[arachne] Fw: Anti Spam Newsletter for January 2004
- From: "Kevin JCJD Symons" <kjcjd@xxxxxxxxxxx>
- To: ""@4free.freelists.org
- Date: Thu, 22 Jan 2004 18:20:45 -1030
Arachne at FreeLists---The Arachne Fan Club!
----- Forwarded message begin -----
From: "Bigfoot" <news@xxxxxxxxxxxxxxxxxx>
The Anti-Spam Monthly Review
----------------------------------------------------------------------
January 2004 Vol. 1. No. 12
Hoping For a Brighter Future
The year 2003 has seen a lot of developments in the fight against
spam, especially in the legislative front. The United States and the
EU nations have all passed their respective laws, some of which are
already being put to use in prosecuting notorious spammers. Other
nations are also following suit, while some have come up with mutual
agreements for international cooperation as regards facing this
problem.
Spam awareness has increased rapidly as well, thanks to the efforts of
various companies and organizations fed up with the menace it has
become. Anti-spam organizations have been vigilant in supporting
measures that would hopefully prove to be effective in at least
putting a dent on the problem. Other groups from the financial and
Internet sectors have given public warnings of scams and have also
provided private citizens with several guidelines and options, which
they can use in their own battles with spam.
However, there are also a lot of bad things that has happened the
previous year. Spam e-mails are being used to spread worms and
viruses, while some are used for financial scams. By the looks of it,
Internet vandals will continue to find more devious ways in utilizing
spam for their tricks.
Nevertheless, amidst the growing problem, we still remain hopeful that
spam will eventually cease to exist. Although this seems like wishful
thinking, with a more unified and concerted effort, we may be able to
see a brighter future for the Internet and find useful ways for this
technology.
**********************************************************
Special Feature
Can the CAN Spam Act Stop Spammers?
United States President George Bush has finally signed the CAN Spam
Act into law on the last month of the year 2003. As some critics
expected, spammers don't seem too impressed or threatened with the
law, which was enforced on January 1. Nor have they changed their
tactics.
The CAN-SPAM Act requires marketers to remove customers from their
lists when requested and bans common spamming practices such as false
headers and harvesting e-mail addresses. Commercial e-mailers must
include a physical address in messages, along with a truthful subject
line and notice that the message is an ad. The law permits the Federal
Trade Commission and other federal agencies, state attorneys general
and Internet service providers to take spammers to court. Individuals,
though, do not have the right to sue spammers.
Many have praised the bill, including The Direct Marketing
Association, Association of National Advertisers and American
Association of Advertising Agencies for establishing a national
standard and providing stronger enforcement tools. But many of its
critics argue that the law is flawed because it establishes a set of
legal loopholes and pre-empts stricter state laws, like the one passed
by California.
However, despite all the FTC's efforts, many spam gangs still pretend
to operate offshore to get around laws, and they continue to do so,
by the looks of it.
Source: DMNews.com, usatoday.com, law.com, CNET News.Com, NYtimes.com,
theregister.co.uk
***********************************************************
United States of America
Political Junk E - mail: Legislators Say
Their Unsolicited Mails Aren't Junk
Even as the US Congress was collectively approving a law aimed at
significantly reducing the amount of spam people get in their inboxes,
members were sending out hundreds of thousands of e-mail messages to
constituents.
The campaign is aimed at attracting voluntary subscribers to the
lawmakers' e-mail lists, which would not be subject to House rules
that normally impose a 90-day blackout before an election for
taxpayer-supported congressional mass communications.
While at least 40 House members have bought or agreed to buy e-mail
address lists from at least four vendors, consumer advocacy groups say
that the policy may unfairly give an advantage to incumbents over
challengers because it allows elected officials to use government
resources to communicate with voters right up to Election Day. In
addition, consumer advocates say, sending bulk e-mail messages to
constituents who have not agreed to receive it is essentially
electronic junk mail.
Members of the House disagree and say their e-mail messages are not
junk e-mailings or spam, because the messages are directly intended
for constituents who have the right to opt out.
Source: heraldtribune.com
Businessman Arrested on Felony Spam Charges
Jeremy Jaynes, a local businessman in Raleigh Virginia, became the
first person in the United States to be arrested on felony spam
charges. Also known as "Jeremy James" and "Gaven Stabberfield", Jaynes
was arrested in Raleigh and charged with four counts of using
fraudulent means to transmit unsolicited bulk e-mail.
