Can Spam Act Legalizes Spamming?
“Can Spam legalized spamming itself,” said Steve Linford, founder of Spamhaus Project, a London organization that is one of the leading groups intent on eliminating junk email.
How true? Let’s take the figures into serious consideration. Since Can Spam took effect in January 2004, unsolicited junk email or spam has soared to a record high of 80 percent or more of the total number of mails sent out last year. Before the law went into effect, spam comprised only about 50 to 60 percent of all emails.
In fact, in a latest report, spam traffic grew a whopping 40 percent in the past two months. That’s even a humongous increase that various estimates have at 85 percent to 90 percent of all emails. Pornographic spam tripled to about 21 percent in January from 7 percent in December.
According to news report by the New York Times, Can Spam only worsened the problem. By setting the rules drawing the line between what is legal and not in marketing mails, Can Spam only allowed bulk emailers to send mails as long as they are not breaking the rules, thus legalizing spamming.
Anti-spam crusaders are the least surprised by this unprecedented spam deluge. Mr. Linford added, “And in making spam legal, the new rules also invited flouting by those intent on being outlaws.”
Can Spam defenders however say that the new federal law doesn’t exist as an instant solution to the problem. It gives prosecutors some leverage or the right platform to go after the merchants.
“[B]ut it must be proved that [the merchants] knew, or should have known, that their wares were being fed into the illegal spam chain,” the Times report said. “Proving culpability is insanely difficult,” adds an Internet security analyst.
While various sectors cannot agree as to whether Can Spam has alleviated or worsened the problem, we are still facing a tough year ahead of us as far as dealing with spam and other Internet-related menace is concerned. There’s just too much to be done aside from putting all the blame on the law.
It has been reported that spammers are just getting smarter these days as they are teaming up with virus writers to create zombie networks out of holes in Windows. Analysts also predicted more virus bombs, called directory harvest attacks, to wrest working email addresses from Internet service providers.
Spam Gets Tougher By The Day
Despite improved defenses, viruses, worms, Internet scams, and other spamming attacks have grown worse, a study conducted by an email-security firm revealed, AZCentral.com reports.
Virus-infected email rose to 1.5 percent while four out of five email messages are spam. 1 percent of all spam sent are phishing scams, for people to give up their password and bank accounts.
Government and major email providers, Yahoo! Inc., America Online Inc., Earthlink Inc. and Microsoft Corp., have come up with several measures to counter spamming tactics.
The Can-Spam Act has been implemented, prohibiting the use of misleading subject lines and requiring the sender to provide the users the option to unsubscribe the sent material.
Lawsuits have been filed by the companies but still the spam menace rages, the report says.
The study also showed that small companies with 100 or fewer email users, particularly those in the publishing or advertising industries, are among those most affected by spam due to lack of high quality spam defenses.
Back to top
"Spy Act" In the Offing
Securely Protect Yourself Against Cyber Trespass Act (Spy Act) created by Congresswoman Mary Bono received massive affirmation in the first meeting of the House Energy and Commerce Committee of 2005, Topix.net reported.
Bono told Topix that she is confident that H.R. 29 or the Spy Act will have a swift passage in Congress. The act is a practical solution to counter the illegal use of spyware and for consumers to have control of their PCs.
The Spy Act aims to protect consumers from “unwittingly” downloading spyware and adware. Under this act, a prior notice will be required before a software is downloaded.
Teen Blaster Author Serving 18-Month Jail Term
Nineteen-year-old Jeffrey Lee Parson, author of the infamous Blaster worm variant, gets 18-month jail term. The lad is also required to render 100 hours of community service and a three-year probationary period following his release, TheRegister.com reports.
Parson, whose variant worm hit approximately 48,000 PCs causing $1.2 million in damages, pleaded guilty as US District Judge Marsha Pechman considered his mental health problems and unhappy family life in mitigating his sentence. He will be required to pay Microsoft and those who are affected by the worm this February.
Blaster-B is a variation of the Blaster worm, which infected about one million computers in summer 2003. The worm attacked Microsoft Window's update website by launching distributed denial of service emails.
