|
A Year After CAN-SPAM Passage
This month we are celebrating the first year
anniversary of the passage of the U.S. Federal
CAN-SPAM Act. But are we rejoicing?
A
year has passed, and yet the virtual, digital
world is nowhere close to being spam-free. Survey
figures show (see Opinion article in this issue)
that CAN-SPAM has done little to curb spam.
In
fact, it’s disheartening to know where
we are with fighting spam based on the figures.
77% of the total email traffic last year was
spam and 97% of emails sent last year violated
the federal anti-spam regulations. Another study
showed that legitimate email plummeted to 12%
from 22% of email traffic in 2004.
What’s
more, the U.S. contributed 42% of all spam sent
globally last year.
Worse,
people in the anti-spam community don’t
even agree on how effective CAN-SPAM is. One
sector would say, the federal law is miserable,
while another would say the scenario could have
gone worse without it.
Experts
say the issue is beyond the law and that the
sheer volume of spam and the location of spammers
(especially those operating outside the U.S.)
make it even more difficult to enforce the law.
So
what do we have for 2005? Things will not get
any better, for sure. Predictions of a rise
in phishing attacks and new tactics being employed
by spammers should make us prepare for the whole
year ahead of us.
2004:
Year of Phishing
"2004 has
been the year of phishing," said Steve
Purdham, SurfControl CEO.
The most major reason for the
rise in phishing and other computer security
threats is money, wrote Will Sturgeon of Silicon.com.
Kevin Hogan, a Symantec senior manager, concurred
that serious money from phishing, spam, spyware,
viruses and worms is the reason why perpetrators
are joining forces.
A CyberTrust spokesman, the
report said, attributed the rise in phishing
to the growing number of people banking online.
Moreover, “botnets”, which represents
a network of compromised machines whose processing
power and bandwidth, have given spammers and
scammers the ability to pump out vast volumes
of email.
An increase in people's online
activity and expectations of widespread, multi-device
connectivity also increased the security threat
exponentially.
Companies
had lost control of what data was flowing in
and out of their network and how their employees
were communicating. The issue of companies not
knowing what was going on their networks was
seen most clearly with the emergence of spyware
as a major issue.
Back to top
Microsoft
Releases Anti-spam App
Microsoft has released publicly a
beta version of the anti-spam technology it
bought last month but will delay the anti-spam
and anti-virus improvements to the exchange
email server, the information provided by the
company revealed as reported by IDG News Service.
Microsoft
acquired the software by purchasing Giant Company
Software, the report said.
Neowin.
net published that Microsoft distributed a beta
version code-named Atlanta but the company would
not comment on it. Neowin.net also posted screenshots
supposedly taken from a product called Microsoft
Antispyware.
When
it purchased Giant, Microsoft said that the
beta would run on Windows 2000, Windows XP,
and Windows Server 2003 systems and that the
company used the public beta release to collect
and evaluate customer feedback on the product,
and to make decisions about future distribution
of the antispyware product.
Spam
King Pledges to Stop Invading Computers
Stanford Wallace, known as the Spam
King, has agreed to stop infecting computers with
advertising programs, The Associated Press reported.
Wallace
and his companies, SmartBot.net Inc. and Seismic
Entertainment Productions Inc., signed a written
agreement with the Federal Trade Commission
(FTC) that they would only send online ads to
people who visit their websites, until a federal
lawsuit against them have been resolved.
U.S.
District Judge Joseph DiClerico issued a temporary
restraining order against Wallace in October
to prevent him from sending ads.
The
government said that Wallace used spyware to
infiltrate computer with ads and other programs
and then tries to sell programs, which do not
work, to fix the problems.
Wallace
is being persecuted for his past involvement
in spamming as he headed Cyber Promotions in
the 1990's that sent as much as 30 million spam
to consumers, giving him the nicknames "Spam
King" and "Spamford."
