Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Who Benefits from Spam, Anyway? 109

Elbowgeek asks: "I've noticed that the vast majority of spam emails I receive are barely literate, to the point that in some cases one can hardly discern the product or service being advertised. Since most people are savvy/jaded enough to detect these entities that are not filtered automatically, just where does the profit motive from these messages come from? Is it simply the theory that if you send enough spam messages you're very likely to hit enough gullible recipients to make an acceptable amount of money? Does anyone have any insight on this dark underbelly of Internet advertising?"
This discussion has been archived. No new comments can be posted.

Who Benefits from Spam, Anyway?

Comments Filter:
  • by jellomizer ( 103300 ) * on Friday August 11, 2006 @08:59PM (#15892566)
    Well you can assume that some of the Spam is static used to detrain spam filters. But for most cases Spammers make money in sending the Spam, Not selling the services that goes with it. So say they charge $10,000 for a Million emails. So unexpecting company or some poor smuck think he is going to get rich quick with this stuff will pay the spamming companies so much to give the link to their website and sell a product. But there is no promise that they will sell the product they only promise to deliver a million emails. So what normally happens the Smuck goes bankrupt and the Spammer gets the money. If the Spammer can get past the Spam filters then they can promise better visibility.
    There is basically an endless pot of Smuck who think they can get rich quick by selling sex toys, Investing in stock tips...
    • Bingo. Nobody actually needs to ever buy the product for spam to be profitable. Thats why it won't go away.
      • If spammers are just scamming their customers with full knowledge that the spam will not increase product sales, then what is the incentive to actually send out the spam messages rather than simply lie to the customer? Can one take a spammer to court and claim "this man promised to send 2 million unsolicited emails on my behalf but failed to do so; I demand a refund!" Seems difficult to proved one way or the other if the spam services are even legal.

    • by John Hasler ( 414242 ) on Friday August 11, 2006 @10:45PM (#15892844) Homepage
      > Investing in stock tips...

      Many of the stock tip spams are attempts to pump a stock. I suspect that they often work.
      • by Pharmboy ( 216950 ) on Saturday August 12, 2006 @08:41AM (#15893875) Journal
        Many of the stock tip spams are attempts to pump a stock.

        Although not my experiences are more anecdotal than imperical, I HAVE taken the time over the last year to track at least a couple dozen stocks that I have received spam for, up to a week after I received the spam. (finance.yahoo.com) About half the time, I have seen quick pops followed by quicker declines, indicating enough people purchased to drive the stock up 5%-10% (or a little more), followed by a decline within 24 hours pushing the same stock to the original price or a little lower.

        Maybe 30-40% of the time, the price didn't seem to change much (maybe not enough emails were sent) or the fluxuation was inline with the stock's trends, so it couldn't be determined if the spam did anything. The remaining 10%-20 it seems the stock simply slid in price (say, 3-10%) with no rise at all.

        So I can see how someone could pump up stocks and on average make money from spamming but it isn't always a sure thing. I have NOT heard of the SEC or any other agency arresting anyone for this, which seems to be clearly illegal, spam or not.
        • I did the same thing. I took a spam with a very clear disclaimer (although they used a tiny font):

          [...] We have received 250.000 free trading shares from a third party, not an officer, director or affiliate shareholder. We intend to sell all 250.000 shares now, which could cause the stock to go down. This company has : negative cash flow from operations, no revenues in its most recent quarter, an accumulated defecit, a negative net worth, nominal cash, a going concern opinion from its auditor and related pa
          • Wow, I certainly hope that is illegal, for many different reasons. Actually, I know it is since the entire purpose was to manipulate the stock price. That the spammer was paid in stock only makes it worse, as he as committed two crimes instead of one.

