Maybe you’ve seen more spam hitting your Inbox over the past couple of months and wondering, ‘Why am I paying for filtering? This stuff is obviously spam why can’t you guys stop it?’ The main challenges of being in the spam filtering business are dealing with clients’ expectations on the one hand, and the sheer size of the spam/malware machine on the other.
If you read the articles by my colleagues Alexandre Abreu and Deeptiman Jugessur, you would have learned about the technical side of botnets: how they work, what they do, and how big and widespread they are. But they only give you an inkling of the enormity of the organization. What about the people behind the scenes?
A recent article in National Defense Magazine starts off by telling the story of ‘Vladimir,’ a Russian cyberthief. While it talks about the usual motivation (money what else?), it also gives a pretty eye-opening view of the sheer numbers of people involved, and how determined they are to get your money through botnets, malware, spear phishing; basically any electronic means they can think of.
According to the article, ‘The collaboration and synergies in hacker circles are as robust as any found in the best special operations and law enforcement teams! They are, in fact, a community of practice! They conduct their reconnaissance and research in a strategic manner in a project management approach.’
‘The vast majority of their time is spent on operational planning, research and reconnaissance before they carry out an attack. Vladimir, for example, would never launch an operation that didn’t get laundered through at least 10 servers.’
And consider this:
‘!There are currently 44,000 Turkish teenagers organized in a rigorous military-style community of hackers who are learning their tradecraft from each other. There are similar communities in Saudi Arabia with 100,000 members. Iraq has 40,000 members. China has more than 400,000 members!’
Spam and malware in general is Big Business S E R I O U S L Y Big Business. With a whole army of very smart, very technically savvy people out there whose jobs are focused solely on figuring out ways to get into your computer to steal your information and ultimately your money, are you surprised that they can figure out ways around spam filters before the filters are even written and distributed?
I strongly recommend you read the full article. And the next time you see maybe 1, 2, or even 4 or 5 spam messages in your Inbox, consider how many you’d see if you had no filtering at all!
I had that question from a client once. Each person in the business was getting maybe 2-3 spam in the Outlook junk mail folder, none in the inbox, but that was enough to demand an answer.
Showed them the report from their filter with 30000+ blocked spam in 3 months. They were satisfied after that.
Here’s an article I wrote a while ago on the topic too:
http://www.allspammedup.com/2009/08/why-is-it-really-so-hard-to-tackle-spam/
Thanks Paul.
I guess people need reminding every now and then. Some of our ISP clients have even turned spam scanning off (just for a day) for some of their biggest complainers just so they can see the difference. I’m told the complaining stopped after that
Somebody actually suggested that as a feature: Allow either the admin, or even the mail/gate provider, to turn filtering off for a defined (hopefully short) period of time. The goal would be to demonstrate the true value of the product.
I suspect that person’s tongue was firmly planted in their cheek when they made the suggestion. Suffice to say that it did not make it into the product!