SXSWi 07 Notes: Antisocial Networking, Dealing With Online Abuse

The following are my panel notes from SXSW. As I am not the fastest typer I have paraphrased what was said. Should you notice any mistakes please do point them out in the comments for corrections.

Steven Champeon CTO, hesketh.com Inc

Definitions:

Spam - unsolicited bulk email. Started out in usenet. There's phishing, SPIT, SPIM,

MAWG - Messaging Abuse Working Group.

I'm working to save email.

Repecting your wishes with respect to consent. Did I want this message. Did I sign up to be sent 400 nigerian scams today.
The medium doesn't matter it's whether you asked for this or not.

Are you aiding the spammers.

Why does it matter?

Can't you just delete the spam? No because it doesn't scale. I've had my email address for 12 years.
Our servers have fallen over because someone forged a spam run with our return address. The load is staggering. In addition to email there's splogs, meds sites. There's software that allows lots of people to create these sites.
Legit mail gets lostr in the noise.

419 scams started in the 1400s.
Pump & Dump - penny stocks. Scammers make $50000 and then they fall over
Pills bought online can just be pill binder if you're lucky. Then can be rat poison.

A schoolteacher has been sentenced to 200years in prison for allegedly viewing child pornography from site pop-ups. The EFF is currently trying to provide expert testimony to fight this.

Botnets provides bragging rights to people. These botnets are built up and then rented out, for criminals to extort sites for money or they will take them down.

CAN-SPAM is toothless.
ISPs that allow spammers to use their servers.

Where does all this come from?

Spammers with static netblocks.
botnets
Companies with lousy list management.
Control panel software is targetted.
Badly policed affiliate programs
Open proxies and relays - they were all open relays originals. ORBS
blowback / outscatter from forged spamruns.
Various software bugs, php etc.

Spammers == Virus authors?

Russians and a lot of other people with money and computing.
Now viruses are designed to be spam proxies.
I get 100 notificaitons of new variants of viruses every day.
Estimated tens of millions of computers. 1 machine had 52 bots on it. Botnets are an army.

Financial Scams

It's not just about getting access to an account. Recently if you have Etrade they are actually laundering money through it. For 30 secs you will have an awful lot more money than you should.

Trackback and comments spam

Blocking for trackback spam by domain.
Instead of jsut linking to a gambling site. They can link to a postcard that has a trojan on it.

We had one account that we closed because the customer was being overloaded with spam and she decided that she would just use the phone instead. We left her account open and it accounted for 43% of our traffic. The reason was because she replied to every spam. Dont' ever do that!

What can be done?

secure your computer
Server side and client side filtering
Providers are now doing defensive outbound filtering.

Lawsuits.
Was to beat the bots. Web form spam.
We had a guy probed our form which was written in PERL.
We defeated him with a field that was hidden (with CSS) and his script filled that in. I just checked to see if that field is filled in and if it was I stopped it.

What you shouldn't do.

Don't let the spammers use you.
Don't abandon your email or blog. It's possible to get through it.
Sender verfication with Verizon - bad idea doesn't scale.
Don't give up.

comments powered by Disqus