Anti-Spammers Infiltrate Private Online Spam Clubs 411
Angry_Admin writes " Spammers are now trying to find out which antispammers have infiltrated their ranks and are sharing "sensitive" info with fellow antispammers. According to the story at The Register: 'Online spammer forums like the Pro Bulk Club the Bulk Club and bulkmails.org have been gatecrashed by activists from organisations like Spamhaus. Steve Linford of Spamhaus said spammers know this already but they don't know who amongst their number is working for the other side. In theory the members-only forums of these sites is accessible only by invitation and only to individuals who have a proven track record in spamming. Apart from playing with the paranoia of spammers, the undercover investigation cast light on the latest spammer techniques.' Hopefully the spammers aren't that bright and the antispammers stick around long enough to bring them down."
What now? (Score:1, Interesting)
Re:James Bond of the Spam world? (Score:5, Interesting)
One would assume they got invited.
Seriously, only "known" spammers get invites - but the question is - what constitutes "known"?
How hard would it be for an anti-spammer to set up a bogus online identity, list themselves as spammers, and then sent spam-like emails to the spammers' email addresses, and then wait for an invite?
Not so bright Spammers (Score:3, Interesting)
invitations? (Score:2, Interesting)
Bundled spamware and spyware (Score:4, Interesting)
Re:Don't doubt the Spammers IQ (Score:5, Interesting)
You just have to lack morals in general.
I think that it actually shows that the anti-spammer is winning. Spammers have to resort to trojanned machines and illegal tactics to get thier job done.
Which makes me wonder, if it were a wild west situation where anything goes, and anti-spammers were allows to break the law in the same manner, would these spammers still be in business, or would there basically be a bounty on the heads of spammers.
Re:James Bond of the Spam world? (Score:2, Interesting)
why does Mandrake open a port 80 proxy? (Score:3, Interesting)
Re:hmmm (Score:3, Interesting)
The people of Germany did very little to stop the Nazis. Silence is consent is a very old principle of law. If you know someone is going to kill someone but you do nothing to stop it, you are an accessory to that crime.
While the vast majority of Germans have no guilt in this mannor because they where children or not even born yet. A very large number of German adults and I would even say a majority knew what was happening. I would say that German in this context is a fair use of the word. Nazi would work as well.
BTW my father servied in the US Army in Germany in the 50s. He loved the German people but could never understand how they let Nazis come to power and do the things they did.
Re:Not just a tree house club (Score:3, Interesting)
They can resell the list as many times as they want, by my email I'd guess some of these are being sold dozens of times every day. Plus, when one customer drops off, there's probably two more waiting to take their place. $XX for 10 million email addresses just sounds too good for many people.
I've had customers ask me about this, and I've had customers send out spam - they've told me they did. Of course, it wasn't spam, it was a double opt in list. Really? you've got a million people's emails who asked to be sent important information on life insurance? Nevertheless, some continue to try it once. And the new customers I'm sure are substantial.
Re:Not just a tree house club (Score:2, Interesting)
So the question remains: Where really does the funding for this stuff come from?
People are going to slam me for presenting this possibility and, well, bring it on. Personally, I think that a good amount of spam is funded by us--you and me. Go ahead. Get enraged. Gnash your teeth. Call me a paranoid hippie tree loving freak. I could give a shit.
Face reality. It's a business game. A good portion of the taxpayer subsidized/backed loans for technological advancement and small business loans probably go to shmucks like this. These are people who are buddy-buddy with politicians and existing business heads. These are the people who sit on top of brokerage houses and know where to get the startup funding. These are people who have been proven time and again to have no scruples about working over every pyramid scheme possible to get their hands on your money. These are people who can conjure up numbers generated from spam mailings, work the statistical analysis over to their favor, and pitch it to some new investment broker who is scraping to fill his quota and willing to take a chance. Whose money is he willing to take a chance with? Why, once again its yours and mine. 401k funds, IRA funds, generic stock investment funds.
Go ahead. Say its not possible. Mod me down as stupid. If anyone could ever really use the FOIA and manage to get enough of the tax records from these spam organizations to track it all down you can bet that I'm right.
Go on. Get mad. Come on... you know you can do it... be mad at me for being the messenger... let it all out.
I can take it.
Re:Not just a tree house club (Score:4, Interesting)
John Ashcroft should lay off the Internet bong sellers and the purveyors of porn. If he wants to hit the terrorists in the wallet, he'll close down all the money laundering possibilities that exist. Spam operations are a huge gaping hole that everyone seems to be ignoring.
I heard of something like this once... (Score:3, Interesting)
What the screenshots reveal are, to say the least, scary. It turns out that an employee named "Greg" (greg@leadclick.com), who works as an e-mail harvesting database manager, also manages databases for SpamCop!
I kid you not. A spammer who works for SpamCop. I can't post links to the freesite (that's kinda pointless), but at least the incriminating screenshots are safe on Freenet.
Re:Honor among thieves? (Score:5, Interesting)
Now that you mention it ... (Score:5, Interesting)
So I talked about Google PageRank, targeted vs. untargeted advertising, making his site attractive enough to inspire users to stay on it, making sure it's simple enough that it loads quickly and works on different browsers, etc. And he seemed to be listening, but after a while he asked me, "No, I mean when I send people e-mail advertising my site, how do I make sure they go to it?"