            Of course, the real problem is the idiots who actually read the "stock tips" and buy stock based on this "information". Just like all spam, the problem is equally the people who spend the money. If no one bought from spammers (or their clients), spammers wo
      • There was an excellent paper [ssrn.com] at the Workshop on Economics and Information Security [econinfosec.org] a few weeks ago which showed that stock pump-and-dump spam works. It was also shown that as more people are discovering this fact they are riding the band-waggon, thereby making it work even better. If you can spot the scam, perpetrated by others, early in the cycle then you can trade the stock yourself and make a profit and not actually be breaking any securities laws, since you're not the one promoting the stock.
    • Thanks for replying to my question. I had actually considered this may be the case, but one would figure that after a while that the futility and lack of profit produced by paying the spammers to send out one's message would become common knowledge.

      Still, there are people who still try heroin thinking it can't possibly get them addicted despite the millions affected by the drug. Money is probably the most potent drug of all...

    • You mean *attempt* to detrain spam filters. I've been watching my filter, and there is absolutely no difference in effectiveness. My filter has a 0.1% false negative rate, and a 0% false positive rate. It's been that way for about three years now, rock steady.

      I get 100,000 spams a month.
      • I get 100,000 spams a month
        Sheesh. That is 3000 a day.

        I get something in the region of 1500 a month, very few false positives but 10% (easily identifiable) false negatives which immediately get the click of death.

        If I have been away for a few days, there is no such thing as a false positive. If it has been sorted out by the filter then it gets junked, sight unseen. With 3000 a day then it would be like that every day.
    • What's interesting now is that we're seeing more spam which seems to imply their market is shrinking. The barrage of penny stock scams only need a handful of morons to participate to drive up the price to a point where they can dump the stock and make money. So when you spam to 100 million e-mail boxes, the law of averages says at least a few dozen idiots might bite and you can take their money via their portfolio.

  • The short answer (Score:5, Insightful)

    by jone_stone ( 124040 ) on Friday August 11, 2006 @09:00PM (#15892567) Homepage
    The short answer: yes. Send out a million emails and get a .1% response and it's more than worth it.
    • Taking a quick glance at my spam folder, it seems to me that there are a few very logical reasons why people would end up buying from a spammer:

      (1) Unavailability (illegal or taboo)
      They don't know of any other place to buy the product being advertised (perhaps because it is not advertised elsewhere, or it's illegal to advertise or sell), or they would be too embarassed to research it further or walk into a store that sells the item or request it from a person in "real life."

      Examples: penis enlargements, via
    • No one gets a .1% response with spam. I write web reporting software to track the success of direct mail marketing (aka real junk mail, from the postman) and a .1% response rate is considered good. And that's figuring each mail piece cost about 25 cents... with e-mail, it could be a .001% response rate and still make a profit.
  • by whoever57 ( 658626 ) on Friday August 11, 2006 @09:00PM (#15892568) Journal
    who benefits from all the badly formatted spam? Wasn't there a story about this a day or 2 ago: someone suggested that it wa an attempt to train baysean filters to accept spam?
    • Probably. I've seen more spam in my inbox [gmail] lately. All of it nonsense or foreign language junk.

      It was bad enough when we were getting spammed in English for things we could spend money on. Now we're getting nonsense spam and they provide no way to exchange funds [which bursts the 0.1% theorem]

      • Wish I could say the same. Google's junk mail filter used to be spectacular, but not anymore. I'm getting around 5-10 spam emails a day from the domain name "mailnvd01.net", all in English. I've reported each and every one as spam but every day there is more of them in my inbox; Gmail's spam filters have failed to catch them every time. That adds up to about 60 emails from this one spammer this week alone. With me reporting each of them you'd think the spam filter would get a clue. I'm beginning to think th
        • It's entirely possible there are people with fake google accounts marking that as "non-spam" to counter the operation.

          It isn't like you need a captcha to report spam.

        • by Bill Dog ( 726542 )
          I'm beginning to think they must be paying Google to never tag their crap as spam.

          1) Offer free email with gobs of space to instantly become a major player in that area.
          2) Punch blatantly obvious holes in the spam filters for your biggest-budget customers.
          3) When people complain, simply remind them that it's still in beta.
          4) Profit!
        • I'm experiencing the same- much more spam in the last few weeks in my gmail account.

          Then again, it's been a lot less over the last 2 days...
          • Remember the stories over the past few days about that patch for a vulnerability that could cause another Blaster-scale virus? About how a lot more zombies would be added to botnets?

