Defeating spamfilters through obsession
[The harasser] was hitting me on email and twitter for more than [2100 messages], and the thing was, those all got past the filters I’ve got in place. So one obsessed crazy man with minimal technical skill and nothing but persistence outperforms all the spambots out there, at least on the scale of individuals, if not in breadth of attack.
Dr. Meyers goes on to suggest that spammers could defeat filters just by hiring a bunch of people who would manage an ongoing campaign of identical but not quite emails.
Spammers have beat him by at least a decade. In fact, much of the Nigerian 419 spam and associated scams are hand written and sent out by people paid pennies an email to send them.
Where everything falls apart, though, is getting a response. The harasser didn’t need a response from the people he was harassing. So he could go through dozens and dozens of email addresses and twitter accounts a day. Spammers are usually attempting to collect money from people, and they need to have some sort of way for their targets to provide that money.
In fact, a group of researchers looked at credit card processing as a way to stop spam.
95 percent of the credit card transactions for the spam-advertised drugs and herbal remedies they bought were handled by just three financial companies — one based in Azerbaijan, one in Denmark and one in Nevis, in the West Indies.
It was taken as truth back when I was handling abuse@ that if we could stop people from buying from spam, that we could stop the spam problem in its tracks. That failed for multiple reasons. First, it’s impossible to stop people from being manipulated and taken advantage of by scammers. Second, spammers have figured out how to make money in many more ways than getting people to give it to them. Now, a lot of spam is not advertising real products or services. It’s closer to theft or fraud.