Anti-Spammers Infiltrate Private Online Spam Clubs 411
Angry_Admin writes " Spammers are now trying to find out which antispammers have infiltrated their ranks and are sharing "sensitive" info with fellow antispammers. According to the story at The Register: 'Online spammer forums like the Pro Bulk Club the Bulk Club and bulkmails.org have been gatecrashed by activists from organisations like Spamhaus. Steve Linford of Spamhaus said spammers know this already but they don't know who amongst their number is working for the other side. In theory the members-only forums of these sites is accessible only by invitation and only to individuals who have a proven track record in spamming. Apart from playing with the paranoia of spammers, the undercover investigation cast light on the latest spammer techniques.' Hopefully the spammers aren't that bright and the antispammers stick around long enough to bring them down."
Tsk tsk... (Score:5, Funny)
Someone forgot the first rule of Spam Club...
Re:Tsk tsk... (Score:3, Funny)
Maybe this parody of Fight Club helps shine insight on how spammers can sleep peacefully knowing full well that millions of barbs of dislike and spite are pointed their way. What do they care? They've got the bulk club.
Go play at AloofHosting.com, free web hosting that makes sense [aloofhosting.com].
Re:Tsk tsk... (Score:3, Funny)
I can't block sigs... otherwise I'll never know who wrote the comment! Seriously, other than my friends/fans icons I never remember names, I always remember sigs, am I the only one? hehe.
-matt
Re:Tsk tsk... (Score:5, Funny)
If it's your first night, you have to spam?
James Bond of the Spam world? (Score:2, Funny)
Re:James Bond of the Spam world? (Score:5, Funny)
Re:James Bond of the Spam world? (Score:5, Funny)
I imagine they received many invitations, and simply didn't opt-out by clicking on the handy links at the bottom.
Re:James Bond of the Spam world? (Score:5, Funny)
The same way I keep getting added to all these "opt-in" spam lists.
Re:James Bond of the Spam world? (Score:5, Interesting)
One would assume they got invited.
Seriously, only "known" spammers get invites - but the question is - what constitutes "known"?
How hard would it be for an anti-spammer to set up a bogus online identity, list themselves as spammers, and then sent spam-like emails to the spammers' email addresses, and then wait for an invite?
Can they invite other covert anti-spammers? (Score:4, Interesting)
Re:James Bond of the Spam world? (Score:5, Funny)
I wonder how they got in if it's invitation only.
Dress in dark camoflage.
Shoot grappling hook to rail around roof.
Get to rooftop, shoot guard on balcony with silenced .22
Remove camoflage.
Use suction cup on skylight, cut out pane of glass and discard.
Secure rope and drop into upper floor office.
Climb down rope.
Use chloroform-soaked rag on guard outside office door.'
Pull out CDR with "email addresses" written in Sharpie Marker on it.
Walk down to party, take glass of champagne from waiter.
Send signal to antispammers telling them you're in.
Duh, how else do you think they did it?
Re:James Bond of the Spam world? (Score:4, Funny)
Well, Sir Gallahad, Sir Lancelot, and I hid inside a giant wooden Hormel crate in front of the castle ....
For Spammers By Spammers (Score:4, Funny)
Re:For Spammers By Spammers (Score:5, Funny)
I always picture spammers as bereft of libedo and credit, with drug abuse problems. Really, wouldn't that explain a lot?
Re:For Spammers By Spammers (Score:3, Funny)
They probably don't. They are simply making (or trying to make) a buck out of people ingenuity. I doubt they are so self deluded as to believe in a weight loss method that involves neither drugs, surgery, diet or exercise (must be magic, I guess), or similar products.
My favorite is the one where they offer to erase my bad credit history.
Now that you mention it ... (Score:5, Interesting)
So I talked about Google PageRank, targeted vs. untargeted advertising, making his site attractive enough to inspire users to stay on it, making sure it's simple enough that it loads quickly and works on different browsers, etc. And he seemed to be listening, but after a while he asked me, "No, I mean when I send people e-mail advertising my site, how do I make sure they go to it?"
I had to talk to him for a while to make sure he was saying what I thought he was saying, but after a while it became pretty clear that the deal is this: he's going to be running a site selling Brazilian sex tours, and he wants to know how to send spam that will a) get people to go to his site, and b) get through spam filters.
Needless to say, the conversation didn't last long after that, but it did provide some insight into the mind of the spammer. He really didn't see anything wrong with spamming, or even with trying to be deceptive to get past spam filters. As far as he's concerned, he's selling a service people will want if only he can get his message through. I'd say he was an aggressively normal guy -- a bit of a yuppie, with a backwards baseball cap and a lite (sic) beer, definitely not a geek, probably watches lots of football and drives an SUV.
