Mass Surveillance Means Working Harder, Not Smarter

Kicking A Spammer In The Nuts Daily Turns Out To Be Effective

from the at-least-so-far dept

Tue, Jan 17th 2006 11:24pm — Mike Masnick

While some people are big fans of the idea of vigilante justice against spammers, it seems only likely to lead to problems eventually. However, with companies such as IBM buying into the idea of vigilante justice on spammers, it's no surprise that the idea has built up quite a strong following. The latest effort, launched just last month, was named Kick a Spammer in the Nuts Daily (descriptive, yes?) and consists of having a ton of people fill out bogus orders on spammed sites. Brian McWilliams is now saying this method has worked against one spammer who is now begging for mercy. However, as McWilliams notes, it's unlikely most spammers will give in. Many will figure out ways around these attacks -- and they may start attacking back. And, of course, these sorts of vigilante actions way too often end up with totally innocent parties being harmed as well. While it's enjoyable to see a spammer begging for mercy, the risks of this method mean it's likely to backfire at some point.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

44 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Sohrab, 18 Jan 2006 @ 1:16am

No Subject Given
dude, the name first of all kicks pure ass. I love IBM more now for calling it that and B its awesome, give em a taste of their own freaking meds. flood them back.
[ link to this | view in chronology ]
- Mike (profile), 18 Jan 2006 @ 2:12am
  
  Re: No Subject Given
  Uh. Sorry, the IBM effort is different and not at all associated with "KaSitND". I thought it was clear in the post, but maybe not.
  [ link to this | view in chronology ]
- PwnSohrab, 18 Jan 2006 @ 3:51pm
  
  Kick Sohrab in the nuts
  I think the whole idea of this post was to point out that 'giv'-ing-'em a taste of their own freaking meds.flood them back' is just as idiotic. For that you, sohraB, should also get kicked in the nuts...
  [ link to this | view in chronology ]
Anonymous Coward, 18 Jan 2006 @ 5:17am

Site now illegal?
Doesn't the new law making 'annoyance' illegal make the owners of this site criminals? Have we come to the point where our laws now protect spammers, even more than did CAN-SPAM?
[ link to this | view in chronology ]
- Clifford VanMeter, 18 Jan 2006 @ 5:39am
  
  Re: Site now illegal?
  I'm not a lawyer, but as I understand it the law makes it illegal to annoy people annonymously. As long as the spammer is visiable, or reachable they would be in the clear.
  
  Clifford VanMeter
  Techpolitics.Us
  [ link to this | view in chronology ]
  - ConceptJunkie, 18 Jan 2006 @ 2:30pm
    
    Re: Site now illegal?
    I'm not a lawyer, but as I understand it the law makes it illegal to annoy people annonymously
    
    I'm not either, I'm human. However, from what I understand the new law says it's illegal to annoy people anonymously in ways that are _not protected by the First Amendment_. It is intended to make sure telephone harassment laws apply to VOIP.
    
    In other words, no one is arguing that harassing phone calls is protected speech... and VOIP, as essentially another form of telephone, needs to be treated the same way.
    
    Of course, that doesn't mean its not worded overly broadly or subject to abuse or just another reason for the Feds to spy on citizens or I'm just plain wrong, but that explanation makes sense to me.
    
    (How's that for politician-like qualification of a statement?)
    [ link to this | view in chronology ]
    - Happy Golucky, 18 Jan 2006 @ 2:54pm
      
      Re: Site now illegal?
      I worked for a spammer, they were a legit company but they sent spam just the same. They're pretty easy to kill really, you just have to coordinate and cooperate.
      
      You want to make life hell for them and maybe put them out of business, fill in the forms with valid and totally useless information. Each form you fill out turns into a qualified lead for the advertisers. The advertiser pays for the bogus leads, and gets pissed when they find out they're bogus. Then the advertiser gets a partial refund of that month's lead bill, reducing the already paper thin margin of online advertising companies to a negative number.
      