            Maybe the reason you've seen more spam is because there are more senders, and it's taking time to catch up with the load. More senders means more possible diversity, after all.
  • While early spam might have been more legit (in that it was actually advertising a respectable product), my theory is that most spam now-a-days is prompted by the same motives that virus writing is (that is, something like satisfaction in hurting / discomforting others). Considering that a lot of the spam is coming from zombie computers (infected by a virus), I don't think my theory may be partially correct.
    • by Rachel Lucid ( 964267 ) on Friday August 11, 2006 @09:08PM (#15892598) Homepage Journal
      Is there any point left in spam but to keep spam-blocking companies in business? After all, Internet Security is quite the nice racket...
    • Good theory. My reply theorized kind of the same thing. If I could use my mod points now, I'd mod you up!
    • Re:My theory (Score:5, Insightful)

      by pilkul ( 667659 ) on Friday August 11, 2006 @09:17PM (#15892624)

      1. Spam has never been used to advertise respectable products.
      2. The motive for virus writing nowadays is profit, same as spam. Viruses let you put up adware and create zombie hordes for spam forwarding or DDoS blackmailing.
      3. In the past, the motive for virus writing was not to hurt other people, but simply a kind of power trip or experiment. For proof, look at how very small the proportion of viruses that intentionally delete data is. The psychopathic "hurt as many people as possible" mindset is extremely rare.
      • Yes, it has. Spam was originally used to sell pretty ordinary products and services: the same type of things you'd find in the Yellow Pages. The first spam was actually an advertisement for a law firm, IIRC. The businesses were contactable, had real phone numbers and street addresses, and so on; people thought of spam as just being a new advertising venue not unlike TV, newspapers, the Yellow Pages, &c.

        After people started getting more and more upset about spam, legitimate businesses naturally moved awa
        • The first spam was actually an advertisement for a law firm, IIRC.
          Indeed, this sleazy law firm [wikipedia.org] one of whose partners has since been disbarred. Yes, it's marginally more reputable than today's spams but not by much. Nor was it viewed as an ordinary advertising venue: it resulted in an immediate outcry and a wave of spam blocking measures were taken.
        • Just to be pedantic, the first spam was not the lawyers and their green card service, it was one for computer-related services long before law firms would even bother with computer networks. The infamous law firm crossposted on many, many USENET groups, paving the way for USENET to be bogged down in spam-type messages, but it wasn't email per se.
    • Re:My theory (Score:3, Informative)

      Does a lot of spam come from zombie machines though? Certainly a lot of spam comes from open relays, and a certain amount comes from inept web hosts (although I've leased servers, and most datacenters get very suspicious when your email traffic picks up). But how much spam comes from infected PCs with so many ISPs now blocking outgoing requests to port 25?

      I run a small project web hosting company with about 30 customers. We used to offer outgoing SMTP services, and still do (password required), but the m
      • Re:My theory (Score:3, Informative)

        by TFGeditor ( 737839 )
        "would assume, and I recognize that I could be completely incorrect, that most spam today comes from mass mailing companies. These companies of course use devious methods to deliver messages, from targeting open relays to abusing web hosts to running servers in "anything goes" data centers."

        Your are correct that you are incorrect. Simply examine the IP addresses that spam comes from: Comcast, RoadRunner, SBCglobal, Adelphia, ATT, kingwoodcable.com, cebridge.net, Verizon, calpop.com, atmlinkinc.com, Charter,
    • The virus theory I think is a good theory for some of the spam. Whether creating a bunch of zombies to do one's bidding, or simply putting keyloggers onto their computer to find out their credit card information, it's a win-win (for them) situation if they infect someone.
  • Spammers benefit (Score:2, Interesting)

    by nascarguy27 ( 984493 )
    By doing this
    1. Send mass, annoyingly misspelled emails
    2. Wait as stupid people wanting (insert lame thing here) open and click on them
    3. ??????
    4. Profit
    • About your sig, you could close the bracket, and then, I think (iirc) that you can do directly return, might take a cast but i don't think it's even needed ;-)

      funny createSig(witty remark, odd reference)
      return sigOut = remark + reference;
      } //that's how i'd do it ;-)

      • You could just do return remark + reference; No need to waste stack space with an extra Funny. Wittys need to support Odds being added to them, and also be convertible to Funnys.

