Verizon Wireless, the #2 US mobile carrier, has won a permanent injunction against Passport Holidays, a Florida company, to stop them from sending unsolicited text-messages Verizon subscribers. The lawsuit was a result of 98,000 messages being sent to Verizon customes in October. At an average rate of 5¢ per text-message, this makes for approximately $5,000 in fees that Verizon charged its customers due to the spam. Verizon also received a $10,000 judgment from Passport Holidays.

Text-messaging spam has different economics that ordinary email spam. In addition to the annoyance of receiving an ad on the cell phone, many mobile subscribers are charged for each incoming text-message (in fairness, many plans have included a number of free in/out text-messages while other plans have free incoming messages.) Thus, mobile phone spam presents a more serious economic threat than email spam and it is good to see providers become active in prosecuting this type of threat.

How effective is text-messaging spam anyway? Users receive a short message on their mobile phones that tries to sell them a vacation cruise and lists a call-back number for people to dial. How many people actually do through the trouble to dial that number despite (possibly) the annoyance and (hopefully) suspicion?

People who were trying to predict the success of a movie at the Sundance festival could just do a simple spam filter analysis. Unspam Technologies, based in Park City, Utah, have tweaked a spam filter and have used the results to predict (with certain success) the success of a movie.

Two of the films they selected, a documentary called "God Grew Tired of Us" and a drama called "Quinceañera" won the festival’s coveted jury prize awards Saturday night.

Here’s how Unspam did it - instead of filtering spam, they modified the filter to look for the signs of a successful film based on data from 10 years of Sundance film guides, which include descriptions of each movie, along with information found in the Internet Movie Database and box office figures.

Despite missing some movies which were successful, the spam-filtering technology (based on Bayesian classification system) may prove to be useful in other areas. Oscars, anyone?

[Via InternetNews.com -]

A small Iowa-based Internet Service Provider has been awarded slightly more than $11 billion in a judgment against a Florida-based spammer, James McCalla. United States District Judge Charles Wolle issued the ruling in December 2005 imposing the fine for sending over 280 million unsoliticed email messages. The order also prohibits McCalla from using the Internet for three years.

Although this judgment sounds nice to the plaintiff (and to all who hate spam), it is uncollectible. No spammer, no matter how successful, can pay anything close to this amount. Also, spammers have reputation of wisely protecting their assets, usually offshore, in anticipation of similar judgments against them. This judgment, and especially its amount, has been highlighted in the press as of great importance. After all, $11 billion is quite a nice amount and catches the attention of the reader. However, the significance of this judgment is mostly the ban on McCalla to use the Internet for three years. As mentioned above, the monetary portion of the judgment is likely to be uncollectable. Thus, the ban, although not bullet-proof, will actually provide an enforceable (in US courts) mechanism to prevent the spammer from engaging in similar activity for the next three years.

Not a landmark case by any means, but the BBC reports on a EU spam case settlement brought by an Internet businessman against a Media Logistics, a UK-based firm for sending unsolicited bulk E-mail. The case was brought under anti-spam EU law, the directive on privacy and telecommunications, which gave individuals the right to fight the growing tide of unwanted e-mail by allowing them to claim damages.

Mr. Roberts, the plaintiff, received unwanted email ads from Media Logistics and filed an action against the company. The company did not defend the case and the judge issued a default judgment for Roberts. In a subsequent settlement, Media Logistics agreed to pay £300 (270 + 30 filing fee) to Robers and settle the dispute out of court.

Although a tiny victory with no precedent value in UK courts, this shows that EU spam laws have some teeth. "Some" teeth, because it is not clear how the court would have decided the case had Media Logistics appeared in court and defended on the merits.

Five ISPs have been recruited by the government to hunt down virus-infected computers used to send spam or launch distributed denial-of-service (DDoS) attacks from Australia. Basically the five Australian ISPs will share data on suspected zombie computers on their networks and each ISP will then take on responsibility to notify, educate, help clean, and, if necessary, take down the zombie PCs.

