As Long As People Keep Buying, Scams (and Spam) Will Keep On Coming

from the pt-barnum dept

It looks like if anything is going to be able to effectively stop spam, it might be pressure on spammers' profit margins that makes spamming a less attractive line of work. But that still seems a ways off, as long as enough people continue to buy the stuff being sold in spam messages. Spammers know if they can reach a high enough volume, they'll find enough suckers to make it worthwhile. Scareware, too, is a volume business: a new report looked at a recent scam in which users were sent to booby-trapped web sites which said their computers had a virus. They were then directed to a site selling them some $50 "anti-virus" software. While a small percentage of people actually ponied up the cash, enough did to allow the scammers to pay more than $10,000 per day to the people who used SEO techniques on keyword typos to drive marks into the scam. It's easy to say that people shouldn't be so stupid and fall for the scams, but at the same time, perhaps a bigger issue lurks for the legitimate security software industry: if people can't distinguish between legitimate warnings from their products and scams, it could be a problem for them.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    MrScott, Mar 25th, 2009 @ 6:32pm

    Yes, there's one born every minute.

    After sitting here typing away for a bit, I decided that it's simply not worth posting all of what I wrote. I could beat my head against the wall and that would be more productive than to tell people to STOP clicking on links in spam, ASK your friends if they actually sent you that link through your IM program, and RESIST the temptation of going to some website (because all of your friends want you to) to watch the cute kitten video.

    Use your head people and you'll be fine.

    Oh, and about the ransomware in the article...get a backup program and an external hard drive. If you ever become infected, just restore from your external drive. Problem solved.

    Excuse me while I go beat my head against the wall over there because someone...somewhere just clicked on the kitten video. ARRRRGGGG!

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Weird Harold, Mar 25th, 2009 @ 6:57pm

    One day someone will come up with an actual replacement for the current crappy mail system used on the net, putting something out there that cannot be easily spoofed, and that doesn't allow mail from just any address without a sponsoring ISP to handle it.

    Spam is a result of one of the most massive security holes in the world, and one that every ISP perpetuates by handing new users an email account. It would be much safer to point them to hotmail and call it a day.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    The Visible Dentist, Mar 25th, 2009 @ 7:37pm

    Tips To Avoid SEO Scams

    I couldn't agree more -- so long as people keep buying without first taking time to be better informed, SEO scams will continue unabated. Regardless of how inexpensive or costly, and no matter where the offer was found, it makes sense to get a quote from another provider. If you'd care to read it, I blogged about some tips to help avoid SEO scams. 7 Simple Steps To Avoid SEO Scams John Barremore Houston, TX

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    IM Smarter, Mar 25th, 2009 @ 7:40pm

    People Never Learn

    I don't have to worry about this sort of thing. I'm too smart to fall for scams. Now I must reply to this Nigerian prince that needs to use my bank account to transfer his 84 million dollar inheritance so that his greedy uncle can't steal it and I get to keep half.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Mar 25th, 2009 @ 8:07pm

    my parents just got hit by one of these recently. it's not spam/scams in email. it's scam sites that they stumble onto across the web, as well as compromised sites hosting malware. then these sites use pop-in windows and pop-ups to give authentic looking warnings. these warnings say something like "SPYWARE DETECTED!" and they copy the entire design and look straight from windows, norton, and mcaffee. then the site says "you need to update your spyware database" or something to that effect... for only $50. the user probably didn't have any spyware installed, but they get duped into paying for software... that installs more spyware. the messages go away, and then after a few days, it presents you with more warning messages and it does wonky things. it then says you now need to update your virus definitions... for only $75. at that point, my parents called me.

    i had them call the credit card company and file a fraudulent charge notice. the credit card company retracted the charge without dispute. then it was a matter of directing them through the reformat.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Weird Harold's former #5 fan, Mar 25th, 2009 @ 8:15pm

    Firefox - free
    NoScript extension for Firefox - free
    Adblock Plus extension for Firefox - free
    CookieSafe extension for Firefox - free

    Never seeing the "You just won a free iPod!!!!!" ads that lead to malware sites - priceless

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Weird Harold's former #5 fan, Mar 25th, 2009 @ 8:18pm

    Re: Tips To Avoid SEO Scams

    7 Simple Steps To Avoid SEO Scams

    Nice try. You don't honestly expect us to click on that link, do you? ;)

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    TheStupidOne, Mar 25th, 2009 @ 8:25pm

    Re:

    That already exists with some email providers. for a while when i emailed my parents from a new email address I got an automated response and had to reply to that and then get permission from my parents to continue sending email. Annoying as hell.

