Does 80% Of Spam Come From Just 10 Spammers?
from the seems-highly-unlikely dept
The Inquirer points us to an article at Security Pro News suggesting an update on the 80/20 Pareto rule for spam. It appears that the top 10 spammers may account for nearly 80% of the spam you see. Of course, the Inquirer then suggests that we could solve the spam problem by taking down those 10 people — though that leaves out the fact that others would quickly fill in behind them. In the past, we’ve seen other top spammers taken out, either through legal means or less than legal means and it hasn’t done anything to stop the onslaught of spam. While it makes sense to try to make things more difficult for the top spammers in hopes of keeping others away from the business, it should be pretty clear that spamming is quite lucrative for some people, and it’s not just going to go away any time soon, no matter what you do to those at the top of the current spam pyramid.
Comments on “Does 80% Of Spam Come From Just 10 Spammers?”
We can find spammers but not prosecute them
The continued existence of spammers remains a mystery to me. Not the technical issues, since I think we all understand the intrinsic faults of the mail protocols, open relays and non-verifiable push routing algorithms, but the politics is odd.
I mean, if I were to portscan the entire domains of several government and comercial organisations I would have someone knocking at my door within a day, but nobody tackles the spammers who send out millions of unsolicited junk mails.
Both actions are illegal, and both actions are equally possible to track down the perpetrator given a little time and motivation, not least of all because spammers are tracable via the sites through which they offer goods and services. Yet nobody tackles the spammers, though you would think there are a large number of powerful interests who stand to lose and who have the teeth to take on the spammers.
The argument that others would just replace the prosecuted spammers is specious, by analogy why not apply that reasoning to house breakers and muggers?
Without having to adjust my tinfoil hat too much, I think there’s something obviously rather queer about this entire situation. It kind of stands to reason that the serious spammers not entrepreneurial individuals and groups working in the black economy but are in fact backed by mainstream interests who afford them a level of cover and protection.
How else could the courts and legal system so consistently fail to deal with trangressors who are operating in plain sight right under their noses?
Misanthropic put it pretty well… although I don’t think it’s as much of a conspiracy.
These spammers A) are making money B) it’s not costing them anything C) they are childish and think it’s partly a game.
So these spammers think they are clever…but really they are not.. they are just preying on people’s good nature. Most of us just ignore their emails and delete them… figuring it takes less time to delete a few emails then to launch some sort of civil action.
So they are not clever, we are just too nice.
Here’s a tinfoil hat theory… in an effort to avoid detection with one on one communication, potential ne’rdo-wells could contract these spammers to send out messages with embedded details for more co-ordinated wrongdoing.
Sure, the various national security organizations could track a single email from one person to another; but could they determine the intended recipient to such a message when its sent to millions of recipients.
Really, though – one or two evening news exclusives aside, these stock spam messages, (w/ embedded, animated gifs) can’t be generating income for their respective companies. Who could possibly benefit?
The Antispam software manufacturers, I suppose…
YOUR URGENT ATTENTION IS NEEDED
From: James Dugo Esq. (For Trustees)
Managing Partner(Dugo Chambers)
PRETORIA SOUTH AFRICA
NOTIFICATION OF BEQUEST:
On behalf of the Trustees and Executor of the estate of Late
Mr. Edwin
Gabriel, I once again try to notify you as my earlier letter
was
returned undelivered. I hereby attempt to reach you again by
this same
email address on the WILL. I wish to notify you that late
Mr. Edwin
Gabriel made you a beneficiary to his WILL. He left the sum
of Five
Million One Hundred Thousand Dollars (USD$5,100.000.00 ) to
you in the
codicil and last testament to his will.
