UT Researchers Take Down Spam One Day at a Time [Infographic]
Sometimes email spam is tucked away neatly in a spam folder with obvious subject lines like “Need Cash Quick?” or “Best Luxury Replica Watch Supplier.” But other times it’s not so apparent, making its way to your inbox with believable subjects like “LinkedIn Friend Request” or “Urgent Attention Needed for your ATM Card Delivery.” Not only is spam obnoxious, but it also causes major problems across the world in the form of wasted time, dangerous viruses, stolen identities, and large financial costs to fix the problem.
Since 2011, the Center for Research in Electronic Commerce (CREC) at The University of Texas has been tracking where spam is coming from on SpamRankings.net.
“Most spam is sent from computers compromised by botnets or phishing” says center director Andrew Whinston. “The same security problems that let those problems in could be used for worse things, ranging from denial of service attacks to identity theft to blackmail to alteration of financial records.”
In an effort to prevent those problems from cropping up, each month SpamRankings.net publicly lists organizations that are hosting spam, albeit sometimes unknowingly. The hope is that bad publicity will influence these companies to fix their security problems.
“If our approach works, it will enable a strong policy argument that more disclosure of breaches for more reputational rankings would improve security even more,” says John S. Quarterman, the project’s senior researcher, proprietor of Quarterman Creations, and author of seven books about the Internet.
Ever wonder where all that spam in your inbox comes from? SpamRankings.net tracks daily changes in spam trends worldwide. In July, most of it originated in the U.S.
More about SpamRankings.net
Originally published at Texas Enterprise
Why You Should Care About Spam
Why publish ranked lists of spamming organizations, which most likely don’t even know their computers are infected? If you knew which department store in your area had the highest theft rate, would you shop there? Perhaps, since the store’s loss does not threaten you personally. But what if you knew which bank had the worst record for identity theft? Are you just as likely to be its customer? What’s at stake is the level of perceived threat.
The Spam Rankings project’s leaders hope you will recognize spam as more than annoying clutter. Far from a mere nuisance, they suggest, spam is the smoke that signals a dangerous fire. Spam at its worst poses a security threat and portends infection and theft.
For the end-user, inbound spam can carry malicious codes used by hackers for fraud and crime. For the organization, outbound spam — frequently sent unknowingly by its own computers — confirms that the company’s IT security has been breached and the organization is susceptible to all sorts of other malware, such as phishing, which tries to trick users into supplying account numbers and passwords; DDoS, distributed denial-of-service attacks, which bring down websites by inundating them with thousands of service requests per second; and data theft, in which passwords and financial information are siphoned off and stored on other servers for later theft or blackmail.
The rankings do show that some organizations, including hospitals, have made dramatic improvements over a few months, with some appearing to have cleaned up their spambot problem entirely.
For instance, Cedars-Sinai Health Systems, the leading hospital spammer in April, fell to third place by June. While a decrease of two ranks may not sound like much, their spam volume dropped significantly from 55,132 to 6,414, a reduction of 88 percent. By July, that reduction had widened to 95 percent. By August, Cedars-Sinai wasn’t even on the radar, with spam volume essentially near zero.
Does SpamRankings work? In commentary linked to the SpamRankings site, Quarterman noted the successes in the medical organizations’ rankings and wrote that the SpamRankings investigators had ruled out the possibility that these organizations simply managed to whitelist their netblocks on the Composite Blocking List.
The conclusion? The companies really did clean up their act partly in response to the rankings. Quarterman also noted that SpamRankings has even received a letter from one large medical group saying "The listing on your site added additional impetus to make sure we "stay clean" so in that regard, you are successful."