|
Spam
Battles Have Been Won, But the War Continues
The
call to stop spam has become deafening. As the
spam problem continues to grow, so does the
number of organizations and governments pushing
for their respective legislation to curb this
online nuisance. The United States and the EU
nations have been very aggressive from the start
in paving the way for the creation of anti-spam
legislation, even coming up with agreements
for international cooperation with regarding
this matter. Other countries have also followed
suit given the international scope of the problem.
But
despite the tremendous effort exerted by these
nations to curtail spammers’ tactics,
new techniques and methods are still being discovered
every day. Spam e-mails are not just plain commercial
messages anymore. They are now used to commit
different crimes like deceiving recipients into
divulging sensitive information and spreading
harmful viruses to tamper with people’s
computer systems.
It
seems that every step towards spam eradication
is matched by two steps backwards due to new
schemes adopted by spammers. The only way we
can see real progress in arriving to a solution
is when a complete collaboration of technology
and legislation is made, with the help of all
sectors of society. This would probably be hard
to achieve, but not impossible. Hopefully, we
can all work together for it to happen in the
near future before spam takes over the information
highway.
Anti-Spam Sites Targeted
by New Mimail Variant
Anti-spam organizations
are the latest target of a new Internet worm
outbreak that tries to drive them offline with
the barrage of huge data. Virus experts believe
that the worm, W32/Mimail-L, is the work of
spammers bent on paralyzing organizations that
are very vocal about their work against spam.
Mimail typically spreads as
an attachment to a pornographic e-mail claiming
to come from a woman called Wendy. Clicking
on the attachment activates the virus. Once
triggered, the worm forwards itself to other
e-mail users and reprograms computers to launch
a denial of service (DOS) attack.
Sometimes, an alternative e-mail
is sent claiming that the recipient's credit
card details have been debited, and that a selection
of child porn CDs will be delivered to them.
Recipients will have to write to the given email
address of a reputable anti-spam organization,
if they wish to 'cancel' this bogus kiddie porn
order.
Anti-spam
websites on the virus's list include those operated
by SpamCop, SPEWS and The Spamhaus Project.
According to The Spamhaus Project founder Steve
Linford, by “joe-jobbing” the anti-spam
organizations or sending out spam fraudulently
claiming to be sent by the organization, the
spammer is clearly hoping to overload their
servers with email complaints from angry email
users.
Source:
reuters.co.uk, theregister.co.uk, ZDNet UK
Back to top
CAN-SPAM
Act Approved by Congress
After more than 6 years of failed attempts
to create a national anti-spam legislation,
the U.S. has come close to having its first
federal law against spam with the approval of
the "Controlling the Assault of Non-Solicited
Pornography and Marketing Act" or CAN-SPAM
Act of 2003.
Stiffening
an anti-spam bill approved by the Senate, the
compromise version of the bill imposes an "opt
out" standard requiring commercial e-mailers
to include in their e-mail a physical address,
an honest subject line, a working opt-out mechanism,
and notice that messages are advertisements.
Any e-mail with sexually explicit content must
have a warning label in the subject line.
Violators
are subject to a maximum five-year prison sentence,
statutory damages of $2 million for violations,
tripled to $6 million for intentional violations
and unlimited damages for fraud and abuse. The
legislation would also empower, but not require,
the Federal Trade Commission to establish a
national "do-not-spam" list similar
to its anti-telemarketing "do-not-call"
list.
Source: reuters.co.uk, washingtonpost.com, bizreport.com,
dc.internet.com, linuxworld.com, nytimes.com,
CNET News.com, zdnet.com, silicon.com, DMNews.com,
spamhaus.org
Back to top
New EU
Anti-Spam Directive Enforced
The
European Union recently put into effect its
new anti-spam directive that aims to implement
legislation banning unsolicited commercial e-mail
across Europe. The new directive enforces restrictions
protecting European people’s privacy as
well as anti-spam provisions requiring companies
to follow an opt-in approach to e-mail marketing.
The directive lets member states determine the
kind of enforcement, but requires remedies that
allow consumers to claim damages.
The
European Commission has also started legal action
against nine EU states for failing to write
into national law the implementation of the
directives. Germany, France, Belgium, the Netherlands,
Portugal, Greece, Sweden, Luxembourg and Finland
have all missed the October 31 deadline.
The
Commission's move is the first step of legal
action that could end in the European Court
of Justice, the EU's top court. The EU states
are given two months to provide explanation
or face possible court action.
Source:
DMNews.com, silicon.com, BBC News, Reuters
MPs Propose to Extradite
Overseas Spammers
The UK is now taking another
approach in fighting the war against spam. MPs
are now planning to stop spam flooding in London
from overseas by extraditing spammers and putting
them into trial in the United Kingdom.
