CAN-SPAM Act is 5 Years Old

So it’s been 5 years since the CAN-SPAM act was introduced. Yet my inbox is still flooded with spam (I have to use 2 different spam-filtering services to keep it from being overwhelming – and even then stuff still gets through).

An article on Slashdot asks the obvious question: what went wrong?

“Five years ago, the US tech industry, politicians, and Internet users were wringing their hands over the escalating problem of spam. This prompted Congress to pass a landmark anti-spam bill known as the CAN-SPAM Act in December 2003. Fast forward five years. The number of spam messages sent over the Internet every day has grown more than 10-fold, topping 164 billion worldwide in August 2008. Almost 97% of all e-mails are spam, costing US ISPs and corporations an estimated $42 billion a year. What went wrong here?”

A very good question. The answers, of course, are obvious to those who understand how spam really works (and how often it’s obfuscated so you can’t tell who really sent it), coupled with how hard it is to actually prosecute someone under the CAN-SPAM Act.

Holiday Spam Tricks

There was a brief period about a week ago where the amount of spam I was receiving (in the multiple unrelated email addresses I have) suddenly dropped. Yay!

But, alas, the spam has come back – with a vengance. One in particular that seems to be slithering by most spam filters at the moment is something I imagine was crafted specifically for this time of year – a spam message designed to take advantage of the fact that people are doing their holiday shopping.

This spam message generally has some variation on the subject line “Re: Order Status” or something like that. The body of the message seems to just be a “Click here to view this message as a web page” link. (Of course, if you get one of these, don’t click the link!)

Given how much on-line shopping is probably going on this time of year, this is a particularly nasty trick to use to get past people’s spam filters. Of course, there are ways to “separate the wheat from the chaff,” so to speak.

Most of these spam “Order Status” messages seem to have a “From” address that’s the same as the address they’re sent to – in other words, when they show up in your inbox, they look as if they were sent by you!

So I guess my holiday spam-avoiding tip for everyone this year is “delete emails that look like ‘order status’ messages but that appear to come from your own email address.” Not the greatest of tips, but hey, every little bit helps.

Stay safe from spam this holiday season!

Email image courtesy of the Tango Desktop Project.

Back Home to SPAM

Well, it was a long week, but I’m back home… and now the dreaded moment arrives, when I open my email to discover…

2,414 new messages.

Almost all of these are SPAM.

I had thought of checking my email while I was away, but when I access my email via webmail, I lose the services of Thunderbird‘s excellent spam filtering – and at 300+ messages per day (on average), that’s just too much mail to weed through on a daily basis through webmail. So I didn’t check my mail at all while I was away.

So that’s 2,414 emails in almost exactly one week.

This spam thing is becoming a HUGE problem!

My new year’s wish this year is for less spam!

p.s. – After Thunderbird downloaded all that mail, it left about 20 messages in my inbox – all of the rest was marked properly as spam and moved to my junk mail folder. Though it did take a few minutes to download all that mail – even over a cable modem connection!

Just get Firefox already, geez!

My attempts to urge Internet Explorer users to upgrade to something better.

If you are visiting this site with Internet Explorer 6 or 7, you will probably notice a large orange banner at the top that didn’t used to be there before, suggesting that you upgrade to Firefox.

Don’t be alarmed – this is deliberate.

I’ve seen it happen, time and time again. You’ve probably read about it in the news or heard about it on TV – you almost can’t escape it these days. Of course I’m talking about viruses, trojans, worms, botnets, spyware, spam, and identity fraud.

In a statistically significant portion of cases where people get these sorts of things, it is because they use Internet Explorer.

It is possible to get your computer infected by just reading an email (with a client that renders the email via IE) or by just visiting a web page. You don’t even have to click “Yes” to download anything in some cases. And although Microsoft has taken steps lately to improve the security of IE (IE 7 is much safer than IE 6), it is still much, much more vulnerable than Firefox.

So why take the risk? It only takes a few minutes to install Firefox.

Now, granted, some cases are due to user error – after all, the fake emails & fake websites that entice you to enter your password or bank number or whatever are getting better looking & more sophisticated every day – but using IE is like shaving with a straight razor – sure, it gets the job done, but if you mess up just a little bit – you’re dead! Firefox, on the other hand, is like a nice electric razor with the skin-softening gel. You won’t slice your jugular open and it even soothes away the minor irritation of an every-day activity!

I see news reports about things like the Storm worm and I just think of all those poor people, unwittingly taking part of botnet-type activities – DDOS, spam generation, and so forth.

In this day and age – with all these threats – with so many people getting their computers completely hosed on almost a monthly basis – and with so much of our lives (photos, emails, banking info) on our computers, there is just no reason to keep using a browser that is so potentially dangerous. Especially when the safer alternative is both free, easy-to-use, and available right now.

So stop procrastinating. Unless you enjoy living dangerously, just get Firefox already, Okay? You’ll be glad you did.

An unusual form of comment spam

My article from the other day attracted a lot of “trackback” spam. Weird.

My post yesterday about older games seems to have attracted some attention – but in this case, of the negative kind. This morning I logged on to find a bunch of new comments – except they all looked somehow… odd. Turns out they were all from throw-away blogs (fake blogs set up to increase search engine rankings) that had done a “trackback” to my article. Some of them quoted just a bit of it (to make it relevant in Google’s eyes, I suppose) and one even went so far as to try and look like a legitimate link – except they used the wrong name! (They said “I’d have to agree with this post by Kevin B.”)

Very strange – and this is the first time I’ve seen stuff like this show up in the comments. Has anyone else ever seen such comment spam? Is this a new phenominon, or is it just old stuff that I have been lucky enough to avoid thus far?