A Virginia grand jury indicted Jaynes on allegations that he sent
illegitimately high numbers of commercial e-mails through Virginia
servers and falsified transmission or routing information to mask the
origin of spam. Virginia's spam law prohibits sending more than 10,000
e-mails in any 24-hour period or 100,000 in any 30-day span.
Jayne's alleged co-conspirator, Richard Rutowski, also turned himself
in to authorities. The two are facing allegations that each carry
punishment of up to five years in prison, a fine of up to $2,500, or
both. Jaynes has been known as "the world's eighth worst spam kingpin"
and "a major player in the spam world who lived comfortably as a
result".
Source: news-observer.com, EcommerceTimes.com, Triangle Business
Journal
***********************************************************
Europe
Britain Says No to Spam
New anti-spam laws have now come into effect in Britain, in
accordance to the European Union Directive on Electronic
Communications prohibiting the sending of commercial e-mail without
first obtaining an e-mail address owner's permission.
Enforced by the Information Commissioner's Office, the new regulations
impose a £5,000 fine on spammers and give the ICO the power to take
offenders to court.
British software companies that sell spam-filtering programs, lawyers
and security experts are among those who say that the new EU laws
would make little difference to the amount of junk e-mail being
received by computer users. They argue that the fines imposed are too
low and that the directive will only be effective at stopping spam
originating from EU countries.
But the government claims otherwise, as they have received thousands
of calls from people saying junk mail had virtually disappeared from
their inboxes. The threat of big fines has halted most European-based
spammers in their tracks. However, the ICO said that there are still
no prosecutions to announce.
Source: straitstimes.asia1.com.sg, Reuters, www.euractiv.com,
theregister.co.uk
Irish Consumers Warned of E - mail Scams
The Irish Financial Services Regulatory Authority (IFSRA) warned
consumers of new e-mail scams that ask for verification of PIN, bank
account or credit card numbers.
Consumers are asked to be very careful in not divulging personal
financial information as these bogus e-mails and web addresses can
appear to be legitimate. It should be remembered that banks or credit
card issuers would never ask a customer for secure personal
information such as a PIN number in an e-mail.
The e-mails purport to come from a firm representing major banks and
credit card companies asking to verify customer's account details.
IFSRA has passed details of the e-mails to the Garda fraud bureau and
advises customers to report the messages to their bank or credit
provider and to the Gardai.
Source: businessworld.ie
***********************************************************
Asia Pacific
International MoU on Spam
Australia has proposed that all national communications regulators
develop a multi-lateral memorandum of understanding (MoU) on spam to
boost the fight against unsolicited junk e-mail.
Australia already has a spam MoU with South Korea and several other
countries have approached Australia about signing a similar agreement.
But Australian Communications Authority executive manager, John Haydon
suggested that a standard MoU be used for a multilateral approach to
agreements therefore simplifying the establishment of international
cooperation principles for locating and dealing with spammers since
most of the spam received in Australia comes from overseas.
According to Mr. Haydon, the idea was "well-received" by other
communications regulators and he hoped for a quick response, which is
likely to take the form of a preliminary conference.
Australia's anti-spam laws come into effect on April 11, and have been
supported by both the Internet and direct marketing industries. But
the question is: Will the MoU solve the problem of differing
legislative regimes in each country?
Source: news.com.au
Internet-related Companies Team Up to Stop Spam
Commercial associations and Internet-related companies in Taiwan
came together to discuss drafting legislation to regulate the flow of
unsolicited e-mails or spam. The group aims to urge government
authorities to pay attention to the aggravating problem of online spam
and fraud.
The anticipated law enforces responsibility on Internet service
providers and Internet businesses to examine those sending junk
e-mails through their service, and implements a standard of quality
service that would encourage these companies to apply advance
techniques to screen out spammers.
Source: The China Post, taiwantimes.com
Indian Company Told to Stop Spamming
In the first court order in the country on spamming, McCoy Infosystems
Private Ltd. was banned from sending unsolicited bulk e-mail to any
user of the state-owned Internet services provider, VSN Limited.