Officials from UK have been
in talks with the FBI, since a majority of spam
emails come from the United States, and the
latter has given their cooperation on the matter.
Initially, extradition would focus on targeting
spammers but would eventually expand to include
suspects in other cybercrime cases such as virus
writing and hacking.
Source:
uk.news.yahoo.com, Reuters
Back to top
Singapore
Goes for Opt-Out Approach to Curb Spam
In
an aim to curb unsolicited e-mails and SMS messages
in the country, Singapore’s Direct Marketing
Associate or DMAS is setting up an "opt-out"
list to fight spam.
DMAS
will set up a website that lets consumers and
companies sign up if they want to be excluded
from direct marketing materials including e-mail
and SMS. The DMAS, together with the IDA and
the Centre for Corporate Social Responsibility,
will also be coming up with guidelines against
spam.
Singapore
Infocomm Technology Federation (SITF) estimates
that e-mail spam costs the country between $20
million and $50million in lost productivity
a year.
Source:
The Business Times online edition
Australian
Anti-Spam Bill Gets a Thumbs-up from the Senate
Australia moves closer to having
anti-spam law legislation, with the Spam Act
2003 having been approved by the Senate. Still
awaiting the governor general’s approval,
the bill bans the sending of spam in Australia,
or to an address accessed in Australia. However,
government bodies, registered political parties,
charities, religious organizations, and educational
institutions are exempted from the bill.
Customer consent, which can
be directly obtained or inferred through a business
relationship, is required before a commercial
e-mail may be sent. Under the new laws, all
commercial e-mails must provide receivers with
an "unsubscribe" option. The Act also
bans the supply, acquisition or use of software
that harvests e-mail addresses from the Internet
to send spam.
Under the bill, the Australian
Communications Authority will have the power
to fine individuals to up to $22,000, while
corporations a maximum of $110,000 per day.
Repeat violators are subject to fines of up
to $1 million. The ACA will also be given authority
to enforce undertakings, issue formal warnings,
court injunctions, infringement notices and
seek court-imposed penalties. The ACA is already
establishing a "dedicated unit" which
will enforce the Act that will assume responsibility
for regulating the e-marketing industry, and
will cooperate with international bodies in
sharing intelligence and information about "spam-related
activities".
Source:
smh.com.au, DMNews.com, heraldsun.news.com.au,
ZDNet Australia
Back to top
Brazil
Comes Up With Anti-Spam Ethics Code
The
Brazilian Anti-Spam Committee, composed of a
group of private associations involved with
the Internet business, recently launched an
anti-spam campaign by setting up a strict code
of ethics for advertisers or e-mail marketers.
The
Anti-spam Ethics Code obliges advertisers to
identify themselves, observe truth-in-advertising
principles and give recipients an ‘opt
out’ option from marketing mailings. A
website has also been provided which enables
consumers to express their complaints online
about spam advertisers, and to know who the
worst offenders are.
The
code of ethics does not provide fines for violations.
However, based on current federal laws, the
code hopes to lead to the unblocking of Brazilian
IPs from blacklists and Mail Abuse Prevention
Systems abroad as currently, many international
servers block IPs from Brazil because of the
numerous spam coming from the country.
Source:
the associated press, Australian IT (australianitnews.com),
theinquirer.net
Ireland
and Sweden Adhere to New EU Directive
Two
European countries are bringing into force the
new EU directive that aims to harmonize member
country laws concerning the processing of personal
data and the protection of Internet privacy.
Spearheaded
by Communications Minister Dermot Ahern, the
Irish government is outlawing unsolicited e-mails
and text messages to the public originating
within the European Union. The new law strengthens
database regulations, requiring database operators
to inform people that their information is being
used and why it is being utilized. The law also
allows Data Protection Commissioner and ComReg
to investigate breaches. Any violation of the
law entails a maximum fine of EUR3,000 per e-mail.
Meanwhile,
the Swedish government has tabled a draft law
that would allow it to go after spammers who
flood email inboxes with unsolicited commercial
e-mails. After reaching an agreement with the
Leftist party, the government proposed changing
the country's advertising law, allowing it to
issue fines of up to five million kronor ($673,000)
to spammers. The new rules are set to take effect
on April 1, 2004.
Source:
Agence France-Presse, electricnews.net, news.scotsman.com
Back to top
 |
Opinions From Inspector Mails
| Inspector Mails is the AI entity for Bigfoot's
Anti-SPAM
Solution. He will be
giving regular updates on his
opinions on current anti-SPAM
trends. |
|
Spam as a Source
of Worms and Viruses
As
if wasted time and overloaded inboxes are not
enough, more and more virus writers are resorting
to spamming techniques in distributing harmful
worms and viruses to cause damage to thousands
of computer recipients.