        Of course, it's a sig, not a function... so we really shouldn't be analyzing it this carefully.
      • my bad I meant return remark + reference; not return sigOut = remark + reference;
    • 3. Collect list of stupid people's e-mail addresses, which you now know are good
      3 1/2. Sell list of e-mail addresses to other spammers
      4. Profit!

      Just a theory.
  • by Total_Wimp ( 564548 ) on Friday August 11, 2006 @09:02PM (#15892578)
    It's just like every other business out there. Some people don't know how to run them. Unfortunately, with spam, these idiots are able to make a major anoyance of themselves with their ill-concieved, badly run catastrophies.

    Trust me, the illiterate folks really don't make any money. But they're only part of your spam. The one where, you know, you can actually find some information on how to buy a product? They're doing ok.

  • by tommertron ( 640180 ) on Friday August 11, 2006 @09:04PM (#15892584) Homepage Journal
    http://it.slashdot.org/it/06/08/09/1523207.shtml [slashdot.org]

    Apparently a lot of the 'gibberish' spam not trying to sell you anything is just there to try to untrain the spam filters so the next one that does try to sell you something might slip through. Or it negates the spam filters' effectiveness so much that people have to start looking in their spam filters for actual messages.

    Personally, I think there's a lot less of a greed factor right now than there is an 'us vs' them' factor. I really think it's just getting to be an elaborate game for these spammers now - all they're trying to do is thwart the filters, and they've forgotten all about trying to dupe people out their money.

    • Indeed it was the filter training post which inspired this one. I realise a lot of it is probably to retrain the filters, but I don't see the spam filters in Yahoo mail being any less effective.

      I'm talking about the spam which combines ever more elaborate ways to spell out \/|/\gr/\ (or teen virgin, or hot MILF) with an obvious complete lack of command of the English language, which is an obvious attempt to get around the filters as opposed to training them. This produces a subject header which is com

    • Parent suffering from "Wikiality". That's just a guess of what those spams might be doing.
  • by MarkusQ ( 450076 ) on Friday August 11, 2006 @09:05PM (#15892587) Journal

    There are two layers at work; the spammers and the "vendors" they spam for. The spammers are paid to spam, but they don't really care if the product sells or not. It's just like any advertising--magazines are paid to print your ads, but if they ads don't work, it's not their problem.

    If you extrapolate normal advertising out by a few orders of magnitude (dumber, cheaper, wider distribution, etc.) you get spam. If you don't extrapolate out far enough (and find yourself in direct mail or telemarketing), no worries. Just keep going in that general direction a while longer, and eventually you'll come to spam.


    • That's right, to a point. If, however, in your example, none of a product's ads produce sales, they likely won't be advertising in that magazine again. So it is somewhat of a concern to spammers that their clients actually end up getting some sales. Thus why we get the constant war of spammers trying to get past our protection schemes.
      • by MstrFool ( 127346 ) on Friday August 11, 2006 @10:34PM (#15892812)
        Not so, and he didn't say that none of the adds sold anything, he somply said that the spammer doesn't care if they do or not. Just as there are large numbers of people that do reply to spam, there is also a large enough group of people willing to pay spammers to spam for them. You get $10,000 from one guy and it cost you next to nothing. How long would you be willing to wait for the next sucker to ask you to spam for them? So the first guy got nothing and went broak, a little sweet talking and waving of numbers and you have a new person willing to pay you. Do that 10 times in 1 year and that's a nice $100,000 in your pocket for doing less then a days worth of work all year. In time, people will stopp falling for it, but by then the nest generation of idiots is jumping to pony up the cash. Some times I hate having ethics... I could really use that money my self.
        • Especially early on, you'd see a lot of spam activity where Johnny Singlewide thought he could make big money as a spammer, and bought himself a spamware kit and a case of Nigerian Herbal Fake Viagra, and found he couldn't sell the stuff. Sure, he doesn't reorder, but there were a lot of other wannabee spammers like him to sell to, and the spamware vendors didn't *mind* if he actually made a profit and ordered more because they can use him as an example instead of making up their own.

