Home / Blogs

A True Final Ultimate Solution to the Spam Problem?

Edward Falk

A common acronym in spam-fighting is FUSSP — Final Ultimate Solution to the Spam Problem. It's used (usually derisively) to describe the latest proposed scheme to end spam once and for all. Usually these schemes are based on false assumptions or have already been tried with no results.

This time — be still, my beating heart — it looks like some researchers at the University of California might really be on to something.

According to the New York Times, researchers have discovered that 95% of drug and herbal remedy credit card transactions are handled through just three financial companies in Azerbaijan, Denmark and the West Indies. Presumably, if these companies could be persuaded to stop supporting spammers, then the money supply which drives spam would dry up, and the spammers would be forced to close shop.

The UC paper is available here (pdf).

I've said before that spam exists because ISPs tolerate it. This seems to hold true for financial institutions as well. If the financial institutions stopped abetting spammers, the theory goes, then spam would be significantly curtailed.

Of course, I don't have any illusions that this is the final solution to the spam problem. There will always be spam as the spammers find ways around the shut-down of their credit card processing suppliers. But as the shut-downs of major botnet command-and-contol centers in the past have shown, you can fight spam, if you're just willing to do it.

By Edward Falk, Computer professional
Follow CircleID on
Related topics: Spam
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

Good countermeasure; not solution The Famous Brett Watson  –  May 20, 2011 8:21 PM PST

Presumably, if these companies could be persuaded to stop supporting spammers…

...other companies or payment techniques would soon rise to fill the vacuum. Yes, you would see a temporary drop in spam, much as you do when C&C;clusters are taken down, and that's a good thing, but this isn't a solution to the spam problem, much less a final one. Then again, I suppose you already conclude as much, despite your article's title and opening remarks.

The spam problem in general will be solved when the costs of the activity exceed its benefits. I don't think we're likely to achieve that, but it behoves us to use as many countermeasures as can be applied without causing collateral damage. In that context, I welcome this research, and hope that we can successfully bring negative consequences to bear on those who aid and abet the financial dealings of spammers, and thereby raise the costs of doing business as a spammer.

It remains to be seen whether the finance industry is prepared to "break connections" with spam-complicit services in the way we've seen with ISPs and their service agreements. I understand Internet connectivity well enough in this context, but I'm only vaguely familiar with the inner workings of credit card payment processing. Which links in that chain are worth our attention? A few companies have been named and shamed so far, but it remains to be seen whether they can or will shrug it off. There was a lot of shrugging off of the spam problem by ISPs in the early days: it took the consequences of DNSBLs and other tools to pierce that wall of indifference.

I made much the same points but it turned out longer than I expected .. so its a new blog post Suresh Ramasubramanian  –  May 22, 2011 6:26 PM PST

http://www.circleid.com/posts/university_of_california_next_hard_target_in_never_ending_war/

Nice research, wrong conclusion Alessandro Vesely  –  May 25, 2011 1:00 AM PST

I appreciated Savage's paper for its detailed description of the spam ecosystem.  However, its conclusion that the payment tier is the optimal target for intervention, just because it "is by far the most concentrated and valuable asset", doesn't seem to be particularly well founded.  I think that customers who decide to buy something and find out that their credit card doesn't work, would rather consider looking for an alternative credit card company.

Why do people buy spamvertized items?

Actually - they might call their credit card company and complain Suresh Ramasubramanian  –  May 25, 2011 1:08 AM PST

But the credit card company may or may not have as much incentive to shut down CNP transactions for accounts where there's far less risk of fraud.  People do get something on the lines of what they paid for.

If the transaction is for illegal or controlled drugs such as narcotics, the case does get altered.

Please see the points I made (and the discussion between me and Prof Savage) at http://www.circleid.com/posts/university_of_california_next_hard_target_in_never_ending_war/

To post comments, please login or create an account.

Related

Topics

Brand Protection

Sponsored byAppDetex

Cybersecurity

Sponsored byVerisign

DNS Security

Sponsored byAfilias

New TLDs

Sponsored byAfilias

Cybercrime

Sponsored byThreat Intelligence Platform

Whois

Sponsored byWhoisXML API

IP Addressing

Sponsored byAvenue4 LLC

Domain Names

Sponsored byVerisign