    Strangely I've been using gmail for over 4 years now and I don't have a problem with spam. I guess they have a good enough filter.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Mar 25th, 2009 @ 8:47pm

    Re:

    "Spam is a result of one of the most massive security holes in the world"

    and that would be what exactly?
    Harold, you make no sense at all.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    The Visible Dentist, Mar 25th, 2009 @ 8:51pm

    Re: Re: Tips To Avoid SEO Scams

    LOL!!! Well sure -- I clicked on yours. In fact, I'm watching you now!!! :)

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Mar 25th, 2009 @ 9:20pm

    Re: Re:

    No, he makes sense on this one. From a security standpoint, three important things you have to consider are privacy, authenticity and integrity. Internet e-mail wasn't really designed with any of those three in mind.

    As it relates to spam/fraudulent e-mail, it's the lack of provable authenticity that's the biggest problem. It's trivial to spoof a return address, and many ISPs are set up poorly and will let you use their outgoing mail servers to send a message, even if you don't have an account with them. If there were mechanisms in place to unambiguously associate an e-mail with its sender, we'd have a lot fewer e-mail scams.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    William, Mar 25th, 2009 @ 10:08pm

    Re: Re: Tips To Avoid SEO Scams

    I have to admit. Your reply made me laugh.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Mar 25th, 2009 @ 10:29pm

    Re:

    thx for CookieSafe extension

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    The Visible Dentist, Mar 26th, 2009 @ 3:07am

    Re: People Never Learn

    Hey back off pal - the Prince promised that money to me!!! :)

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Xanthir, FCD, Mar 26th, 2009 @ 6:23am

    Re:

    One day someone will come up with an actual replacement for the current crappy mail system used on the net, putting something out there that cannot be easily spoofed, and that doesn't allow mail from just any address without a sponsoring ISP to handle it.

    Spam is a result of one of the most massive security holes in the world, and one that every ISP perpetuates by handing new users an email account. It would be much safer to point them to hotmail and call it a day.

    Unnecessary, and contrary to the open nature of the web.

    Spam still makes money, but *much less* than it used to, due to the effectiveness of today's antispam filters. If we can just drive up the price a bit more we can get a handle on it. Charge everybody a cent to send emails (with all the major players auto-rejecting mails that weren't 'paid for') and spam'll *stop*. ^_^

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    CantThinkOfACleverName, Mar 26th, 2009 @ 6:26am

    Re: Re: Re: one of the most massive security holes in the world,

    WH -> one of the most massive security holes in the world,
    AC -> From a security standpoint,

    You guys are talking about different things, or not using proper terminology.

    I suppose that WH could've been referring to the operator as the security hole ...

    A security hole (at least it used to) refers to an unintentional or unpublicized means by which unauthorized access is obtained to a platform or device.

    You can spoof an email addr - so what. Does this compromise the platform?

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    SPAM, Mar 26th, 2009 @ 7:40am

    Spiced Ham...?

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    Scott Gardner (profile), Mar 26th, 2009 @ 11:48am

    Re: Re: Re: Re: one of the most massive security holes in the world,

    Security goes beyond simply preventing unauthorized access to a platform. Look up "security" as it pertains to messaging systems, and the terms "privacy", "authenticity" and "integrity" are widely-used and well-defined.

    Standard "out of the box" e-mail doesn't have provisions for any of the three. There have been add-on extensions to the e-mail standard that help, such as encryption and digital signatures, but they're neither required nor widespread.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Mar 26th, 2009 @ 2:35pm

    Re: Re: Re: Re: Re: one of the most massive security holes in the world,

    "Security goes beyond simply preventing unauthorized access to a platform."

    Scott,

    Look up "security hole" as that was the term in question - in addition, please read the prior postings

    Thx

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Thomas Whitney, Mar 27th, 2009 @ 10:37am

    Here is a site that is educational with respect to digital security: http://www.justaskgemalto.com

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This