Posted on 02/23/2005 7:11:07 AM PST by holymoly
[Technology News]: Spam fighters are cheering from the sidelines a recent US court decision that dovetails with their technological efforts to turn the tidal wave of spam that threatens to drown the world's computer networks.
Jeremy Jaynes was found guilty last November by a state court in Leesburg, Virginia, of sending more than 10 million unsolicited emails a day. He was hawking pornography, work-at-home schemes and stock-picking software.
The spams are estimated to have earned him about $750,000 a month. He is now on $1 million bail, forbidden from using the internet and will be sentenced this month. The jury has recommended he gets a nine-year jail term.
"A successful trial with all the time and resources we're spending on this issue just feels so good," says Jonathan Zdziarsky, an anti-spam software expert.
Washington-based Internet Law Group lawyer Jon Praed, an observer at Jaynes' trial, says it was the first time criminal law had been used so well against a spammer, and the case highlights how legislation and technology are joining to beat spam. "Everyone in the court understood that this verdict was a precedent-setting, awe-inspiring moment," he says.
Jaynes' operation was run from a chaotic office in Raleigh, North Carolina. Cabling to 16 high-speed internet links snaked everywhere. There were CDs packed with spammed email addresses and servers with spam emails. Even as the police arrived, spamming was in progress. The place was littered with to-do lists. One read simply: "Solve spam filters".
That note provided a rare window into how spammers think, says Paul Graham, author of the first content-based spam filter and organiser of a recent anti-spam MIT conference. He says it shows that spammers believe email filters are easier to beat than they really are.
Filters installed by the ISP are the main line of defence against spam. These scan messages for words typical of unsolicited commercial emails, and discard those that they find.
But a percentage always seeps through, partly because spammers are sometimes able to fool the scanners by including large quantities of random text in their messages.
Spammers improve the chances that at least some of their messages will get through by using viruses that turn infected computers into "zombie" machines that are fooled into sending spam.
But Praed says technology alone will not to stem the flood of unsolicited email: "The solution to spam is the marriage of technology and law." Lawyers are just beginning to learn how to use Australian and European Union laws enacted in 2003, and the US federal Can-Spam Act, to bring spammers to book.
Project Honeypot, the brainchild of Chicago lawyer Matthew Prince, is a marriage of law and technology. It takes advantage of a clause in the Can-Spam Act that makes harvesting email addresses for spamming purposes illegal. Spammers collect email addresses using "crawler" software that trawls websites looking for them. These addresses are the spammers' lifeblood, and Prince hopes to cut it off.
Webmasters who want to help fight spam download Project Honeypot's software, which is designed to turn their website into a magnet for harvesters.
If the site detects that a crawler is visiting, the software generates a fake email address for the crawler to grab, and records the address of the crawler and the time and date. The fake address then vanishes from the site, but remains valid as a mailbox. Because it is a fake, no one will send it legitimate mail. If any mail arrives it can only have come from the spammer who grabbed it off the Honeypot site.
Detectives then begin building their case.
Three months into Project Honeypot, Prince is using the data the software returns to plot spamming networks for future busts.
"These are the tools and data we need," Praed says.
In the spamming arms race, spammers are likely to begin programming their harvesters to detect honeypots and ignore them. But Prince says he is ready for this with counter measures.
$750K a month??? I hate spam, but this is enough to give one pause...
Spam must work for somebody as a marketing technique, which I guess proves that computer literacy is not a disqualification for stupidity.
This is from the Onion right? I mean spam is kicking our @ss and they're acting like all's well in Wonderland.
"The spams are estimated to have earned him about $750,000 a month."
Do you think maybe shutting down the companies who PAID him this money to spam people might do a little more good then just jailing a replaceable spammer ?
Just how hard would it be to track down a mortgage refinance or viagra company ?
I love this! I hate spammers, and hope spammers rot in their own skin. Now, what I REALLY want is something that returns the spam to the sender and melts down their hardware instantaneously. Did I tell you that I hate spammers?
Or if someone typed in an address accidentally. Of course, the likelihood of this is extremely small, so having three honeypot hits would establish the case well beyond a reasonable doubt.
Now that would be effective, but it would need legislation. Follow the $$$$.
Honeypots are an older concept, they are applying it to spam now.
I am guessing that the majority of mortgage refinance, prescription drug, software, etc. sales pitches are not to sell, but to steal credit cards and engage in identity theft. Just my guess.
Done. I run 3 sites. One had 60,000 hits a month-not a lot, but not nothing, either.
Short of the more attractive option of physically murdering spammers, it will have to do as a modest start.
