 |
| CNN WEB SITES: |
|
| TIME INC. SITES: |
| MORE SERVICES: |
| video on demand |
| video archive |
| audio on demand |
| news email services |
| free email accounts |
| desktop headlines |
| pointcast |
| pagenet |
| DISCUSSION: |
| message boards |
| chat |
| feedback |
| SITE GUIDES: |
| help |
| contents |
| search |
| FASTER ACCESS: |
| europe |
| japan |
| WEB SERVICES: |
From...
On the beat with the Internet spam cops
June 19, 1998
Web posted at: 9:30 AM ET
by Laura Rich
(IDG) -- Lisa Hoyt sits in wait, watching her suspect's every move.
The suspect has been harassing up to 3 million people for eight weeks now, getting away with his crimes by changing his address and using false information whenever he's required to identify himself. His preferred method of attack? Unsolicited e-mail messages, mainly targeted at America Online members. They all bear the same subject line, "FIVE FREE MINUTES WITH A LIVE MODEL."
Not surprisingly, the recipients have sent angry messages of complaint - some 30,000 of them. And Hoyt, information security officer at the ISP EarthLink, has entered the fray because the spammer has used a fake return address that makes it look like the mail is coming from the EarthLink system.
"It's a negative PR issue for us," says Hoyt.
| MORE COMPUTING INTELLIGENCE | ||
|---|---|---|
|
IDG.net home page | |
| InfoWorld home page | ||
| InfoWorld forums home page | ||
| InfoWorld Internet commerce section | ||
| Industry Standard daily Media Grok | ||
| Reviews & in-depth info at IDG.net | ||
| IDG.net's personal news page | ||
| Questions about computers? Let IDG.net's editors help you | ||
|
Search IDG.net in 12 languages | ||
| News Radio | ||
|
PC World News Radio | |
|
|
Computerworld Minute audio news for managers | |
It's far more than that. At ISPs across the country, spambusting vigilantes fight a constant digital war against spammers, who regularly upgrade to software that allows them to pass below the radar-level of e-mail patrollers. Systems administrators who once handled basic customer service inquiries have had to become spam experts. Some ISPs have formed "abuse departments" that focus strictly on spam.
Catching spammers can be profitable for ISPs. In March, EarthLink was awarded $2 million in damages as a result of a spamming incident. On its own, the ISP has collected $150,000 in fines since it began enforcing a policy of fining for spam violations last July.
After two months of cybersleuthing, Hoyt has yet to nail that elusive spammer. Digital clues left in the mail's path, however, give her a good idea of where her target may be hiding. Last week, the former nursing student was preparing to contact the spammer and request that he halt his activities or risk having his case turned over to EarthLink's legal department. Perhaps the most famous spammer is Sanford Wallace, CEO of CyberPromotions, a company that has repeatedly been a thorn in the side of ISPs. Though Wallace recently claimed to have reformed his ways, Hoyt and her counterparts at ISPs across the country aren't convinced that spamming will slow down anytime soon.
Instead, it has already shown signs of new growth. In a press briefing last week, U.S. government intelligence officials said that last year an ethnic militia group had conducted a spam attack on the Sri Lankan government. The cyberterrorists sent enough e-mail messages to overload a server that held what the militia group termed "propaganda." Their attempt was unsuccessful, but the story added color to the picture of spreading spam.
The Federal Trade Commission reports that when it went after spammers earlier this year, it received 500 unsolicited e-mails in a single mailbox every day - and the commission probably didn't receive it all. The agency's probe ultimately targeted 1,000 bulk e-mailers, or spammers, warning them that their actions might be considered fraudulent (particularly when headers are forged). A recent survey found that ISPs spend millions of dollars to stop spammers, with about $2 of each subscriber's bill going toward spam prevention. ISPs say their only recourse is to catch and punish the culprits. But the task is not as easy - or as fun - as it might seem.
Busting a spammer frequently starts with complaints from spam victims, who forward the offending mail to vigilantes. Spammers can often be detected simply by watching for an IP address or a particular bit of information in the address header.
"We just need one header from one report, and [spammers are] dead in the water," says a resolute Harry Smoak of ISP MindSpring Enterprises. Until recently, Smoak's title was "abuse captain," but the moniker was changed to "terms of service manager" because subscribers were frightened by the word "abuse."
Server agents, or robots, on the ISP side might be set to watch for a certain frequency of mail transmission, setting off an alert if an unusually high number of messages goes out or if there is a steady stream of mail over a period of time from one account. At EarthLink, Hoyt's two staffers watch the logs during their shifts.
Once a suspect has been identified, spambusters administer the appropriate punishment. EarthLink fines subscribers $200 for each misuse of the EarthLink network. Netcom posts a list of offenders on its site. MindSpring simply shuts off access. America Online is known for taking legal action.
The job can be vicious. Both sides engage in a battle of wits, programming and reprogramming software to identify or elude the other. It's a worthwhile endeavor, says Michael Erde, postmaster at ISP Interport Communications, "but the cleanup is frustrating. ... I have to worry about people sending spam to our users; I have to worry about getting blacklisted ourselves; I have to worry about our reputation in the industry," he complains. "And I have to worry about a Smurf Attack" - in which an ISP is bombarded with enough mail to bring servers down.
AOL is so protective of its overseers that the company won't release their names or let them participate, even anonymously, in an interview. A spokesman explains that this policy is intended "to protect them from hackers."
But Smoak, Hoyt, Erde and others are ready to meet their adversaries on the open field. Hired initially to deal with general issues of security on the ISP, their attention has been turned disproportionately to spam. Hoyt, for one, says she's spent entire days trying to locate just one spammer, and she doesn't expect the job to get easier anytime soon.
"Fraud prevention is in its infancy," says Hoyt. "It's an industry-wide problem." Abusers of the network will continue to find ways to sidestep the patrol force by using free, temporary e-mail accounts, or by designing ever-more sophisticated software.
Government regulation might alleviate the problem. The Smith Bill, an amendment to the anti-junk-fax law, calls for spammers to pay recipients $500 for each unwanted piece of mail. Other bills up for consideration call for filtering spam or for self-regulation by the direct-marketing and advertising industries. All the legislation is currently working its way through the House of Representatives.
With or without support from the federal government, Smoak's four-person abuse department won't let up till the problem is resolved. Vigilant in their mission, they'll keep fighting to make the Internet a spam-free zone. Says a somber Smoak, "An unsolicited e-mail, whether one or 10 million, is not a good thing."
CNN Programs
Sunday 1:30pm - 2:00pm ET (10:30am - 11:00am PT)
Saturday 1:30pm - 2:00pm ET (10:30am - 11:00am PT)