      Fill them in and eventually you'll bankrupt the ad company. To go even further, report the IP of each spam email you get to spamhaus.org. That 1 site caused more trouble for us (when I worked for the devil) that you can imagine, since oodles of large companies use them as a source of SMTP blacklist data.
      [ link to this | view in chronology ]
      - Anonymous Coward, 17 Sep 2009 @ 8:50pm
        
        Re: Re: Site now illegal?
        what about getting them to spam each other?
        [ link to this | view in chronology ]
  - John, 18 Jan 2006 @ 4:41pm
    
    Re: Site now illegal?
    I think that's why it's called vigilante -- vigilantes aren't following the law :)
    [ link to this | view in chronology ]
    - Lighioana, 19 Jan 2006 @ 2:35am
      
      I love it
      The ideea is very good, but somehow illegal just as spam.
      [ link to this | view in chronology ]
      - Lighioana, 19 Jan 2006 @ 2:46am
        
        Re: I love it
        Actualy,I think the best defence to the sapmmers is to submit his email to anoither spammers.
        [ link to this | view in chronology ]
        
        @lighiona, 27 Nov 2010 @ 6:19pm
        
        Re: Re: I love it
        The return e-mail address is faked and is usually some other victims e-mail address taken from the spammers mailing list. You are just doing in someone like yourself.
        [ link to this | view in chronology ]
    - Why not?, 8 Feb 2006 @ 11:28am
      
      Re: Site now illegal?
      Well, come on, people. Spammers knowingly break the laws because they know that that same laws exist to protect them. They know that when the government is busy debating witetaps on their own citizens and trying to dupe the public that the Bush' war in Iraq is not his personal vandetta for his daddy, no one will bother spammers for a long long time. The whole idea of the capitalistic idelogy is that laws will be circumvented and citizens rights infringed as long as there is money to be made. Meanwhile we, the innocent citizens, have to deal with spam in our inboxes, and no one cares to help us. The government inaction is a wrong thing as well as vigilantizm is. Two wrongs don't make it right; perhaps, 3 wrongs will. When it comes to spam, stop fire with fire. It's the only logical solution until Bush is in the office.
      [ link to this | view in chronology ]
Josh, 18 Jan 2006 @ 8:24am

Automated SPAM fighting
Don't just block spam, stop it altogether. Blue Frog from www.bluesecurity.com - Fully automated. Just sign up, and forward your SPAM to them. They analyze it, send a complaint for each peice of spam to the spammer, the company that's being advertised, and any legal authority like the FCC, SEC (stock spam), FDA (prescription drugs), etc. It works.
[ link to this | view in chronology ]
- SpamSlayer, 18 Jan 2006 @ 8:43am
  
  Re: Automated SPAM fighting
  I'm SpamSlayer. I started the 'Kick A Spammer In The Nuts Daily' campaign at TheScamBaiter.com.
  
  It should be noted that the spammer mentioned in the article above is Alex Polyakov, out of the Ukraine... he's earned himself a Spamhaus.org ROKSO designation, and is ranked as the second largest spammer in the world.
  
  When we band together, we can take down even the largest of spammers and make them plead for mercy. So I want you all to kick a spammer in the nuts... daily.
  [ link to this | view in chronology ]
Yeknom, 18 Jan 2006 @ 11:51am

But what's the point?
Most of these things have failed in the past or have been shut down. Lycos's Make Love Not Spam was shut down. Form Fucker apparently went underground. Blue Security's Blue Frog seems to have cleaned up and found a legal way to do it.
But really, what annoys me with vigilante justice is that there's no point, except getting a laugh out of spammers suffering (don't get me wrong, it IS satistfying!). Blue seem to have thought one step ahead, because the "global opt out list" the poor spammer that was "kicked in the nuts" here suggested is actually what Blue has been trying to do all along. Send spam to their users, don't expect any mercy. Clean their users, and you won't be touched.
[ link to this | view in chronology ]
- SpamSlayer, 22 Jan 2006 @ 8:33pm
  
  Re: But what's the point?
  Well, with Polyakov, it's not just about the spamming... he's one of the world's largest criminals, as well.
  
  He's got a large money laundering operation in the US, where he 'hires' unsuspecting people, sends them money, which they put in their personal bank accounts, then draw out later and forward to the Ukraine.
  
  He's got a large credit card theft ring in the US, and deals in tens of thousands of stolen credit cards and credit card numbers each year.
  
  He's done several investment scams (Dornstetten Deutsche, ww.w-e-gold.com, Ryan Kelly Jungle Ventures, solidinvestment.com, etc.), and stolen a lot of people's e-gold accounts.
  
  He's somehow connected to the Pavka/Artofit kiddie porn ring.
  
  He's done several phishes, most of them under the name 'Foundation Men On Line'.
  
  He is, of course, a spammer. In addition to spamming, he's running a large botnet to host some of his spamvertised sites. He tried switching his sites over to the botnet early last month in response to the high bandwidth bills he was experiencing from the SpamVampire data-draining we were putting him through... which is when we implemented the Refi Retaliator II.
  