In
recent months we have seen several variants
of the SoBig and Mimail worms, among others,
that were disguised as e-mail attachments and
sent to unknowing victims. The spammers’
main objective was to spread these worms and
viruses to a large number of computers in the
hopes of launching a distributed denial of service
attacks against their adversaries—prominent
spam blacklist sites and anti-spam organizations—and
knock them offline.
So
what should we do when e-mails of this type
are received? The most basic thing that every
user can do is to avoid opening e-mail messages
or file attachments coming from people they
do not know, or at least be wary of them. But
users can’t be expected to spend all day
sorting through suspected spam mails. Spam filtering
could not and should not stop at the personal
level if the long-term goal is to eradicate
spam mails.
Varied
approaches to controlling spam have already
been proposed and implemented. Awareness and
legislative measures are just some of them.
However, for a solution to be truly effective,
it has to be as dynamic as spam. Bigfoot
Anti-Spam Solution offers a new spam-filtering
technology that is very much dynamic and adaptive
as it quickly “learns” or detects
spam patterns and adapts its filters simultaneously.
Powered by SpamChaser, the new Bigfoot Anti-Spam
takes on a multi-level approach to spam filtering,
which allows the users to have total control
over their inboxes again.
Back to top
CREDIT
CARD COMPANIES AND SPAM
I
am constantly amazed by legislators
in every country that cannot see the
simple solution to spam. Spam exists
for one main reason. Making money. The
simple solution is make it illegal for
Credit Card Companies to provide credit
facilities to spammers or any organization
that uses spammers to promote a product.
As all major credit card companies are
US-based the USA Federal government
probably already has the power to invoke
such restrictions. Other countries can
follow suit. Even if a credit card company
tried to move offshore to avoid such
restrictions can be brought under control
using existing Foreign policies. Kill
the access to money and you kill 99%
of spam.
|
Kevin |
The
more sectors of society that can join
the fight against spam, the better. But
to be able to create legislation that
penalizes credit card companies for providing
credit facilities to spammers, would require
comprehensive study that could probably
take a long time especially if international
cooperation and implementation is expected.
|
EFFECTIVE
SPAM FILTERING
Easy
way I have found...develop an e-mail
filter from where all whom I want
to receive e-mail put a certain phrase
or codes into the subject. When the
e-mail sees these codes, it allows
into my e-mail in box. The rest are
sent to the trash where I peruse twice
a day to catch e-mail I want. Spammers
just cannot break the code! |
William H. Collins
|
The major ISP's of New Zealand
(Xtra, TelstraClear, Paradise and others)
have all implemented spam and virus filtering
for their residential customers, we have
noticed a drop in the number of viruses
and spam coming to our corporate system
as a result of this. It is offered as
a free service, all of them tag messages
and remove attachments and images from
suspected spam so the customer can decide
if they want to read or delete it. It
works very well. |
Michael
|
Given the current spam situation, it’s
good to know that people are still able
to find effective ways in filtering spam
from their e-mails. Moreover, it is also
very commendable of ISPs when they are
able to provide their subscribers with
efficient anti-spam protection. |
|
I believe Sprice is missing the point
slightly. (Please refer to ASMR November
Issue, Letters to the Editor) The
problem is Spam and only Spam. Bogus companies
will always exist, always have and always
will - this is called fraud.
Legitimate companies selling porn or drugs
are not so much of a problem, provided
they're not spamming people. Porn? Who
do Sprice and various governments think
they are to tell me what I can and cannot
view, because it might be bad for me?
This position is against my civil liberties,
personal freedom and totally against freedom
of speech - you cannot legislate against
something just because it is not to your
own taste! The selling of porn or drugs
over the net perhaps should be restricted
by certain laws e.g. child porn etc. However,
they should not be singled out due to
someone's (or some government's) personal/moral
beliefs. |
Gordon
|
Starting
next year, the Anti-Spam newsletter will be given
a new look and will be sent out quarterly to be
able to give you more comprehensive anti-spam
news. We appreciate all of the comments and overwhelming
response we have received to the newsletter and
we will be addressing your concerns in the next
issue. You may send any comments regarding the
newsletter to antispam.review@bigfoot.com.
As we do reprint some of the comments of subscribers,
if you prefer that your email address be withheld,
simply advise Bigfoot and provide us a first name,
city and state as an alternative.
Back to top
 |
The following message was sent to you as
a subscriber of Bigfoot.com. We will continue
to bring you valuable offers on the products
and services that interest you most. If
you wish to unsubscribe, click
here. |
|