These are the people who are crapflooding your mailbox. They're not mysterious creeps living in caves. They're your neighbors. Be aware. Eternal vigilance is the price of liberty
Re:Now that you mention it ... (Score:5, Funny)
Did you get the URL for that? For research I mean, so I can block mail... or something... whatever... WHAT'S THE URL?!
(note to self... don't forget to click AC box).. DAMN
Re:Now that you mention it ... (Score:4, Funny)
Re:Now that you mention it ... (Score:3, Funny)
I have seen the enemy, and they are ... Us (Score:5, Interesting)
To my credit I had written into the system a very simple and effective opt-out. Click, click, we were out of your life. Everyone on the list had taken the time to fill something out to get on the list. It wasn't really spam.
At least that's what I tell the voice in my head.
I also wrote the web statistic reporting engine, so I do know that pageviews to the website would skyrocket following a bulk mail. And no, most of the traffic wasn't for the "opt out" bin.
This was back in '98, when spam was a joke, not a fact of life. I recently turned down a job reverse engineering a web-database of a certain annoying industry to generate targetted mailing lists.
And that was from my brother.
Re:Now that you mention it ... (Score:5, Informative)
> he was an aggressively normal guy
Sorry, but "normal guys", aggressive or otherwize, don't sell sex tours to brazil.
And, as somebody who knows brazil quite well, I advise you about taking a sex tour there. The rate of HIV is rediculous, and if you are going there to play among prostitutes you have almost a perfect chance of coming into contact with it.
However, Brazillians are very very friendly people, and a lot of them see sex as something to be shared freely (in comparison to Europe and all of the US except for Daytona beach). Unless you are really ugly, you could go out to any night club and meet a nice girl who will want to play with you*. Or a nice boy if you are so inclined. Why pay a spamming yuppy to be the middle man?
But if you are going there to party, take a balloon.
(I met a lot, but I didn't, because I have one of those spouse things, and it just aint worth putting the relationship on the line for 7 minutes of slap and tickle. No, she doesn't read
Re:For Spammers By Spammers (Score:4, Funny)
Just a list of names is all we need... (Score:5, Funny)
I've got a baseball bat and loads of free time.
Re:Just a list of names is all we need... (Score:5, Funny)
Make sure you leave the bat at the scene so it looks like a suicide.
Spammers (Score:4, Funny)
Not just a tree house club (Score:5, Insightful)
Re:Not just a tree house club (Score:5, Funny)
Re:Not just a tree house club (Score:5, Insightful)
Re:Not just a tree house club (Score:3, Insightful)
Re:Not just a tree house club (Score:3, Informative)
Comment removed (Score:5, Insightful)
Selling Advertising vs. Selling Products vs. Fraud (Score:5, Insightful)
Many spammers make their money by selling advertising service to retailers by promising to deliver eyeballs which can be turned into sales, but don't handle delivery of the product. Sometimes they're getting paid a commission, so they make money if and only if they're successful at attracting suckers to the retailer's products or websites - whether that's pills or pr0n.
But for many other spammers, the sucker is the retailer who's expecting to get high-quality sales leads, rather than the spammees. Retailers who've learned from the experience usually don't provide repeat business, or at least not without changing the price structure to only pay for actual sales.
And many spammers make money from fraud. Besides the currently popular Nigerian 419 and the pump&dump stock scammers, there's the old-fashioned pyramid game in its many guises. That used to be more popular than it is today, but it still seems to work. One variation on this is selling spamware to wannabee spammers.
Re:Not just a tree house club (Score:2, Redundant)
If we could only get these few people to stop buying spam products, spam would all but disappear.
Re:Not just a tree house club (Score:3, Interesting)
They can resell the list as many times as they want, by my email I'd guess some of these are being sold dozens of times every day. Plus, when one customer drops off, there's probably two more waiting to take their place. $XX for 10 million email addresses just sounds too good for many peopl
Re:Not just a tree house club (Score:5, Informative)
I don't like the business so I got out of doing IT support for it, but I learned a heck of a lot about the informercial/telemarketing biz.
You CAN make money with 900 numbers... (Score:3, Interesting)
Re:Not just a tree house club (Score:4, Interesting)
John Ashcroft should lay off the Internet bong sellers and the purveyors of porn. If he wants to hit the terrorists in the wallet, he'll close down all the money laundering possibilities that exist. Spam operations are a huge gaping hole that everyone seems to be ignoring.