This may sound strange and unbelievable to you, but it is
real and
true. Being a widely travelled man, he must have been in
contact with you
in the past or simply you were nominated to him by one of
his numerous
friends abroad who wished you good. Mr. Edwin Gabriel until
his death was
a member of the Helicopter Society and the Institute of
Electronic &
Electrical Engineers. He was a very dedicated Christian who
loved to give
out. His great philanthropy earned him numerous awards
during his life
time. Late Mr. Edwin Gabriel died on the 16th day of
February 2004 at the
age of 90 years and his WILL is now ready for execution.
According to him
this money is to support his Christian activities (may his
soul rest with
the Lord) and to help the poor and needy.
Please if I reach you as I am hopeful, endeavor to get back
to me as
soon as possible to enable me conclude my job. I hope to
hear from you in
no distant date.please contact me on this email:
jamesdugo@myway.com
Yours in His service,
James Dugo Esq.
Re: YOUR URGENT ATTENTION IS NEEDED
Man that guy was nice, he alos left me $Five million. Hey! I t’s the same letter. WTF? It’s my Five million and you can’t have it.
Re: Re: YOUR URGENT ATTENTION IS NEEDED
Well he must have liked me more, he left me 10.5 million. And I don’t think I feel like sharing either. So WTF, Where’s the check???? Still waitin in Alaska
Re: Re: Re: YOUR URGENT ATTENTION IS NEEDED
Re: Re: YOUR URGENT ATTENTION IS NEEDED
WTF. I inherited $5.1 million too.
Re: YOUR URGENT ATTENTION IS NEEDED
Man that guy was nice, he also left me $Five million. Hey! I t’s the same letter. WTF? It’s my Five million and you can’t have it.
Re: Re: YOUR URGENT ATTENTION IS NEEDED
It is MINE I tell you, MINE MINE MINE
Re: YOUR URGENT ATTENTION IS NEEDED
I got this one too!
Re: YOUR URGENT ATTENTION IS NEEDED
I received this same email but the “To” address was empty and there was no information given to contact the asshole who sent it. What I wonder is how these scammers are getting my email address?
Re: YOUR URGENT ATTENTION IS NEEDED
i recieved this e-mail!
Re: YOUR URGENT ATTENTION IS NEEDED
he left me USD$5,100.000.00
never even met the man hahaha, effing idiot
Re: YOUR URGENT ATTENTION IS NEEDED
I just got this from “Barrister Eric Sipho.” I am in the process of scambaiting him now.
Re: Re: YOUR URGENT ATTENTION IS NEEDED
This scum needs to be punished. He is telling a lot of people that they inherited $5.1 million. Then he tries to collect $2,000 from you to process it. He has been doing this same scam for years.
Re: YOUR URGENT ATTENTION IS NEEDED
I just today received this exact same e-mail!
The author is William Kaven though I did submit a complaint.
Solution exists
and the solutions name is Gmail.
Got about two pieces of spam in the year or more I’ve been using it that didn’t get caught by the filter, and no legitimate email snagged incorrectly (I check).
Gmail is not a solution. The spammers will find your email address eventually, and get ready for the torrent of spam.
My gmail used to get no spam at all, but recently its been getting on the order of 10 a week, quite annoying really…I didn’t sign up for any lists or anything recently, so I don’t know what did it.
Blocking
What ISPs need to do is block incoming requests to home accounts.
That would prevent a good deal of the exploits, starting today, and prevent spammers from broadcasting command and control messages to their botnets. It would also, in term, block a good deal of the addresses to which infected computers could “phone home” for commands….
…which it turn would make it MUCH easier to target and block the reall C&C nodes, or block individual spam servers.
Yeah, it might prevent Joe Geek from running a home Linux web server, but I think I’d be willing to give that up to block a great deal of the spam generated daily.
Blocking
Michael, botnets typically use IRC or make it where the zombied windows box’s send outgoing requests and read what it’s instructions are.
Your method would stop very little botnet activity.
Or atleast that is the way I’ve come to understand it.
Charles~
Block incoming connections..? haha!
You’d kill most games, for a start.
You’d also kill many VoIP and chat applications.
And VPN’s, which would piss off a lot of business customers.