Back to top
Tighter Fines for German Spammers
A €50,000 fine will be imposed on anyone sending junk emails in Germany, John Libengga wrote for TheRegister.com.
Introduced by Germany’s ruling coalition of Social Democrats and Greens, the proposed law is an extension of the Tele-Services Act (Gesetz über die Nutzung von Telediensten). Under this new law, email marketers are required to use a valid sender’s address and subject lines indicating the email is for commercial purposes.
False and hidden IP addresses will be considered illegal.
Spanish Police Nabs Worm Suspect
A 20-year-old worm suspect from Ejica only known by his initials A.R.B. has been arrested and questioned by the Spanish Civil Guard for his role in the 2004 virus attack, El Mundo reports.
The worm, called Tasin (a.k.a. Anzae) spread via email using subject lines in Spanish, purportedly offering pictures of Madrid party girl Nuria Bermudez who claims to have slept with half of the Real Madrid football team.
Tasin was able to infect thousands of computers in Spain and South America, trashing critical Windows system files, the report says.
Back to top
Taiwan To Set New Statute Deeming Spam Illegal
Taiwan's Executive Yuan is scheduled to approve a statute to fine spammers up to NT$20 million, Spam.Abuse.net reports.
The bill states that senders of mass emails must give their recipients the option to reject future emails from the sender and must be labeled with "ADV," meaning advertisement. They should also provide the correct business or home address and a company or individual's name.
The Ministry of Transportation and Communications is the supervisory body tasked to attend to spamming concerns.
Taiwan Internet Association, as well as other concerned groups about spamming, lauded the government for the new statute. Julian Wu, Taiwan Internet Association secretary general, commented on the necessity of the government's move, likening it to government's regulation for littering.
2,500 Japan PCs Suffer "Bot" Virus Attack
Japan’s National Police Agency confirmed 20 cases of networks infected by “Bot” virus during its monitoring of the suspected virus.
The Bot virus allegedly has sabotaged at least 2,500 PCs in Japan alone and a total of about 30,000 PCs around the world, as reported by Kyodo News.
“Bot” mounts attacks on specific websites by creating networks of infected computers as directed by hackers. These spam attacks can disable computers and overload the targeted websites.
Back to top
Sophos Reports Fantasy Game Role Players of Trojan's New Target
Virus experts at Sophos warned about Troj/LegMir-Y, a new Trojan Horse variety, which steals usernames and passwords from players of Lineage, a medieval fantasy role-playing game which hooked millions of subscribers around the world, Topix.net reports.
Legmir-Y Trojan Horse also turns off anti-virus software and any PC security application, the report says.
Graham Cluley, Sophos senior technology consultant, lamented that people are so desperate to do better in the cyber world that they end up committing crimes.
The role-playing game is based on a comic book series written by Shin Il-sook, a tale about a prince fighting to have his throne back. "Outwar" and "Legend of Mir 2" are other games which have been Trojan targets in the past.
New Worm Using CNN Headlines Fools Around
A new worm, Crowt.a, is now raging on the digital world by disguising as a legitimate newsletter or news brief. It uses the subject lines, content and attachment names from CNN headlines, Sophos, a computer security company based in UK disclosed.
This newly released worm allows the hacker to walk away with passwords and bank account information by sending a backdoor component that can record keystrokes and send the valuable info to the hacker.
Carole Theriault, Sophos security consultant, lamented that the people's hunger for news fueled this ploy to come about.
Back to top
 |
Opinions From Inspector Mails
| Inspector Mails is the AI entity for Bigfoot's Anti-Spam Solution. He will be giving regular updates and opinions on current anti-spam trends. |
|
Tom Springs' Tips to Fight Spam in 2005
PC World writer Tom Spring is giving us tips on how to use filters and email alternatives and “even strike back at spammers.”
He writes, thus: “Things change fast in the spam world. That's why we spam slayers need to stay nimble to keep pace with rapidly adapting spammers and new virus threats. Nobody expects a lull in the spam onslaught in 2005.