Re:Not just a tree house club (Score:5, Insightful)
That's the least of the problem. The filter-poisoning junk appended to spam messages (which ought to be prosecuted under the computer crime laws as an attack in and of itself... but I digress) is a perfect terrorist comm channel that is effectively immune to traffic analysis (i.e. there's no way to identify the intended recipient).
I was reluctant to mention this when it first occurred to me, but after thinking it through I'm morally certain that terrorists have already figured this out.
Maybe the FBI has also figured it out, and is already planning to scoop up some spammers and use their violations of existing laws to lean on them and anal-probe their business records... and maybe not. If this turns out to be the next failure to "connect the dots"... well, you heard it here first.
Re:Not just a tree house club (Score:3, Insightful)
an agreed-upon set of code words -- could fall into enemy hands.
No, you don't -- all you need is a fairly simple steganography program to hide a few bits in each word (for each string of, say, four bits, randomly generate a word that checksums to that target).
the ability to send spam reliably -- if you test, you risk getting shut down; if you don't test, you risk failure at an important moment.
Put your real recipients fairly early in the queue (but still far enough dow
Re:Not just a tree house club (Score:5, Informative)
There was a Slashdot article [slashdot.org] a while back about a guy who actually wanted more spam. So, people like Mr. Orlando Soto [wsj.com] are the reason why the rest of us must suffer. :)
Re:Not just a tree house club (Score:3, Insightful)
Re:Not just a tree house club (Score:5, Insightful)
It's the same complex business pyramid cycle that led to the
These are not just turkeys that live down the block and work at the local foundry. These are people who graduated with MBAs and formed the social connections necessary to know where the paperwork goes, who has to sign it, and how it has to be filled out to look legit. The people running these operations don't always know that they're funding spammers. Have you seen the subcontracting breakdown for a federal building or renovation project? It's the same on the stock market. The major houses go to the mid houses. The mid houses go to the major and minor houses. The minor houses service anyone they can, including banks, credit unions, and local investment brokers. The banks, credit unions, and local investment brokers are watching applications for business licenses and applications for business loans. The people monitoring the applications are often feeding info to their cousin/brother/aunt/old roomie working in the major and mid houses. All of these people are working at their own desks, pushing nothing but paper, and no one knows that the guy who walked in the door to give a 15-minute presentation for a legit "desktop advertising clearinghouse" is really using 85% of the business investment to feed his old fraternity brother with enough money to send out spam for three months. Then they'll junk the business and the bank won't care because they had a valid insurance policy before they ever signed the loan.
If spam were as illegal as the CANSPAM Act and all the hype and hoopla makes it seem shouldn't it be easy enough for credit agencies to latch onto these people and refuse to run their funds? Sure, it should, so why don't they? Because no one gives a flying rats bottom. They're all pushing paper, and getting paid, and as long as the business insurance is good then no one cares that the business only lasted three months. I'm sorry
Re:Not just a tree house club (Score:3, Informative)
In that case, it's getting harvested, and you're getting spam. You can tell me that you get no spam, and don't use a filter, and I'll believe you - but only if you hide that address. If it's public, it will get spammed.
How did businesses get dragged into this?
Because they use email too. It's not just used by individuals. No where have I ever seen the complaints that the "webmaster@" or "abuse@" accounts are getting spammed o
hmmm (Score:3, Funny)
*puts up a sign that says "Spammers Only Club"*
*rubs hands devilishly*
Re:hmmm (Score:3, Interesting)
The people of Germany did very little to stop the Nazis. Silence is consent is a very old principle of law. If you know someone is going to kill someone but you do nothing to stop it, you are an accessory to that crime.
While the vast majority of Germans have no guilt in this mannor because they where children or not even born yet. A very large number of German adults and I would even say a majority knew what was happening. I would say that German in this context is a fair use of the
Re:hmmm On picking nits. (Score:3, Insightful)
Germans are white, and some even immigrated before the nation was the United States (the Pennsylvania Dutch, where Dutch is really Deutsch).
Japanese are "yellow" or whatever. They immigrated only more recently, since around 1850 or whenever Japan's borders were opened to foreigners. (At WWII, that still would have been about three generations or so for those here the longest.)
According to one of my Japanese co-workers, those of Japanese or Asia
Don't doubt the Spammers IQ (Score:5, Insightful)
Knowing your enemy... (Score:5, Funny)
Pro Bulk Club
The Bulk Club
bulkmails.org
Egads, with such a raw display of creative thinking, we don't stand a chance. [grin]
Did I leave out "The Incredible Bulk"? (Score:5, Funny)
sorry, I'll get back to work now....