Bother spammers? Not one bit… For the most part, zombie PC’s get infected via mail and controlled via IRC. They really don’t need to handle any inbound connections, ever.
Re: Block incoming connections..? haha!
It would seem to me that connections for most of the above are made from a home client to a server not located in a “home” ISP network. Thus, things like a VPN connection to the office would still work. And what we’re talking about is really just what a good home firewall is supposed to do anyway. Block incoming requests.
However, any requests from outside TO an infected home ‘bot, IRC or not, would be blocked, as would any requests said bot would attempt to make to another home bot, which would in turn, as I said, begin to dramatically limit the number of command and control channels available.
If all of the current ‘bots suddenly lost C&C spam would drop. And if any new bots were forced to communicate with a finite set of servers setup in China or Russia or somewhere, then those addresses could be blocked as well.
Sorry John, I disagree
These spammers
A) are making money
B) are making money
C) are making money
D) it’s not costing them anything (or at least not much)
E) they are not childish, they are business people
. . . these spammers think they are clever . . . and they are. See A through E above. The script kiddies are still out there, but they are a minor factor now. It’s about big money.
The poster who said to go after the retailers who employ spam (and spammers), has it right, although it will be difficult to stop those who sell online internationally. On the other hand, I used to get tons of spam from Home Depot.
The other weapon is to convince the entire population of the world to (1) stop opening spam (2) stop buying from those who use it.
I’m not optimistic, are you?
For my full take on spam and some grins, visit my home page
http://stucohen.com/
check out the link “About Spam”
Spam solution.
The problem isn’t so much that people send spam; it’s that clearly someone is responding to it. Realistically if spamers got zero responses at some point they would get bored and just quit. Obviously there are at least thousands upon thousands of people out there who respond to spam (or a couple of people who respond to a WHOLE LOT of spam). That being said the solution is fairly simple: We need to find these people who are responding to spam and kill them (or at least take their computers away).
spam and gmail
i currently have 2657 spam messages. they come so fast i can’t even clean them out any more. when i had bluefrog, it almost stopped completely. then they wussed out when pressured by pharmamaster, the russian hacker.
Re: spam and gmail
who is pharmamaster?
i don’t think he’s russian….my friend used the same alias and he is Israeli.
Article Changed
The article in question was amended to 200 spammers running 80%, the top 10 just being the top of the batch.
Ill betcha...
Barracuda Networks love those guys and pray for their health every night (they make enterprise class anti-spam firewalls)
~RJH
http://www.thatpoliticalblog.com
SPAM
I run a medium sized corporate network, on the average we receive 100,000+ e-mails a day, less then 3,000 make it through the filter. Pretty pathetic, I hate spammers.
Stopping spammers can stop spam
I’m not sure I agree that going after spammers doesn’t stop spam. Criminologists agree that the risk of getting caught and the penalties of getting caught are the prime deterrent for criminals. I suspect it’s the same with spam.
There is some evidence that legal action against spammers does actually work. As reported on my blog, Bad Language the Dutch telecoms regulator was able to reduced Dutch-language spam by 85% in a short time by going after the spammers. Imagine if we could do that on a global scale.
Other countries are catching up. The British government recently passed a law against denial of service attacks (see Get Safe Online’s blog) and creating, holding or using phishing type software. The next step is enforcement, of course.
Gotta pay to play.
There is no government willing to stop spam because there is no payoff to the politicians. The victims of spam are too diffuse to organize and offer compelling bribes. Gotta pay to play.
‘we’ve seen other top spammers taken out, either through legal means or less than legal means’
Dropping some paveway laser guided bombs down their chimneys might do the trick.
Spammers make money because they convince companies that spam is an effective marketing means. Even if they get no response, it will not stop them from claiming that they can reach over X million people with just one click.
The companies that hire the spammers should be prosecuted as an accomplice. I call them accomplices, because what they are doing to our Internet infrastructure is really a crime against society. It is their dollars that fuel the spam engine.