Tata Sons Ltd. and its subsidiary, Panatone Finwest Ltd., which own a
large stake in VSNL, filed the lawsuit. Tata Sons alleged that McCoy
Infosystems was intentionally "trespassing" on VSNL's property and
breaching the privacy of VSNL and its subscribers by sending vast
amounts of spam.
The company had turned to older laws referring to trespass of goods
and nuisance laws since existing laws don't address recent
technological advances such as spam.
Source: The Globe and Mail, Associated Press (primary)
***********************************************************
International News
Spammers to Pay Up
A new report from Forrester Research claims that charging for e-mail is the
only way to stop spam, as it would not only put hard-core spammers out
of business, but also save money for legitimate organizations.
Forrester says the real answer to spam is in e-mail charging, making
those who send email in bulk pay for the resources they use. 'Even one
quarter of $.0.01 per message would crush spammers' business model,'
the report claims. On the other hand, legitimate businesses will
actually save money. Forrester estimates that the outgoing e-mail
charge would be more than offset by savings on spam filtering,
bandwidth and e-mail storage.
However, there are barriers to effective e-mail charging. It would
require agreement from all ISPs, a standardized authentication system
and the consent of e-mail users, which could prove the toughest
obstacle of the all.
--------------------
The Microsoft Research group (MSR) thinks they may have come up with a
solution that could, at least, deter the spammers. The basic idea is
to make senders of mail to pay for it, and not whoever is on the
receiving end.
The payment is not in money, but in the memory and the computer power
required to work out cryptographic puzzles. If the e-mail sender is
not known to receiver, the sender has to prove to that a little bit of
time in resources was spent to send the e-mail. Once there's proof
that the required "puzzle" has been solved, they can be added to a
"safe list" of senders. It means the spammer's machine is slowed down,
but legitimate e-mailers do not notice any delays.
MSR calculated that if there are 80,000 seconds in a day, a
computational "price" of a 10-second levy would mean spammers would
only be able to send about 8,000 messages a day, at most. If spammers
are sending tens of millions of e-mails, they would have to invest
heavily in machines, making it less profitable to send as many
e-mails.
But the group also said that for such a scheme to work, there would
have to be some provision for open standards, so that it is not
proprietary to Microsoft. And because it is the receiver who sets the
puzzle requirement, spammers will not have any advantage by using
non-Microsoft products.
Source: www.pcpro.co.uk, news.bbc.co.uk
************************************************************
Opinion
Opinions From Inspector Mails
Inspector Mails is the AI entity for Bigfoot's Anti-Spam Solution.
http://offers.bigfoot.com/redir3/RtA0XYgfB!http://www.bigfoot.com/ef/infopage.jsp?show=antispam.default
He will be giving regular updates on his opinions on current anti-spam
trends.
Scammers Go 'Phishing'
One e-mail scam making the Internet rounds in recent months deceives
consumers into disclosing private credit information. Called
"phishing", scammers use e-mail spam to trick potential victims into
disclosing sensitive information, such as credit card numbers, bank
account information, social security numbers, passwords and the like.
Usually, the e-mails pretend to be from businesses the potential
victims deal with, like ISPs, online payment services or banks.
Recipients are told that they need to "update" or "validate" their
information to keep their accounts active and directs them to a spoof
Web site of the legitimate business, making consumers think that they
are responding to a bona fide request.
Right now, phishers like sending e-mail messages under the guise of
big institutions to thousands of people, which increases their chances
of reaching people that are actually customers of those institutions.
Banks baited by phishers in recent months include Citibank, Lloyds TSB
Bank, NatWest, Visa, Halifax bank and Westpac bank.
Here are tips from the Federal Trade Commission we can all use to
avoid getting caught in these scams:
If you get an e-mail that warns you, with little or no notice, that an
account of yours will be shut down unless you reconfirm your billing
information, do not reply or click on the link or e-mail. Instead,
contact the company cited in the e-mail using a telephone number or
Web address you know to be genuine.
Avoid e-mailing personal and financial information. Before submitting
financial information through a Web site, look for the "lock" icon on
the browser's status bar. It signals that your information is secure
during transmission.
Review credit card and bank account statements as soon as you receive
them to determine whether there are any unauthorized charges. If your
statement is late by more than a couple of days, call your credit card
company or bank to confirm your billing address and account balances.