Back to top
UK
Firms Charged for Promoting Smut Web Sites
The
US Federal Trade Commission charged London-based
Global Net Ventures Ltd, among other a dozen
or so defendants, with using spam to promote
smutty websites, Tim Richardson wrote the TheRegister.com.
A
temporary restraining order is issued by the
US District Court in Nevada against the firms
prohibiting them from engaging in the said activities
and freezing their assets.
Those
fingered by FTC are: Global Net Solutions, based
in Las Vegas, Nevada; Global Net Ventures, Ltd.,
based in London, England; Wedlake, Ltd, allegedly
based in Riga, Latvia; Open Space Enterprises,
Inc., based in Las Vegas; Southlake Group, Inc.,
based in Las Vegas; WTFRC, Inc., doing business
as Reflected Networks, Inc., based in Las Vegas;
Dustin Hamilton; Tobin Banks; Gregory Hamilton;
Philip Doroff; and Paul Rose.
Netherlands
Takes First Action on Spam
OPTA,
the Dutch government's telecommunications agency
responsible for regulating spam, issued three
separate fines for spam originating in their
country, John Blau reported for IDG News Service.
This is the first action taken by the agency
since the Netherlands agreed in May to a ban
on unsolicited emails.
An
OPTA spokesperson told IDG News that the government
is taking the drive to go after major spammers
in the country.
The
$58,000 fine, the largest, was levied against
an individual involved in four spam runs, the
report said. A second fine was targeted to Gorenendaal,
a one-man printing company also banned for soliciting
orders for Adolf Hitler's Mein Kampf. The third
fine went to a group called Yellow Monday, which
sent spam through SMS.
OPTA
has introduced an information-sharing program
that aims to establish an exchange of information
for regulators and other government bodies that
fight spam. Eight countries have signed up but
OPTA's goal is to have 25 EU member states on
board.
To
that end, the Dutch economics ministry plans
to propose a new law that would extend the ban
on spam to the business community, the report
said.
Back to
top
Teen
“Mules” Steal Money for Aussie Crooks
Sixty-one
Australian school and college student “money
mules,” with combined earnings of $600,000,
have been identified as victims of hi-tech Fagins,
Australia-based crooks with links to Russian
and Malay crime gangs, Australia's Daily Telegraph
reported.
These
crooks have established a network of students
able to funnel money from compromised accounts
overseas. An Agence France Presse (AFP) report
said that these youngsters were typically paid
between A$200 and A$500 a day for transferring
up to A$100,000 a day for the syndicate.
Thirteen
suspects - including four Sydney high school
students, aged 15 to 17 - have already been
arrested and charged over suspected involvement
in the scam. One of the operation's alleged
ringleaders, Derrick Cheng, 21, has pleaded
guilty to obtaining money by deception and is
due to be sentenced by a court in Burwood, New
South Wales.
Mobile
SMS Spam Outruns Email Spam in Korea
The
Korea Information Security Agency (KISA) revealed
that Unwanted SMS and mobile phone spam surpasses
email spam in Korea, The Korea Times reported.
Mobile Spam in the first ten months of 2004
reached 244,151 as compared to 78,063 email
spam.
The
number of mobile spam ballooned from 4,864 in
2002 to 36,013 a year later but though email
spam was tamed last year at 42.213 from its
explosive growth, it still is the public enemy
number 1 in computer security.
Broadband
operators have gone all-out to counter the distrust
under the stewardship of the government. Hanaro
Telecom, Korea's second biggest high-speed Internet
carrier, recently terminated 130 spammers and
it slowed down the spam mail growth rate.
Mobile
spam comes in two forms, dubbed short messaging
service (SMS) and voice calls using an automatic
response system (ARS).
Back to top
Top
Viruses to Wreak Havoc in 2005
Bots and mass-mailers
will remain as the methods by which virus writers
attack enterprises in 2005, McAfee's Avert anti-virus
and vulnerability emergency response team warned,
Newsfactor Network reported.
Avert
also said that exploits and adware will account
for over 60 percent of the security problems
for the home users.