          Fortunately, a lot o

    • There has to be an almost endless supply of vendors. Either that or a limited supply of vendors who are have endless money and endless stupidity.

      If your theory is correct, sales from spam campaigns are zero or close to zero. Now I can understand a vendor paying for a single spam run -- after all, the vendor probably has an inbox full of spam, so "it must work or people would not send spam". However, for a person of only average intelligence, this logic will only work once: one spam run, poor to zero sales

      • There is a nearly infinite number of vendors. Every business plan reference claims you need to advertise. Go to google and put in search terms about low cost advertising and poke around until you find something that isn't regional and you find a spamer or a front for one.

        The other trick is that if you contact an "opt in" list you will find that they will do a free run of 100 to 1000 so you can see how it works. You will find that you get several tentative orders. I know a guy who did that and got about
      • "There has to be an almost endless supply of vendors."

        I think this is pretty much true. Ever notice how the spam you get nowadays isn't hawking the same products it was a few years or even months ago? For a while you see stuff like "Cialis soft tabs," then it goes away. Then fake Rolexes, or Louis Vouitton handbags. Then those go away. Penny stocks for a certain company you've never heard of, they come and then they're gone, and then there's another company's penny stocks being pumped.

        This indicates to me t
    • Not true (Score:3, Informative)

      by NineNine ( 235196 )
      That's not true. Spammers are paid a percentage or flat fee based on what is sold with their referrer ID. Nobody is paid just to spam. Google is the last major advertising company/industry on the web that actually pays people just to advertise, with no results. Porn and spam both figured out that per impression or per click or per email doesn't work, and there haven't been any of those programs available in either industry for at least the past 6 years (yes, they figured this out while all of the "strai
      • Re:Not true (Score:4, Informative)

        by MarkusQ ( 450076 ) on Friday August 11, 2006 @11:59PM (#15893079) Journal
        Spammers are paid a percentage or flat fee based on what is sold with their referrer ID.
        I beg to differ. First, such a system would be all but unenforceable, and I can't see the spamers (who are the ones that will be risking prosecution, after all) saying, "Oh sure, you can pay me when you sell something; I can tell you guys are honest." But it also doesn't fit the data. Let's take a look at my in box, shall we?
        1. Some folks selling "C-i-a-l-l-i-s" (or trying to). Looking at the raw message, I see one http: link, to a .info domain, with nothing beyond the FQD. They could of course have a separate domain for each spammer they used, but given how specific their domain name is it doesn't seem likely.
        2. A blank spam. No subject, no body, no referrer ID.
        3. A note from my wife. No referrer ID.
        4. A pump and dump stock scam spam, no response info of any kind, and thus untraceable. No web bugs or other place to hide a refere ID.
        5. A question from one of my company's laywers. No referrer ID that I can see.
        6. A note from a psycho that believes the internet is spying on him. Spam, in a sense, but I think he's trying to warn us out of the goodness of his heart. No ID of any kind, and I suspect that if he knew his emails contain a message ID and a give an idea of the route they followed getting here, he'd faint.
        7. Image spam; quite possibly tracable (I don't know what they image is; I don't fetch 'em).
        8. Guttenspam. No payload.
        9. Another image spam.
        10. A note from my boss commenting on one of my earlier /. posts.
        11. Another anonymous stock tip.
        12. And another.
        13. Watch replicas, one link, with only a FQD.

        Sorry, I'm just not seeing the referrer IDs you speak of.


