Why can't we do anything about spam?

E-mail has been rendered almost useless; now Facebook and Twitter are under massive spam attacks. It's time to get serious about stopping these sleazoids

So I open my inbox this morning to find a bit-o-spam from an outfit calling itself Broadcast-info.com.

Nothing new there. What was different about this one is that I also had a dozen messages from various other recipients of that spam niblet, trying to unsubscribe. Near as I can figure, the incredibly clueless spammer who sent this one out set it up so that replies went to everyone on the mailing list.

[ Also on InfoWorld: "Twitter is dead" | Tune in to the InfoWorld Security Central channel for the latest IT security news and reviews. ]

That domain doesn't have a site attached to it, and the domain registration info is anonymized (of course). But the e-mail contains links to what seem to be legitimate sites: Magicsoft.tv and BroadcastEngineering.com. (I've sent queries to both sites, but neither had responded by press -- er, blog time.)

It's not clear whether either site has anything to do with the spam, though there's only one reason to send out junk e-mail, and that is money. Somebody got paid to do this by someone.

The larger point: Spam has pretty much killed e-mail for me.

Between having to filter out junk that the spam filters at my ISP, Web host, and e-mail software missed; combing through my junk mail folder to look for messages I should have gotten but didn't; and having to check back with people to whom I've sent urgent e-mails, so I know they got them (half the time they didn't), spam has made e-mail almost unusable.

That's one reason why people gravitated to services like Facebook and Twitter. Initially, they were spam free. And freed from the burden of both e-mail and spam overload, people responded much more quickly (the fact that some responded at all is a plus). Well, those days are numbered, too.

I've written about Twitter and spam recently ("Twitter is dead"); since then, the problem has actually gotten worse (though the Twitmeisters did add a "report for spam" link to each profile shortly after I suggested it; I'll take full credit, thank you very much).

Yesterday I got a direct message from one of Zappos' many Twitter minions, urging me to visit a site pitching a colon cleansing product (!). The shoes-to-bowels transition was so weird I had to look into it. Turns out somebody had hijacked her account, though she managed to wrest control of it back. Looks like she got nabbed by that password stealing phishing scam that hit last month.

I can't tell you how many bogus Facebook phishing e-mails I've deleted this week. That's apparently part of a massive bot attack designed to steal users' Facebook credentials, probably in order to run more Nigerian 419 scams.

The problem? When the U.S. Congress did finally get around to passing a law against spam -- the Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003 (aka the CAN SPAM Act) -- it was so toothless they needed polygrip to keep it in place. Direct marketers who saw the future in electronic junk mail lobbied hard against giving the law real bite, so Congress spent more time coming up with a cute acronym than it did creating a law that would actually deter or punish spammers. Meanwhile, tougher state laws (like Virginia's) have been overturned due to First Amendment conflicts.

Back in 2003, spam constituted roughly half the e-mail sent over the Net. According to Symantec, it's now up to 86 percent.

So how's that law working for y'all?

It happened again this week. Notorious junk e-mail king Spamford Wallace just got a $711 million judgment against him for abusing Facebook and violating the CAN SPAM Act. They might as well have made it $711 trillion. He's not going to pay it. The man has had at least two other multi-million-dollar judgments against him, and it hasn't done diddly. The handful of other "spam kings" who've been nabbed has done nothing to deter the rest either.

Why does this matter? Because spam is more than merely an annoyance. It's like a gateway drug (no pun intended) to all the harder stuff that slimes up the Internet: identity theft, malware infestations, fake pharmaceutical sales, and so on.  You name it; if it's online and ugly, odds are it started in an e-mail (or, now, a tweet).

We are long overdue for some kind of actual spam solution, whether it's a more secure e-mail protocol or stiffer penalties. Personally, I'd start by sentencing spammers to some quality time in a maximum security cell with an ex-biker named "Tiny." How about you?

What would you do to fix the spam problem? Weigh in below or e-mail me: cringe@infoworld.com.

Take the InfoWorld news quiz.

This story, "Why can't we do anything about spam?," was originally published at InfoWorld.com. Follow the latest developments in security at InfoWorld.com.


Copyright © 2009 IDG Communications, Inc.

How to choose a low-code development platform