Readers Report Threats and E-mail Bomb Attacks

SAN MATEO (04/10/2000) - AS IF IT'S NOT BAD enough that readers are getting more spam than ever, it appears that spammers are becoming more aggressive and even downright belligerent in asserting their right to send junk e-mail however and to whomever they please.

Judging by the unsolicited commercial e-mail forwarded to me by readers, the volume of spam -- porn site come-ons, get-rich buncos, bulk-e-mail tool promotions -- just keeps increasing. But the tone is also getting harsher as hard-core spammers seem bent on intimidating people into accepting their messages by using such tactics as threats of retaliation to those who report them to ISPs, claims of legal sanction for their activities, and mail-bomb attacks on anti-spam activists.

"I've been running the rounds lately with a particularly obnoxious spammer who apparently dials directly into my ISP's server with a PPP [Point to Point Protocol] connection and mail-bombs every address he has," wrote one reader.

"What's particularly aggravating is that all the messages contain a line about how to remove yourself from a mailing list (which you never, ever signed up for) by visiting a Web site that apparently doesn't exist all the time and smells suspiciously like a site trying to accumulate a large database of suckers to sell to the highest bidder."

I can sympathize, having recently been subjected to a 24-hour mail-bomb attack on one of my e-mail addresses. I assumed I was targeted because of what I write about spammers, but the trail of the perpetrator also led to a very suspicious Web site that asked for a great deal of information from anyone who wanted to report a spammer from their domain. So it's quite possible I was just another random victim, which is even worse than being attacked for anti-spam activities.

There's no question, however, that spammers are more aggressive against those who actively resist them. Many are citing the long-dead "Murkowski" amendment (usually called S. 1618), which failed to pass Congress last year, as giving them the legal right to send unsolicited commercial e-mail. Some spammers even claim that any attempt to report them to the abuse address of their ISP either will violate the spammers' civil rights or will result in the spam recipient's own account being closed.

The proliferation of "spam-friendly" ISPs is also presenting obstacles to those who try to get spammer accounts closed. After making it clear that virtually any abuse report will be considered an unwarranted flame attack, one self-proclaimed "bulk-e-mail-friendly ISP" declared, "We send all flamers, hackers, and people using vulgar language to the FBI and Interpol on a monthly basis."

A reader who complained to a domain abuse address about spam he'd received from them got back a response with the subject line "Who Cares."

"Your complaint has been received," the response read. "We are happy to hear from you but, frankly we don't give a damn about how you feel about spammers.

Stop wasting your time trying to stop the dissemination of information in a free marketplace. ... Please, understand that until there are laws that strictly prohibit bulk electronic mailing, I will continue to solicit business using this medium."

Another variation on this theme is pseudo-ISPs that say they aren't responsible for monitoring their customers for spam abuse and who instead ask the abused recipient to register with some opt-out list. Of course, such global opt-out lists are invariably address-collecting scams themselves, and registering with them only gets you on more bulk e-mail lists. (It's one of the ironies of the bulk e-mail business that so many of the lists the spammers sell to one another are compiled from opt-out and remove requests, virtually guaranteeing that the list buyers are getting few real prospects for their money.)Some even encourage those who want to get off spamming lists to throw themselves at the mercy of the spammers. After pointing a spam recipient to some phony opt-out lists, one spam-friendly ISP added, "contact one of the many bulk e-mail companies and ask them to put you on a global remove list." For good measure, the ISP added they couldn't do anything about the specific message because it contained invalid headers, which spam almost always does.

Spammers are adopting plenty of aggression tactics. Several I've seen recently demand that recipients who wish to be removed from the list call a 900 number.

Readers report they're getting more junk e-mail than ever from list-hosting services where the spam message is disguised as an invitation to join a list.

And several recent spam attacks have been traced to e-mail accounts that were hijacked after rightful owners fell victim to a Trojan horse that got their log-ins and passwords.

Why are the spammers becoming so much more aggressive? Perhaps it's because they figure they can do what they want now that so many big corporations are themselves resorting to unsolicited commercial e-mail, a theory we'll explore more next time.

Got a complaint about how a vendor is treating you? Write to Ed Foster, InfoWorld's reader advocate, at gripe@infoworld.com.

Join the newsletter!

Error: Please check your email address.

More about FBIINSInterpol

Show Comments

Market Place