As Long As People Keep Buying, Scams (and Spam) Will Keep On Coming

from the pt-barnum dept

Wed, Mar 25th 2009 5:45pm — Carlo Longino

It looks like if anything is going to be able to effectively stop spam, it might be pressure on spammers' profit margins that makes spamming a less attractive line of work. But that still seems a ways off, as long as enough people continue to buy the stuff being sold in spam messages. Spammers know if they can reach a high enough volume, they'll find enough suckers to make it worthwhile. Scareware, too, is a volume business: a new report looked at a recent scam in which users were sent to booby-trapped web sites which said their computers had a virus. They were then directed to a site selling them some $50 "anti-virus" software. While a small percentage of people actually ponied up the cash, enough did to allow the scammers to pay more than $10,000 per day to the people who used SEO techniques on keyword typos to drive marks into the scam. It's easy to say that people shouldn't be so stupid and fall for the scams, but at the same time, perhaps a bigger issue lurks for the legitimate security software industry: if people can't distinguish between legitimate warnings from their products and scams, it could be a problem for them.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: scams, spam

20 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

MrScott, 25 Mar 2009 @ 6:32pm

Yes, there's one born every minute.
After sitting here typing away for a bit, I decided that it's simply not worth posting all of what I wrote. I could beat my head against the wall and that would be more productive than to tell people to STOP clicking on links in spam, ASK your friends if they actually sent you that link through your IM program, and RESIST the temptation of going to some website (because all of your friends want you to) to watch the cute kitten video.

Use your head people and you'll be fine.

Oh, and about the ransomware in the article...get a backup program and an external hard drive. If you ever become infected, just restore from your external drive. Problem solved.

Excuse me while I go beat my head against the wall over there because someone...somewhere just clicked on the kitten video. ARRRRGGGG!
[ link to this | view in chronology ]
Weird Harold, 25 Mar 2009 @ 6:57pm

One day someone will come up with an actual replacement for the current crappy mail system used on the net, putting something out there that cannot be easily spoofed, and that doesn't allow mail from just any address without a sponsoring ISP to handle it.

Spam is a result of one of the most massive security holes in the world, and one that every ISP perpetuates by handing new users an email account. It would be much safer to point them to hotmail and call it a day.
[ link to this | view in chronology ]
- TheStupidOne, 25 Mar 2009 @ 8:25pm
  
  Re:
  That already exists with some email providers. for a while when i emailed my parents from a new email address I got an automated response and had to reply to that and then get permission from my parents to continue sending email. Annoying as hell.
  
  Strangely I've been using gmail for over 4 years now and I don't have a problem with spam. I guess they have a good enough filter.
  [ link to this | view in chronology ]
- Anonymous Coward, 25 Mar 2009 @ 8:47pm
  
  Re:
  "Spam is a result of one of the most massive security holes in the world"
  
  and that would be what exactly?
  Harold, you make no sense at all.
  [ link to this | view in chronology ]
  - Anonymous Coward, 25 Mar 2009 @ 9:20pm
    
    Re: Re:
    No, he makes sense on this one. From a security standpoint, three important things you have to consider are privacy, authenticity and integrity. Internet e-mail wasn't really designed with any of those three in mind.
    
    As it relates to spam/fraudulent e-mail, it's the lack of provable authenticity that's the biggest problem. It's trivial to spoof a return address, and many ISPs are set up poorly and will let you use their outgoing mail servers to send a message, even if you don't have an account with them. If there were mechanisms in place to unambiguously associate an e-mail with its sender, we'd have a lot fewer e-mail scams.
    [ link to this | view in chronology ]
    - CantThinkOfACleverName, 26 Mar 2009 @ 6:26am
      
      Re: Re: Re: one of the most massive security holes in the world,
      WH -> one of the most massive security holes in the world,
      AC -> From a security standpoint,
      
      You guys are talking about different things, or not using proper terminology.
      
      I suppose that WH could've been referring to the operator as the security hole ...
      
      A security hole (at least it used to) refers to an unintentional or unpublicized means by which unauthorized access is obtained to a platform or device.
      
      You can spoof an email addr - so what. Does this compromise the platform?
      [ link to this | view in chronology ]
      - Scott Gardner (profile), 26 Mar 2009 @ 11:48am
        
        Re: Re: Re: Re: one of the most massive security holes in the world,
        Security goes beyond simply preventing unauthorized access to a platform. Look up "security" as it pertains to messaging systems, and the terms "privacy", "authenticity" and "integrity" are widely-used and well-defined.
        
