As Long As People Keep Buying, Scams (and Spam) Will Keep On Coming
from the pt-barnum dept
It looks like if anything is going to be able to effectively stop spam, it might be pressure on spammers’ profit margins that makes spamming a less attractive line of work. But that still seems a ways off, as long as enough people continue to buy the stuff being sold in spam messages. Spammers know if they can reach a high enough volume, they’ll find enough suckers to make it worthwhile. Scareware, too, is a volume business: a new report looked at a recent scam in which users were sent to booby-trapped web sites which said their computers had a virus. They were then directed to a site selling them some $50 “anti-virus” software. While a small percentage of people actually ponied up the cash, enough did to allow the scammers to pay more than $10,000 per day to the people who used SEO techniques on keyword typos to drive marks into the scam. It’s easy to say that people shouldn’t be so stupid and fall for the scams, but at the same time, perhaps a bigger issue lurks for the legitimate security software industry: if people can’t distinguish between legitimate warnings from their products and scams, it could be a problem for them.
Comments on “As Long As People Keep Buying, Scams (and Spam) Will Keep On Coming”
Yes, there's one born every minute.
After sitting here typing away for a bit, I decided that it’s simply not worth posting all of what I wrote. I could beat my head against the wall and that would be more productive than to tell people to STOP clicking on links in spam, ASK your friends if they actually sent you that link through your IM program, and RESIST the temptation of going to some website (because all of your friends want you to) to watch the cute kitten video.
Use your head people and you’ll be fine.
Oh, and about the ransomware in the article…get a backup program and an external hard drive. If you ever become infected, just restore from your external drive. Problem solved.
Excuse me while I go beat my head against the wall over there because someone…somewhere just clicked on the kitten video. ARRRRGGGG!
One day someone will come up with an actual replacement for the current crappy mail system used on the net, putting something out there that cannot be easily spoofed, and that doesn’t allow mail from just any address without a sponsoring ISP to handle it.
Spam is a result of one of the most massive security holes in the world, and one that every ISP perpetuates by handing new users an email account. It would be much safer to point them to hotmail and call it a day.
Re: Re:
That already exists with some email providers. for a while when i emailed my parents from a new email address I got an automated response and had to reply to that and then get permission from my parents to continue sending email. Annoying as hell.
Strangely I’ve been using gmail for over 4 years now and I don’t have a problem with spam. I guess they have a good enough filter.
Re: Re:
“Spam is a result of one of the most massive security holes in the world”
and that would be what exactly?
Harold, you make no sense at all.
Re: Re: Re:
No, he makes sense on this one. From a security standpoint, three important things you have to consider are privacy, authenticity and integrity. Internet e-mail wasn’t really designed with any of those three in mind.
As it relates to spam/fraudulent e-mail, it’s the lack of provable authenticity that’s the biggest problem. It’s trivial to spoof a return address, and many ISPs are set up poorly and will let you use their outgoing mail servers to send a message, even if you don’t have an account with them. If there were mechanisms in place to unambiguously associate an e-mail with its sender, we’d have a lot fewer e-mail scams.
Re: Re: Re: one of the most massive security holes in the world,
WH -> one of the most massive security holes in the world,
AC -> From a security standpoint,
You guys are talking about different things, or not using proper terminology.
I suppose that WH could’ve been referring to the operator as the security hole …
A security hole (at least it used to) refers to an unintentional or unpublicized means by which unauthorized access is obtained to a platform or device.
You can spoof an email addr – so what. Does this compromise the platform?
Re: Re: Re:2 one of the most massive security holes in the world,
Security goes beyond simply preventing unauthorized access to a platform. Look up “security” as it pertains to messaging systems, and the terms “privacy”, “authenticity” and “integrity” are widely-used and well-defined.
Standard “out of the box” e-mail doesn’t have provisions for any of the three. There have been add-on extensions to the e-mail standard that help, such as encryption and digital signatures, but they’re neither required nor widespread.
Re: Re: Re:3 one of the most massive security holes in the world,
“Security goes beyond simply preventing unauthorized access to a platform.”
Scott,
Look up “security hole” as that was the term in question – in addition, please read the prior postings
Thx
Re: Re:
Unnecessary, and contrary to the open nature of the web.
Spam still makes money, but *much less* than it used to, due to the effectiveness of today’s antispam filters. If we can just drive up the price a bit more we can get a handle on it. Charge everybody a cent to send emails (with all the major players auto-rejecting mails that weren’t ‘paid for’) and spam’ll *stop*. ^_^
Tips To Avoid SEO Scams
I couldn’t agree more — so long as people keep buying without first taking time to be better informed, SEO scams will continue unabated. Regardless of how inexpensive or costly, and no matter where the offer was found, it makes sense to get a quote from another provider.
If you’d care to read it, I blogged about some tips to help avoid SEO scams.
7 Simple Steps To Avoid SEO Scams
John Barremore
Houston, TX
Re: Tips To Avoid SEO Scams
Nice try. You don’t honestly expect us to click on that link, do you? 😉
Re: Re: Tips To Avoid SEO Scams
LOL!!! Well sure — I clicked on yours. In fact, I’m watching you now!!! 🙂
Re: Re: Tips To Avoid SEO Scams
I have to admit. Your reply made me laugh.
People Never Learn
I don’t have to worry about this sort of thing. I’m too smart to fall for scams. Now I must reply to this Nigerian prince that needs to use my bank account to transfer his 84 million dollar inheritance so that his greedy uncle can’t steal it and I get to keep half.
Re: People Never Learn
Hey back off pal – the Prince promised that money to me!!! 🙂
my parents just got hit by one of these recently. it’s not spam/scams in email. it’s scam sites that they stumble onto across the web, as well as compromised sites hosting malware. then these sites use pop-in windows and pop-ups to give authentic looking warnings. these warnings say something like “SPYWARE DETECTED!” and they copy the entire design and look straight from windows, norton, and mcaffee. then the site says “you need to update your spyware database” or something to that effect… for only $50. the user probably didn’t have any spyware installed, but they get duped into paying for software… that installs more spyware. the messages go away, and then after a few days, it presents you with more warning messages and it does wonky things. it then says you now need to update your virus definitions… for only $75. at that point, my parents called me.
i had them call the credit card company and file a fraudulent charge notice. the credit card company retracted the charge without dispute. then it was a matter of directing them through the reformat.
Firefox – free
NoScript extension for Firefox – free
Adblock Plus extension for Firefox – free
CookieSafe extension for Firefox – free
Never seeing the “You just won a free iPod!!!!!” ads that lead to malware sites – priceless
Re: Re:
thx for CookieSafe extension
Spiced Ham…?
Here is a site that is educational with respect to digital security: http://www.justaskgemalto.com