Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Spam Your Rights Online

Anti-Spammers Infiltrate Private Online Spam Clubs 411

Posted by simoniker
from the spy-in-the-house-of-spam dept.
Angry_Admin writes " Spammers are now trying to find out which antispammers have infiltrated their ranks and are sharing "sensitive" info with fellow antispammers. According to the story at The Register: 'Online spammer forums like the Pro Bulk Club the Bulk Club and bulkmails.org have been gatecrashed by activists from organisations like Spamhaus. Steve Linford of Spamhaus said spammers know this already but they don't know who amongst their number is working for the other side. In theory the members-only forums of these sites is accessible only by invitation and only to individuals who have a proven track record in spamming. Apart from playing with the paranoia of spammers, the undercover investigation cast light on the latest spammer techniques.' Hopefully the spammers aren't that bright and the antispammers stick around long enough to bring them down."
This discussion has been archived. No new comments can be posted.

Anti-Spammers Infiltrate Private Online Spam Clubs

Comments Filter:
  • FYI (Score:5, Informative)

    by Anonymous Coward on Monday May 17, 2004 @03:53PM (#9177049)

    Some of the "infiltrators" are actually people working at the ISPs hosting these private forums.
  • by Reckless Visionary (323969) * on Monday May 17, 2004 @04:06PM (#9177185)
    Yeah, you're thinking high margin, I'm thinking volume selling. I don't know how many email addresses exist, but we're obviously talking hundreds of millions and up (let's play with 500 mil). You get a decent chunk of that number in a list (say 20%), assume small .1% success rate and you get 100,000 orders. That may be unrealistic, but it does show that things can add up quickly.
  • by UrgleHoth (50415) on Monday May 17, 2004 @04:13PM (#9177253) Homepage
    If past observations are any guide, then I'd say the answer is a mix of money made selling lists and actual product sales. In the 90's I used to do IT work for an informercial/900 number infomercial outfit. The pitch was "Make money with 900 numbers." Any normal thinking person is going to say BS. And by an large it is BS. But add greed and a low entry cost, and a hard selling telemarketer, through objection/rebuttal rounds can sell "money making guides" (read legal but shady get rich quick scheme) to lots of people. In a nutshell, the infomercial marketeer made a bundle selling info packets and lists. A few who followed the formula made money, but most didn't.

    I don't like the business so I got out of doing IT support for it, but I learned a heck of a lot about the informercial/telemarketing biz.
  • by jonbryce (703250) on Monday May 17, 2004 @04:14PM (#9177272) Homepage
    But the most popular download these days isn't Kazaa, it is Adaware. http://download.com.com/3101-2001-0-1.html?tag=pop Spybot is No. 3 in the rankings.
  • Flynn Effect (Score:5, Informative)

    by m000 (187652) on Monday May 17, 2004 @04:23PM (#9177351)
    The Flynn Effect is the reason why IQ tests are routinely recalibrated. Basically, information and ways of thinking that start out the purview of an elite few eventually become the norm for the average individual in a sort of intellectual trickle-down.
  • by SwansonMarpalum (521840) <redina.alum@rpi@edu> on Monday May 17, 2004 @04:23PM (#9177353) Homepage Journal
    FYI Bayesian Filtering [paulgraham.com] isn't quite the same as a Neural network [ic.ac.uk], a notable difference being that with bayes a much greater portion of the behavior learned by the system is easily available for analysis.
  • by Chibi (232518) on Monday May 17, 2004 @04:44PM (#9177544) Journal

    There was a Slashdot article [slashdot.org] a while back about a guy who actually wanted more spam. So, people like Mr. Orlando Soto [wsj.com] are the reason why the rest of us must suffer. :)

    Mr. Soto routinely comes home to some 150 e-mail pitches, and he loves getting them all. The 45-year-old grandfather opens most of them. He answers spam questionnaires. And he buys stuff pitched in spam e-mail -- again and again. "Everyday people call it spam," says Mr. Soto, who prefers calling it "unsolicited" e-mail. "But I'm open to everything."
  • by mikehunt (225807) on Monday May 17, 2004 @04:46PM (#9177569)
    Err...sorry, but did you ever look at the HTML code included in the spam you receive? In any e-mail client that loads images from HTML messages by default, some spammers are smart enough that the request for the image confirms your e-mail address without you (or the "suckers" that you complain about) lifting a finger.
  • by ReyTFox (676839) on Monday May 17, 2004 @05:03PM (#9177708)
    First, I think it was, they had the "Bulk mail" box.

    Then they added an option to report messages that got through the filter, by opening the message, then a listbox, where one of the options was "this is spam."

    Recently they changed it so that now you press a button labeled "spam" rather than open a listbox.

    I'm fairly certain their next step will be to make the button bigger and in capital letters.
  • Re:Strategies (Score:1, Informative)

    by Anonymous Coward on Monday May 17, 2004 @05:21PM (#9177850)
    This kind of hierarchical model of responsability worked fine in the early days of Internet. Today, Internet is just about making money. No registrar cares any longer what its customers do with their domain. No transit provider cares what data is being sent over their network. As long as the money comes in, everything is fine.

