The future of spam is advance fee fraud

May 18, 2006

These days I get very little spam, and what I do get is almost all phish email, stock touting, and advance fee fraud. Partly I'm lucky, but partly I've spent quite a lot of time working on our spam filters.

A lot of spam has relatively distinct characteristics that make it easy to filter. For example, there's a limit to how obfuscated spammers can make URLs and still have people visit their websites, and there's only so many places that will host spammer websites (or spammer DNS servers). While phish spam uses URLs, it uses stolen webservice so the websites are all over.

Another way to look at it is that none of these three forms of spam are pushing a service; instead, all of them are trying to persuade people of something (even phish spam, which is trying to persuade you to visit a website and enter your account information). When all the spammers need to do is persuade you, they have a huge flexibility in their messages.

Phish spam and stock touting do have one thing we can look for: identical copies tend to be sent to lots of people, because the spammers use compromised machines and other mass sending techniques. Software like the DCC can detect this, and so offers hope of reliably filtering them out. However, a lot of advance fee fraud is remarkably low-tech; it's written and sent by hand through free webmail services, by people who have nothing better to do than troll for suckers. Even the DCC can't help against that.

And that's why I believe the future of spam is advance fee fraud, because I can't see a good way to reliably filter it out.

The corollary is that free webmail is almost certainly doomed, because no security precaution can reliably distinguish good humans from bad ones. Most email you'll get from random free webmail providers will be advance fee fraud spam, which gives people very little incentive to accept email from said random free webmail providers.

Comments on this page:

By DanielMartin at 2006-05-20 00:16:09:

Essentially, you're saying that the future of spam is unautomated spam, typed out by hundreds of human beings with nothing else better to do. Currently, that leads to advanced fee fraud, since this is a scam people with very little computer skill can run via spam on their own to generate money.

However, I'm not sure that that's the only possibility for unautomated spam. People can be motivated by more than money, and money can get to people doing spam in more ways than by running the scam themselves. For example, I could imagine a porn-spam king hiring three dozen employees in Bangalore to send out his spam messages - currently, it's cheaper to do that by computer, but if the receiving computers get good enough at detecting machine-generated messages, then... (I have heard rumors that it is already cost-effective for some spammers to pay people in the third world to do nothing all day but stare at CAPTCHAs and solve them)

I can also imagine a religious leader who has each member of his flock choose a target from a list of webpages, get a brief sketch of their target's life from the page, and send out a personalized "convert to XYZ now" pitch. That could easily be done at a rate of 10 personalized pitches per hour once you got good at it. Economics and the generally highly localized nature of the appeal of such religious groups probably kill this possibility.

By cks at 2006-05-20 02:02:07:

Unautomated spam doesn't help the porn king, because all the spam has to have a crucial common ingredient: his website. He can try to obfuscate it, but there are low limits because it still has to be clear enough that his average customer can visit (and I suspect his average customer is fairly unsophisticated).

Written on 18 May 2006.
« Where to find package inventories on Solaris 9
Some modest suggestions on vendor tradeshow giveaways »

Page tools: View Source, View Normal, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Thu May 18 01:56:02 2006
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.