- Apr 29, 2001
- 46,017
- 62
- 91
http://159.54.226.83/apps/pbcs.dll/article?AID=/20050206/BUSINESS/502060336/1040
Bulk e-mail senders target Internet service providers
BY JONATHAN KRIM
The Washington Post
February 6, 2005
WASHINGTON -- A new spamming technique could push the volume of unwanted e-mail to new heights in coming months, straining the online communication system, say several experts who monitor the activity of spam gangs around the world.
Illegal bulk-mailers have been able to deploy massive blasts of spam by routing it through the computers of their Internet service providers, rather than sending it directly from individual machines, the experts said.
The result is that "blacklists" of known spamming computers -- which other network operators rely upon to block mail from those machines -- no longer are effective. To block spam coming directly from an ISP's computers, all mail from that ISP would be have to be blocked, which would cripple electronic communication.
"From what we've seen, the volumes of this type of spam are going up dramatically," said Steve Linford, who heads the Spamhaus Project, the world's top anti-spam organization. "We're really looking at a bleak thing" if ISPs do not quickly employ countermeasures, he said.
Linford said that based on monitoring of spammers' online discussion forums, the new trick is rapidly being adopted by the world's most prolific spammers.
Carl Hutzler, director of anti-spam operations at America Online, said that he began seeing increases in spam traffic coming directly from other ISP mail servers in the fall of 2003. Now, he said, 95 percent of all spam aimed at AOL's 29 million worldwide members is coming directly from ISP computers.
Hutzler said he has been warning industry counterparts about the problem and has made AOL's technical solutions available online. Most critically, Linford and Hutzler said, ISPs must be more aggressive in monitoring and limiting how much mail is being sent from individual machines on their networks, since that is where the spam originates.
"We're trying to get the word out," Hutzler said, "but we're not sure that people have taken us that seriously."
Spammers long ago stopped using their own machines to send spam. Instead, they rely on code placed on consumers' machines via viruses or spyware that turn them into unwitting "zombies" remotely controlled by spammers.
That and other tactics have allowed spammers to circumvent many measures taken by network operators to thwart them, and they have all but ignored federal and state laws that prohibit their activities.
Mark Sunner, chief technology officer of MessageLabs Inc., an anti-spam software company, said that the use of multiple zombies on large ISPs allows spammers to spread out the amount of mail sent by any one computer, helping them fly under the radar of ISP limits.
Some ISPs have been able to make dents in the amount of spam reaching the inboxes of computer users, but spam traffic over the Internet continues to rise and to exact steep costs on network operators, businesses and consumers.
In a study released Thursday, market research firm Rockbridge Associates Inc. and the Center for Excellence in Service at the University of Maryland Robert H. Smith School of Business estimated that deleting spam costs nearly $22 billion per year in lost productivity. The study, based on a survey of 1,000 adults, said the 78 percent who said they receive spam spend an average of three minutes deleting it each day they check their e-mail.
Bulk e-mail senders target Internet service providers
BY JONATHAN KRIM
The Washington Post
February 6, 2005
WASHINGTON -- A new spamming technique could push the volume of unwanted e-mail to new heights in coming months, straining the online communication system, say several experts who monitor the activity of spam gangs around the world.
Illegal bulk-mailers have been able to deploy massive blasts of spam by routing it through the computers of their Internet service providers, rather than sending it directly from individual machines, the experts said.
The result is that "blacklists" of known spamming computers -- which other network operators rely upon to block mail from those machines -- no longer are effective. To block spam coming directly from an ISP's computers, all mail from that ISP would be have to be blocked, which would cripple electronic communication.
"From what we've seen, the volumes of this type of spam are going up dramatically," said Steve Linford, who heads the Spamhaus Project, the world's top anti-spam organization. "We're really looking at a bleak thing" if ISPs do not quickly employ countermeasures, he said.
Linford said that based on monitoring of spammers' online discussion forums, the new trick is rapidly being adopted by the world's most prolific spammers.
Carl Hutzler, director of anti-spam operations at America Online, said that he began seeing increases in spam traffic coming directly from other ISP mail servers in the fall of 2003. Now, he said, 95 percent of all spam aimed at AOL's 29 million worldwide members is coming directly from ISP computers.
Hutzler said he has been warning industry counterparts about the problem and has made AOL's technical solutions available online. Most critically, Linford and Hutzler said, ISPs must be more aggressive in monitoring and limiting how much mail is being sent from individual machines on their networks, since that is where the spam originates.
"We're trying to get the word out," Hutzler said, "but we're not sure that people have taken us that seriously."
Spammers long ago stopped using their own machines to send spam. Instead, they rely on code placed on consumers' machines via viruses or spyware that turn them into unwitting "zombies" remotely controlled by spammers.
That and other tactics have allowed spammers to circumvent many measures taken by network operators to thwart them, and they have all but ignored federal and state laws that prohibit their activities.
Mark Sunner, chief technology officer of MessageLabs Inc., an anti-spam software company, said that the use of multiple zombies on large ISPs allows spammers to spread out the amount of mail sent by any one computer, helping them fly under the radar of ISP limits.
Some ISPs have been able to make dents in the amount of spam reaching the inboxes of computer users, but spam traffic over the Internet continues to rise and to exact steep costs on network operators, businesses and consumers.
In a study released Thursday, market research firm Rockbridge Associates Inc. and the Center for Excellence in Service at the University of Maryland Robert H. Smith School of Business estimated that deleting spam costs nearly $22 billion per year in lost productivity. The study, based on a survey of 1,000 adults, said the 78 percent who said they receive spam spend an average of three minutes deleting it each day they check their e-mail.
Facebook
Twitter