[ISN] It's Time To Take Spam Fight To The Bad Guys

From: InfoSec News (isn@private)
Date: Tue Dec 16 2003 - 03:35:09 PST

  • Next message: InfoSec News: "[ISN] IPv6 fears seen unfounded"

    By Bob Evans
    December 15, 2003
    AOL says it blocks 1.5 billion spam messages per day. That's
    1,500,000,000 pieces of electronic junk every 24 hours. Kudos for AOL
    for that accomplishment, but that staggering number-60 million per
    hour-is probably dwarfed by the figure for the number of spam messages
    that elude detection and foul hundreds of millions of E-mail in-boxes.
    There's more bad news: In one month this summer, 100,000 complaints
    were filed against a spam operation that used AOL's network and was
    run by two North Carolina men, according to an Associated Press story
    last week, "Two Spammers Face Felony Charges In Virginia.". But here's
    some related good news: those two spammers now face felony indictments
    in Virginia since Virginia enacted rigorous anti-spam legislation July
    1.According to the AP story, this is the first time spammers have
    faced felony charges.
    One of the two men, Jeremy Jaynes, is in custody and is awaiting
    extradition to Virginia, the story said, while the other man, Richard
    Rutowski, "... was expected to surrender to authorities under terms
    being worked out through his attorney." One can only wonder: what
    terms? He faces felony charges, and he'll be tried for them-what
    "terms" can he possibly be trying to negotiate? Or perhaps that's all
    code for "I will rat out my partner and tell you in great detail about
    everything he ever did and I'll tell you where all the money's hidden
    if you'll just go a bit easier on me."
    The money, you say? Well, that's a huge new fang in the impressive set
    of teeth built into Virginia's anti-spam legislation: Convictions can
    lead not only to prison time but also to confiscation of money
    generated from the illegal activities, the AP story said. And
    according to Virginia's attorney general, the spamming enterprise run
    by Jaynes and Rutowski was "very profitable."
    Meanwhile, Yahoo has developed a new set of tools to strengthen its
    anti-spam efforts, including the deployment of open-source
    authentication software to verify the Internet domain from which
    messages originate. In a story posted late last week on
    InformationWeek.com by our own Thomas Claburn, "Yahoo Takes Steps To
    Stop Spam," we note that Yahoo is the largest commercial provider of
    E-mail in the U.S., according to Nielsen/NetRating's October figures,
    and Yahoo VP Brad Garlinghouse says it's reasonable to think that 40%
    to 60% of that E-mail traffic is spam. Claburn's story emphasized that
    the spam contagion has escalated far beyond the point of being either
    just annoying or just an inevitable financial cost that must be borne:  
    But the damage goes beyond dollars. "The cost to the spoofed companies
    is staggering," Tom Gillis, senior VP of marketing for anti-spam
    vendor IronPort Systems Inc., wrote in an E-mail message, "not only in
    terms of the cost to maintain an infrastructure capable of handling
    the inevitable influx of mail bouncing from bad addresses, but also
    the cost to their customer-service departments for handling the
    complaints, and the immeasurable damage to their reputations as
    trustworthy companies."
    So we have some options: first, the power of numbers. Look at the
    Virginia case above--100,000 complaints against the same two polluters
    in a single month couldn't be ignored, and now they face felony
    charges. This is a huge victory--let's replicate it! Don't just get
    ticked off about spammers--report them as vigorously as possible to
    law-enforcement authorities, and demand action.
    Second, the power of thoughtful, effective legislation with real teeth
    in it: Claburn's story also reports that the House of Representatives
    last week passed the first federal bill to outlaw spam, and that it
    now awaits President Bush's signature. Let the White House know your
    views on this--tell them how much time, money, and goodwill your
    company is having to waste in combating the malicious efforts of
    spammers. Let them know this garbage is stunting your productivity and
    forcing you to spend precious dollars on antipollution measures rather
    than new hires and innovation, and that you are demanding action.
    Spammers need to modify their behavior, but they won't do it unless
    they're forced. It looks like some serious behavior-modification
    disincentives are taking shape, but those initiatives will fail unless
    all of us assume some personal responsibility in this battle. It's
    time to take the fight to the bad guys.
    Bob Evans, Editor in Chief InformationWeek bevans@private
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Dec 16 2003 - 06:09:12 PST