Can someone explain spam to me. I know what it is but I don't know how these spammers get paid. Why don't the legitimate companies that are represented do something about this? It would seem that this problem could be resolved through legislation. That is to say a corporation could not use or pay for this information. I guess I don't really understand it.
If there wasn't a market for it, spam wouldn't exist.
"Legitimate mortgage companies buy a list of people who want to get a mortgage. They don't ask where the list comes from, and spammers are happy to provide 'em."
Couldn't these mortgage companies be required to provide the source of these lists? And then go to these sources and find out where they got them. If through spam they should be put out of business. I have fallen into this trap and had and still have these people contacting me. Seems I clicked on a pop-up ad in Drudge one time. That was over a year ago.
So the spammer programs his crawler to check the site again in the next day or so. If the address has vanished it's a trap address which isn't added to their spam list.
No legitimate business spams. A few tried it and the backlash taught them a lesson
Essentially NO real products are advertised by spam. All are scams, frauds, counterfeit trademarked goods, fake herbal remedies, knockoff drugs, counterfeit drugs, chain letters, Nigerian scams, fake dental insurance, porn, chain letters, Ponzi Schemes, spam software and adress CD's, Laundry CD's, Diet supplements, cancer cures, and Phishing attempts at stealing account information of bank or payal customers, or offers of "FREE" software that install trojans so your cable conection can be used by spammers.
Last year, a self-professed spammer on here challenged this. So I invited it to post a cut-and-paste on ONE SINGLE legitimate product that he spamvertised. No response.
If it's spam, it's fraud. Period.
Regardless of overseas relays used, many spammers still originate in Florida, known in pre-spam days as the "Mail Fraud Capitol of the World", and in particular, Boca Raton.
The only thing lower than a spammer is a sucker who buys spam-advertised goods.
From an old MSNBC article. Ameriquest, Quicken Loans, LoanWeb!!!!!
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Aug. 8 2003 -- There wouldn't be spam if there wasn't money in spam. So to understand what primes the spam economy, MSNBC.com answered a single unsolicited commercial e-mail. Following this one spam trail led us from Alabama to Argentina, from a tiny Birmingham-based firm and someone named "Erp" past a notorious spammer named Super-Zonda -- and right through big-name companies like Ameriquest, Quicken Loans, and LoanWeb. And that's just the beginning. The truth about spam is this: While the dirty work is done by secretive, faceless computer jockeys who are constantly evading authorities, lots of companies with names you know profit, at least tangentially, from their efforts.
DON'T MISS THE lowest mortgage rates in history!" screamed the e-mail, which urged recipients to visit a Web site to ask for more information on a new home loan. It claimed to be from "Gay Helms," but the e-mail address looked fishy -- m58ycxx@yahoo.ca. Its e-mail headers revealed the note started its life, not in Canada, as the e-mail address suggests, but in Argentina, sent from telecom.net.ar. That's a sure sign of spam. And, for good measure, it included an infographic on mortgage rates stolen from MSNBC.com.
Later, with the help of spam-fighting firm Message Labs Inc., we would learn that e-mail headers in the note indicate it was sent from an IP address range known to be used by Juan Garavaglia, also known as "Super-Zonda." Garavaglia is believed to send out some 30 to 40 million spam each day.
But we started with just one.
We clicked on the link and were transported to a Web page at LWSMortgage.com, where we filled out the form with traceable, fake information and waited to see what happened to our data.
Four days later, four companies sent us an e-mail indicating they knew we were looking for a new mortgage: Ameriquest, Quicken Loans, LoanWeb, and Ivy Mortgage, a small mortgage broker based in North Huntingdon, Penn.
But none of those companies sent the spam. So how did they get our information?
One of two ways: They either bought it through third party companies called "lead generators," or paid third-party contractors called "affiliates."
Lead Generators
Lead generators are behind-the-scenes Internet companies that get lists of consumers they say are interested in a new mortgage. For each neat package of data provided to a mortgage company, which includes name, phone number, address, amount of loan desired, current home value, and other information, lead generators earn about $20. That's a small price to pay for a potential $1,000 profit off a new loan, said Ivy Mortgage branch office manager Brian Jolen, who couldn't track our data precisely, but said his company does buy from lead generators. "Actually, it does work."
And it works for spammers, too, who basically split the profits with lead generation companies. It's the ideal spam business, said one former spammer who requested that his name be withheld. Retail sales through spam, like hawking Viagra and getting tiny per-purchase payments, are hard work. But convincing a consumer to simply fill out a form is much easier.
"What always seems to sell well and will always, I know it sounds stupid, are loan leads. People respond to that. They say, 'What the hell,' " the former spammer said. "I got $10 to $12 per lead. That's good."