The most famous spammer in Russia (he ran an school or something) won’t be sending any more spam, thats for sure. Course, someone put a bullet in his head.
If people wonder why spam exists, its pretty simple. It costs virtually nothing for a spammer to send out spam. If they get one sale, they make a profit. 99% of the people might just delete it, but there is profit in percentages when your cost is virtually nothing.
Personally, I would rather receive spam than junk mail. Its a lot easier to delete an email than it is to carry a piece of paper to the curb.
Making an Example of Spammers
I get zero spam in my Gmail account and dozens of spams a day in my Yahoo account.
99% is garbage.
I like the idea of going after people who respond to spam and encourage them to keep sending out spam. But I also really like the idea of catching a few spammers and executing them on national television, though that might be a touch extreme.
Spam isn’t just a nuisance, its a serious problem for businesses to cope with and the law doesn’t take it seriously at all.
I have taken to tracking the stocks I get spams for, just to watch them crater. Its oddly satisfying.
I just don't understand it !
I get zero spam, but, I believe it is how i use email.
I have multiple pop3 accounts. Mainly from ISP’s.
2 are my primary accounts. I guard them agressively. They are only given to people and/or companies that have proven their “worthiness”.
One has Postini and the other I use Mailwasher on.
2 others are for family & friends who like to “forward”. 99% of those emails are dumped without being seen. But, I can honestly say “I got ’em” These are Comcast addys.
1 CC said I have to use, for info and billing from them. Another, I set up, cuz I could. They do from time to time get hit by spam. But, I have never given them to anoyone or use them. CC has proven they can’t be trusted. Only CC knows of them, so, where do the spammers get their data from ?
I also have a Gmail acount, which i limit using. Again, 99% get dumped, and I never check their spam folders.
I am also a person who routinely uses bogus emails when they are demanded. abc@xyz [.net, .org, .com: depends on where my fingers are resting.]
Also, if I am required to check and respond to an email, for something “free”, then it isn’t worth the cost.
I don’t know..I guess it is just me.
Re: I just don't understand it !
Best move I ever made, although it was entirely accidental and I have to take the time to re-create it. I used aol account for all shopping, since it already got more spam than any other account, another – yahoo I think, for ezines and other requested spam-like emails, etc.
I’m also one of the few people at work that do not get spam to my work email (both my current job and the previous one) – which I attribute to not using my work email address EVER for anything but work-related emails.
Linux Poker Online
There are so many linux poker rooms out there, how can you choose just a single Linux poker room?
More poker sites for Linux
Check out http://www.linuxpoker.net
YOUR URGENT ATTENTION IS NEEDED
This stupid person also left me a part of his will. I am at a young age and have a gmail account. WHOEVER is doing this needs to be stopped. I am afraid that whoever this weirdo is can access personal files through my email, however this evil person got it, and either stalk me, harass ne, rob me, even murder me. I know it is possible if you have high enough power. Many people could be killed over this!
Re: YOUR URGENT ATTENTION IS NEEDED
Come on man, the chance of you getting killed over spam mail is like falling out of a plane, without a parachute, and catching a bald eagle, and flying it to the ground unharmed… get over it, you sound concerned, but dont be, you can always change your ip address.
spam or not?
From: James Dugo Esq. (For Trustees)
Managing Partner(Dugo Chambers)
PRETORIA SOUTH AFRICA
Email:jamesdugo12@webmail.co.za
NOTIFICATION OF BEQUEST:
On behalf of the Trustees and Executor of the estate of Late Mr. Edwin Gabriel, I once again try to notify you as my earlier letter was returned undelivered. I hereby attempt to reach you again by this same email address on the WILL. I wish to notify you that late Mr. Edwin Gabriel made you a beneficiary to his WILL. He left the sum of Ten Million One Hundred Thousand Dollars (USD$10,100.000.00 ) to you in the codicil and last testament to his will.
