Finally, Payback Time for Spammers
By Allan Holmes | Wednesday, August 08, 2007 | 05:19 PM
By Allan Holmes | Wednesday, August 08, 2007 | 05:19 PM
Wouldn't it be great revenge to hit spammers who fill up your email inbox with those messages touting low-interest mortgage loans and male enhancement drugs right where they live -- on their Web sites?
You can, according to a paper published by researchers at the University of California, San Diego. While thousands of servers deliver those unwanted solicitations and phishing scams to your inbox, only one Web server typically hosts the site that a user is directed to if they respond to the email, the researchers found.
That means, "'a single takedown of a scam server or a spammer redirect can curtail the earning potential of an entire spam campaign,' write the UCSD computer scientists in their paper accepted for publication at USENIX Security 2007 conference," according to an article posted by USCD.
"'The availability of scam infrastructure is critical to spam profitability. Our findings suggest that the current scam infrastructure is particularly vulnerable to common blocking techniques such as blacklisting,' said Geoff Voelker, a computer science and engineering professor at the UCSD Jacobs School involved in the study."
The researchers found that 94 percent of all email scams advertise through an embedded link that is hosted on a single Web server. "Using their new 'spamscatter' approach, the computer scientists studied over 1 million spam messages from a live feed (all the messages sent, over the course of a week, to any email address at a four-letter top-level domain that has no active email accounts). Spamscatter allows researchers to mine emails, identify URLs in real time and follow these links through any redirection mechanisms and on to the Web page on the destination server," according to the article.
Any reduction in spam not only would make individuals' lives easier to manage, it would help clear the clogged pipes carrying Internet traffic, increasing performance. Studies indicate that 80 percent of all Internet email traffic is spam. Some studies indicate spam traffic accounts for as much as 90 percent of all email traffic.
Determining what, exactly, constitutes a spam site versus someone exercising free commerce and freedom of speech could be the next round. But until then, we can hope this approach can slow down the deluge of email spam.
The researchers will present the peer-reviewed paper Aug. 9 in Boston, at the USENIX Security 2007 conference.
I predict a standing-room-only crowd.
Comments
Alright already. Just get on with trashing SPAM. Scam artists continually search the internet for unsuspecting souls.
J.S. | Tuesday, August 21, 2007 | 07:01 AMI believe that Dr. Bruen's claim is incorrect. If you are interested in Dr. Bruen's claim and my answer to it, please see the KnujOn general discussion forum in CastleCops.com.
Keith Marzullo | Tuesday, August 14, 2007 | 08:13 PMSo what can we do? can we fill their email serve and shut them down? If so, how?
Donna Shands | Tuesday, August 14, 2007 | 05:13 PMFirst to market gets the prize. Obviously, the peer-review process didn't stumble over a prior discovery. Better to hash this dispute out in the academic journals or in court vice a news blog. Save the sour grapes for a peer-reviewed critique of the UCSD work instead of an advert weakly disguised as a comment.
Full Disclosure: I am not a "concerned party" in this controversy.
This paper claims discovery of a technique that was actually discovered by KnujOn.com and has been used by knujon.com for about three years. The authors have failed to give credit when they knew better. However, the paper nicely validates the KnujOn technique. Please contact me for full details. See www.coldrain.net and www.knujon.com
Full Disclosure: I am directly involved with KnujOn.
Bob Bruen | Friday, August 10, 2007 | 11:41 AMABOUT THIS BLOG
Allan Holmes on what's happening and what's being discussed in the world of federal information technology.
feed