      • Some of the spammers selling Nigerian Herbal Fake Ci41iz may be pushing it for other people, but at least in the past, many of them are doing the sales themselves. If you're the customer, you're sending your money to Johhny Singlewide, the spammer. Johnny may be buying it by the case and shipping it himself, or he may be ordering it from the manufacturer who ships directly to the end user. He might even have the manufacturer accept payments, but that takes a higher level of trust on his part. Some of t
  • Lots of mistakes (Score:3, Interesting)

    by BrynM ( 217883 ) * on Friday August 11, 2006 @09:06PM (#15892591) Homepage Journal

    I've spent an inordinate amount of time fighting spam on my server in the past. My guess is that the completely mussed up ones are a combination of the following:

    • Trying to throw off spam filters - The (possibly wrong) idea is the more mail you have to process and the more complicated you make the ruleset (learned or created), the better the chance that one they get paid for will get through. From what I understand, most spammers think of this as a kind of "war" so they have no problem wasting resources "fighting". This is not some grand scheme, but more likely the fragmented effort of various large spammers.
    • Bad translations - Spammers are global (a large number in the Pacific Rim). I'm betting that many rely on someone else to translate. Some pure gibberish spams are converted character sets [wikipedia.org] somewhere along the way.
    • Stupidity - I've seen plenty of braindead spammer mistakes (sending the recipient list cc instead of bcc, not knowing how to work the software but being willing to "make money at home")

    Of those three, only one is intentional. Seeing some large nefarious purpose may be giving the spammers too much credit.

    As a side note, some of my favorites are the pharmaceutical spams that say the names of the drugs, but don't offer any means of purchase let alone contact. I often wonder if some madman at GSK or Pfiser is reminding the world that v1a6r@ can be spelled so many different ways.

  • I've been receiving strange spam messages in the last few weeks containing a ficticious name in the subject line and then a single word in the message body, such as "OK", "cloud" or "door". It's really weird and there isn't an image attachment like most of the spam I've been getting lately so I don't see the point. Perhaps spammers are trying to train Bayesian filters with junk or attempting dictionary like attacks on mail servers to see what words get through and which do not.

    The latest trick in the spam a
    • by beadfulthings ( 975812 ) on Saturday August 12, 2006 @12:19AM (#15893143) Journal
      Eeuwh. Believe it or not, they can cause you many Maalox moments under certain circumstances.

      Take a close look at these. If (a) you have a website, and (b) they come in pairs, or especially if they come in threes, they can be a signal that somebody is evaluating you for a bit of cross-site scripting--or worse yet, that they have you. They may look as though the sender has forged and garbled your email address--but then again, they may not look like that. Little spates of one-word messages merit a second glance. They're like the odd little sounds you might hear if someone were trying the doorknobs of your house in the middle of the night.
    • "The latest trick in the spam arsenal seems to be a crack at social engineering with emails that purport to be from Ebay, Bank of America or whatnot. If you click on the link, and the URL isn't even close to the purported source of the email, it takes you to the spammers web site where the actual marketing is done."

      Ever heard of "phishing"? http://www.antiphishing.org/ [antiphishing.org]

  • I imagine a lot of it is a denial of service attack. Microsoft is not alone in this. A lot of spam is pure malice. It does not have contact information for a sale or even build brand awareness. Microsoft understands that free software depends on communications between programmers and users and they seek to disrupt it.

    Microsoft is unique in wanting to limit network services ISP's have to offer. By creating a problem, such as 80% of the world's spam coming from their broken operating system at the end

    • So Microsoft intentionally ships crappy software so that spammers will disrupt communication among open source programmers? Did I get that right?

      You have a very... unique viewpoint. Have you considered writing a book about the Kennedy assassination? You may just be able to come up with something original in that area, which is no small feat.

      • by rk ( 6314 ) * on Saturday August 12, 2006 @02:47AM (#15893462) Journal

        "So Microsoft intentionally ships crappy software so that spammers will disrupt communication among open source programmers? Did I get that right?"

        No, silly! Microsoft intentionally ships crappy software so that spammers will disrupt communication among the Bilderbergers, The Freemasons, The Trilateral Commission, and the Council on Foreign Relations and then Microsoft sets up open source programmers as the bad guys creating the spam so that the Illuminati will hire the Knights Templar to kill off all the open source programmers.

