While in past years sexually explicit spam was a major topic of conversation at such gatherings, adult spam was merely a footnote at last week’s Spam Summit, where speakers focused on the increasingly malicious nature of spam and the products that now serve as the primary funding mechanism for spammers, including illegal pharmaceuticals.
Patrick Peterson, vice president for technology of IronPort Systems, said that profit motive remains the primary impetus for the illegal actions of spammers, but he said that the spam threat has evolved; spammers are increasingly trying to exploit and control end-user PCs as part of their email campaigns.
Peterson said that the modern spammer is concerned with three primary goals for their spam campaigns.
“Spammers are capitalists and they are talented and genius capitalists and what they are doing is designed to maximize profits,” Peterson said. “The second thing, of course, is if you want to make money in spam, you have got to get it in the inbox. And the third thing is once I as a spammer get it in the inbox, the next thing I have to do is to have you take action to infect your PC.”
Attorney Jon Praed of the Internet Law Group echoed Peterson’s point, and said that spam “is moving increasingly into the criminal arena.”
“It used to be that spammers were just kids or entrepreneurs, if you will, trying to make money,” Praed said. “They are still there doing this, but most spam today, I submit to you, is not designed to actually engage in any sort of commerce, even illegal commerce; it is quickly running to a pure criminal enterprise.”
Praed further predicted that at the next FTC spam summit, “we will not even be addressing the commercial aspects of this activity. What we are going to see is spam being sent out for three purposes, extortion, terrorism and warfare between nation states.”
While sexually explicit spam was referenced a few times during the course of the summit, such mentions were largely in the context of mentioning the varieties of spam sent by spammers and the means by which they sent out email — via botnets, zombie computers and other illicit means.
Suresh Ramasubramanian, manager of anti-spam operations for Outblaze Ltd., told the audience at one of the summit’s sessions that entirely avoiding spam is not possible, practically speaking.
“[Y]ou cannot avoid getting your email address harvested,” Ramasubramanian said. “The one thing you can do is be conservative about who you give your email address to … free email addresses are available. Use those, and learn to keep your information private as far as possible. It certainly won’t stop your address from being harvested, but it will minimize or mitigate the risk.”
Ramasubramanian said that spam is a “fact of life” for email users, and advocated following the sort of protocols that exist in the “pest control or disease mitigation sectors.”
“If you are trying to stop a disease, you drain swamps nearby and you teach people … to watch for signs of a disease,” Ramasubramanian said. “You try to minimize the factors that encourage this [spam problem] from developing.”