Home / Blogs

A True Final Ultimate Solution to the Spam Problem?

  • May 20, 2011 6:45 PM PST
  • Comments: 4
  • Views: 3,242
Print Comment
By Edward Falk
Edward Falk

A common acronym in spam-fighting is FUSSP — Final Ultimate Solution to the Spam Problem. It's used (usually derisively) to describe the latest proposed scheme to end spam once and for all. Usually these schemes are based on false assumptions or have already been tried with no results.

This time — be still, my beating heart — it looks like some researchers at the University of California might really be on to something.

According to the New York Times, researchers have discovered that 95% of drug and herbal remedy credit card transactions are handled through just three financial companies in Azerbaijan, Denmark and the West Indies. Presumably, if these companies could be persuaded to stop supporting spammers, then the money supply which drives spam would dry up, and the spammers would be forced to close shop.

The UC paper is available here (pdf).

I've said before that spam exists because ISPs tolerate it. This seems to hold true for financial institutions as well. If the financial institutions stopped abetting spammers, the theory goes, then spam would be significantly curtailed.

Of course, I don't have any illusions that this is the final solution to the spam problem. There will always be spam as the spammers find ways around the shut-down of their credit card processing suppliers. But as the shut-downs of major botnet command-and-contol centers in the past have shown, you can fight spam, if you're just willing to do it.

By Edward Falk, Computer professional. Visit the blog maintained by Edward Falk here.

Related topics: Spam

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:
Print Comment

Comments

Good countermeasure; not solution The Famous Brett Watson  –  May 20, 2011 8:21 PM PST

Presumably, if these companies could be persuaded to stop supporting spammers…

...other companies or payment techniques would soon rise to fill the vacuum. Yes, you would see a temporary drop in spam, much as you do when C&C;clusters are taken down, and that's a good thing, but this isn't a solution to the spam problem, much less a final one. Then again, I suppose you already conclude as much, despite your article's title and opening remarks.

The spam problem in general will be solved when the costs of the activity exceed its benefits. I don't think we're likely to achieve that, but it behoves us to use as many countermeasures as can be applied without causing collateral damage. In that context, I welcome this research, and hope that we can successfully bring negative consequences to bear on those who aid and abet the financial dealings of spammers, and thereby raise the costs of doing business as a spammer.

It remains to be seen whether the finance industry is prepared to "break connections" with spam-complicit services in the way we've seen with ISPs and their service agreements. I understand Internet connectivity well enough in this context, but I'm only vaguely familiar with the inner workings of credit card payment processing. Which links in that chain are worth our attention? A few companies have been named and shamed so far, but it remains to be seen whether they can or will shrug it off. There was a lot of shrugging off of the spam problem by ISPs in the early days: it took the consequences of DNSBLs and other tools to pierce that wall of indifference.

# 1 Reply  |  Link  |  Report Problems
I made much the same points but it turned out longer than I expected .. so its a new blog post Suresh Ramasubramanian  –  May 22, 2011 6:26 PM PST

http://www.circleid.com/posts/university_of_california_next_hard_target_in_never_ending_war/

# 2 Reply  |  Link  |  Report Problems
Nice research, wrong conclusion Alessandro Vesely  –  May 25, 2011 1:00 AM PST

I appreciated Savage's paper for its detailed description of the spam ecosystem.  However, its conclusion that the payment tier is the optimal target for intervention, just because it "is by far the most concentrated and valuable asset", doesn't seem to be particularly well founded.  I think that customers who decide to buy something and find out that their credit card doesn't work, would rather consider looking for an alternative credit card company.

Why do people buy spamvertized items?

# 3 Reply  |  Link  |  Report Problems
Actually - they might call their credit card company and complain Suresh Ramasubramanian  –  May 25, 2011 1:08 AM PST

But the credit card company may or may not have as much incentive to shut down CNP transactions for accounts where there's far less risk of fraud.  People do get something on the lines of what they paid for.

If the transaction is for illegal or controlled drugs such as narcotics, the case does get altered.

Please see the points I made (and the discussion between me and Prof Savage) at http://www.circleid.com/posts/university_of_california_next_hard_target_in_never_ending_war/

# 4 Reply  |  Link  |  Report Problems

To post comments, please login or create an account.

Related Blogs

Misconceptions About Spam

  • Feb 21, 2012
  • Comments: 0

Most Abusive Domain Registrations are Preventable

  • Feb 16, 2012
  • Comments: 20

Closing the Gaps: The Quest for a Secure Internet

  • Feb 16, 2012
  • Comments: 0

How Frequently Do Botnets Reuse IP Addresses?

  • Feb 13, 2012
  • Comments: 2

DMARC: New Email Authentication Protocol

  • Jan 31, 2012
  • Comments: 0
View More

Related News

Google Removes All Sites Under .CO.CC Over Security Concerns

  • Jul 06, 2011
  • Comments: 2

Happy Canada Day from the CRTC

  • Jun 30, 2011
  • Comments: 0

Researchers Use Social Graphs to Detect Spammers, Attackers

  • Jun 22, 2011
  • Comments: 0

CAUCE Director Neil Schwartzman Wins Prestigious MAAWG Award

  • Jun 09, 2011
  • Comments: 0

Research Detects Spammers Using Fake URL-Shortening Services

  • May 25, 2011
  • Comments: 0
View More

Topics

Access ProvidersLaw
BroadbandMalware
CensorshipMobile
Cloud ComputingMultilinguism
CyberattackNet Neutrality
CybercrimeP2P
CybersquattingPolicy & Regulation
Data CenterPrivacy
DNSRegional Registries
DNSSECRegistry Services
Domain NamesSecurity
EmailSpam
EnumTelecom
ICANNTop-Level Domains
Internet GovernanceVoIP
Internet ProtocolWeb
IP AddressingWhite Space
IPTVWhois
IPv6Wireless
View More

Industry Updates – Sponsored Posts

MarkMonitor Fraud Intelligence Report, Q4 2011

MarkMonitor Fraud Intelligence Report Released for Q2 2011

The Botnet-Counterfeit Drugs Connection

New Monthly Fraud Intelligence Report Now Available

MarkMonitor to Highlight Importance of Cross-Functional Approach to Brand Protection

Paid Search Ads Can Lead to Fake Goods

Open Phishing Season

.ORG Highlighted for Success in Fighting Phishing

  • By PIR
  • Views: 5,417

Latest Brandjacking Index Examines How Fraudsters Abuse Financial Brands

New Report Shows .INFO Domain Safest from Phishing Attacks

MarkMonitor AntiFraud Solutions Combine Proven Antiphishing and Expert Antimalware Capabalities

COCC Partners with MarkMonitor for Anti-Phishing Services

ICANN Mexico City Meeting Brings a Significant Shift in Direction for Brand Rights Holder Issues

MarkMonitor Year-in-Review Report Finds Online Abuse of Major Brands Was a Growth Industry for Fraud

Committed to Keeping the Internet a Safe Place

  • By PIR
  • Views: 6,007

Spam Arrest Chooses UltraDNS to Enhance Service Delivery

Hostway Invests in Foundry Networks' Application Delivery Switches to Provide Enhanced Global Server

Hostway's New WhoisProtector Lite Protects Your Online Identity

View More

Hot Topics

Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
dotMobi

Mobile

Sponsored by
dotMobi
Afilias

DNSSEC

Sponsored by
Afilias
Neustar UltraDNS

DNS

Sponsored by
Neustar UltraDNS
Verisign

Security

Sponsored by
Verisign
View More