Help with Spam and Phishing
...and Other E-mail Pests
by Randy CassinghamThe basics of spam, "phishing" and other e-mail pests, how they got your address in the first place -- and what to do now that you're inundated.
If Complaining Doesn't Work, Then What?
Millions of spam victims have been complaining regularly. Is the situation thus improving? No: it's getting worse. Much worse -- 75-90 percent of all e-mail traffic is now spam! Why? Because spamming is profitable. Just a small portion of the millions of victims find the ads interesting, or the product touted potentially useful, so they buy. They are typically disappointed (see info on fraud, above!) so, again, don't buy from them! Don't multiply your own victimization!In 2004 a U.S. federal law, commonly known as "CAN-SPAM", went into effect. Finally, spam is "illegal"! What happened? It increased. Why? Two reasons: 1) the law is virtually unenforced, since the Federal Trade Commission, which is tasked to enforce the law, works at the speed of government, and 2) the law makes much spam legal! Yes, really. Any of tens of thousands of companies may send you spam, and stay within the law, by marking the spam as an ad, allowing you to "opt out" if you ask, and by following several other simple steps. How is it reasonable for you to demand to be left alone by tens of thousands of spammers that you didn't ask to get mail from in the first place? It's not. But that's the law. Pathetic!
There is hope, however: in addition to federal action, Internet Service Providers are also allowed to sue spammers who violate the law, and the law allows for significant damages. Several ISPs have indeed taken action against the worst of the spammers, and I say more power to them! The FTC is doing little, but asking your elected representatives to pressure them to take action may eventually help.
Those who are against legislative solutions say the Internet should be self-policing, that we should not invite politicians in to solve our problems. It's a good theory, but one that hasn't been terribly effective -- the tools to stop spam are crude and often ineffective, or (much worse) they have high "false positive" rates that block legitimate mail. (Have you ever sent an e-mail to a friend and had it bounce back with a message implying your e-mail was spam? Very irritating, but it's worse if a business doesn't get e-mail from customers!) Thus, many ISPs don't even try to block spam for fear of being sued by their customers.
Another tactic is to try to filter spam at the client level -- on the user's computer. This has several shortcomings, including the fact that you still have to pay for the time and bandwidth to download the spam to your computer to be filtered. You have to keep up with the latest spammer tactics and keep your filters updated -- and most users don't have the technical skill to do this. It is a poor way to stop spam.
"Challenge-Response". A more recent concept is the "challenge-response" system. When you get a message from someone not on a "safe" list of senders, your ISP will hold that message while it sends a "challenge" to the sender that says, essentially, "We don't know if you're a spammer or not. If you are, you won't read this, so your message won't get through. If you're not, prove it by going to a certain web page and passing a little test." While that sounds cool, what it does is change your problem with spam into a problem for everyone else -- the people you actually want mail from, while not impacting spammers whatever. This is not a reasonable exchange. If you have a spam problem, it's up to you to deal with it, not the people you want mail from. The appropriate response by a legit mailer who receives a challenge is "forget it" -- meaning you may not get order confirmations, shipping alerts, subscriptions, and other mail you really want.
Is There Nothing to be Done, Then?
We do have a lot to do to recapture the Internet for legitimate use by real people and real businesses from the scum who hijack your mailbox every day. There is no one solution, however. Some things should be made illegal, such as forging a fake return address on advertising mail (which should be ruled fraud and be made a federal felony), or even sending ads without verified opt-in permission from the recipient. Then those laws need to be enforced. Next, the very infrastructure of the 'net needs to be reengineered so that false routing headers cannot be used, mail relays cannot be hijacked, and the actual origin of messages cannot be hidden. But these are long-term solutions; people need help in regaining control of their inboxes now.And, unfortunately, that is difficult. Right now you have few choices if your mailbox is being filled by spam. You can encourage your Internet provider to provide spam filters, or you can change your address, since you cannot get your address removed from spammer lists. Unfortunately, right now, those are really your only true options.
Special Cases: Sometimes You Should Complain
There are several special kinds of spams that you should report:
- Obvious fraud. The U.S. Federal Trade Commission has gone after spammers who are committing fraud, including pyramid schemes, and the CAN-SPAM law does help them in that effort. You can forward such spams to spam@ftc.gov. For really severe cases, the FBI has the Internet Crime Complaint Center.
- Stock fraud (usually "pump and dump" schemes). The U.S. Securities and Exchange Commission often goes after scammers who "pump" up the virtues of a stock to make the price go up. They then sell ("dump") it, leaving you holding the bag when the price drops. Report such scams to enforcement@sec.gov. Simply forwarding the message to them is usually sufficient.
- The "Nigerian" scam. Supposedly, an exiled "government official" needs your help to get millions of dollars out of Nigeria (or sometimes other countries), and if you simply provide your bank account as a holding place they'll let you have some of it. Uh huh. Why would they need your help? Are you an international currency trader? More likely, they'll drain your bank account for you. Forward these spams with the subject "NO LOSS" to 419.fcd@usss.treas.gov. (If you're an idiot -- that is, you have lost money -- call the U.S. Secret Service for help: 202 406-5850.) More details on this scam are at http://home.rica.net/alphae/419coal/.
There's a major problem with the war on spam: innocent mail getting caught in the crossfire. Your mail, or mail you asked to get (or even paid to get!) can get caught in filters and be lost.
Continue to Page 4: Friendly Fire Casualties, and How to Minimize Them
Please pass the URL for this site to others you think could benefit from the information here. The more people that truly understand spam, the harder it will make things for spammers.
Copyright © 1996-2008 by Randy Cassingham, All Rights Reserved. All broadcast, publication, retransmission, copying or storage, including on CD-ROM, listservers, BBSs, Web sites, "FTP" archives, or anywhere else, is strictly prohibited without prior written permission (contact the author).
"This is True" is a registered trademark of ThisIsTrue.inc and is used with permission.
This page: http://www.SpamPrimer.com/3-complaints.html
About This Site and its Author
Site Map