        It's brilliant. Really.

      • So Microsoft intentionally ships crappy software so that spammers will disrupt communication among open source programmers? Did I get that right?

        I think you intentionally missed it.

        Microsoft is making the best of things they can't change. They are incapable of shipping a good product because non free development does not work. Spammers take advantage of that. Because M$ can not or will not simply fix their software, they must impose limitations on everyone else or they will lose market share. They t

        • You talk so much bollocks I'm not even going to dignify that with a proper response. You might as well say the Jews, the Freemasons, Tesco and Microsoft are all teaming up to spam the world into oblivion.
    • Do you feel there is any connection between Islamic radicals, terrorism and Microsoft? I suppose you would argue that it's not about religion, but more about the attempt to suppress open source?
  • I do! (Score:3, Funny)

    by AriaStar ( 964558 ) on Friday August 11, 2006 @10:02PM (#15892726) Journal
    I get paid pretty well to deal with this crap and keeping it from getting to our clients. For all the annoyances spammers cause, I'd like to thank them for keeping me employed! And then hit them for even trying to send me spam.
  • Hah, interesting! Here is a post on a very related topic: Social Spam and Spam Incentives [simpy.com], as it relates to Simpy [simpy.com]. It asks about incentives, about the choices of things that are "spamvertised" (who follows "home loan" links on a site that so obviously stinks of rotten spam?), etc.
  • I've noticed that the vast majority of spam emails I receive are barely literate, to the point that in some cases one can hardly discern the product or service being advertised.

    My theory is such spam is being used as a covert channel of communication. If they send a secret message to a million people instead of just the intended recieptient, it hides the secret of the sender / reciever connection in the noise aswell.
  • by bcrowell ( 177657 ) on Friday August 11, 2006 @10:25PM (#15892790) Homepage

    I think there are lots of different kinds of spam, and therefore lots of different answers to the OP's question. Examples:

    -A spam that they want you to click on in order to see porn. If you click on it, it really does lead to porn, and they get ad revenue.

    -A spam that's trying to find out whether your address actually receives mail. If you click on the opt-out link, they've verified that the address works. They then add your e-mail to a list that they send to other spammers.

    -The Nigerian scam. Yes, people really do fall for this. There was a famous case here in Orange County recently where a rich, elderly doctor blew hundreds of thousands of dollars on it.

    For a spammer who owns a botnet, the cost of sending a spam is zero. When your product costs zero to produce, you can come up with a lot of ways to sell it, and still make a profit.

    • A spam that's trying to find out whether your address actually receives mail. If you click on the opt-out link, they've verified that the address works. They then add your e-mail to a list that they send to other spammers.

      I've long suspected that most of the spam that doesn't advertise a product or offer a virus-laden attachment falls into this category. It seems a reasonable explanation for both the long strings of random prose spam and the short nonsense sentence and single-word spam.

      In a world of honeyp

      • I've long suspected that most of the spam that doesn't advertise a product or offer a virus-laden attachment falls into this category. It seems a reasonable explanation for both the long strings of random prose spam and the short nonsense sentence and single-word spam.

        I think that is mostly to poison spam filters. If you mark it as junk, you're adding 'regular' words to your filters, which increases the possibilities of false positives, and eventually will make the filter useless.

        • I think that is mostly to poison spam filters. If you mark it as junk, you're adding 'regular' words to your filters, which increases the possibilities of false positives, and eventually will make the filter useless.

          Certainly possible.

          But, it seems to me that if your goal is to generate false positives in spam filters, you could choose much better material: namely, real email. It wouldn't be hard to mine random mailing list archives and put together messages which are clearly recognizable to humans as spam

  • I get these too. (Score:4, Interesting)

    by TheZorch ( 925979 ) <thezorch@gmail. c o m> on Friday August 11, 2006 @11:44PM (#15893027) Homepage
    My regular email address gets them from time to time but its my Final Fantasy XI PlayOnline email address that gets them the most.