This may sound strange and unbelievable to you, but it is real and true. Being a widely travelled man, he must have been in contact with you in the past or simply you were nominated to him by one of his numerous friends abroad who wished you good. Mr. Edwin Gabriel until his death was a member of the Helicopter Society and the Institute of Electronic & Electrical Engineers. He was a very dedicated Christian who loved to give out. His great philanthropy earned him numerous awards during his life time. Late Mr. Edwin Gabriel died on the 16th day of February 2004 at the age of 90 years and his WILL is now ready for execution. According to him this money is to support his Christian activities (may his soul rest with the Lord) and to help the poor and needy.
Please if I reach you as I am hopeful, endeavor to get back to me as soon as possible to enable me conclude my job. I hope to hear from you in no distant date.please contact me on this email: jamesdugo12@webmail.co.za
Yours in His service,
James Dugo Esq.
Man, I got this on 12-2007, that man must think that we don’t check the internet for spam mail
——————————————————————————–
Re: spam or not?
I got the exact same e-mail, only it was from Barrister Eric Sipho.
From: Dada William Esq. (For Trustees)
Managing Partner(Brian Chambers)
Pretoria, South Africa
Tele:+27 78 8278 919.
Fax:+27 86 6194 289
NOTIFICATION OF BEQUEST:
On behalf of the Trustees and Executor of the estate of Late Mr. Edwin Gabriel, I once again try to notify
you as my earlier letter was returned undelivered. I hereby attempt to reach you again by this same email
address on the WILL.
I wish to notify you that late Mr. Edwin Gabriel made you a beneficiary to his WILL.
He left the sum of Ten Million One Hundred Thousand Dollars (USD$10,100.000.00 ) to you in the codicil and
last testament to his will.
This may sound strange and unbelievable to you, but it is real and true.
james dugo
just thought id let everyone know that mr james dugo is now with yahoo
Late Mr. Edwin Gabriel
i just got this good thing i looked it up on the spam net.
“Eric Sipho”
03/20/2008 05:47 AM
To
undisclosed-recipients:;
cc
Subject
FINAL BEQUEST NOTICE
From: Eric Sipho Esq. (For Trustees)
Managing Partner (Sipho Chambers)
PRETORIA SOUTH AFRICA
Email: ericsipho1@webmail.co.za
NOTIFICATION OF BEQUEST:
On behalf of the Trustees and Executor of the estate of
Late Mr. Edwin Gabriel, I once again try to notify you as
my earlier letter was returned undelivered. I hereby
attempt to reach you again by this same email address on
the WILL. I wish to notify you that late Mr. Edwin Gabriel
made you a beneficiary to his WILL. He left the sum of Five
Million One Hundred Thousand Dollars (USD$5,100.000.00) to
you in the codicil and last testament to his will.
This may sound strange and unbelievable to you, but it is
real and true. Being a widely traveled man, he must have
been in contact with you in the past or simply you were
nominated to him by one of his numerous friends abroad who
wished you good. Mr. Edwin Gabriel until his death was a
member of the Helicopter Society and the Institute of
Electronic & Electrical Engineers. He was a very dedicated
Christian who loved to give out. His great philanthropy
earned him numerous awards during his lifetime. Late Mr.
Edwin Gabriel died on the 16th day of February 2004 at the
age of 90 years and his WILL is now ready for execution.
According to him, this money is to support his Christian
activities (May his soul rest with the Lord) and to help
the poor and needy.
Please if I reach, you as I am hopeful, endeavor to get
back to me as soon as possible to enable me conclude my
job. I hope to hear from you in no distant date. Please
contact me on this email: ericsipho1@webmail.co.za
yours in His service,
Eric Sipho Esq.
Win! ILLUDER.com is giving away a complete inverter system worth R15 000! Enter here now!
http://www.illuder.com/brabys/competition.htm
5.1 Mill
Damn – and I thought I’d be living on easy street.