  He's historically accounted for ~12% to 27% of spam reported to various spam-reporting agencies. Today, he accounted for ~40% of spam reported to SpamCop...
  
  Taking this scumbag down will do the entire world a lot of good.
  [ link to this | view in chronology ]
  - Frank Zappa, 5 Feb 2006 @ 10:03am
    
    Re: But what's the point?
    "Taking this scumbag down will do the entire world a lot of good." No it won't. Spammers don't exist because there evil people cabbalistically plotting to annoy you. Spammers exist because it's a profitable endeavor, supply and demand. Take down this guy, and someone will replace him. Of course I could be wrong, maybe we're "winning" the "War on (Some) Drugs" too.
    [ link to this | view in chronology ]
    - why not?, 8 Feb 2006 @ 4:44pm
      
      Re: But what's the point?
      supply and demand? Unfortunately, you're right. A lot of legit business are willing to go in bed with spammers, plenty of providers cover for them. Alan Ralsky claimed in his interview that he had to put people on waiting list for his spam-blasts. Sad situation. What pisses me off the most that even legitimate marketeers are too cheap to implement double opt-in systems, and they sell their questinably obtained lists to whoever is willing to pay a buck or two. 2 months ago I set up address for my 10-year old kid. He only sighed up for two kids gaming sites. I recently checked his inbox and found 6 spams there: one was trying to sell him a car, another - credit cards, and another guru tried to sell him his get-rich-quick book. I wouldn't be surprised that some time down the road my 10 year old will start receiving viagra spams from Medic Suite and cumshots spams from Australia.
      [ link to this | view in chronology ]
      - T. Oswell-Coyle, 6 Mar 2006 @ 8:48am
        
        Re: But what's the point?
        You guys talk about spam like it's society's greatest evil.
        OK, phishing is scary and nasty (also deservedly criminal) but sending out dumb-ass ads for Cialis or whatever? What do I care?
        It's a free country, right?
        I get loads of that stuff. It goes straight into my bulk folder and I delete once every few days without looking at it.
        Please explain why you're so up in arms about spam?
        [ link to this | view in chronology ]
Andrew Benton, 18 Jan 2006 @ 1:19pm

Old idea, new way of doing it
I've been doing this forever to capital one and all the other banks who send me 4+ credit card apps a week, if i get annoyed, I put the other persons credit app in another prepaid envelope and send them other peoples credit card apps.
I guess i just pissed them off more.
[ link to this | view in chronology ]
- Anonymous Coward, 17 Sep 2009 @ 8:40pm
  
  Re: Old idea, new way of doing it
  Well some people put cardboard in them making them heavier, I just put the entire app and the original envelope in the reply and send it back but it doesn't work the but I would try to make it with the cardboard first. you make them loose money you can get them to stop.
  [ link to this | view in chronology ]
- Anonymous Coward, 17 Sep 2009 @ 8:40pm
  
  Re: Old idea, new way of doing it
  Well some people put cardboard in them making them heavier, I just put the entire app and the original envelope in the reply and send it back but it doesn't work the but I would try to make it with the cardboard first. you make them loose money you can get them to stop.
  [ link to this | view in chronology ]
Rance, 19 Jan 2006 @ 5:15am

Kicking Spammers -- Do the same to Phishers
I believe that this is a workable way to deal with phishing on the internet. When a site is determined to be phishing for credit card numbers, give them to them, say 1 million at a time, all bogus. Makes the phishers go into needle in the haystack mode.
[ link to this | view in chronology ]
Wingfat, 19 Jan 2006 @ 3:07pm

has to be done
I am all for spamming the spamers. I write automation scripts for companies all the time. just last week my friend had got an email from a Phisher trying to get his eBay account info. He wanted to me to make a program that would go to that page and type in bogus info adn submit it over and over. so i did. and now the link to the page doesnt work any more. so yes spamming or over loading the Phishers web sites with bogus info works. :)
[ link to this | view in chronology ]
aligirl, 18 Mar 2006 @ 12:18pm

jordan is very protective of me
hello i just love my boyfriend jordan claus because he sees anyone trying to hurt me he will get very protective and actually guard me is what i love.
[ link to this | view in chronology ]
aligirl, 18 Mar 2006 @ 12:22pm

hope jordan replys to this comment
Hello jordan claus if you can please reply to this comment baby
love ali
[ link to this | view in chronology ]
alison kayla bleiweiss, 19 Mar 2006 @ 9:16am

me an jordan are having a yu gi oh battle today
Hi me and my boyfriend jordan claus are having a yu gi oh battle when he comes over to my house
[ link to this | view in chronology ]
ali bleiweiss, 19 Mar 2006 @ 9:26am

i can't wait to kiss jordan
Hi today i am going to be hanging out with my boyfriend jordan who i am just dying to kiss
[ link to this | view in chronology ]
ali, 20 Mar 2006 @ 2:47pm

jordan rocked me to sleep
Hi i just had the best time with jordan rocking me to sleep
[ link to this | view in chronology ]
Rick, 20 Apr 2006 @ 8:37am