    I have a registered domain name for which I had to completely shut down e-mail operation, because it is systematically used by criminal spammers as a forged sender domain.
    Nobody involved in this operation performs any action whatsoever against the abusers.
  • by tokachu(k) (780007) on Monday May 17, 2004 @05:26PM (#9177896) Journal
    Here's the freesite key:
    SSK@oPGDxwEwLFkxMh0qAPA4tvmdAC4PAgM/leadclick/1//
    (hopefully Slashdot won't mess up the key)
  • by Mateito (746185) on Monday May 17, 2004 @05:40PM (#9178048) Homepage
    > he's going to be running a site selling Brazilian sex tours.
    > he was an aggressively normal guy

    Sorry, but "normal guys", aggressive or otherwize, don't sell sex tours to brazil.

    And, as somebody who knows brazil quite well, I advise you about taking a sex tour there. The rate of HIV is rediculous, and if you are going there to play among prostitutes you have almost a perfect chance of coming into contact with it.

    However, Brazillians are very very friendly people, and a lot of them see sex as something to be shared freely (in comparison to Europe and all of the US except for Daytona beach). Unless you are really ugly, you could go out to any night club and meet a nice girl who will want to play with you*. Or a nice boy if you are so inclined. Why pay a spamming yuppy to be the middle man?

    But if you are going there to party, take a balloon.

    (I met a lot, but I didn't, because I have one of those spouse things, and it just aint worth putting the relationship on the line for 7 minutes of slap and tickle. No, she doesn't read /.)
  • by darkonc (47285) <stephen_samuel.bcgreen@com> on Monday May 17, 2004 @05:48PM (#9178129) Homepage Journal
    The Register article points to another article which talks about how the arrest of the PhatBot worm creator [theregister.co.uk] may provide some information on the rental of hordes of compromised machine as networks of spam zombies. It lists a common price of $500 for 10,000 machines -- In other words, your box is worth $.05 to a spammer.
  • how to fix this (Score:3, Informative)

    by SethJohnson (112166) on Tuesday May 18, 2004 @12:22AM (#9180544) Homepage Journal


    I didn't have time to adequately post earlier, and since there seems to be interest, I'll follow up with a solution.


    To close the proxy that is left open in a default installation of Mandrake 9.2, you can add these lines to /etc/httpd/conf/httpd2.conf

    <Proxy *>
    Order Deny,Allow
    Deny from all
    Allow from 192.168.0
    </Proxy>


    After you've edited the file, you'll need to reload the config files in apache.

    apachectl reload

  • by JuggleGeek (665620) on Tuesday May 18, 2004 @01:42AM (#9180830)
    Once again you're assuming that I'm hiding my e-mail address. I'm not.

    In that case, it's getting harvested, and you're getting spam. You can tell me that you get no spam, and don't use a filter, and I'll believe you - but only if you hide that address. If it's public, it will get spammed.

    How did businesses get dragged into this?

    Because they use email too. It's not just used by individuals. No where have I ever seen the complaints that the "webmaster@" or "abuse@" accounts are getting spammed out of control.

    Register a web site (personal or business) and the address in the WhoIs will end up on spam lists. Stick a "webmaster@" address on a website, it will end up on spam lists. I run a personal domain, just for myself, and I get spam to "abuse@". You can pretend it doesn't happen, but that doesn't change facts.

    In short, I don't believe your claims. You claim that you can, and have, put your email out in public and receive no spam. I say that you are lying.

    You also pretend that spam all comes because because people gave their address to the spammers. Quote: I simply choose not to send my e-mail address to every vacation offer, free credit report check, home mortgage counselor, customer service registration, and free trial of Super New Cheerios.

    I don't give my address out for that kind of crap either. And having a domain, when I do give an address out to a business, it's simple for me to set up a new email address just for them. I log it locally, and if that account starts receiving spam, I know which business sold my address. It's *very rare* for those addresses to receive spam - legitimate businesses don't want that reputation.

    But I do receive a lot to addresses harvested from my website, and to an address used in WhoIs.

    You can spout off whatever you want in reply. I think I'm done, as your claims are unreasonable, and I don't believe you. So it's unlikely I'll bother to reply - you appear to be trolling.

  • by Anonymous Coward on Tuesday May 18, 2004 @03:59AM (#9181195)
    Mortgage brokers are still paying for leads, anywhere from $10 to $30. In December I started going to web sites mentioned in spam for mortgage loans and filling out bogus applications, but with my real cel phone number. It's interesting to see what kind of mainsleazebags are buying the leads. I love hearing their reaction when I explain that they wasted their money. Today it was New Century Mortgage, last week it was AmeriQuest.
  • Re:hmmm (Score:1, Informative)

    by Anonymous Coward on Tuesday May 18, 2004 @05:59AM (#9181512)
    He loved the German people but could never understand how they let Nazis come to power and do the things they did.


    It was easier than you think. At the Nuremberg trials, Herman Goering described roughly how tyranny can be accomplised even in an apparant democracy.

    "Voice or no voice, the people can always be brought to the bidding of the leaders. That is easy. All you have to do is to tell them they are being attacked and denounce the pacifists for lack of patriotism and exposing the country to danger."

    With a bit of luck, the Americans reading this will wake up and kick the fascists out.

Line Printer paper is strongest at the perforations.

Working...