A law firm in Colorado was being overrun with spam. Employees complained to management. The information technology department was given a directive to fix the spam issue.  The spam filter was tightened and the spam count dropped dramatically. The side affects of fixing the spam issue ended up costing the law firm quite a bit of money.

It turns out the spam filter held back important e-mails. They contained notices from the U.S. District Court for the District of Colorado. Included was a notice advising company lawyers of a court date for a hearing in a civil lawsuit. The judge overseeing the matter ordered the law firm to pay attorney fees and expenses incurred by the lawyers who showed up representing the other side of the case.

Read the rest of this entry »

The Virginia Attorney General is petitioning the U.S. Supreme court in an effort to get the state’s anti-spam law reinstated. It was overturned in September by the Virginia Supreme Court. The court deemed it unconstitutional and a violation of the First Amendment because it prohibited the anonymous sending of bulk mail. They feared the possibility of an individual being prosecuted for sending religious or political emails.

In his petition, Attorney General Bob McDonald argued that the justices based their decision on a hypothetical situation that isn’t likely to happen. That decision led to the conviction of one of the world’s worst spammers being thrown out. Jeremy Jaynes had been first person in the country convicted of a felony for spamming. He allegedly sent close to 10 million emails a day from his home. If the law is reinstated, so will that conviction. His lawyer is not worried:

Read the rest of this entry »

In our zeal to rid the world of spam, let us not forget that there are legitimate marketers out there as well. There are two types of email advertisements. The first comprises the bulk of spam, and is generated to a large degree by untouchable and untraceable spammers, most often in another country. This type of spam is often sent out through redirectors, so the email address cannot be traced. Sometimes the spammer hijacks innocent email addresses and uses them. Often the products, services, or get-rich-quick schemes promoted in these emails are not what they are presented to be. These are the people that get us mad, the ones that make us want to pass laws and send law enforcement agents out to hunt them down. This is of course, a legitimate reaction, and these people should be shut down.

Read the rest of this entry »

Yesterday’s Hartford Courant had an interesting article about spam filters. The author talks about his experience with a newsletter he publishes. Before he sent the latest issue he decided to run it through some spam checking software. When it told him his newsletter was highly likely to be flagged as spam found out some surprising and somewhat disturbing information:

          I contacted the company that distributes my newsletter, and a staff member explained that three sets of words among the issue’s many articles could derail my e-mail: a reference to “young adult,” a common classification for books intended for adolescent readers; a sentence in my editorial — “Speaking of legal matters, it’s getting nasty out there” — referring to the growing number of lawsuits; and a distinguished biographer’s discussion of writing a book for children that included the following comment: “At my public library I queried the children’s division librarian — what works, what does not, who is ‘hot.’ ” The inclusion of “young adult,” “getting nasty” and “hot” was like poison. Indiscriminate spam-blocking software would spot those words, ignore the context and group my newsletter with unsolicited e-mails from purveyors of smut.

Read the rest of this entry »

Posted in Fighting spam, anti spam 1 Comment Tags: anti spam

Here are some tidbits to share as ongoing education for your email user community.

Spamming is an old marketing technique - In the late 19th Century Western Union allowed telegraphic messages on its network to be sent to multiple destinations.  The very first spam was sent by a dentist advertising his services via telegram in 1864. Then, as in now, people who got the unsolicited telegrams became angry.  Some people even wrote the local newspaper complaining of the advertising tactic. When the paper reprinted the telegram, the dentist received more free publicity!

The first email spam was sent by Digital Equipment Corporation’ s marketing manager Gary Thuerk in 1978 to 393 recipients on ARPANET. He was advertising the availability of a new model of DEC computers.

Read the rest of this entry »

The spammer that Facebook won a landmark $873 million settlement against last month operated out of Canada, leading to criticism of the country’s lax anti-spam regulations. They did attempt to address the problem of spam in 2004 when they formed the National Task Force on Spam. The group was made up out of a mix of marketers, telecom companies and public interest groups. However, for reasons unknown the government ignored their recommendation to implement anti-spam regulations. Now, four years later, there are still no anti-spam regulations in place. From the Toronto Star:

Read the rest of this entry »

Around the holiday, I always see more chain emails coming through from well-intended friends and relatives, and so it’s time for an annual warning. Some of these chain emails just have interesting pictures, some make outrageous claims. A large majority of the latter are hoaxes.

A chain email is just like an old-fashioned chain letter. A message is sent to thousands of people, encouraging them all to “pass it on”, often because of either extreme cuteness, or because some bogus message is being trotted out as so incredibly important that recipients will see it as their duty to send it on to as many people as possible. It’s surprising too, how many intelligent and well-educated people actually take the bait, and send it on to everyone in their address book. Here’s a tip: Don’t do it! You’re not going to win a prize from Microsoft. You’re not going to help a sick little girl, and you’re not going to help your favorite cause. In most cases, all you will do is help spread misinformation. But even if on rare occasions the claim does turn out to be true, spreading it through chain emails is still not a good idea–first, because it does very little for whatever cause you may be trying to promote, and second, because there is a security risk involved.

Read the rest of this entry »

The FBI has issued a warning about a new wave of holiday greeting card spam. Scammers are sending emails claiming the recipent has recieved a holiday greeting card from a friend or family member and asks them to click on a link to view it. The link leads to a malicious website made to look like the  page of a popular electronic greeting card site like Hallmark. The site downloads malware on to the recipents computer. It also directs all network traffic between their browser and the fake page, allowing the scammers to steal their personal information. They offer the following tips to help protect yourself from this and other malicious spam attacks:

Read the rest of this entry »

An IDG News Service article asks a highly relevant question about the recent high-profile anti-spam activity: “Where are the Feds?” The article notes the shutdown of a spam network known as HerbalKing, in which the Feds did indeed have a hand. The FTC, FBI, and New Zealand police (in a nice show of international anti-spam cooperation), together shut down the spam network, which had been linked to a huge amount of spam email. However, according to researchers, the action was sort of like taking a cup of water out of the ocean, and within a week, spam was back to its normal levels.

The big action took place a couple of weeks later, when McColo, a San Jose-based ISP and notorious host for spammers and other cybercriminals, was shut down. But unlike the HerbalKing operation, the McColo shutdown did not involve any Federal agencies. Who was responsible for shutting it down? Researchers and reporters, mostly, who publicly humiliataed carriers Global Crossing and Hurricane Electric, who provided service to McColo. After being taken to task, the carriers dropped McColo as a client.

Read the rest of this entry »

Click here or on the map to the right for real time Spamming IPs detected.

It is absolutely amazing that legitimate Internet and telecommunication related companies provide a huge global infrastructure that spammers leverage everyday.  These companies are in business to facilitate legitimate business growth, but it’s hard to track legitimate businesses from those setup to deliberately send illegal spam.

“White Paper - Atrivo and their Associates” was recently published by Jart Armin. It provides the results of a study initiated to track and document scientifically the ongoing cyber criminal activity from within the IP space and servers controlled by the California-based Atrivo, and other associated entities.  This white paper was published  in association with James McQuaid and Matt Jonkman.  The Technical Review of this white paper was performed by Bob Bruen and David Bizeul with the help and assistance of many “concerned netizens” within the Internet and Open Source Security community.

Read the rest of this entry »