        Standard "out of the box" e-mail doesn't have provisions for any of the three. There have been add-on extensions to the e-mail standard that help, such as encryption and digital signatures, but they're neither required nor widespread.
        [ link to this | view in chronology ]
        
        Anonymous Coward, 26 Mar 2009 @ 2:35pm
        
        Re: Re: Re: Re: Re: one of the most massive security holes in the world,
        "Security goes beyond simply preventing unauthorized access to a platform."
        
        Scott,
        
        Look up "security hole" as that was the term in question - in addition, please read the prior postings
        
        Thx
        [ link to this | view in chronology ]
- Xanthir, FCD, 26 Mar 2009 @ 6:23am
  
  Re:
  One day someone will come up with an actual replacement for the current crappy mail system used on the net, putting something out there that cannot be easily spoofed, and that doesn't allow mail from just any address without a sponsoring ISP to handle it.
  
  Spam is a result of one of the most massive security holes in the world, and one that every ISP perpetuates by handing new users an email account. It would be much safer to point them to hotmail and call it a day.
  
  Unnecessary, and contrary to the open nature of the web.
  
  Spam still makes money, but *much less* than it used to, due to the effectiveness of today's antispam filters. If we can just drive up the price a bit more we can get a handle on it. Charge everybody a cent to send emails (with all the major players auto-rejecting mails that weren't 'paid for') and spam'll *stop*. ^_^
  [ link to this | view in chronology ]
The Visible Dentist, 25 Mar 2009 @ 7:37pm

Tips To Avoid SEO Scams
I couldn't agree more -- so long as people keep buying without first taking time to be better informed, SEO scams will continue unabated. Regardless of how inexpensive or costly, and no matter where the offer was found, it makes sense to get a quote from another provider. If you'd care to read it, I blogged about some tips to help avoid SEO scams. 7 Simple Steps To Avoid SEO Scams John Barremore Houston, TX
[ link to this | view in chronology ]
- Weird Harold's former #5 fan, 25 Mar 2009 @ 8:18pm
  
  Re: Tips To Avoid SEO Scams
  7 Simple Steps To Avoid SEO Scams
  
  Nice try. You don't honestly expect us to click on that link, do you? ;)
  [ link to this | view in chronology ]
  - The Visible Dentist, 25 Mar 2009 @ 8:51pm
    
    Re: Re: Tips To Avoid SEO Scams
    LOL!!! Well sure -- I clicked on yours. In fact, I'm watching you now!!! :)
    [ link to this | view in chronology ]
  - William, 25 Mar 2009 @ 10:08pm
    
    Re: Re: Tips To Avoid SEO Scams
    I have to admit. Your reply made me laugh.
    [ link to this | view in chronology ]
IM Smarter, 25 Mar 2009 @ 7:40pm

People Never Learn
I don't have to worry about this sort of thing. I'm too smart to fall for scams. Now I must reply to this Nigerian prince that needs to use my bank account to transfer his 84 million dollar inheritance so that his greedy uncle can't steal it and I get to keep half.
[ link to this | view in chronology ]
- The Visible Dentist, 26 Mar 2009 @ 3:07am
  
  Re: People Never Learn
  Hey back off pal - the Prince promised that money to me!!! :)
  [ link to this | view in chronology ]
Anonymous Coward, 25 Mar 2009 @ 8:07pm

my parents just got hit by one of these recently. it's not spam/scams in email. it's scam sites that they stumble onto across the web, as well as compromised sites hosting malware. then these sites use pop-in windows and pop-ups to give authentic looking warnings. these warnings say something like "SPYWARE DETECTED!" and they copy the entire design and look straight from windows, norton, and mcaffee. then the site says "you need to update your spyware database" or something to that effect... for only $50. the user probably didn't have any spyware installed, but they get duped into paying for software... that installs more spyware. the messages go away, and then after a few days, it presents you with more warning messages and it does wonky things. it then says you now need to update your virus definitions... for only $75. at that point, my parents called me.

i had them call the credit card company and file a fraudulent charge notice. the credit card company retracted the charge without dispute. then it was a matter of directing them through the reformat.
[ link to this | view in chronology ]
Weird Harold's former #5 fan, 25 Mar 2009 @ 8:15pm

Firefox - free
NoScript extension for Firefox - free
Adblock Plus extension for Firefox - free
CookieSafe extension for Firefox - free

Never seeing the "You just won a free iPod!!!!!" ads that lead to malware sites - priceless
[ link to this | view in chronology ]
- Anonymous Coward, 25 Mar 2009 @ 10:29pm
  
  Re:
  thx for CookieSafe extension
  [ link to this | view in chronology ]
SPAM, 26 Mar 2009 @ 7:40am

Spiced Ham...?
[ link to this | view in chronology ]
Thomas Whitney, 27 Mar 2009 @ 10:37am

Here is a site that is educational with respect to digital security: http://www.justaskgemalto.com
[ link to this | view in chronology ]