The rise and rise of the spam industry
What a shock we got when arriving at work this morning, we found our inboxes full of many thousands of spam emails.We are fairly tight in our anti spam measures. We use spamhaus and others to double check that senders are not present in the spam lists. We check that they are not an open-relay using the ORDB. And we use Spam Assassin on our servers to analyze each incoming email for content, consigning the rubbish to dev/null.
And then we blacklist each web server, domain or network which has spammed us in the past, using firewall configurations.
And over the last three months, since the escalation of a new set of attacks against web forms, we have rebuilt hundreds of web forms that we have deployed over the last years, to include code that would block spam attacks. This latter in particular has been an onerous task, particularly as it is something that no-one pays you for.
Your hosting customers don't know anything about security, and while some of them wish to control their own websites, we cannot afford to get our servers blacklisted because of customer omissions, so we had to bite the bullet and do it ourselves.
But yesterday, when moving a website onto a new server, an older version of a web form was inadvertently restored over a newer, tightened version. And that was enough for the spam gangs.
In the course of one night they found the hole, and fired out around 1background-color: #b7c3cf; -moz-border-radius: 10px; min-height: 20px; width: 575px; font-weight: normal; padding: 15px 15px 15px 15px;,background-color: #b7c3cf; -moz-border-radius: 10px; min-height: 20px; width: 575px; font-weight: normal; padding: 15px 15px 15px 15px;background-color: #b7c3cf; -moz-border-radius: 10px; min-height: 20px; width: 575px; font-weight: normal; padding: 15px 15px 15px 15px;background-color: #b7c3cf; -moz-border-radius: 10px; min-height: 20px; width: 575px; font-weight: normal; padding: 15px 15px 15px 15px; emails to (non-existent !) email addresses. Of course, emails sent to non-existent addresses wind up back wherethey were sent from, so the returns from the attack bounced back to our own system accounts.
Why do they do it? Don't ask me. I've never understood wanton vandalism. but it is clearly professionally organized and managed. It is not some random Russian hacker sitting writing hack code out of boredom. It is a big industry, much of it based in the US, which has clear economic motives. That could be the manipulation of stock market prizes, a current favourite spam subject.
Wonder who is going to do something about these people. Isn't it time the Internet itself turned on them, since no Government appears to be up to the task?
