Spammers - Beware!

Discussion in 'Noob Central' started by roundabout, Jun 30, 2011.

  1. roundabout

    roundabout Well-Known Member

    Feb 17, 2011
    Likes Received:
    Trophy Points:
    To all those new to email and think they can just Spam and make a fortune, please read this article, and exit stage right while you still can. The only way to make it in the legit email world is to build real optin data and stay the speed limit!

    As the Internet evolves, is there a place for spam?

    In the late 1990s Robert Soloway made US$20,000 a day as a spammer. He drove fancy cars. He wore Armani clothes. He was, by all accounts, one of the most successful spammers on the planet. But if he were starting out today, he'd find some other line of work.

    In 2011, spamming just won't pay the bills. "It's not something financially feasible for anyone to even consider," said Soloway, who was released from the Federal Correctional Institution in Sheridan, Oregon a few months ago, after serving almost four in prison for spamming.

    For a time, his business was good. He spammed people to advertise his company, Newport Internet Marketing, which in turn offered a full range of spamming services for the unscrupulous marketer. $195, for example, would buy a 15-day spam run targeting 2 million addresses. Those with more cash could pay $495 and the Spam King, as federal prosecutors called him, would hit 20 million in-boxes.

    But Soloway now says that even before federal agents arrested him four years ago, spam was a losing proposition. In 2007, "when I had 10 years of experience and knew every possible way to send out spam," he was still losing money, he said.

    His problem? Spam filters had become too good. In 1997 Soloway was making his $20,000 a day with just one Earthlink account and a single mail server. Ten years later, he had hundreds, perhaps thousands of accounts, computers and Internet domains which he used to play an increasingly complex game of cat-and-mouse with the anti-spam crusaders trying to shut him down. When he finally stopped, he was making just $20 per day. "That should tell you how effective the anti-spam community has become," he said.

    With each passing year, the reports of criminal activity on the Internet seem to get more disturbing. Distributed denial of service attacks knock entire nations offline; criminal gangs make off with hundreds of millions of dollars using stolen bank card data, a nation's nuclear ambitions are thwarted by a new type of computer worm.

    But lately a ray of light has cut through all the gloom. Spam -- the Internet's original sin -- dropped for the first time ever at the end of 2010. In September, Cisco System's IronPort group was tracking 300 billion spam messages per day. By April, the volume had shrunk to 34 billion per day, a remarkable decline. "The largest spam-sending botnets are being shut down and a lot of the big pharmaceutical spam has disappeared," said Nilesh Bhandari, a product manager with Cisco.

    Spam watchers say a handful of high-profile arrests at the end of 2010 put a dent in the business, but there may be a bigger issue: E-mail spamming, at least in its traditional form, may not be as profitable as it once was.

    "You don't see a lot of new blood coming to the table," said Joe Stewart, a researcher with Dell's SecureWorks group. Every year or two Stewart takes a look at the top spamming botnets on the Internet. He analyzes spam messages and tracks down the networks of hacked computers responsible for sending them out.

    This year, the news was that there was no news. Stewart didn't find any new spam botnets. "Everything that is spamming today is pretty much what was spamming two years ago," he said in February when he released his latest report.

    There was a brief, halcyon day when the Internet, or rather its precursor, the Arpanet, was spam-free. But then a Digital Equipment Corporation marketer named Gary Thuerk decided to let a few hundred Arpanet users know about his new DecSystem-20 mainframes, and it was downhill from there. When consumers flocked to the Internet in the mid 1990s -- Soloway's glory days -- the open online culture provided a breeding ground for fraudsters, and soon the vast majority of all messages on the Internet was unsolicited commercial email.

    Until recently, spammers were in an ugly war of attrition. As spam filters got better and better, spammers bumped up the volume of messages they pumped out. If a fraction of one percent of a million messages get through, that's not profitable. Make that a billion messages and the money starts to add up. But it now seems as though this war of escalation has subsided; not because the spammers have given up, but because the game is changing.

    U.S.-based spammers have all but disappeared, scared off by prison sentences handed down to the likes of Soloway under the 2004 CAN Spam act. Even overseas there has been progress. In the past year a series of spam-spewing botnets -- Waledac, Pushdo, and most recently Rustock -- have been taken offline thanks to the efforts of law enforcement and private security researchers. And in October 2010, an affiliate marketing website called Spammit closed its doors. It was used by spammers pushing online pharmaceuticals, and was a major source of income for many spammers.

