SPAM: How to curb it
This 2006 file is out of date and not maintained. Much of this no longer applies.
Current information about preventing spam is found on the lower half of this page.
This 2006 file is out of date and not maintained. Much of this no longer applies.
Spam is a way of running scams and cons hoping to part fools from their money. And there are so many fools. It's a fact: by definition half the world has two-digit IQs. Some of the other half is marred by immaturity and senility. Every day thousands of newbies enter the email world for the first time. Spammers have great pickings. Don't fall for it. Never respond to spam in any way. Just trash it.
Here's the truth about spam, and how the US Congress caved in to lobbyists and took away all effective controls.
First the essential warning: every time you click REMOVE in a spam, you register your email address on a list of "People who responded" and that shows your address is active and can be sold to other spammers. The more you click REMOVE, the more spam you will get.
YAHOO has been telling us this for years. In one test I ran, clicking each REMOVE in spam for one week increased daily spam 400% within two months. Like YAHOO says, ignore REMOVE.
Did you know that spam is outlawed in Austria, Denmark, Finland, Italy, and Germany? That 22 states in the US had laws against spam, some you could have acted on?
Well forget it. In late fall of 2003 the US Congress passed a law nullifying all state anti-spam laws. Congress's law is pro spam, and removed by federal law any chance by states to control it. It went into effect in January, 2004. The result? Eight months later, E-mail security firm CipherTrust estimated that 86% of the world's spam now originates in the US!
Most, not all, spam is international white collar crime, crime that escapes prosecution because it rocks only small boats like you. When asked to do something about it, the US Congress said no. It went the other way. Because a tiny fraction of spam is legitimate marketing, it gave its blessing to spammers.
Why? Lobbyists for the DMA (Direct Marketing Association, a major Republican campaign donor) complained that its members were being hurt by state anti-spam laws. So in 2003 the Republican congress invited the DMA to write a federal law to their liking, and passed it. It's called the Can-Spam Act (see below.) The game is over and we lost.
Every corner of society has its swindlers, cheats, and thieves. In the email world these folks become spammers. They may claim to sell home mortgages, life insurance, merchant credit card accounts, debt consolidation, Viagra, whatever. What they are really after is your credit card number and other personal data for identity theft.
Identity theft is the fastest growing crime in the world. Some of it comes from responding to email spam.
Your spam doesn't always come directly from swindlers. You also get spam from multi-level market fish conned into believing they're promoting a real business, such as mortgage lending or insurance sales. These "salesmen" were themselves recruited by spam or classified newspaper ads offering "work at home for big bucks" jobs. They don't know it but they are working for crooks, sometimes crooks inside prisons.
One spammer described the breeding ground for spam marketers as "running with the wrong crowd and coming from a troubled family life, tired of dreary nine to five work as a dish washer, tele-marketer, or telephone order operator, looking for other ways of making money." And the money can be big.
These are the total strangers who send messages that say, "Here is the information you requested" when you didn't. Who write the spam to look like it comes from a friend, or from a stranger saying Hi. The email girl who is "lonely, sad, and needs to talk to someone" is never that. It's a career criminal who learned how to exploit our weaknesses.
Spammers forge return addresses showing MSN or YAHOO or AOL accounts that don't exist. They forge headers to blame innocent carriers for the spam, and hide everyone really responsible. Some use a trick to make it appear the receiver was the sender. Most crooks now mis-spell words in the Subject line or the message itself to fool spam filters.
Users of on-line sites like eBay or PayPal, people who bank on-line, and even people who don't bank on-line will receive messages (I get a few every day) that look exactly like they come from the on-line service, and request registration confirmation for one good reason or another. The link they supply to click on is the URL of your on-line service.
But it's actually not. It's a clever ruse and if you fall for it you give your ID, password, and credit card number to someone who wastes no time using them to steal every dime he can. Such spams are termed "spoofing" or "phishing," cute words that belie the huge danger here. Downplaying that danger yet alerting you to it is vital to on-line businesses.