Why blue security works
The way Blue Security works is by filling out forms with invalid data - in the comments they politely ;-) ask the spammer to exlude their mails from their list. They include a link to a program which will wipe out listed addresses (they use hashing so the actual e-mails can't be extracted).

This is nota DDoS attack, since the "attacks" are not done at the same time, plus only one e-mail is sent per mail received.

Recently a spammer tool includes the option to remove the blue security e-mails from their mailing lists, so this approach has been proven to work.

(BTW, my e-mail rickg22@reports.bluesecurity.com is not my real e-mail, it's a honeypot, send all your spam there! muahahahaha ;-) )
[ link to this | view in chronology ]
- Jim, 18 Apr 2007 @ 1:40pm
  
  Re: Why blue security works
  The email link doesn't work nor does the website bluesecurity.com.
  [ link to this | view in chronology ]
Nicholas Bieber, 2 May 2006 @ 7:05pm

bluefrog not so good
I installed and use blue frog for a few months, and now it's coming back to bite me pretty severly, 20 times spam I was getting, plus a few messages like below. I was excited for a bit about living without spam... damn.

_______
Hey,

You are recieving this email because you are a member of BlueSecurity (http://www.bluesecurity.com).

You signed up because you were expecting to recieve a lesser amount of spam, unfortunately, due to the tactics used by BlueSecurity, you will end up recieving this message, or other nonsensical spams 20-40 times more than you would normally.

How do you make it stop?

Simple, in 48 hours, and every 48 hours thereafter, we will run our current list of BlueSecurity subscribers through BlueSecurity's database, if you arent there.. you wont get this again.

We have devised a method to retrieve your address from their database, so by signing up and remaining a BlueSecurity user not only are you opening yourself up for this, you are also potentially verifying your email address through them to even more spammers, and will end up getting up even more spam as an end-result.

By signing up for bluesecurity, you are doing the exact opposite of what you want, so delete your account, and you will stop recieving this.

Why are we doing this?

Its simple, we dont want to, but BlueSecurity is forcing us. We would much rather not waste our resources and send you these useless mails, but do not believe for one second that we will stop this tirade of emails if you choose to stay with BlueSecurity.
Just remember one thing when you read this, we didnt do this to you, BlueSecurity did.

If BlueSecurity decides to play fair, we will do the same.

We are quite sure you will think this will not continue, that we will not continue wasting our resources doing this, feel free to wait out the first 48, or the second, and see whether these stop, you will be quite suprised.

If you have another email under the protection of bluesecurity, and have not recieved this there, do not worry, you will soon enough.

We mightve had your email addresses before in our lists, but now, we are targetting YOU, because YOU are a bluesecurity user.

You might also notice, that the BlueSecurity site(http://www.bluesecurity.com) is down..

Just remove yourself from BlueSecurity, and make it easier on you.
[ link to this | view in chronology ]
- Roger, 2 May 2006 @ 11:24pm
  
  Re: bluefrog not so good
  Nicholas,
  
  This just means that BlueFrog is working. They're running scared.
  
  And the way they're running is pretty stupid. Just report every spam they send you to BlueSecurity, and they can use that to shut down more bots. The spammers are hurting themselves even more this way.
  [ link to this | view in chronology ]
Cybercommuter, 3 May 2006 @ 7:50pm

Blue Frog
I started using BlueSecurity's Blue Frog in Januay and gave up using it it the latter part of April because it did not seem to be having any effect, it was an additional chore besides deleting the junk, and it also meant that the bandwidth stolen by the junkmail senders became double since all received junkmail was also resent to Blue. About a week after quitting Blue, on May 2, the junk sudenly increased exponentially. One junkmail, I noticed, was the "Hey, you are receiving this because..." thing. That made me realize that Blue really WAS having the intended effect. Most of the increased junk was not even trying to sell anything, just simply designed to harrass. That means the vermin Alex Polyakov really IS feeling the heat. So needless to say, I reinstalled Blue Frog. But alas, it does not function, and the bluesecurity website is unaccessable.