The process also creates plenty of distance between the mortgage companies and the spammers. In their initial e-mails, all four mortgage firms were generally vague about how they got our information.
"I was notified by one of our vendors, probably off the Web, that you would like information regarding a home loan," wrote an Ameriquest representative.
Quicken Loans was more specific, but inaccurate.
"Thank you for requesting more information from Quicken Loans through our Web site," the firm's note said.
Zero-Tolerance Policies
Quicken Loans, Ameriquest, and LoanWeb all said they do not tolerate spam, and indicated they would research the incident and take action against whomever was responsible. But only Quicken Loans revealed exactly where it had purchased our information.
It came from Mleads.com, a mortgage lead generation company.
Mleads attorney Derek Newman said the firm doesn't tolerate spam, and is "careful about policing affiliates." Indeed, after a little research, Newman was able to fill out the picture of our spam's history, and he said the offending affiliate was immediately canned.
Newman said the initial mortgage lead was generated by an affiliate of an affiliate of Mleads, a Birmingham, Ala., company named IC Marketing and a man who goes by the name "Erp."
After IC Marketing received our data, it sold our information to a firm named Infoclear Marketing in Dallas, which then sold it to Mleads, which in turn sold it to Quicken Loans, according to Newman.
Infoclear immediately terminated its contract with IC Marketing when it heard about the spam offense, said Patrick Thurmond, who identified himself as a founder of Infoclear. Thurmond says such multiple layers of resale are common in the lead business.
Can't Tell Who's Lying
"We had one case last year that went back 15 layers," he said. "You don't know who's lying to you and who's not."
"Erp" -- who refused to provide his real name -- said he didn't sell our information directly to Infoclear. Instead, he actually sold our data to a man named Rich Nolan, who operates Yourleadsource.com in Colorado Springs, and Nolan sold it to Infoclear. Nolan confirmed the assertion in an interview.
But Erp said he wasn't responsible for the original e-mail, either. He said he bought it from someone else, who in turn bought it from someone else, who in turn bought it from an e-mailer based in China. He didn't provide contact information for those layers.
IC Marketing doesn't send out spam, Erp insisted -- his firm merely resells mortgage leads, gleaning 25 cent or 50 cent profits for each lead sent up the food chain.
Such is the messy world of affiliate marketing. Jeff Hain, director of marketing for LoanWeb, blamed his firm's involvement in the spam on an affiliate who acted outside the company's policies. The Internet is full of such arrangements, first popularized by Amazon.com years ago. Small Web sites that push traffic and business toward a larger firm get a small slice of the profits. It is often tempting for affiliates to send out spam to create such profitable traffic.
"We have thousands of affiliates out there," Hain said. "When we get complaints, we ask the list owner to provide us with an audit trail," including the date and time the e-mail recipient signed up with an opt-in list.
System Relies On Complaints
But a system that relies on complaints only works when consumers doggedly hunt down spammers -- and their beneficiaries. Few consumers would go to the trouble of creating a fake persona to track down the true benefactor of a spam message. Barring that, the affiliate can get away with it.
In fact, despite all the noise about spam, actual consumer complaints are rare, says Jim Gregory, who managed spam abuse issues for Internet service provider Slingshot.com.
"We had one guy sending out 1 or 2 million spam a day, and we'd only get 40 or 50 complaints," he said. And that's just a complaint about the spam e-mail itself -- which would never make it to the legitimate commercial company like LoanWeb, the ultimate beneficiary.
Mortgage companies are hardly alone in the murky world of the spam economy. Such out-of-control affiliates are frequently used to deflect criticism against all kinds of unsolicited e-mails.
Blame The Consumer
Another popular deflection tactic -- blame the e-mail consumer.
When e-mail recipients call a retailer to complain, the usual reply is, "you must have joined a mailing list for one of our partners at some point." Again, dogged patience is required to insist that the firm provide an "audit trail," which shows exactly when that e-mail address was subscribed to a list.
That was MSNBC.com's experience with Kraft's Gevalia Kaffe, one of the most popular retail e-mail commercials in circulation today. Gevalia is subscription-based coffee product sold by Kraft on a Web site, Gevalia.com. Spam abuse mailing lists are full of complaints about e-mails urging people to try the luxury European coffee, which includes an offer for a free coffee maker.
The e-mail offers arrive many times each day at MSNBC.com. After about a month's worth of requests for information, Kraft still hadn't produced an audit trail for the e-mail. But it did say it works hard to prevent its affiliates from sending out spam.
