SPAM Turning the tide

About This Presentation

Title:

Description:

Number of Views:31

Avg rating:3.0/5.0

Slides: 12

Provided by: gregory111

Category:

Tags: spam | tide | turning

Transcript and Presenter's Notes

Title: SPAM Turning the tide

1
SPAMTurning the tide

2
The threat to the Information Society

One of the greatest plagues affecting the digital
world
More prevalent then legitimate e-mail
Causes significant financial costs and
productivity losses for ISPs, business and
end-users
Undermines user confidence in e-mail and online
activities
Can seriously hamper the development of the
digital economy and society

3
State of the Problem

Spam is increasing
July 2003 - 50 of email
July 2004 65 of email
Growing criminal element
gt95 have falsified senders
17 inappropriate for minors
9 scams (eg. 419)
6 fraud (phishing)
50 via hacks (open relay, open proxy, exploited
pcs)
Spreading beyond e-mail
SMS, IM (SPIM), IRC, VoIP, etc.
GSM Association lists spam in top four threats to
the future of the mobile phone industry

4
Spam and Fraudsters

" It is a well-known fact that no other section
of the population avail themselves more readily
and speedily of the latest triumphs of
science than the criminal class.
(Inspector John Bonfield, Chicago Police
Department, 1888)

Source www.antiphising.org
5
Lessons to be learned

Spammers are technologically adept
As quickly as we develop anti-spam solutions,
they improve their techniques
Legislation alone does not stop spam
Heavy penalties are a deterrence
Empowers people to trace and take action against
spammers
International co-operation is required to to
fight a threat that knows no borders

6
Turning the tide

Legislate against spam (world-wide)
Colaborate globally to fight the threat
Through industry bodies (eg. ISPAs, ITU, IETF)
Through LEAs (eg. Interpol)
Develop technical solutions
Preferrably IETF-endorsed
Must be widely implemented
Educate end-users, marketers, businesses and ISPs
about anti-spam measures and good Internet
security practices

7
Legislation - Overseas

Most countries have introduced anti-spam
legislation
EU region governed by directive 2002/58/EC
Governs all bulk communications (including
e-mail, sms, fax, automated calling machines).
Explicit consent of recipient required PRIOR to
contact
Exception within the context of an existing
customer relationship by the same company that
obtained the customers details
Prohibits the use of false identities or return
addresses
Australia
Covers e-mail, sms/mms and IM but not fax
Explicit consent of recipient required PRIOR to
contact
Exception within the context of an existing
relationship
Requires accurate identification of the sender
Requires a functional unsubscribe facility
Penalties up to 1.1 million per day for
professional spammers
Covers spam originated in Australia, or
commission in Australia (but originated
elsewhere), or sent to an address accessed in
Australia
Exemptions Government, political parties,
charities, religious organisations, educational
institutions (sent to attending and former
students)
USA governed by the CAN-SPAM Act
Implements an opt-out approach
Prohibits the use of an invalid sender address
Prohibits bulk e-mail inappropriate for minors

8
Legislation South Africa

Bulk e-mail is legal provided you
Provide an unsubscribe facility
Inform the recipient where you obtained their
address (on their request)
Loopholes
No requirement for a valid sender address
Who does one contact to request where your
address was obtained if there is no valid sender?
It is almost impossible to prove that two mail
shots came from the same sender, therefore
difficult to prosecute on the basis of a
dishonored unsubscription
Effectively legitimises spam
Similar approach to the USA
USA is the biggest source of spam world-wide!
Dire need for stricter legislation

9
Collaboration Education

10
Final thought

"The spam wars are about rendering email useless
for unsolicited advertising before unsolicited
advertising renders email useless for
communication."
Walter Dnes Jeff Wynn
(in news.admin.net-abuse.email)

11
References Links