Report suspicious activity to the FTC and send the actual spam message
to mailto:uce@xxxxxxxx Lastly, check with your service provider for
ways to reduce spam. An effective Anti-spam Solution is always a good
investment.
***********************************************************
Letters to the Editor
FED UP WITH SPAM
First, thanks for the actual overviews of the legal situation. The
amount of spam we receive also depends on our own behaviour. It is
a really bad manner to fill the to-line with more than one address.
Sometimes I get mails with hundred and more. Everybody should know
that each address is visible for every recipient. You may not know
what an email header is and you may not read it, so you never saw it,
but worms and spammers do. If you don't know how to make a clean
mailing list, but these addresses at least into the bcc field and put
yourself in the to field. This way the recipients only see your
address and not who else gets the mail. For me, everyone who puts my
address in such a list is not better than a spammer and I ask for the
right, to sue such persons!
Bruno
I fail to understand the mentality of the unsolicited spammers. I have
to delete 20 to 30 emails twice a day. I never read the stuff. I never
reply to the stuff. I'm not interested in their products - penis
enlargement, medication, etc. I find their marketing strategy
baffling. Roll on clamp down - whatever it takes. Everyone keep up the
pressure.
Stephen
AOL AND SPAM
I received an email from AOL that said, in effect, when you signed up,
you opted out, we sent you unsolicited email, than you opted out
again, now we have improved our system and are going to start selling
your mailing address unless you opt out again!
To opt out, you had to have your log on and password. Since I ceased
being an AOL customer years ago and no longer have an AOL log on and
password, I could not opt out! Before, I was getting no SPAM. Now I am
getting 40 to 60 per day from the same two or three SPAMMERS. The Spam
began within two or three days of the opt out deadline.
Is what AOL did, is doing, legal? Is this their way to retaliate
against those who left AOL?
Berry
You must bear in mind that spam statistics have greatly increased
over the few years and that spammers nowadays are getting more and
more resourceful in looking for ways to get their spam messages
through. Unless you have sufficient proof that AOL is deliberately
sending you these spam e-mails, it may be too hasty to conclude that
this is their way of retaliating.
SPOOFED!
I have received about a thousand emails in the last week telling me
that email I sent (presumably Spam) was undeliverable. First of all,
I have sent no Spam from my home address. Secondly, all of the
messages contain phony names. I would appreciate any advice you can
give me on how to track and fix this problem. I hate Spam with a
passion and would never even think of sending any out. Thanks!
Tim Dunbar
What you reported sounds like a case of spoofing wherein the spammer
changed the IP address or return address of the message to make it
look like it came from somewhere or someone else. This is a favorite
technique used by spammers to prevent people from finding out who they
are. Most ISP's often find themselves as much a victim of these
spoofers as the person himself who received the spam. Unfortunately,
it is very difficult to detect spoofing and there is, as yet, no
generally accepted solution to this problem with the current IP
protocol technology.
We appreciate all of the comments and overwhelming response we have
received to the newsletter and we will be addressing your concerns in
the next issue. You may send any comments regarding the newsletter to
antispam.review@xxxxxxxxxxxx As we do reprint some of the comments
of subscribers, if you prefer that your email address be withheld,
simply advise Bigfoot and provide us a first name, city and state
as an alternative.
Bigfoot
http://offers.bigfoot.com/redir3/RtA0XYgfB!http://www.bigfoot.com/
The Communications Powerhouse
--------------------------------------------------------------------
The following message was sent to you as a subscriber of Bigfoot.com.
You are subscribed as kjcjd@xxxxxxxxxxxx We will continue to
bring you valuable offers on the products and services that interest
you most. If you wish to unsubscribe, click below.
http://offers.bigfoot.com/remove3/0/RtA0XYgfB!29d5b2d2a9371409?email=kjcjd@xxxxxxxxxxx
[Attached file: S8CCP402.htm]
------ Forwarded message end ------
Cooee and Love from Kevin, Juha, Salt, and the chooks... XXX
at the UTGT Aquaculture Yabby Farm
UTGT, in sunny Adelaide, South Australia
Kung Hoi Fat Choy
Arachne at FreeLists
-- Arachne, The Web Browser/Suite for DOS and Linux --
Other related posts:
- » [arachne] Fw: Anti Spam Newsletter for January 2004