2009-10-13

Phishing and SPAM, A Crowd-Source Solution

You know… a long time ago, we told people to “just ignore” spam. Answering it, we said, would just get them to send more to us. If we ignore it, it will eventually go away. History has proven us wrong, very wrong indeed. We didn’t factor in that even a 0.01% idiocy rate is profitable when millions of people are tagged. Now, we’re telling them to just ignore phishing, like it will go away. It's time to admit we were wrong; It’s time to start fighting back.

Instead of telling people to ignore phishing, we should tell them to respond with a lie. Every piece of SPAM or Phishing attempt should be answered with bogus information. That way, the economies of scale change, they change in our favour. Instead of them sending out 10,000,000 emails and getting 100 replies from stupid people, they get 100,000 replies where only 100 are real. Then, they have to go through each one, sorting out the good from the bad. Not only do we get some satisfaction in wasting a little bit of the phisher’s time, we also protect the 100 really stupid idiots that responded with the truth.

Send out a batch of emails telling people they have won the lottery, and your email server gets buried under false replies. Send out a link for selling Viagra, and you get millions of orders with fake credit card numbers and a shipping address to the Vatican. Phish for passwords and get more back then you could ever process, mostly garbage. The Nigerian businessman should always get buried under requests for more information, false bank account numbers, and phone numbers for some telemarketing companies. Reply to everything; make a game of it. Let the phishers waste time sorting out the mess they get back. What have we got to lose? They already have our email addresses. The results can’t be any worse than they are now.

It's a simple crowd-source solution to SPAM and Phishing. Why should we try to figure out technical solutions to the problem of responding idiots. Tell everyone to respond with garbage; bury the phishers with data and leave them the task of creating technical tools to fix their problem. All we have to do is tell everyone to lie. That's pretty easy to do. It's fun too.

1 comment:

FixerDave said...

小劉 said...

good... and then left a link to a website with a picture of a very nice lady on the homepage. Dating/Porn site or something. Spam, spam, and more spam. Sigh... Delete.

Oh, the domain of said link is owned by:

UThome

NO.290-4. GONG-JENQ ROAD
master@ysl.net
Taiwan 26507
Taiwan

Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: B2CSOEZ.COM
Created on: 01-Apr-08
Expires on: 01-Apr-10
Last Updated on: 07-Oct-09

Administrative Contact:
chia sung, Liu master@ysl.net
UThome
NO.290-4. GONG-JENQ ROAD
master@ysl.net
Taiwan 26507
Taiwan
(022) 747-0684 Fax -- (022) 763-1945

Technical Contact:
chia sung, Liu master@ysl.net
UThome
NO.290-4. GONG-JENQ ROAD
master@ysl.net
Taiwan 26507
Taiwan
(022) 747-0684 Fax -- (022) 763-1945

Not that this proves they specifically built the above-mentioned site and put the link here, just like Google didn't really write all my blog content.