Through an e-mail interview, company spokesperson Abbe Serphos said, "Gevalia has no tolerance policy regarding SPAM, and we have strict policies in place that govern our e-mail communications to consumers." Some affiliates have been dropped for breaking those rules, she said, but she wouldn't elaborate.
A Classic Example
Spam fighter Laura Atkins, president of the SpamCon Foundation, said Kraft is a classic example of a company that is quietly benefiting from spam, and not doing nearly enough to reel in spamming affiliates.
"They are violating California state law and they don't care," she said.
There is only one effective way to stop out-of-control affiliates, said Dan Clements, who once operated an Internet advertising network that had several run-ins with affiliate spammers: Legal action against companies that benefit.
"The way to stop the spam is to subpoena the beneficiary site," Clements, who now runs credit card fraud prevention site CardCops.com, said. He actually received such a subpoena once, and said when he was forced to give up contact information and bank account information about his affiliates, "They scattered like rats."
ISPs Make Money, Too
An entirely separate set of companies also benefits from the spam economy -- Internet service providers who carry their traffic.
Well-known spam nemesis Ron Scelson filed for bankruptcy earlier this year, and a review of bankruptcy documents shows he owes Bell South $56,463 for "circuits" and Cable & Wireless another $4,407 as his "Internet provider." Neither company responded to requests for information about the bills.
But it's hardly the first time a big-name Internet provider has been caught in a deal with a spammer. In an embarrassing incident for both AT&T and PSINet three years ago, both firms were caught as participants in secret "pink contracts" with spammers. Long suspected in the spam world, the revelations exposed pink contracts as sweetheart deals for the Internet firms, designed to protect spammers. ISPs get premium, well above normal rates, to sell bandwidth to known spammers. In exchange, the ISP agrees to suffer more than normal complaint rates. In PSINet's contract, revealed on News.com, the firm received an upfront payment of $27,000 from Cajunnet, a marketing firm based in Slidell, La. In exchange, PSINet agreed to permit Cajunnet to send unsolicited email "in mass quantity" through PSINet's lines.
'Many More' Out There
No such embarrassing pink contracts have been disclosed since 2000, but many spam experts say they still exist -- either formally or informally.
"There are many more rumored to be out there," said Ray Everett-Church, chief privacy officer for ePrivacy Group. "There are companies that have had more than enough complaints about a current customer to know some are engaged in massive spamming and yet they remain connected for weeks and months at a time. ... It's evident somebody is either not doing much research before they sign people up, or in the worst case, they are just flat out ignoring complaints."
But the problem doesn't have to be that sinister, said Gregory, the former ISP spam hunter. The problem is often just a question of resources, he said -- ISPs have a much larger sales staff than network abuse staff. One major ISP often only had one staffer working in the spam complaint department, he said.
"They have to argue for resources all the time," he said. By default, spammers can get away with it for weeks or months, he said.
The struggling economy, which has hit Internet service providers particularly hard, has tempted some ISPs to take the tainted money, Everett-Church said.
"You've got a lot of sales forces being approached by folks willing to pay a little extra for reliable connectivity, and looking the other way on contract provisions enforcing antispam rules to keep getting paid those premiums."
Gustavo Monserrat, who fights spam at Argentina's Telecom -- the ISP where the mortgage spam cited at the top of this story began its life -- admitted as much in a post to the spam abuse Internet newsgroup in May.
Quick Return
"Many customers have been unplugged due to spam reasons and due to a system's issue some have rebought our services under different names/credit cards/phones," he wrote. In "one case, we actually separated a customer from our network but hours later our money-thirsty salesmen sold him the service again."
In a follow-up e-mail, Monserrat said his company has new procedures in place to stop spammers from re-upping with his ISP once they are disconnected.
But in a struggling economy, the premiums that spammers will pay can be hard to resist, said Spamhaus.org's Steve Linford.
"Most of the ISPs are good to their word and are fighting it very, very hard," he said. "But as you get into the larger ISPs, especially those that are in any form of financial difficulty, the engineers, abuse staff and technicians all want the spammers off the network, but you have the sales staff looking at the money. ... The engineers will be fighting internally with the sales managers, but of course the sales managers always win."
So with money always there to prime the system, spam won't stop, said one small-time spammer MSNBC.com interviewed. In his mind, there is only one solution: Consumers have to simply stop answering spam, making it finally not worthy anyone's while to send it.
"The only thing that's going to make spam go away is if people do not respond," he said. "When e-mail first started, you could send out 50,000 e-mails a day and make money. Now you have to invest a lot of money and time, you get a return rate of less than one-tenth of one percent. One day it will become so you can't send enough to make any money. And that's the only thing that will stop spam."
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.