Who Benefits from Spam, Anyway? 109
Elbowgeek asks: "I've noticed that the vast majority of spam emails I receive are barely literate, to the point that in some cases one can hardly discern the product or service being advertised. Since most people are savvy/jaded enough to detect these entities that are not filtered automatically, just where does the profit motive from these messages come from? Is it simply the theory that if you send enough spam messages you're very likely to hit enough gullible recipients to make an acceptable amount of money? Does anyone have any insight on this dark underbelly of Internet advertising?"
Re:To many stupid greedy people. (Score:4, Informative)
lots of kinds of spam (Score:4, Informative)
I think there are lots of different kinds of spam, and therefore lots of different answers to the OP's question. Examples:
-A spam that they want you to click on in order to see porn. If you click on it, it really does lead to porn, and they get ad revenue.
-A spam that's trying to find out whether your address actually receives mail. If you click on the opt-out link, they've verified that the address works. They then add your e-mail to a list that they send to other spammers.
-The Nigerian scam. Yes, people really do fall for this. There was a famous case here in Orange County recently where a rich, elderly doctor blew hundreds of thousands of dollars on it.
For a spammer who owns a botnet, the cost of sending a spam is zero. When your product costs zero to produce, you can come up with a lot of ways to sell it, and still make a profit.
Re:My theory (Score:3, Informative)
I run a small project web hosting company with about 30 customers. We used to offer outgoing SMTP services, and still do (password required), but the majority of our customers are now unable to use it. We now recommend that everyone use their ISP's outgoing mail server. Another issue we ran into was a whole lot of mail gets rejected if reverse DNS entries aren't configured properly, and this would also be a problem for zombie machines. Perhaps I'm thinking of zombie machines as hijacked PCs and the real problem is hijacked servers.
I would assume, and I recognize that I could be completely incorrect, that most spam today comes from mass mailing companies. These companies of course use devious methods to deliver messages, from targeting open relays to abusing web hosts to running servers in "anything goes" data centers.
The reason I don't think that the motivation is the same as virus writers is that almost all spam, aside from phishing attempts and obvious goofs, has a link to an actual website selling something. If I were a virus writing kind of guy and wanted to send out a zillion junk messages, they wouldn't be advertisements for viagra because I'd want some kind of recognition.
If I had to bet, my money would be on the low percentage success rate. That is, it's cheap to send a million emails, and if only a tiny percent of those messages result in a sale, it's probably worthwhile financially. Spam *must* be a money game. It just doesn't make sense to me otherwise. Consider how the web is also being overrun by "spammers": bogus block sites, bogus search sites, bogus link sites, all designed to make money off a tiny little click through rate.
Wouldn't it be nice if some elite group of movie-style good guy hackers got together to knock the shit out of spammers? I'm not sure if there's any other solution but to knock them out. Legislation is minimal help, but only in certain countries. Anti-spam software is a band-aid and doesn't lessen much the financial burden of spam. Unless everybody in the world all at once decides to switch email protocols, I don't know if this will ever stop. It's obscene.
I don't really even use personal email anymore. I don't care to keep on top of my filters so I just don't bother. I remember a time when I checked my email multiple times every hour. Now I check it once a week to see if something came in from an address that I've got a routing rule for. "Downloading 393 messages....one of which is legit." Fun.
Not true (Score:3, Informative)
Re:Not true (Score:4, Informative)
Sorry, I'm just not seeing the referrer IDs you speak of.
--MarkusQ
Re:My theory (Score:3, Informative)
Your are correct that you are incorrect. Simply examine the IP addresses that spam comes from: Comcast, RoadRunner, SBCglobal, Adelphia, ATT, kingwoodcable.com, cebridge.net, Verizon, calpop.com, atmlinkinc.com, Charter, uci.net, ctccom.net, Earthlink, Qwest, suddenlink.net, Sprint, knology.net, insightcom.com, mdm.net, zoominternet.net, mnsi.net, Netzero.
Those are just a few of the sources of spam that was in my spam folder this morning. It does not include andy of the 300 or so that were trapped at the server by an IP filter that blackholes anything sent from a foreign (non-U.S.) IP address.
Why so many different sources and why from consumer IP addresses if these are not zombied machines?
Wired Article (Score:2, Informative)