From: Eric Sipho Esq. (For Trustees)
Managing Partner (Sipho Chambers)
PRETORIA SOUTH AFRICA
Email: ericsipho1@webmail.co.za
NOTIFICATION OF BEQUEST:
On behalf of the Trustees and Executor of the estate of Late Mr. Edwin Gabriel, I once again try to notify you as
my earlier letter was returned undelivered. I hereby attempt to reach you again by this same email address on
the WILL. I wish to notify you that late Mr. Edwin Gabriel made you a beneficiary to his WILL. He left the sum of Five Million One Hundred Thousand Dollars (USD$5,100.000.00) to you in the codicil and last testament to his will.
This may sound strange and unbelievable to you, but it is real and true. Being a widely traveled man, he must have
been in contact with you in the past or simply you were nominated to him by one of his numerous friends abroad who wished you good. Mr. Edwin Gabriel until his death was a member of the Helicopter Society and the Institute of Electronic & Electrical Engineers. He was a very dedicated Christian who loved to give out. His great philanthropy earned him numerous awards during his lifetime. Late Mr. Edwin Gabriel died on the 16th day of February 2004 at the age of 90 years and his WILL is now ready for execution.
According to him, this money is to support his Christian activities (May his soul rest with the Lord) and to help
the poor and needy. Please if I reach, you as I am hopeful, endeavor to get back to me as soon as possible to enable me conclude my job. I hope to hear from you in no distant date. Please contact me on this email: ericsipho1@webmail.co.za
yours in His service,
Eric Sipho Esq.
late mr gabriel
I know it is cleverly deceived mail. But i love the trill it caused me. I just want to try it out, how long it can last. By the way, the best part, yet to come, when I have to pay the remittance fee……, i’m drooling in participation……. Luck to me.
Re: late mr gabriel
I played along too, for about a month. He finally wanted me to wire him $2,000 for some bogus forms from the High Court of South Africa. I actually received phone calls from this jerk, as well as from another jerk claiming to be the banker. What’s sad is some people are probably wiring this prick the money.
Re:late mr gabriel
I got the same e-mail supposed to be 5 million one thousand dollars richer! Knew it wasn’t kosher and now I know why do these people think you can’t check this stuff out!!!! I will be filing a complaint you think after all these people file them they would stop trying to scam more people! Oh by the way my guy was William Gregg!
Mr James Dugo
If people read this with half a brain, they will see it for what it is. eg. He says my email was put on a will, when I didn’t have an email!!!!
spam?
From: William kaven Esq. (For Trustees)
Managing Partner(william Chambers)
PRETORIA SOUTH AFRICA
Email: Williamkaven_44@yahoo.com
NOTIFICATION OF BEQUEST:
On behalf of the Trustees and Executor of the estate of Late Mr. Brain York, I once again try to notify you as my earlier letter was returned undelivered. I hereby attempt to reach you again by this same email address on the WILL. I wish to notify you that late Mr. Brain York made you a beneficiary to his WILL. He left the sum of Five Million One Hundred Thousand Dollars (USD$5,100.000.00) to you in the codicil and last testament to his will.
This may sound strange and unbelievable to you, but it is real and true. Being a widely travelled man, he must have been in contact with you in the past or simply you were nominated to him by one of his numerous friends abroad who wished you good. Mr. Brain York until his death was a member of the Helicopter Society and the Institute of Electronic & Electrical Engineers. He was a very dedicated Christian who loved to give out. His great philanthropy earned him numerous awards during his lifetime. Late Mr. Brain York died on the 16th day of February 2004 at the age of 90 years and his WILL is now ready for execution. According to him this money is to support his Christian activities (May his soul rest with the Lord) and to help the poor and needy.
Please if I reach you as I am hopeful, endeavor to get back to me as soon as possible to enable me conclude my job. I hope to hear from you in no distant date. Please contact me on this email: Williamkaven_44@yahoo.com
yours in His service,
William kaven Esq.