Does reporting spoofing and phishing email to Castlecops http://www.castlecops.com/pirt do any good? I don't know but I do it. And to read who's who in the spam/fraud biz, who is going to jail and who is not, I read the Spam Daily News: feed://feeds.spamdailynews.com/rss2.0/topstories.xml . And finally, here's a list of the world's worst spammers as of November 2006.
If you're a crook this is a great line of work to be in. Very few get caught, fewer get prosecuted, so it has bred Internet crime organizations around the world. Only one spammer in 700 is prosecuted, according to the NYTimes on 10/03/05. Tracking down the perpetrator is too expensive for law enforcers even if it's in your own country, and often it's not. Even if they find who did it the chance of coming up with the evidence to convict is slim. This makes credit card fraud and identity theft very attractive to anyone so inclined.
Does it pay to spam? In Palm Beach, Florida, a formerly penniless scumbag bought himself a $4 million house with spam proceeds. In 2005 he was featured in south Florida newspapers. With thousands of newbies entering the email world every day, spammers find easy pickings.
Made aware of this, Congress responded by passing a law that looks like it offers protection, while in fact it makes protection impossible. It "outlawed" things already against the law that spammers do anyway. But much worse, Congress removed or crippled the enforcement powers. For example, you and I can no longer sue spammers.
What Congress did was give spammers total, legal access to your email account. They said spammers can legally send us anything unless we "opt out." Congress required us to do what everyone knows we must NEVER do: click on Remove, meaning contact the spammer and show our address is a good one. What we must never do is now required by the Can-Spam act.
Do members of Congress have any idea the enormous problems spam causes? The law came out of the Senate Commerce Committee and a similar bill came out of the House Energy and Commerce Committee. The two bills went back and forth several times before the final draft was approved by both houses.
Testimony before both committees was very limited. Most tellingly, they allowed no testimony whatever from anti-spam activists. The committees invited testimony from the lobbyists for the Direct Marketing Association. They then asked the lobbyists to draft a bill, and with a few changes that's what passed into law. It's a bill setting rules that only the handful of legitimate email advertisers pay attention to.
The bill was titled "Controlling the Assault of Non-Solicited Pornography and Marketing Act" and the acronym gave us the official name "Can-Spam." It drips with irony.
Authorities tell us that thanks to Can-Spam approximately 80% of all emails now are spam. Of that, only about 2% come from legitimate advertisers. So thieves, con men, and internet crime organizations, the other 98%, weren't hurt by the bill. Congress helped the crooks by improving their email address lists.
In the unlikely event you can identify someone who is abusing the law, Can-Spam gives you one tool: you can complain to a government mailbox at a short-handed agency, the Federal Trade Commission, that has far more important things to do than read multi-million spam complaints every day at SPAM@ftc.gov
Some state laws gave us the right to sue spammers, and there were successful suits. Congress took that away. Claiming spam is interstate commerce, it killed state anti-spam laws. Direct Marketing Association members felt threatened by them.
Currently AOL and Earthlink have suits pending against - not spammers - but businesses that help distribute spam. Whether Conspiracy to spam suits will work in the courts is anyone's guess but win or lose, a few rotten people will have headaches and big lawyer bills. That won't stop other huge spam conspirators but it may make some smaller shops quit distributing it.
No matter, spammers have distribution channels by the tens of thousands, found by hacking automated bots into Internet service providers and other on-line servers.
The only protection left for you and me against spammers is email spam filters, and none is fully up to the job. Some spam always gets through. And worse, filters can mistakenly call legitimate mail spam, and mis-mark or delete it with serious consequences.
For example, setting your filters to delete the endless home mortgage phishing scams might result in your on-line monthly mortgage bill being deleted before you see it. By the time you discover it your payment is late, damaging your credit. Thank Congress for that.