“Here are some new inbox tips and strategies to help you stay ahead in the new year. You might also want to review some timeless tips and spam fighting basics.”
First on his list is to avoid using email like the plague. Use instant messengers in lieu of emails. You don’t want to cripple your personal and business communications just because the emails you sent are lost in a flood of spam or are mistakenly identified as spam. Spring intones, “Instant messaging is an effective alternative to the imperfect email medium.”
“Strive for inbox efficiency,” he suggests. The trick to rise above the email din is to write “short, specific information” in the subject line. Important messages with vague subject lines are easily lost in overflowing inboxes.
“This gets your message across to inbox scanners who seldom open their email,” he says.
Here are the rest of Mr. Springs' tip list:
- Get Organized – He suggests using free desktop search tools to tame the inbox and search for your important emails. Creating searchable indexes of your email will make it easier for you to to search for some long-lost emails.
- Leverage the Power of Free Email – Take advantage of web-based email systems (try Bigfoot WebMail) and their powerful spam, virus and phishing filters. Bigfoot WebMail has a mail filter feature that allows you to organize and sort your incoming messages. You can also identify addresses or domains you don’t want to receive mails from with its Blacklist feature; or set the addresses or domains you want to receive mails from.
- Resolve to Fight Spam – Mr. Spring says that should you want to fight spam more than just deleting mails in your inbox, try signing up as a spam cop with SpamCop.net, a community of people who act as agents to report spam whenever they get it.
Back to top
Why Can't I Filter Mails with Spoofed "To" & "From" Fields?
I have had my email address hijacked as well, but what I want to know is why I can't filter it out of my own inbox.
I know that the To and From fields CAN be spoofed, but I don't know HOW they are. And it really shouldn't matter. If I get an email that isn't even addressed to me, HOW DID I GET IT? Why can't I set a filter to drop it? "If my name isn't in the TO field..." and "If my name is in the FROM field..." These should be standard on email clients, and something similar on the POP servers. Why aren't they? How is it so difficult?
I'd dump SMTP in a heartbeat if something that TRIED to be better came along. I have heard many times before that the problem is with the protocol. It was never designed to be public, so why hasn't any effort been made to replace it?
Chris Rinker
(email address withheld)
|
Despite the state of hi-tech we have achieved nowadays, why is spam still very easy to propagate? And in your case, email spoofing seems so rampant, and hard to filter out.
Well, this may be a very bad excuse, but it is true that the email protocols we use are antiquated, and if you would simply check the dates these protocols have been specified (Search: RFC 822, 821, and other related RFCs), you could see that they've been around since 1982.
It also has something to do with how DNS works along with Internet Email delivery. And to think of it, software entities and organizations churn out versions almost overnight.
Why is it then that these problems are still not fixed along with software evolution? Well, because these are protocols - not software itself. They are a sort of language in which machines of various kinds agree to communicate, and just like the English language, it is already very old, and not that easy to change. Otherwise, this would entail a synchronized effort of changing the software architecture of all internet-connected machines in one blink. How else are we to make sure that billions (maybe zillions) of emails (most of them spam anyway) don't get lost in delivery during this transition?
But then the industry is doing something about this menace. It's just that since the industry is so huge and with so many vendors, it can't get its act together that fast.
One thing worth mentioning however is reducing spam through address spoofing via DNS Host Validation. It works simply by having DNS servers make sure that the identity of a computer sending emails is truly as it says. There are lots of other proposals out there yet to be proven. But as of today, the only way to reduce this problem is by finding the anti-spam solution that's just right for you. And Bigfoot Anti-Spam Solution will always be here to help.
|
We appreciate all of the comments and responses we have received about the newsletter. We will be addressing your concerns in the next issue. You may send your comments to antispam.review@bigfoot.com. Since we print some of the comments we receive, please advise us if you want your complete name and email address withheld. You may provide us with a first name, city and state, as an alternative.
Back to top
 |
The following message was sent to you as a subscriber of Bigfoot.com. We will continue to bring you valuable offers on the products and services that interest you most. If you wish to unsubscribe, click here. |
|
