Wandering Thoughts archives


The future of spam is advance fee fraud

These days I get very little spam, and what I do get is almost all phish email, stock touting, and advance fee fraud. Partly I'm lucky, but partly I've spent quite a lot of time working on our spam filters.

A lot of spam has relatively distinct characteristics that make it easy to filter. For example, there's a limit to how obfuscated spammers can make URLs and still have people visit their websites, and there's only so many places that will host spammer websites (or spammer DNS servers). While phish spam uses URLs, it uses stolen webservice so the websites are all over.

Another way to look at it is that none of these three forms of spam are pushing a service; instead, all of them are trying to persuade people of something (even phish spam, which is trying to persuade you to visit a website and enter your account information). When all the spammers need to do is persuade you, they have a huge flexibility in their messages.

Phish spam and stock touting do have one thing we can look for: identical copies tend to be sent to lots of people, because the spammers use compromised machines and other mass sending techniques. Software like the DCC can detect this, and so offers hope of reliably filtering them out. However, a lot of advance fee fraud is remarkably low-tech; it's written and sent by hand through free webmail services, by people who have nothing better to do than troll for suckers. Even the DCC can't help against that.

And that's why I believe the future of spam is advance fee fraud, because I can't see a good way to reliably filter it out.

The corollary is that free webmail is almost certainly doomed, because no security precaution can reliably distinguish good humans from bad ones. Most email you'll get from random free webmail providers will be advance fee fraud spam, which gives people very little incentive to accept email from said random free webmail providers.

spam/SpamFuture written at 01:56:02; Add Comment

Page tools: See As Normal.
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.