Re:Don't doubt the Spammers IQ (Score:2, Funny)
If they're trying that hard, it must be a "can't lose" business opporunity.
Re:Don't doubt the Spammers IQ (Score:5, Interesting)
You just have to lack morals in general.
I think that it actually shows that the anti-spammer is winning. Spammers have to resort to trojanned machines and illegal tactics to get thier job done.
Which makes me wonder, if it were a wild west situation where anything goes, and anti-spammers were allows to break the law in the same manner, would these spammers still be in business, or would there basically be a bounty on the heads of spammers.
Re:Don't doubt the Spammers IQ (Score:5, Funny)
No, it's not very nice, and yes, it would piss people off. But this is the anything goes solution.
Re:Don't doubt the Spammers IQ (Score:3, Insightful)
Did Anyone.... (Score:2, Funny)
Optimists (Score:4, Insightful)
Just because someone does something you don't like, since when did that make them more stupid (or less intelligent) than you?
Sounds like the same tired argument that anti-virus companies and virus writers use.
If only the people who READ spam weren't so stupid (Score:5, Insightful)
It's a tired old argument but if no one clicked the links in spam and no one bought the products in spam, perhaps we wouldn't have spam. The people spamming aren't stupid, they know a sucker is born every minute and they hope those suckers click their links. If the clickers would grow a brain we might not have this problem.
Re:If only the people who READ spam weren't so stu (Score:4, Interesting)
On the other hand, a different old argument would be appropriate for this group. Simply go to all those URL's (by retyping the top level url, clicking on them probably sends them a key to identify your email address), and submit lots and lots of fake orders. Heck, automate it if you can, with some kind of randomizer that picks odd names from a list so there's no easy way for the spammers to filter them out, and even better if you can impersonate a large network. Suddenly, to get one legit customer, you have to go through thousands of pieces of crap, and the business model no longer works.
Now, if someone could make a distribute app that accepts some kind of template (go to this url, put a name here, cc number there, etc) to automatically fill in and bang on a spam supported site, I'd be more than happy to run it.
Heck, if you want vigilante justice... (Score:3, Interesting)
Unfortunately, that way lies madness, federal marshals, and another spiraling arms race -- and in any arms race worthy of the title, the only winners are the arms dealers.
Re:Optimists (Score:2)
He didn't assume they were stupid - he said "Hopefully the spamers aren't that bright". Sounds like he's assuming they could be intelligent but he hopes that they are not.
And the hizell does that have to do with anti-virus companies?
=tkk
FYI (Score:5, Informative)
Some of the "infiltrators" are actually people working at the ISPs hosting these private forums.
Re:FYI (Score:3, Funny)
Not any more....
Not so bright Spammers (Score:3, Interesting)
Re:Not so bright Spammers (Score:2)
They also hire OTHERS or buy 3rd party software to do the real tricky stuff like writing hashbusters, proxy relaying, netblock hijacking, zombie relaying, and other illegal acts that they routinely do.
Proletariat of the world, unite to kill spammers
invitations? (Score:2, Interesting)
Bundled spamware and spyware (Score:4, Interesting)
Re:Bundled spamware and spyware (Score:4, Insightful)
Because they're not legitimate software, of course.
Kazaa, for example, makes a dubiously legal P2P app that it distribute(d) for the express purpose of getting a free-to-use grid to run various programs on.
And, unfortuantely, it'll be awhile before the Flynn effect makes all of us smart enough not to use spyware.
Flynn Effect (Score:5, Informative)
Re:Bundled spamware and spyware (Score:4, Insightful)
Isn't it obvious why? Because it makes money, and right now. Do spammers care if they kill the medium they use? Nope, because they're making money from it, right now.
Who cares, it works for me, at least for now.
It's shortsighted but unfortunately it fits the general profile of human behaviour. I don't see the way spammers or malware producers behave any differently than the way big companies or governments behave, just on a different level. So, I think it's safe to say that things like this will go on for the forseable future.
Re:Bundled spamware and spyware (Score:5, Informative)
Honor among thieves? (Score:5, Insightful)
Re:Honor among thieves? (Score:5, Interesting)
All I have to say is.. (Score:2)
Spam club invitations are available here... (Score:5, Funny)
The virus/spam connection (Score:4, Insightful)
why does Mandrake open a port 80 proxy? (Score:3, Interesting)
how to fix this (Score:3, Informative)
Good, this is progress. (Score:5, Funny)
Spammers not smart? (Score:3, Insightful)
Most spammers arent terribly sophisticated. Let's face it though, a handful are extremely smart and capable, otherwise we'd have gotten rid of them a long time ago.
