, so you see it coming from dedicated and shared hosting accounts, pools of compromized ips and web based email accounts without decent security controls.

I don't really believe it (2)

Alioth (221270) | more than 3 years ago | (#34711228)

Spam to my mail server has increased quite significantly the last three months. The most recent low was about the middle of this year (when my personal email address was "only" getting 600 spam emails per day on average), currently the average is closer to 1200 spam emails per day (About a year ago, it was around 1000 spam mails per day on average). Fortunately SpamAssassin catches pretty much everything.

Some interesting things I've noted from the count of spam:

* It drops markedly over weekends (sometimes by as much as two thirds). Either spammers take the weekends off, or the machines with the botnets installed are typically in businesses and are switched off over the weekend.
* I noted a big drop in spam when that "false positive" story broke with one of the antivirus vendors (I don't remember which one it was) which rendered a large number of Windows machines unbootable - perhaps these machines were infected after all.
* I see a dent in the spam numbers every time there's an announcement about some botnet being taken down. However, the numbers only drop off for perhaps a week or two, after that the spam is back with a vengeance, usually at an even higher rate than before.
* The highest single day amount of spam to my personal email address this year was over 1900 spam messages.

Just the facts Ma'am. (2)

MROD (101561) | more than 3 years ago | (#34711368)

I've noticed very much the opposite [ox.ac.uk] at work.

As you can see, there's been a general trend downwards, in jumps, since July-Sept. 2009.

The filters being used here are (1) IP addresses with valid DNS entries, (2) DNS blacklists, (3) ClamAV (with spam signatures added), followed by (4) SpamAssassin, which has been detuned so that it doesn't produce any false positives. Seeing as only a few spams actually get past ClamAV this is merely to catch those which don't have a signature yet.

P.S.: Off topic: Right on commander! ;-)

huh (1)

buddyglass (925859) | more than 3 years ago | (#34711338)

Oddly, more spam than usual has been getting past Gmail's filters in the past couple weeks. At least for me. Less spam but smarter I guess.

I didnt see much of a decline until this week (1)

night_flyer (453866) | more than 3 years ago | (#34711694)

the company I work for was averaging 300k a day, bit down about 66% this week (there was a significant drop in August however). I attribute it to people getting new PCs and taking their old spambots off line...

I still have between 2% and 6% Spam (0)

Anonymous Coward | more than 3 years ago | (#34711718)

I don't know how those ppl manage to get that much Spam? A decent configured MTA (Postfix in my case) with additional tools (stuff like policyd-weight, greylisting (SQLgrey/GROSS), DKIM-milter, SID-milter, etc) and a good Anti-Virus (in my case ClamAV + additional signatures) and a good Anti-Spam filter (I use DSPAM. Don't come me now with SpamAssassin. That filter is a memory and CPU pig!) will reduce your Spam inbound easy to less then 10% and those remaining 10% are with 99.5%+ tagged correctly (thanks DSPAM).

I really, really don't see any Spam issue today. You can easy have good filtering without paying big money for a product. Just take something like DSPAM, CRM114, OSBF-Lua or even that memory pig SpamAssassin.

Really? (1)

whitroth (9367) | more than 3 years ago | (#34712230)

Then why have I been seeing more lately?

              mark

The Volume WILL return (1)

damn_registrars (1103043) | more than 3 years ago | (#34712474)

You're only playing whac-a-mole when you go after individual spammers and spam gangs like this. Knock one out, and another will rise to take their place. Even if you disassemble a botnet, that will only be a momentary setback until they build a new one of a different set of compromised PCs.

If you want to really stop spam, you need to deal with the underlying cause of spam. You need to reject the foolish notion that spam is sent to piss you off personally, and acknowledge that spam is sent to make money. You need to go after the people who are funding the spam; if you can cut off the funding to the spammers (from the owners of the spamvertised domains) you will see spam finally whither and die.

Until then, all other changes are temporary and hollow at best.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...