Avert
warned that adware, spam via email and Web,
and phishing attacks will flourish in 2005.
According
to Avert, the top 10 threats in 2004 fell into
one of the following key areas: spyware/adware;
email-borne viruses; and malware delivered by
spam.
The
top threats for 2004 in alphabetical order are:
Adware-180
Adware-Gator
Exploit-ByteVerify
Exploit-MhtRedir
JS/Noclose
W32/Bagle
W32/Mydoom
W32/Netsky
W32/Sasser
W32/Sdbot (family including Sdbot, Gaobot, Polybot,
Spybot)
McAfee
researchers estimate existing bots to be 7,000
today and growing at a rate of about 150 to
200 per week. A bot is an automated program
that answers to commands from another source.
Back to top
 |
Opinions From
Inspector Mails
| Inspector
Mails is the AI entity for Bigfoot's Anti-Spam
Solution. He
will be giving regular updates
and opinions on current anti-spam
trends. |
|
Does
CAN-SPAM Work?
An anti-spam company reported
recently that the U.S. Federal Anti-Spam law
(CAN-SPAM Act) hasn’t done much a year
after it was passed into law. In fact, it’s
survey showed that there’s “widespread
and flagrant disregard” for the regulations.
Although
there could be very little compliance with the
law, the only organizations that benefited from
the laws are the Internet service providers,
who can now go after the spammers. However,
their ability to collect on any judgments will
continue to be questionable. In December alone,
Microsoft filed seven suits alleging CAN-SPAM
violations.
Last
year, the anti-spam company’s survey said
77% of all email last year was spam and a much,
much bigger number of emails sent failed to
comply with the CAN-SPAM Act.
Could
it be the oxymoronic acronym? Shouldn’t
it be CAN’T-SPAM?
But,
seriously now, CAN-SPAM failed to serve the
purpose of stopping spam. It is actually structured
not to do so, but to regulate commercial sale
through emails. It also gave the ISP’s,
as mentioned earlier, the platform to drag spammers
to court.
Last
year, we saw a number of cases filed against
some of the world’s most hideous spammers.
But will this ever stop spam?
Back to
top
“Spammers
Are Using My Email Address”
It's
a coincidence that I received your
Anti-Spam Monthly Review today. I
just found out that someone is sending
out unsolicited bulk email, using
my email address (Bigfoot email address
withheld) again. This is not the first
time.
Other than close out the address,
what can I do about this? I have been
unsuccessful at trying to trace the
sender, myself.
Charles
Dunlap, TN |
Email address spoofing is perhaps the
most common type of identity theft in
the Internet today. Once your email address
starts receiving spam, it would be fair
to expect that your email address could
soon become an unwitting "originator"
of spam. Believe me, because this has
happened to me, too!
Spammers often use valid email addresses
taken randomly from their victims in order
to make it appear the bulk email they
sent came from a legitimate email address,
and primarily to avoid being traced as
the real senders. Typically, email addresses
are obtained by spammers from online newsgroups/mailing
lists, chat areas, websites that store
your email address, online directories,
and even blogs. Spammers never discriminate
legitimate online sites from those that
are not -- virtually anything that could
be "crawled" online could be
a target email harvesting resource for
them.
Being in a team that has fought spam for
a considerable time now, I have personally
come to combine a few mundane ways of
combating spam. Aside from relying on
Bigfoot Antispam to guard my public email,
I do keep a private email address that
I NEVER give out to any online resource
at all, but keep only for personal communications. |
We
appreciate all of the comments and responses
we have received about the newsletter. We will
be addressing your concerns in the next issue.
You may send your comments to antispam.review@bigfoot.com.
Since we print some of the comments we receive,
please advise us if you want your complete name
and email address withheld. You may provide
us with a first name, city and state, as an
alternative.
Back to top
 |
The
following message was sent to you as a
subscriber of Bigfoot.com. We will continue
to bring you valuable offers on the products
and services that interest you most. If
you wish to unsubscribe, click
here. |
|