The Almighty Buch (Score:5, Insightful)
Strange thing (Score:5, Funny)
I keep hitting my refresh button over and over and over and over and over again - but it doesn't come up
hmmmmmm....
Invitation-only is very easy to get around (Score:4, Insightful)
I heard of something like this once... (Score:3, Interesting)
What the screenshots reveal are, to say the least, scary. It turns out that an employee named "Greg" (greg@leadclick.com), who works as an e-mail harvesting database manager, also manages databases for SpamCop!
I kid you not. A spammer who works for SpamCop. I can't post links to the freesite (that's kinda pointless), but at least the incriminating screenshots are safe on Freenet.
Re:I heard of something like this once... (Score:5, Insightful)
Evidence, please.
Gee (Score:3, Funny)
What a dilemma!
Spammer websites are funny (Score:4, Funny)
We will arm you with the knowledge to make killer sales copy so you can convert a lot of those who open your sales letter into sales today!
Oh, yEaH, sPaMmers write the best ad copy of anybody !!!!!!!!!!
Just 5 minutes, a monkey, a pound of salt, three feet of cat-5, 1 match, a can of orange paint (oil base), a magnet, a ream of copy paper, 1 square meter of bubble wrap, a laser pointer, one spammer, and a small room. That's all I ask.
SPAM = DDOS (Score:5, Interesting)
Isn't this just a distributed denial of service attack on my inbox?
How to increase spammers' marketing budgets (Score:3)
Google search for bulk e-mail [google.com]
clickety clickety on sponsored links
Yahoo Mail's "evolution" in spam filtering (Score:3, Informative)
Then they added an option to report messages that got through the filter, by opening the message, then a listbox, where one of the options was "this is spam."
Recently they changed it so that now you press a button labeled "spam" rather than open a listbox.
I'm fairly certain their next step will be to make the button bigger and in capital letters.
So Where Are the Cops? (Score:5, Funny)
All of these are seriously illegal.
So where are the cops?
It'd be amusing (yes, I have a sick sense of humor) to find out that everybody in the chat room was a cop, just waiting for a real spammer to log in
Strategies (Score:3, Interesting)
If a spammer is a repeated spammer, some of the reporting services like spamcop should report them to their registrar. The registrar should revoke their domain and point their domain to a page explaining why this page is unavailable.
If the registrar does not revoke their domain, the registrar should have their operation suspended by the master registrar.
If a registrar has a habit of being a registrar for spammers, they will be shut down.
This seems able to shut down spammers and if this process is fit into the business model of a registrar, may be able to make it more difficult for these assholes to do business.
Not that I advocate vigilantism... (Score:3, Insightful)
but it would be pretty easy to write a little script that searched for "spam-friendly" and similar search terms on Overture, Google, etc, and clicked through those links.
Pretty soon, ISPs would have to stop advertising those services. They'd have to resort to mis$pelling s+earch Te(rms like in a SP.AM mess(age, thereby cutting down the effectiveness considerably.
Of course, anti-spam services would probably take a lot of collateral damage from an approach like this. Innocents getting caught and torn apart by the mob show the fundamental problem with the vigilante approach.
Bounty on your box $.05 (Score:5, Informative)
When Spammers and Anti-Spammers Collide (Score:3, Funny)
Spammer techniques (Score:3, Insightful)
I know they're not that bright (Nigerian twits, especially), but this should be a no-brainer.
Re:Anti-spammers will never infiltrate (Score:3, Funny)
and unfortunately, neither will you!
Re:Thunderbird 0.6 released (Score:4, Informative)
Re:Bombs (Score:4, Insightful)
Cumulative effects (Score:3, Interesting)
(a) better than,
(b) worse than, or
(c) about the same as
someone who murders 30 people?
Please explain your answer in a detailed but concise f
Re:Cumulative effects (Score:3, Interesting)
Why? Because ethics isn't measured by hours of time lost. If it was, then traffic jams "kill" 15,000 people a year! (66 hours a person, say 150 million commuters).
In fact, we can think of spam as traffic jams of the internet. And I bet people spend much more time in traffic than deleting spam.
Also, the harm is spread out amongst people, just like insurance spreads about the cost of living amongst people.
That doesn't mean spam i
Re:Once You're In... (Score:3, Funny)
Is Viagra some generic version?