Spam Recipents May Be Entitled to Compensation
Written by Sue Walsh on February 8, 2013
Telecom email users in New Zealand could be in line for some compensation following a
wave of spam that hit them from YahooXtra. Security experts say thousands of YahooXtra users had their accounts compromised and used to pump out large amounts of spam. It’s not quite clear exactly what caused the widespread hacking but signs appear to point to a sophisticated phishing attack. That attack sent highly professional looking notifications to thousands of YahooXtra users, and those who fell for it infected their systems with malware. A second attack used that malware to send out large amounts of spam. YahooXtra released a statement saying the integrity of their user data had not been affected and dismissed claims that the spam campaign was bolstered by a data breech at the company.
”Given the nature of these emails – sent indisputably to Xtra contact lists, in some cases to people who haven’t been in contact for a long time and others very recently – it’s highly likely that either the issue wasn’t patched successfully, a new attack vector has been found or more likely, contact lists have been harvested during the initial attack to enable this secondary attack on Xtra email holders .According to security sources, this original attack appears to have been due to a vulnerability in the Yahoo Developers Network, due to blog software that hadn’t been updated for at least nine months. The fact that there was an XSS vulnerability at Yahoo has been known since at least November,” said IITP head Paul Matthews in an interview with the Dominion Post.
It’s not clear exactly what kind of compensation the users are entitled to, or who would pay it. Do you think users subjected to spam attacks deserve compensation? If so how much and who should pay? Should a user have to prove they aren’t responsible for getting themselves spammed? Please leave a comment with your thoughts!
Loading ...
The idea of users getting compensated for spam is certainly a good one. If this becomes a practice, it will stop at least political and marketing spam. Of course, it will be hard to prove you were spammed and not sent a legit email but if some kind of compensation is allowed – i.e. $5 or $10 for each spam message – this will certainly make companies think before they blast their messages. I guess class action will be very popular because it cuts costs for users – otherwise it makes no sense to sue for $5 or $10, especially when it is not certain who will prevail.
Though the idea seems to be one of the best ways on how to deal with spam, I don’t think it completely addresses the problem. There have been rulings before where spammers were asked to pay for damages or, yes, compensation, and yet none have ever materialized simply because they could not afford the huge amount. In other words, the compensation thing has become impractical for both the spammers and the recipients. Instead of thinking like this, we need to focus our attention on how to officially end spam and develop more concrete and feasible measures to accomplish it.
You are right there, Laura. I think that’s what happened in Papa John’s. A lot of people all together sued the company for spamming. This was also the case in McDonald’s in Australia, though there wasn’t really a case, but several people also complained about the company’s spam. But I see some issues when it comes to suing. One, it takes a long time to settle that the prospect of suing immediately becomes less attractive to the victims. Second, not all countries have reliable laws about spamming. So you’re right in saying that sometimes it’s not clear who’s bound to win in the end.
I have to side with Rodolfo. I don’t think this payment thing is scaring off spammers and stopping them from doing those illegal activities. After all, not one has gone to jail because of it or has paid a huge amount of money! Our country has one of the best anti-spamming laws, and yet it’s not implemented extremely well. Second, a lot of nations still have to have their own, and these laws should complement those of other countries in the sense that the latter can request prosecution. Most of these spamming activities are performed outside our soil.
I don’t think spammers will stop what they’re doing if spam victims will be compensated. They’re too arrogant to accept defeat because of that. They’ll slow down, yes; but they won’t abandon their ships. The compensation, however, will be sweet reward for the recipients. Of course, there has to be clear cut definitions and descriptions on how things should be done, lest nothing will come out of the agreement. The guidelines should not be ignored as one must make sure that compensation is regularly given. Industry experts and developers, however, should continue their quest of finding the protection against spam.