SPAM Turning the tide Gregory Massel iWeek 2004
The threat to the Information Society One of the greatest plagues affecting the digital world One of the greatest plagues affecting the digital world More prevalent then legitimate More prevalent then legitimate Causes significant financial costs and productivity losses for ISP’s, business and end-users Causes significant financial costs and productivity losses for ISP’s, business and end-users Undermines user confidence in and online activities Undermines user confidence in and online activities Can seriously hamper the development of the digital economy and society Can seriously hamper the development of the digital economy and society
State of the Problem Spam is increasing Spam is increasing July % of July % of July 2004 – 65% of July 2004 – 65% of Growing criminal element Growing criminal element >95% have falsified senders>95% have falsified senders 17% inappropriate for minors17% inappropriate for minors 9% scams (eg. 419)9% scams (eg. 419) 6% fraud (phishing)6% fraud (phishing) ~50% via hacks (open relay, open proxy, exploited pc’s)~50% via hacks (open relay, open proxy, exploited pc’s) Spreading beyond Spreading beyond SMS, IM (SPIM), IRC, VoIP, etc.SMS, IM (SPIM), IRC, VoIP, etc. GSM Association lists spam in top four threats to the future of the mobile phone industryGSM Association lists spam in top four threats to the future of the mobile phone industry Source:
Spam and Fraudsters " It is a well-known fact that no other section of the population avail themselves more readily and speedily of the latest triumphs of science than the criminal class.“ (Inspector John Bonfield, Chicago Police Department, 1888) Source:
Lessons to be learned Spammers are technologically adept Spammers are technologically adept As quickly as we develop anti-spam solutions, they improve their techniquesAs quickly as we develop anti-spam solutions, they improve their techniques Legislation alone does not stop spam Legislation alone does not stop spam Heavy penalties are a deterrenceHeavy penalties are a deterrence Empowers people to trace and take action against spammersEmpowers people to trace and take action against spammers International co-operation is required to to fight a threat that knows no borders International co-operation is required to to fight a threat that knows no borders
Turning the tide Legislate against spam (world-wide) Legislate against spam (world-wide) Colaborate globally to fight the threat Colaborate globally to fight the threat Through industry bodies (eg. ISPAs, ITU, IETF)Through industry bodies (eg. ISPAs, ITU, IETF) Through LEAs (eg. Interpol)Through LEAs (eg. Interpol) Develop technical solutions Develop technical solutions Preferrably IETF-endorsedPreferrably IETF-endorsed Must be widely implementedMust be widely implemented Educate end-users, marketers, businesses and ISPs about anti-spam measures and good Internet security practices Educate end-users, marketers, businesses and ISPs about anti-spam measures and good Internet security practices
Legislation - Overseas Most countries have introduced anti-spam legislation Most countries have introduced anti-spam legislation EU region governed by directive 2002/58/ECEU region governed by directive 2002/58/EC Governs all bulk communications (including , sms, fax, automated calling machines). Governs all bulk communications (including , sms, fax, automated calling machines). Explicit consent of recipient required PRIOR to contact Explicit consent of recipient required PRIOR to contact Exception: within the context of an existing customer relationship by the same company that obtained the customer’s details Exception: within the context of an existing customer relationship by the same company that obtained the customer’s details Prohibits the use of false identities or return addresses Prohibits the use of false identities or return addresses AustraliaAustralia Covers , sms/mms and IM but not fax Covers , sms/mms and IM but not fax Explicit consent of recipient required PRIOR to contact Explicit consent of recipient required PRIOR to contact Exception: within the context of an existing relationship Exception: within the context of an existing relationship Requires accurate identification of the sender Requires accurate identification of the sender Requires a functional unsubscribe facility Requires a functional unsubscribe facility Penalties up to $1.1 million per day for professional spammers Penalties up to $1.1 million per day for professional spammers Covers spam originated in Australia, or commission in Australia (but originated elsewhere), or sent to an address accessed in Australia Covers spam originated in Australia, or commission in Australia (but originated elsewhere), or sent to an address accessed in Australia Exemptions: Government, political parties, charities, religious organisations, educational institutions (sent to attending and former students) Exemptions: Government, political parties, charities, religious organisations, educational institutions (sent to attending and former students) USA governed by the CAN-SPAM ActUSA governed by the CAN-SPAM Act Implements an opt-out approach Implements an opt-out approach Prohibits the use of an invalid sender address Prohibits the use of an invalid sender address Prohibits bulk inappropriate for minors Prohibits bulk inappropriate for minors
Legislation – South Africa Bulk is legal provided you Bulk is legal provided you Provide an ‘unsubscribe’ facilityProvide an ‘unsubscribe’ facility Inform the recipient where you obtained their address (on their request)Inform the recipient where you obtained their address (on their request) Loopholes Loopholes No requirement for a valid sender addressNo requirement for a valid sender address Who does one contact to request where your address was obtained if there is no valid sender? Who does one contact to request where your address was obtained if there is no valid sender? It is almost impossible to prove that two mail shots came from the same sender, therefore difficult to prosecute on the basis of a dishonored unsubscription It is almost impossible to prove that two mail shots came from the same sender, therefore difficult to prosecute on the basis of a dishonored unsubscription Effectively legitimises spam Effectively legitimises spam Similar approach to the USA Similar approach to the USA USA is the biggest source of spam world-wide!USA is the biggest source of spam world-wide! Dire need for stricter legislation Dire need for stricter legislation
Collaboration & Education Global forums Global forums ITU / WSIS meetings on countering spamITU / WSIS meetings on countering spam AntiSpam-Forum 2004 (CABASE)AntiSpam-Forum 2004 (CABASE) South Africa South Africa ISPAISPA Anti-spam list Anti-spam list Technical committee Technical committee iWeek sessions iWeek sessions Participation in international forums Participation in international forums Spam SummitSpam Summit MFSA spam guidelinesMFSA spam guidelines Department of CommunicationsDepartment of Communications
Final thought "The spam wars are about rendering useless for unsolicited advertising before unsolicited advertising renders useless for communication." - Walter Dnes & Jeff Wynn (in news.admin.net-abuse. )
References & Links ITU activities on countering spam ITU activities on countering spam Euro Coalition Against Unsolicited Commerial Euro Coalition Against Unsolicited Commerial SpamLaws.Com SpamLaws.Com Australian Communication Authority - Information on SPAM Australian Communication Authority - Information on SPAM mhttp:// mhttp:// mhttp:// m Anti-Phising Working Group Anti-Phising Working Group AntiSpam-Forum 2004 (Spanish) AntiSpam-Forum 2004 (Spanish) SpamHaus SpamHaus