Interacting with Spam Emails

Unbelievable, and you wonder why is spam on the verge of destroying email as the once so powerful communication medium. What I don't like about survey's like these is that they barely report their findings without providing further clues on the big picture and actually assess the findings in the way they should. The ultimate question thefore always is - So What?! Interacting with spam in any way, be it clicking on a link inside the email, loading the bugged with remote images emails, and the most moronic of them all - unsubcribing from the spammer's URL will only result in verifying that your email is active. What follows is a syndication of this email by different spammers and a flood of advertisements in languages you'll probably never speak :

"Bombarded by spam, e-mail users are eager for tools like a "report fraud" button that would help weed out unwanted messages that litter inboxes, according to a survey by the Email Sender and Provider Coalition released on Tuesday. More than 80 percent of e-mailers already use tools such as "report spam" and the "unsubscribe" button to manage their in-boxes, the survey found. The survey, which was also conducted by marketing research firm Ispos, polled 2,252 Internet users who access e-mail through service providers such as AOL, MSN/Hotmail, Yahoo! and Gmail."

Having a report spam button means the technological measures in place to prevent the spam from reaching a mailbox have failed, a very bad sign by itself. Before asking for a report spam button understand how spammers obtain your email at the first place and try to prevent it. Standardizing the "report spam" button on multi-vendor level would never happen. That's mainly because vendors actually compete on spam detection results, just like they should do with the idea that competition not only keeps them in a good business shape, but has the potential to best serve the customer.

There's also the mean wisdom of crowds to keep in mind. Remember when Hotmail was blocking Gmail invites? Was it an undercover corporate policy, or Hotmail fans were clicking the report spam button on received Gmail invites to make sure Hotmail subscribers never get the chance to receive them? Empowering the massess in a Web 2.0 windom of crowds style is tricky, as the way competitors click on each other's AdSense ads during lunch breaks, the very same way they'd subscribe to a competitor's email notifications and have them reported as spam. Contribute to Project Honeypot if your infrastructure allows you to and see them crawling. Cartoon courtesy of Bill Holbrook.

Taking Down Phishing Sites - A Business Model?

Processing orders for taking down malicious or fraudulent web sites is gaining grounds with not just RSA providing the service, but also, with Netcraft joining the process :

"Netcraft will identify, contact and liaise with the company responsible for hosting the fraudulent content. Netcraft enjoys excellent relations with the hosting community, and many of the world’s largest hosting companies are Netcraft customers. Netcraft can exercise its existing relationships with these companies to provide a swift and smooth response to the detection of the site. If the hosting company is reputable, this may be sufficient to ensure a prompt end to the fraudulent activity. However, some hosting companies offer fraud hosting as a service whereby they are incentivized to keep the site up as long as possible, and this necessitates more extensive action."

How does Netcraft differentiate its value proposition compared to RSA's? Netcraft's core competency is monitoring of web sites and providing historical perforce reports regarding various server variables, and they've been doing it for quite some time. Moreover, the company directly relies on the success of its anti-phishing toolbar in respect to gathering raw data on new phishing sites, thus, a future customer in the face of company whose brand is attacked. While the business models seem sound to some, it's worth discussing their pros and cons. Will ISP implement an in-house phishing sites monitor to compete with the services offered by third-party vendors -- they could definitely delay their actions given the huge infrastructures they monitor and the lack of financial incentives for the timely shut down -- or will ISPs and vendors figure out a way to build an ecosystem between themselves? The pioneer advantage is an important despite the common wisdom that even if you have an innovative idea and a market that's not ready to embrace it it wouldn't get commercialized.

In the past, there were futile attempts by banks to utilize the most commonly abused phishing medium - the email - to build awareness among their customers on the threats of phishing which isn't the way to solve the problem. You've got many options in respect to your customers - either educate them, enforce E-banking best practices or deny them the service if they don't comply, be a paper tiger and forward the responsibility for fraudulent transactions to their gullibility, or improve the entire authentication process. As we have seen two-factor authentication may improve consumer's confidence, but we're also seeing malware authors getting pragmatic and adapting to the process as well. Flexibility also stands for better transparency of the process - respect to the banks providing me with the opportunity to receive an SMS each and every time money come and go out of the account.

OPIE and multiple factor authentication are inevitable, but a customer's awareness of the threat is worth more than another keychain of OPIE generators. The rest are unmaterialized E-commerce revenues due to customers still fearing the risks are not worth the benefits.

Cyberpunk is Dead!

Yeah sure, on the 1st of April only! Enjoy this marvelous cyberpunk compilation with Juno Reactor as a background music. A group whose works such as Pistolero and Rotor Blade continue reminding me of the good old school psychedelic vortexes we used to spin in -- that's of course in a previous life.