    That's taken a big dent out of spam, but the nature of the business has evolved. Once a source of irritating commercial marketing messages, unsolicited mass emails are increasingly being used by scammers and criminal hackers to ply their trade.

    No longer is spam just a way to sell pornography or cheap pills. Spam messages are being used to install malicious software, and for a targeted form of spamming called spearphishing that has become a particularly effective hacker technique. A spearphishing attack opened the door to RSA security and helped hackers to compromise the security of RSA's SecurID tokens.

    Spammers may be getting more crafty, too.

    "There has been a decline in what we're getting in our traps, but what we're seeing that's out there is smarter spam," said Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham. Warner helped set up a massive database at the university that vacuums up as many as a million spam messages per day.

    Take Feb. 14, for example; Valentine's Day. Instead of the usual Viagra or Rolex spam, Warner saw a flood of messages advertising a legitimate florist -- FTD. That's a more targeted form of spam than what his team would typically have seen a couple of years ago. And the spammers were directing people to a legitimate Web site -- FTD Flowers -- making their money from Web marketing referral fees. If the spammers succeeded in reminding just a few absent-minded spouses to order flowers, they could make money.

    Another example of smart spam? Those strange emails that come from friends, telling you to visit an online pharmacy or watch a video. Criminals break into Hotmail or Gmail accounts and send messages to every one of the victims' mail contacts before anyone realizes. This type of spam -- sent between two people who know each other -- is much more likely to evade filters.

    Scammers have taken this game to Facebook, YouTube, and Twitter too. Sometimes they send @messages to their targets. Other times they hack into an account and use it to send out their messages. That's what happened last week to "Shaun of the Dead" actor Simon Pegg's Twitter account. It was used to spam out a Trojan horse program disguised as a screensaver to his 1.2 million followers.

    The hunt for new ways to pump out unwanted messages is a natural evolution. Old fashioned e-mail isn't the ubiquitous connector it once was. According to the Pew Center for Internet Life, young Internet users shy away from e-mail, preferring texts and instant messages. Pew's December 2010 Generations report on Internet usage found that 70-year-olds are now more likely to use email than teenagers.

    In an effort to reach these younger Internet users, scammers have turned to search engines too, poisoning search results by gaming Google or Bing.

    "People are spending more time on Web properties than they were four or five years ago," said Paul Judge, chief research officer at security appliance vendor Barracuda Networks. The result is that search engine results are becoming cluttered with blatantly commercial or useless pages, in much the same way that email boxes were flooded when spam first spiked about a decade ago.

    Scammers know how search engines work, and they work hard to get their dodgy pages to pop up near the top of search results. They bombard online forums with links to their pages or hack into websites to add links -- all in an effort to boost their Google ranking. For less than $100, crooked marketers can automatically add 10,000 links -- typically from the comments section of blogs -- to whatever webpage they want. This can quickly push a webpage to the top of Google or Bing's results.

    This doesn't only lead to bad Web-searching. Sometimes it means that people get hacked. In fact, the number of malicious Web pages that use search engine optimization tricks to lure visitors nearly doubled between June and December last year, Judge said.

    Even spammy Web pages that aren't malicious, the ones slapped together with stolen or low-quality content, are becoming a problem. Earlier this year Google was forced to acknowledge a "slight uptick" in spam pages, and said it was trying new tricks to exclude unwanted pages from its results.

    Spam is morphing. So while the spam boom that kicked off in the late 1990s may finally be abating, that doesn't mean unwanted mass emails are going away. It's still an effective way for scammers to quickly and cheaply connect with millions of people they don't know, and convince them to buy something they don't need or to go to a Web site they should really avoid.

    On Monday, Cisco's IronPort group tracked more than 45 billion spam messages. That means spam accounted for 86 percent of all the email on the Internet that day. In a recent report, Symantec pegged spam at 73 percent of all email. But both companies agree that it's at its lowest levels in years.

    Robert Soloway believes spam will never die, so long as email is free. But the barriers to entry are getting higher. According to the former Spam King, people will try it out, then once they realize how hard it is to make it big, most will move on to something else.

    But those who have found a way to make money will be around for a long time, said Dell's Stewart. They may be dinosaurs, but "they're dinosaurs that are still making money," he said. "I don't think they're going to quit."

