Observations from Uppsala » spam

500K Spam

Jakob — Wed, 03 Feb 2010 20:11:39 +0000

We recently had a malfunction in our spam filters at work, so I had to go back and review the catch for possible false positives. I sort things into two bins using spamassassin, one for most likely spam, and one for probable spam. When things started to go bad, the most likely folder had reached more than 2 GB, and the probable some 500 MB.

As you can see from the webmail screenshot below, the probable folder contained almost 100 thousand spam email. These were collected since May of 2008, or in a space of roughly 21 months.

If I guesstimate that the other folder has about the same average size, that adds in another 400 thousand spam. Bringing the total caught by these filters to about half a million overall. If you divide it down to days, it is “only” about 630 per day, plus some more that secondary spam filters catch, plus the ones that get through and I manually have to delete. But these other ones won’t add up to much more than a few tens of thousands in the same time spamn.

It is amazing just how voluminous this infestation is…

Legit business emails can’t be much more than fifty per day, plus various general mailing lists. Still, that means that probably no more than 75% of all email I receive is spam. Maybe I should consider myself lucky, I have seen analysis talking about 99% of all email on the Internet being spam…

Interesting it was.

Off-topic: Crime Medicine

Jakob — Sat, 01 Nov 2008 13:21:17 +0000

The Swedish national medical products agency is running a very cleverly marketed campaign right now to inform people about the perils of buying medicine over the Internet. They are running fake advertisement spots on television, mimicking the typical medical adverts found in the US (and the few other countries where such advertising is allowed for prescription medicine), with a trustworthy doctor talking about the benefits of this and that… and slowly going into weird land about how the products might not be want you think and maybe don’t contain the right stuff, etc.Finally, you are pointed to www.crimemedicine.com, a site setup for this campaign. All very clever. In fact, so clever that some people reported the spots to the consumer watchdog as being illegal advertisements… brilliant!

It is mostly in Swedish, though, but they have some English-language information at http://www.crimemedicine.com/lib/html/english.html.

I think this is pretty important stuff, way too many people are buying counterfeit and illegal and usually dangerous medical stuff over the Internet. That is not how you deal with your health: if you have a problem, go to a doctor or at least a physical pharmacy and talk to someone with proper credentials. Never ever self-medicate with stuff you find of the net. Or even sometimes buy in physical pharmacy in less well-policied countries. Real medications can be expensive — but most of the time, you are getting what you pay for. As always.

Off-Topic: Blog Spam Statistics

Jakob — Sun, 03 Feb 2008 21:36:01 +0000

Seems like my blog has been picked up by some spamming machine — at least I hope it is a machine, what a waste of manpower to manually send in spam since I am filtering all comments and not letting anything remotely spam-like through. Anyway, it is kind of interesting to see what kinds of things are being pushed using blog spam. Read on for more, but suffice to say that porn is dominant…Here is a simple diagram. Precise numbers are not really interesting, it is more the big picture that I wanted to analyze.

Comments:

Most spam is for porn sites of various kinds. Strange that they need to advertise themselves, but I guess they could be temporary sites set up to spread various forms of browser-attacking malware.
Replica handbags and watches come in second, clear market for scams and making money there.
Viagra and tramadol-style substances are also very lucrative, especially for expensive fakes. I can see the logic.
There is also a fair number of posts that I cannot make sense of immediately. Possibly, they are attempts at boosting search-engine ratings of the sites submitted as URLs to the posts… but since all comment links are set to “no follow” on this blog, that effort is wasted.
Various financial services, especially payday loans, are the last large category.
There are some interesting spams that just contain jumbles of letters (consonants only), and a link to a similar-looking URL. No idea why someone would do that, as nobody is likely to follow a meaningless link.

Overall, this follows the logic of spam of being pretty lucrative, especially selling various forms of overpriced fakes or replicas to people who seem unable to tell that a deal that is too good to be true really is.

BBC Documentary: On the Trail of Spammers

Jakob — Sun, 20 Jan 2008 21:00:50 +0000

If you are looking for a good popular introduction to what spam is and how it works, the BBC World Service Documentary Podcast has a very good documentary up right now. I cannot find a direct link, but go to the overview page and then download “Doc: Assignment – On the trail of spammers 17 Jan 2007″. Enjoy!