I had to talk to him for a while to make sure he was saying what I thought he was saying, but after a while it became pretty clear that the deal is this: he's going to be running a site selling Brazilian sex tours, and he wants to know how to send spam that will a) get people to go to his site, and b) get through spam filters.
Needless to say, the conversation didn't last long after that, but it did provide some insight into the mind of the spammer. He really didn't see anything wrong with spamming, or even with trying to be deceptive to get past spam filters. As far as he's concerned, he's selling a service people will want if only he can get his message through. I'd say he was an aggressively normal guy -- a bit of a yuppie, with a backwards baseball cap and a lite (sic) beer, definitely not a geek, probably watches lots of football and drives an SUV.
These are the people who are crapflooding your mailbox. They're not mysterious creeps living in caves. They're your neighbors. Be aware. Eternal vigilance is the price of liberty
What would be nice... (Score:2, Interesting)
Of course, even if possible, it would probably be like trying to kill fire ants one at a time...
(tedious and VERY painful). Maybe if we could just find the queen spammer...
SPAM = DDOS (Score:5, Interesting)
Isn't this just a distributed denial of service attack on my inbox?
I have seen the enemy, and they are ... Us (Score:5, Interesting)
To my credit I had written into the system a very simple and effective opt-out. Click, click, we were out of your life. Everyone on the list had taken the time to fill something out to get on the list. It wasn't really spam.
At least that's what I tell the voice in my head.
I also wrote the web statistic reporting engine, so I do know that pageviews to the website would skyrocket following a bulk mail. And no, most of the traffic wasn't for the "opt out" bin.
This was back in '98, when spam was a joke, not a fact of life. I recently turned down a job reverse engineering a web-database of a certain annoying industry to generate targetted mailing lists.
And that was from my brother.
Why has nobody paid any attention to this? (Score:2, Interesting)
Sure, it might be a small blow to annonymity, but I say, so be it. If we are going to make any headway on the spam problem, we MUST be able to hold people accountable for abuses of mail servers. Unfortunately, accountability cannot be achieved without some sacrifices in anonymity guarantees. I think that ANY real solution must ultimately be a tradeoff between anonymity and accountability, and the sooner we realize this, the sooner we can start making any real headway. PERIOD.
Can they invite other covert anti-spammers? (Score:4, Interesting)
Strategies (Score:3, Interesting)
If a spammer is a repeated spammer, some of the reporting services like spamcop should report them to their registrar. The registrar should revoke their domain and point their domain to a page explaining why this page is unavailable.
If the registrar does not revoke their domain, the registrar should have their operation suspended by the master registrar.
If a registrar has a habit of being a registrar for spammers, they will be shut down.
This seems able to shut down spammers and if this process is fit into the business model of a registrar, may be able to make it more difficult for these assholes to do business.
Re:If only the people who READ spam weren't so stu (Score:4, Interesting)
On the other hand, a different old argument would be appropriate for this group. Simply go to all those URL's (by retyping the top level url, clicking on them probably sends them a key to identify your email address), and submit lots and lots of fake orders. Heck, automate it if you can, with some kind of randomizer that picks odd names from a list so there's no easy way for the spammers to filter them out, and even better if you can impersonate a large network. Suddenly, to get one legit customer, you have to go through thousands of pieces of crap, and the business model no longer works.
Now, if someone could make a distribute app that accepts some kind of template (go to this url, put a name here, cc number there, etc) to automatically fill in and bang on a spam supported site, I'd be more than happy to run it.
Re:hmmm On picking nits. (Score:2, Interesting)
Stricly speaking, the Japanese-Americans (some were actual citizens, some weren't) in WW2 were held in internment camps, not concentration camps. There's a world of difference between the two.
That's not to excuse the locking up of those immigrants during WW2, but they weren't (purposefully) worked to death or marched into ovens.
Heck, if you want vigilante justice... (Score:3, Interesting)
Unfortunately, that way lies madness, federal marshals, and another spiraling arms race -- and in any arms race worthy of the title, the only winners are the arms dealers.
Cumulative effects (Score:3, Interesting)
(a) better than,
(b) worse than, or
(c) about the same as
someone who murders 30 people?
Please explain your answer in a detailed but concise fashion.
Re:I have seen the enemy, and they are ... Us (Score:1, Interesting)
But, they paid me $6k for one day of work. Tell me you wouldn't do it for a single day of work. $6k under the table is a lot of money. I figured they were going to have it set up with or without me, and I might as well get some money out of the slimy bastards as repayment for filling my mailbox with shit.
Re:Cumulative effects (Score:3, Interesting)
Why? Because ethics isn't measured by hours of time lost. If it was, then traffic jams "kill" 15,000 people a year! (66 hours a person, say 150 million commuters).
In fact, we can think of spam as traffic jams of the internet. And I bet people spend much more time in traffic than deleting spam.
Also, the harm is spread out amongst people, just like insurance spreads about the cost of living amongst people.
That doesn't mean spam is OK, but it is not murder by any stretch of the imagination.
But it is most likely fraud, and is annoying.
You CAN make money with 900 numbers... (Score:3, Interesting)
Re:Not just a tree house club (Score:2, Interesting)
There's an awful lot of overhead in that approach, and it seems to me that it's unreliable. For it to work, you would need:
Using code spam complicates existing tricks like "numbers stations" on short-wave, coded classified ads in major publications, dead drops, plain old clandestine meetings, and spoken messages passed from a guy who knows a guy who knows somebody.
A few layers of no-tech sneakiness are bound to isolate the people at the top from everyone else, in any case.