Cyber Traps for Wannabe Jihadists

I guess that's what happens when you don't have a single clue on where the real conversation and recruitment is happening, so you decide to create your own controlled jihadi communities to monitor. A case study on false feeling of effectiveness in Australia :

"FEDERAL police are setting up bogus jihadist websites to track extremists who use cyberspace to recruit followers and plan attacks. The undercover operation, disclosed yesterday by Australian Federal Police Commissioner Mick Keelty, is an assault on arguably the most powerful weapon of the global jihadist movement, the internet. Mr Keelty said police were working closely with foreign governments and the military's Defence Signals Directorate. "We have worked with some foreign countries through our undercover program, establishing our own websites, to capture some of the activities that are going on on the internet," he told a security conference in Sydney."

"Some of the activities" will have absolutely nothing to do with the real situation, and even if someone bothers to open up a discussion on your second hand jihadi site, it'll be a classic example of a moron. Fighting for a share of the online jihadi traffic is so unpragmatic, unnecessary, time and resource consuming that you'd better rethink the entire idea, emphasize on intelligence data sharing with other countries in case you cannot monitor the emergence of local communications, and keep an eye on them.

Meanwhile, a talk on the street is heating up :
- Hello underaged kids, I see you're having trouble getting hold of some quality Russian vodka over here in front of that store, I can probably give you hand with this?
- Yes, please, please!!!
- Aha! Agent Temptation from the Thought Police here, you're busted for desiring to drink alcohol even without drinking it! Put your tongues on your head so I can see them!

In the long term we may actually have a real-life bomber confessing of visiting online jihad community before the plot took place, that, ooops, happens to be one of the fake ones. Now we have double ooops. Many other related posts to provide you with an overview of the big picture and a countless number of budget allocation myopia failures that emphasize on technological approaches to detecting radical jihadi propaganda, whereas cyber jihadists and future terrorists are getting efficient in generating "noise sites", ones your crawlers are so good at picking up.

IMSafer Now MySpace Compatible

MySpace, the world's most popular social networking site, and an online predator's dream come true has been actively discussed since the very beginning in respect to the measures News Corp's property takes to prevent child abuse through the site. Let's face the facts, of course underaged kids will confirm they're over 18/21 in order to use the site, and of course online predators will continue finding ways to socially engineer a online contact with the ultimate idea to meet in the physical world. Why? Because children provide way too much sensitive information in order to virtually socialize and meet new buddies, thus indirectly helping pedophiles pinpoint key "contact points" in the future. If you as a parent start paranoia-ing around, you'll end up with the wrong conclusion that the risks are not worth the benefits, totally forgetting that forbidden fruits taste much better and it's children we're talking about -- they break the established rules in principle. No matter the registration procedures in place, you cannot stop an online predator registering and communicating with children at the site, what you can do however is educating your children, and emphasizing on filtering not spying activities in order to protect them.

The team behind IMSafer, a service which I covered in a previous post, have realized the potential benefits of introducting a MySpace compatibility, and so it recently became a reality :

"IMSafer's updated language-analysis engine can scan individual MySpace postings for potentially dangerous, threatening or sexually explicit content, the company said. Users can download the tool from the company's Web site, said Brandon Watson, CEO and founder of the company. Traditional parental control software generally can filter and block Web sites but can't identify possible dangerous interactions on increasingly popular social networking sites such as MySpace, he said. While most sexual solicitations of children still come through instant messaging software, online predators are increasingly using MySpace to initiate contact with potential victims, Watson added."

Don't forget the bottom line, if you're in a fragile relationship with your kids, pretty much anyone online could take advantage of their vulnerable condition. The irony goes that people you've never met will show more respect to you than the people you actually fight to get respect from. From a children's perspective that's you parents! Here are several more articles worth going through, especially this post-event response to what's an internal problem to me.

Real Time Spam Shredding

Wednesday's portion of hahaha-ing. This is the work of a pragmatic genious, the revenge of the nerds or call it whatever you want the idea is simple - what gets detected as spam gets printed and shred in real-time for interactivity. How much would it cost for a Fortune 500 organization to implement such a feature, a "fortune" by itself for sure, but an anti-spam vendor looking to differentiate its headquarters might be interested in implementing such a system for their corporate clients to see while walking around.

"Spamtrap" is an interactive installation piece the prints, shreds and blacklists spam email. It interacts with spammers by monitoring several email addresses I have created specifically to lure in spam. I do not use these email addresses for any other communication. I post individual email addresses on websites and online bulletin boards that cause them to be harvested by spambots and then to start receiving spam. Because I know that all email sent to these email addresses are spam, I have set the installation to print and then shred each email as it arrives."

Read more about the Spamtrap in this blog. There's simply so much spam these days, you can even create large data sets in order to render surrealistic spam art paintings, no kidding.