Recent Surge in Spam Traffic - Oct 2006

In the past month or so, I've been noticing that I've been getting a massive increase in spam. This is despite upgrading the spam protection that I have set-up. I thought it was just me, but it's been so bad for so long that I checked sources online to see if there's been a pandemic of spam. Yup. Sometime in early October, spam started skyrocketing. By some accounts spam nearly DOUBLED in October.

Image spam has been the most problematic because they sneak past the typical mechanisms used by spam filters to identify an email as "spam" or "ham."

The root cause for the latest spike in spam is not totally known, but it's believed that a few new worms and viruses are rapidly infecting PCs into "Zombie" machines that relay spam on command. Also, spam is becoming a more popular activity for organized crime and they're using more and more sophisticated techniques to elude filters.

Sunbelt Blog:In case you were wondering, there really has been a big increase in spam
John Levine Blog: Huge Increase in Spam in October
PC World Blog: Spam Is Up Up Up

If the news about the massive surge in spam has got you down, here's a bit of ironic humor to cheer you up. This is a wiki for a Anti-Spam task force that studies and monitors spam to strategize best practices to fight spam.

Only one problem... they had to shut it down because it was getting spammed too severely because they didn't set-up an authentication process to prevent spammers from going on posting sprees.

Wiki for the Internet Research Task Force's Anti-Spam Research Group
http://asrg.sp.am/wiki/

Someone help me with this. Spam would only be profitable if people responded to it. For example, someone bought something even if it is a small percentage of recipients (even less than one percent would work). I think everyone knows not to respond to spam, don't buy anything. etc..... Why is it still worthwhile for these spammers to invest so much time and energy to by pass our safeguards unless they are making money.

I used to think the virus/ firewall companies were generating work for themselves but the sources of the spam are selling everything, especially drugs, loans, sex.... Someone is supporting their efforts by purchasing their services.

Don't buy anything from email solicitations. Lets put the spammers out of business. Any other opinions, suggestions, explanations why these spammers continue to exist?

I voted 'Don't Know' as I receive my email through Comcast and Earthlink, and their spam filters must be top notch. I probably receive into my Inbox probably six to maybe ten spams a day.

I am happy with that!

Regarding the Spammers motives -- as techvbjoe asks -- it is (apparently) profitable! They must always be catching someone somewhere.

I follow this kind of news in the papers.

Last year the Mercury reported on a man in Florida that fell for the Nigerian scam and sent a huge amout of money to them -- as I remember it was something like $15k! I remember it stated in the article that the FBI estimated Americans are scammed out of three to ten million dollers a year by the Nigerian scam!!!

Can you believe it?! 15k dollars.... Anyway the latest scam is to overpay with cashiers' check and ask for the change to be wired back. I have rec'd two such check for deposits on my room for rent. I go to my bank and have them verify the funds before I deposit and I tell the spammer, I will only give them change in person. They have all sorts of angles.

Amazing, the ideas they come up with and they can't make money legally.

QUOTE (techvbjoe @ Nov 12 2006, 09:52 AM)

Spam would only be profitable if people responded to it.

Therein lies the problem. The sad truth is that there's a sucker born every minute as PT Barnum put it. If people fall for the various versions of the Nigerian "Hello my name is Joseph Mubutu" scam, there isn't anything that people won't fall for.

Some of the latest scams are stock scams where they hype up a penny stock that the entity paying for the spam attack likely owns a lot of. If just a teeny percentage of people fall for it, it moves the stock up and bit and the scammers dump their holdings. There's probably people rationalizing that "Hey this stock is only $.22. This is probably bogus, but I'll buy $50 just in case. No big loss if I lose."

Another way that it's believed that spammers make money is by spreading viruses that take over your machine. They can then turn around and sell access to these "botnets" or massive Zombie armies that are waiting for commands to execute.

QUOTE (techvbjoe @ Nov 12 2006, 02:39 PM)

Can you believe it?! 15k dollars.... Anyway the latest scam is to overpay with cashiers' check and ask for the change to be wired back.

