How the Sender Community Can Help Fight Spam
By Neil Schwartzman
Senior Director, Security Strategy, Receiver Services
In my role as chair of the Canadian Coalition Against Unsolicited Commercial Email, I recently gave a presentation to law enforcement and policy makers in the European Union. The intention was to alert them to the seriousness of zombie botnets threatening the infrastructure of the internet.
Thinking back on what I said to that group, I realize now that the only way we are going to take back the internet is to do what the bad guys did a long time ago: Break down the walls between the good guys and get us all rowing in the same direction.
Spam has evolved from amateurish to professional in the last several years. There is disturbing evidence that organizationally the walls between the virus-makers, hackers, spyware creators and botnet herders have broken down. These previously disparate groups are now working in concert in a way that is leading to increasingly sophisticated, online criminal activity.
In 2001 spammers began the distribution and use of virus programs which would install an open proxy on infected machines, allowing them to send email via desktop computers, unbeknownst to the owner of the machine; effectively marking the first collaborative efforts between spammer and virus makers, putting the ability to infect massive numbers of computers by way of spam into the hands of hackers, and the ability to send mail from millions of infected computers into the hands of the spammers was a natural synergistic relationship.
Today we see tens of millions of infected computers, with the result being an unprecedented acceleration in the amount of spamming and phishing seen across the internet. Consider:
- Symantec now sees 900 unique phishing URLs daily
- Netcraft saw 41,00 phishing URLs in 2005. In 2006, they spotted an incredible 609,000 verified phishing payload sites online.
- The Anti-Phishing Working Group saw a six-fold increase to 38,000 phish in October 2006 from the previous year.
- AOL reported that they blocked half a trillion spam emails at the entrances to their network in 2005
- Ironport reported an estimated average of 63 billion spam sent daily in October, 2006. In November they measured two daily mega-spikes hitting 85 billion
Phishing is impacting us all; the latest studies show that as many as 90% of consumers polled expressed deep scepticism in their ability to conduct business safely online.
So what can you do?
It is imperative that senders participate at the highest levels in the conversations around phishing and spamming. We can turn back the criminals who are threatening to take over the internet, but only with participation by all stakeholders. This includes technical, legal and government relations representatives, marketing, and mid- and executive-level administration staff members. All sectors – government (policy and enforcement), educational, infrastructure operators, financial institutions, and more must actively participate in coordinated efforts towards a solution.
Of course, one way for senders to help in this fight is to work continuously to keep their own email stream as clean as possible to help receivers distinguish the good from the bad. By keeping your list clean, maintaining a good infrastructure and implementing authentication standards, you are arming receivers with information that helps them identify the bad actors and block their access to the inbox.
And let’s be 100 percent clear about something: legitimate commercial senders should want receivers to block spam and phish from end users inboxes. These messages erode consumers trust in email and decrease its ability to drive response for good senders.
Senders can develop vastly better relations with the receiving community individually and by way of advocacy within their industry associations. In plain terms, it is time to start a dialog beyond deliverability issues. Spamming and phishing are problems that hurt both senders and receivers and we must work in concert to eradicate them.
You can read an expanded version of this post here.