And for this. Spam will flow into your mailbox every day and if you don't clear it, will fill your mailbox to capacity and real email will be refused and lost forever. That real mail can be important in this day of on-line bills for car, home, health, and life insurance. Congress doesn't give a damn.
If you think we've been badly treated by Congress there's a way to let them know. You can put the individual members, their families, their satellite offices, and their largest contributors on spam lists so they see what we're up against. If they're in the same boat they might keep it from sinking. Let them learn what happens when they Reply to spam and ask to be removed, as their law requires. Let them see how far they get with an FTC complaint. This is perfectly legal. The Direct Marketing Association saw to that.
Some of their email addresses are available here. Some members don't list their addresses. They don't want to hear complaints. "Tell it to the FTC," is what one commerce committee member actually says on his web site.
Spam fighters were not allowed to testify about the problem when committee hearings were held. That leaves it to big contributors to let the members know that spam has gotten out of hand. That's how our system works. You can find each member's top contributors by going to http://www.opensecrets.org/politicians/, choosing a senator or representative, and clicking on the Top Contributors link on the left.
The members and important supporters in need of spam education might start (but not end) with the commerce committees. Look at the names on both sides of the lists below. These are the people who could drastically reduce the spam problem if their families and big contributors let them know there is one.
For the Senate, click on http://commerce.senate.gov/about/membership.html.
For the House, click on http://energycommerce.house.gov/108/members/members.htm .
Given that we have the worst Congress money can buy,
what else can be done about spam and other email demons?
Spam, scams, and malicious email are not the work of one person. They require conspiracy. The first conspirator is the writer. The last conspirator is the Internet Service Provider who delivers it. Your ISP. My ISP. Co-conspirators are every service in-between that carried the mail.
The only way we're going to cleanse email of viruses, trojans, and spam is to penalize the conspirators responsible. In every case we always know one of them, the last one, the one who chose to deliver that mail to us, our own ISP. He can be penalized for that.
We need to hold him accountable. Only then will he install filters to delete malicious code, and install sophisticated optional filters to delete spam before it jams our mailbox. He should be persuaded by threat of suit to make those filters available.
Tons of important mail, real mail, is returned to senders every hour because the recipient's mailbox is over-limit with junk. It happens to busy accounts; it happens to nearly everyone who goes on vacation. The fault for that lies with irresponsible ISPs who let it happen. They let the spam in. Until they are being held monetarily accountable to customers, they will continue to let spam in.
Not long ago there was a world-wide infection of PCs which turned many innocent machines into generators and relays for virus distribution. Every few minutes millions of copies of the virus sped through the email network and piled up in mail boxes. Within an hour or so a mailbox was junk-full and further email refused. This went on for weeks.
To keep a mailbox open you had to clear it once an hour, and with most end-user mail programs the only way to automate that is to download the crap to your harddrive. Scanning mail for known viruses and trojans at the ISP level is a no brainer. ISPs should be penalized for allowing them into your mailbox. Laissez-faire does not include a right to do damage.
ISPs can install a filter to flag spam for Viagra, penny stocks, mortgages, insurance, turning your a penis into a magic wand, etc. and give users the option to delete or download. Some do that, some don't, citing cost. We can fix that thinking.
There are filters to delete the Nigerian 419 scam, the "You Won the Lottery" scam, the "Please update your bank access records" scam, and all the other scams we've seen. These scams do rise to the laissez-faire level. Some people want to see them. But ISPs who don't make delete-by-default filters available as user options are co-conspiring to make identity theft the fastest growing crime in the world.
ISPs point to everyone else but one thing is undeniable. The one responsible for spam delivery is them.
What's needed is to convince all ISPs to install adequate filtering. Congress is useless. It's part of the problem. We must involve the courts and provoke lawyer bills.
Winning or losing a case doesn't matter. When it's more expensive to defend than to filter, ISPs filter.
As for spam senders, spoofers, and phishers, a swift and sure punishment. Confiscation of all assets, confiscation of everything they bought for themselves or others, and five years in prison, preferably in Mexico or Turkey.