Help! I want my frog back!
[ link to this | view in chronology ]
Netizen, 6 May 2006 @ 10:04am

blue frog seems to work!
same here...installed it some months back, then got lazy and doubtful if the concept worked, changed computers, didnt care to reinstall. But now this one spammer has declared war on us/normal users, threatening us, mailbombing us, rather than just cleaning his list and leaving us alone.

Smart move.

Guess what I did first thing I had some internet time: install blue frog ap, install blue frog firefox extension, install blue frog thunderbird extension. And I will make sure to let lots and lots of people know about this wonderful little friend and hold their hands while they install.

Good thing there are still thousands of unreported spam messages in my spam folder - looking forward very much to getting more spam and reporting all of it, and then having the frog work overtime.

This is the first time in 10 years of emailing something really seems to work well against spammers - it will be some very interesting months ahead with the blue frog community growing to millions and hopefully the spammer's profits diminuishing to pennies.

So go ahead, install that frog, enjoy the feeling of DOING something against spam rather than just filtering and deleting. Don't worry about this "vigilante" and "DoS"-talk (mostly coming from the spammers themselves, but even in most media articles) - total nonsense. For every spam you get, your frog fills in one unsubscribe request. AFTER a 10-day warning. If that isnt dealing fair with spammers, what is?

Go little frog, you might be the magic solution. And if spammers find some way to block you...well at least it was worth a try and a very entertaining one at that. I got some great laughs out of those spammer threats. :-)
[ link to this | view in chronology ]
Cybercommuter, 7 May 2006 @ 10:08am

Re: blue frog seems to work!
Hi there Netizen

> This is the first time in 10 years of emailing something really seems to work well against spammers - it will be some very interesting months ahead with the blue frog community growing to millions and hopefully the spammer's profits diminuishing to pennies.

I believe that is why that one junkmail spammer decided to attack us rather than comply with the Do Not Intrude Registry, he could see the writing on the wall. By complying, he would only have to delete 450,000 people from his junkmail list, out of the tens of millions or hundreds of millions he must have on the list. And he knows that people who have gone through the effort of joining Blue Frog would never in a million years buy anything from a spammer, so it would cost him not a single penny to comply. But instead he chose to retaliate against our retaliation. This is definitely costing him in terms of time and effort. So why, when it would be so much easier to comply? Because when word starts getting out that Blue Frog works, EVERYBODY will join in. And he will have to quit the junkmail business and start working working for a living like the rest of us.

> Don't worry about this "vigilante" and "DoS"-talk (mostly coming from the spammers themselves, but

Right. We've got them on the run.

Odd thing, but yesterday (May 6 in my time zone) the barrage stopped as abruptly as it started. In fact, the volume of junk seems to be less than in was before the attack started, except for the repeated threats to quit Blue Frog or else. Has he decided that the best way to deal with it is to just shut up and don't raise a storm? Or is he planning something more sinister? If the latter, I am prepared to stay the course. We now have proof that the Frog really works. The only thing that can stop us from defeating junkmail now is if we back down.
[ link to this | view in chronology ]
Steamrailroading, 17 May 2007 @ 7:41pm

Blue Security
Sadly Blue Security gave up rather then start a full scale war.

I would have voted for war.

If anyone has the guts and knowledge to start raising money to hire a commando squad to hunt them down, I will donate.

Let a few of the big spammers turn up dead. I bet the problem stops there.
[ link to this | view in chronology ]
Anonymous Coward, 21 May 2010 @ 9:03am

Spam me if you dare

lc@exactsearch.biz
cs@exactsearch.biz
[ link to this | view in chronology ]
Taraz, 22 May 2010 @ 6:34pm

get me!
poweredbytaraz@hotmail.com
[ link to this | view in chronology ]
annon, 23 Nov 2010 @ 4:27pm

lukeyfarms@hotmail.com
lukeyfarms@hotmail.com
[ link to this | view in chronology ]
paul the spammer, 19 Apr 2012 @ 9:31pm

I would love to receive trash email from everyone
Please send all trash email to me. I have much time to read them and love the attention. I send spam 24 hours a day and deserve to receive some back.
[ link to this | view in chronology ]
paul the spammer, 19 Apr 2012 @ 9:35pm

I forgot to give my e-mail address
pauloroch00@yahoo.com
[ link to this | view in chronology ]
Rene, 29 Apr 2013 @ 11:21am

I love spam
[ link to this | view in chronology ]