Security

The evolution of spam from annoyance to serious crime


Spam. We all hate it! Spam affects us all whether we are

responsible for maintaining e-mail systems or are simply e-mail users. In a

more sinister vein, spam can have serious repercussions for businesses, and

financial institutions are particularly vulnerable to the variety of spam that

helps feed identity theft and fraud.

On January 24th 2004 (over two years ago) Bill

Gates (of Microsoft fame) announced while speaking at the World Economic Forum "Two

years from now, spam will be solved" (CBS News);

Mr Gates predicted that spam would become a thing of the past with sender

authentication playing a major role—He also predicted the creation of billing

systems to allow the charging of fee's on a per-mail basis. I remember

wondering at the time what type of drugs he was taking; surely nobody could be

foolish enough to think spam would be that easy to combat! I was obviously not

alone, as a poll by techweb

found that "more than 80 percent of IT security

professionals surveyed at a security show in London don't think Bill Gates' promise to

kill spam within two years is doable." Two years later spam is still rife;

well done, Mr Gates. Enough said.

Over the past few years, the methods used

to spam people have changed dramatically since the introduction of stricter

anti-spam laws (see http://www.spamlaws.com)

and successful prosecution of a few large spam operations ( 1.

2.),

but far too few in total. It is widely thought, however, that current anti-Spam

legislation won't work, not only because of the changing approach of

spammers, but also because the harm caused by spam has been questioned and the

ability of authorities to enforce such laws is in doubt. Without uniform and

complete international cover, spammers will just move to a region where

authorities are happy to profit from, or at least turn a blind eye to their

activities. This can be seen from the fact that China

and Russia

are in second and third place when it comes to countries of origin for spam. Surprisingly,

the USA

still holds the number

one spot--interesting! Maybe if we could link profits from spam to

terrorism, the problem would be solved much more quickly…

So, as the noose tightens, spammers have

turned to more underground methods of plying their dark trade. Simply moving

their operation to localities where they won't be prosecuted is one tactic;

however, another more sinister and much harder to combat approach has been the

use of Botnets. Botnets are

basically farms of end user computers, and sometimes servers (all running "Windoze",

of course), which have been infected by worms or Trojans. While these malicious

programs sometimes perform an annoying or destructive task (such as deleting

files or mailing themselves to all of your contacts), the other and more

subversive function is to open up your computer as a drone, normally without

any clues given to the computer's owner. These drones will then connect back to

the mothership and allow the dark powers that be to take control, often

installing an SMTP relay for the sending of more spam or worms, and a small Web

server that will be used to host the (fake and fraudulent) Web sites advertised

in the spam that they send out. Quite often the drones will also be scanned for

any useful information which can be used in other fraudulent activities (credit

card/bank details) or to aid identity theft.

Botnets are often massive, with tens of

thousands of drones in each, and some have been reported to contain over a

hundred thousand. The combined power of these smaller entities is huge,

allowing immense numbers of unsolicited and often fraudulent mail to be

delivered. The combined bandwidth of these networks also allows for distributed

denial of service attacks to be launched, the likes of which can bring major

enterprises to their knees. Spam has come a long way from those unsolicited

advertisements that used to arrive a few times per day; it is more and more

intertwined with serious fraud, extortion, and organised crime.

That's our first look at the

changing methods used by spammers to enter your inbox. Next week, I'll continue

this topic with a look at the real effects spam has on business, over and above

the basic annoyance caused to our users who have to delete them.

Editor's Picks