According to a statement from the Australian Communications and Media Authority, if the owner of a computer
contacted by an ISP is unwilling or unable to disinfect that machine,
the ISP could remove its connection to the Internet: "if the computer
remains a threat to other Internet users, the ISPs may take steps under
their acceptable use policy to disconnect the computer until the
problem is resolved".

Although we hear of similar patch-up-or-shut-down initiatives every once in a while, results so far haven’t been very positive. Hopefully this time it will work well.

[Via ZDNet]

A 20-year-Californian, Ancheta,  accused of using thousands of hijacked computers, or
botnets, to damage systems and send massive amounts of spam across the
Internet was arrested on Thursday in what authorities called the first
such prosecution of its kind.

"Normally what we see in these cases, where people set up these bot
systems to do, say, denial of service attacks, they are not doing it
for profit, they are doing it for bragging rights," he said. "This is
the first case in the nation that we’re aware of where the guy was
using various botnets in order to make money for himself."

Ancheta has been indicted on a 17-count federal indictment that charges
him with conspiracy, attempted transmission of code to a protected
computer, transmission of code to a government computer, accessing a
protected computer to commit fraud and money laundering.

[Via ZDNet UK, UK -]

Is it time for a new category on this site - Splog? Maybe not yet, but spamming via weblogs (splogging) has gained a lot of attention after Google’s Blogger service was accused for being a "splog" breeding ground.

The attacker, or splogger, used automated tools to manipulate the
Blogger-BlogSpot service and create thousands of fake blogs loaded with
links to specific Web sites (home mortgage, poker and tobacco sites
among them). The move was designed to doctor search results and boost
traffic to those sites by fooling the search-engine spiders that crawl
the Web looking for commonly linked-to destinations.

One of the major problems with detecting and prevenging spam on weblogs is that unlike email, there are no readily available tools to detect and erase what may be a legitimate blog posting or comment. Although keyword filtering may help, spammers are very good at evading such filters. In addition, unlike email where a piece of email’s headers can provide valuable clues to its legitimacy, a posting on a website does not hold much meta data which can help identify it as an illegitimate piece.

Splogging seems to be a growing problem in the blogosphere. Marc Cuban officially warned Google that Blogspot will be excluded from Icerocket.com (the search engine he owns) unless Google get their s*$# together.

This story sounds disturbing. According to computer security researchers at Pennsylvania State University, malicious hackers could take down cellular networks in large cities by inundating their popular text-messaging services with the equivalent of spam.

In essence, the attack is done by sending a large amount of text messages over wireless telephone network. By pushing 165 messages a second into the network "you can congest Manhattan."

Is this true? Apparently, so. Mobile operators have acknowledged that such network jamming is a possibility, but they claim that they have developed systems to prevent effective attacks on their networks. The fact that we haven’t seen an outage caused by such attack may show that they are correct, or may also show that attackers haven’t hit hard enough.

"If you’re not prepared, that could happen," said Brian Scott, senior
manager for wireless messaging operations at Sprint. "If you are
prepared and you have means in place to identify, detect and mitigate
that, it’s not as much of a concern.

[Via CNET News.com, United States -]

Interesting use of Google Maps and spam data obtained by Mailinator, a free email service. The spam map shows theoriginating locations of recent spam received by Mailinator.

[Via Slashdot -]

A survey by the Computer Security Institute shows that although the losses by cyber crime are down, the frequency of the attacks has increased over the past year. The average dollar loss per incident in 2004 was $204,000 (a 61% drop from 2003.)

The breakdown of the losses, according to the survey is:

• viruses, $42.8M
• unauthorized access, $31.2M
• proprietary info theft, $30.9M
• denial of service, $7.3M
• insider ‘Net’ abuse, $6.9M
• laptop theft, $4.1M
• financial fraud, $2.6M
• misuse of public web application, $2.2M
• system penetration, $0.8M

[Via InternetNews.com -]

« Previous entries Next entries »