That scam has gone through the roof. It made Craigslist difficult to use for us this last time when we were looking for a new roommate. I posted something about this check cashing scam earlier.

I've done the roommate search on Craigslist many times and so I was really suspicious when there were all of these people replying from abroad who were overeager to send us a check to secure the room. We corresponded with a few anyway and the replies we got back were so outside the norm that we dropped contact with them immediately.

Joe, what did your bank say when you went to go verify the checks? How much did they send you?

QUOTE (stone @ Nov 12 2006, 02:00 PM)

I receive my email through Comcast and Earthlink, and their spam filters must be top notch. I probably receive into my Inbox probably six to maybe ten spams a day.

It's also possible that they err on the side of non-caution when identifying spam, which means there may be a few legit casualties included in the blocked emails taken as spam. Spam filters scan each piece of incoming email to identify words, phrases, content structure clues, and sender information that might indicate the email is likely to be spam. The analysis is scored and if the score is high enough, the email is blocked.

If I write you an email to tell you about my vacation, the score will likely be 0. If I write you that same email and I make a Viagra joke in it, my email will more than likely start building up a score. One Viagra joke in it, probably won't do it, but a few more taboo words and phrases will likely tip the judgement of spam/ham toward the spam end.

A very aggressive spam filter might block my email about my vacation. A more moderate one might acknowledge that it could be spam, but will pass it along anyway.

There are many telltale signs of when content is really spam vs. when it's legit and incidentally has some telltale signs of spam, but the spammers are getting better and better at disguising their payload as real info. They're also sending it from more sources so it's harder to shut down.

A couple of years ago, simply running a blacklist of known offenders kept the a huge chunk of spam traffic from ever hitting your server. Spammers are so mobile these days that blacklisting doesn't even come close to keeping up unless you want to blacklist so aggressively that you'll end up blocking a significant amount of legitimate traffic.

I had just recently checked my spam folder and did find a non-spam in it, and I added that to my good mail (the White List I believe it is called, right Sheldon?) -- which, as far as I know is the only mis-filed piece.

Most email is not really mission critical -- often someone will ask me -- or I will ask them -- if they received the email that was sent/received, and if it was not received then the troubleshooting process begins. Usually the email address is wrong, though sometimes it may end up in the spam filter I suppose, but in any case, the email it just resent.

Which brings me to my next RANT! Maybe I am too old -- but I don't get it with some of the ways people use email.

I think email is great for notices and information -- e.g. 50% off today at XYZ Store, or the weekly flyer that Social Wave puts out -- but I think email is cumbersome for topics that require back and forth communication. A cell phone conversation can cover in minutes what in email could easily take six (or more) emails to cover the same ground. AND -- what with the time lag -- this email exchange could span several days!

I just don't get it...

-- Dana

Funny timing -- Earthlink just sent me my Spam Summary -- here is a pic of the graph that the email pointed to.

Attached File ( # Downloads: 55 )
 Picture 1.pdf

QUOTE (stone @ Nov 13 2006, 01:33 PM)

I had just recently checked my spam folder and did find a non-spam in it, and I added that to my good mail (the White List I believe it is called, right Sheldon?) -- which, as far as I know is the only mis-filed piece.

It might be the white list. A white list refers to a list of email addresses or domains that are allowed to send email to you. A year or two ago, it was popular to have spam software that took white listing to an extreme so that ANY email that wasn't on your white list gets denied or delayed.

The the opposite of a black list which is a running list of known spam sources that are not allowed to pass email to your email account or the server its located on.

When you mark something as Not Spam and take it out of your spam folder, it may not necessarily be white listing the email address though any sophisticated spam filter would learn that legit emails coming from a certain source or email address may appear more "spammy" than usual. It might also adjust the content profile of what it thinks you would consider as spam to be more lenient to email similar to the one that got mistaken flagged. Usually programs that allow you to mark something as "not spam" handle spam based on content analysis, which usually works well, but there's some tricky new techniques to subvert these types of filters.

One technique that spammers use is embedding blocks of real content into their spam message. They'll copy paragraphs from novels, encyclopedias, or even cook books and paste it at the end of the message to throw the spam filters off its trail.