  2. Mike91TT

    Mike91TT VIP

    Apr 29, 2011
    Likes Received:
    Trophy Points:
    Los Angeles,CA
    These articles unfortunately lump legitimate email marketing like we do with spamming RX with botnets and harvested email addresses. They really need to separate the two. Since everything we do is legal, I don't see any of us getting scared off by 4 year jail sentences.
  3. DKPMO


    Mar 31, 2011
    Likes Received:
    Trophy Points:
    Elaborate Underground Base
    You just answered your own question.
  4. roundabout

    roundabout Well-Known Member

    Feb 17, 2011
    Likes Received:
    Trophy Points:
    Here's another great article, to show you what can happen if you go to.. the dark side of the email force. Read it, and learn from it!
    Five Infamous Spammers You May Have Forgotten About
    Written by Jeff Orloff on July 5, 2011

    Robert Soloway, the spammer who made $20,000 a day back in the 1990s and was forced to pay $17 million in civil judgments, made it back into the news cycle when he was recently quoted as saying that in current times

    “(spamming is) not something financially feasible for anyone to even consider”

    only months after his release from the Federal Correctional Institute in Oregon for his hand in violating the CAN-SPAM Act.

    Over the years, we have seen the takedown of quite a few infamous spammers. So many that we have forgotten some of the pioneers and true dregs of cyber-society. Let’s see how many of this list you remember, or if you can think of any that can be added.

    Dave Rhodes

    The author of the famous MAKE.MONEY.FAST chain letter that made the rounds in the late 80s. Legend has it that the letter was uploaded as a text file on a BBS in 1987 and then worked its way around until 1994 when it really became big.

    The nature of this scam was that the recipient was instructed to send $1 to six different people via Paypal. Upon doing so, the recipient’s name would be placed on the list to receive money from others, and so on.

    The true identity of Dave Rhodes has never been established.

    Oleg Nikolaenko

    The infamous King of Spam is currently awaiting trial in a detention facility in Milwaukee, Wisconsin for violating the CAN-SPAM Act after being arrested by the FBI in 2009.

    Messages advertising counterfeit Rolex watches, herbal supplements and pharmaceuticals was the spam of choice for the 24 year old who was also credited with running the Mega-D botnet.

    Davis Wolfgang Hawke

    The press called him the spam Nazi because he not only made money from spam, but also use it to spread messages to bolster membership in his neo-Nazi groups.

    Hawke started Amazing Internet Products with Brad Bournival in 2003 and the two began grossing roughly $500,000 per month advertising for a Yohimbe product called Pinacle. He has also been linked to the famous Time Travel Spammer, Robert Todino.

    In 2004 AOL was awarded a $12.8 million judgment against Hawke for sending unwanted emails to its subscribers. His current whereabouts are unknown.

    Richard Colbert

    After searching AOL profiles for keywords like multilevel marketing or business opportunity this Miami based “businessman” would spam the profiles he found to advertise his spam business charging around $900 for one million addresses. In a 2003 interview, Colbert claimed that because he honored unsubscribe requests he was a legitimate marketer.

    Colbert retired from spamming in 2003 and was removed from the Spamhaus Project’s list of prolific spammers.

    Eddie Davidson

    Davidson was an active spammer between the years 2002 to 2007 under the business name Power Promoters. His company, along with several sub-contractors, would advertise the usual gambit of merchandise and pharmaceutical until he was indicted in 2007 for violating the CAN-SPAM Act.

    Spam, however, turned out to be the least damaging of his crimes.

    After serving a portion of his 21 month sentence and paying over $700,000 in restitution, Davidson was released from prison only to be found dead along with his three year old daughter and wife in a murder-suicide. His 16 year old daughter was also found shot but survived. His 7 month old son was the only member of the family that was left unharmed.

    Laurence Canter and Martha Siegel

    A modern day Bonnie and Clyde, these two lawyers posted the first massive commercial Usenet spam in 1994. Their Green Card lottery scam came shortly after the National Science Foundation lifted the ban on commercialization on the Internet.

    The two went on to advertise their craft both spamming for hire and with a book titled How to Make a Fortune on the Information Superhighway: Everyone’s Guerrilla Guide to Marketing on the Internet and Other On-line Services.

    In 1997 Canter was disbarred by the Tennessee Supreme Court for his participation in illegal advertising practices.

    Bonus – Gary Thuerk

    Gary earns the honor of the “Father of Spam” since he is the one who sent out the first unsolicited mass emailing back in 1978. His target, 600 ARPANet members. Yet while he really didn’t do too much damage compared to some of the others, he did pave the way.


Share This Page