    They are emails with gibberish for subject lines and gibberish for contents. They are sentences which make no sense what so ever, random words put together that have little meaning at all. There's no ad, no link, and the addresses they are sent from are bogus (I know, I tried finding them). A few of these emails have originating address of @ds1.yahoo.com or @server1.paypal.com or @ddl.amazon.com and so on and so forth. The actual address itself is made up of random letters and numbers.

    My theory, like those suggested aboove, is that these emails are sent by "Botnets" to random email addresses in order to see which ones don't bounce. This can be in preparation for sending ad-like spam or a prelude to a virus infestation. Or, like someone else suggested it could be a form of coded communication which is widely broadcasted in order to prevent the authorities from find out its true intended destination.
  • You don't have to click on the messages in spam to benefit it. If your ad provider gives you money per n impressions, then you just send out a reasonably legit looking email and hope that maybe 5% open it. 5% of 1 million = 50000, and if your ad company gives you a "click" for every 1000 impressions, that's 50x whatever the ad is. If you're doing something obscure like real estate that gives a few dollars per "click", then churning out about a million emails an hour will leave you with more than enough to p
    • Your logic is right, but I'm really curious about your numbers. I would have expected much less than 1%, and maybe a dime per view/click.

      Are your numbers approximately accurate, or are you just inventing them for the sake of the point?
      • One of my friends has an ad-system on his page and he says that real estate ads pull in a few dollars per "click". Nothing to back that up apart from what he's said.

        The 5% came from the fact that you want to send out a legit-looking email, say a family letter from a person with a fairly generic name. If you just send a family letter without buzzwords like viagra and cheap software or s3x, it should pass most spam filters and you can put the ads at the bottom. When you get an email from "John Smith" about h
        • One of my friends has an ad-system on his page and he says that real estate ads pull in a few dollars per "click". Nothing to back that up apart from what he's said.

          Oh, I easily believe that: I did some research earlier and [url=http://www.robertjohnkaper.com/journal/200608 10092832.html]gambling and anti-depressants can pull up to a fiver[/url].

          So basically it's:

          1. Find emo girls and let them create profiles/blogs
          2. Use contextual advertising on their profiles/blogs
          3. Profit!

          And to think some people laugh
  • I'm surprised (Score:1, Interesting)

    by Anonymous Coward
    that the spammers haven't started data mining mailing lists and using legit text from those lists along with their spam garbage.
  • Wired Article (Score:2, Informative)

    by aquowf ( 977465 )
    Interesting article in august's wired magazine: http://www.wired.com/wired/archive/14.08/spamking. html [wired.com] [wired.com] It talks about the life and death of a "russian spam king", discussing the infamy as well as the money that spam brought him.
  • Here's my last week's stats:

    Date, Mail recieved, Blocked spam
    Aug 2 00:00:00, 5080, 25147
    Aug 3 00:00:00, 4596, 24733
    Aug 4 00:00:00, 4243, 27209
    Aug 5 00:00:00, 1904, 24784
    Aug 6 00:00:00, 2269, 24360
    Aug 7 00:00:00, 4725, 32358
    Aug 8 00:00:00, 5011, 33012
    Aug 9 00:00:00, 5361, 33811

    If you look at the stats over the last week for one of my servers, you note that anywhere from 85-91+% of the mail received is spam. This is a huge noise-to-signal ratio, and this doesn't even include a certain percentage of spam whic
  • I look at it this way: With every gibberish spam I receive, my treasure trove of character names grows! The fictional sender name is great for characters in an alternate-Earth setting like World of Darkness and Shadowrun, and the goofy words in the subject line make for great fantasy names.

    I win.
  • I run my own personal incoming mail servers. They get a lot of spam, but Spamassassin is so amazingly effective I don't have to be annoyed by most of it. Spam uses a small fraction of my DSL link capacity, so that doesn't bother me either.

    My MX server advertises STARTTLS, so a fair bit of my incoming mail, and much of my spam, is automatically encrypted on the way. Not most of it, but enough to create a steady stream of "opaque chaff" from exotic locations all over the planet. And that just might make it

Q: How many IBM CPU's does it take to execute a job? A: Four; three to hold it down, and one to rip its head off.