{"id":766,"date":"2008-11-10T17:25:14","date_gmt":"2008-11-11T01:25:14","guid":{"rendered":"http:\/\/www.artesianmedia.com\/blog\/2008\/11\/10\/spamposters-discover-dirty-secret-1-out-of-12-5-million-response-rate\/"},"modified":"2008-11-10T17:25:14","modified_gmt":"2008-11-11T01:25:14","slug":"spamposters-discover-dirty-secret-1-out-of-12-5-million-response-rate","status":"publish","type":"post","link":"https:\/\/www.artesianmedia.com\/blog\/spamposters-discover-dirty-secret-1-out-of-12-5-million-response-rate\/","title":{"rendered":"Spamposters Discover Dirty Secret: 1 Out of 12.5 Million Response Rate"},"content":{"rendered":"<p>Another quick hit here: Just saw <a href=\"http:\/\/news.bbc.co.uk\/2\/hi\/technology\/7719281.stm\">this story about how the spammer economy actually works.<\/a> Apparently, <a href=\"http:\/\/campustechnology.com\/articles\/50240\/\">researchers at UCSD <\/a>hijacked a hijacker&#8217;s network &#8211; the &#8220;Storm&#8221; zombienet that uses Trojans in unprotected home computers to send out the &#8220;V1@gr@&#8221; and &#8220;h00d1@&#8221; spam messages. Their paper on &#8220;spamalytics&#8221; is <a href=\"http:\/\/www.bbc.co.uk\/go\/relintlink\/IFS+News+v3\/ext\/-\/http:\/\/www.icsi.berkeley.edu\/pubs\/networking\/2008-ccs-spamalytics.pdf\">here. <br \/><\/a><img decoding=\"async\" style=\"--smush-placeholder-width: 500px; --smush-placeholder-aspect-ratio: 500\/375;max-width: 800px; float: left; margin-top: 10px; margin-bottom: 10px; margin-right: 10px;\" data-src=\"https:\/\/www.artesianmedia.com\/blog\/wp-content\/uploads\/2008\/11\/spam.jpg\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>The number that jumps out right away: while running their own spam network, the researchers found that they only made one sale of cut-rate pharmaceuticals for every 12.5 million messages they sent out.&nbsp; That&#8217;s a response rate of .00001%. <\/p>\n<p>This is interesting to me for a couple of reasons.<br \/><big><br \/><\/big><\/p>\n<ol>\n<li><b><big>It shows that successful business can operate and earn a profit on the web, even if their response rate is vanishingly small. <\/big><\/b>\n<p>&nbsp;This is interesting, in light of the continued problems of big business to understand the concept of niches, rather than tossing out bland lowest-common-denominator pablum. <\/p>\n<\/li>\n<li><b>&nbsp;The amount of money being made by the spammers is far, far lower than popular culture would have it. <\/b><\/li>\n<\/ol>\n<p>Hey, these were the guys running the dreaded &#8220;Storm&#8221; bot-net. In popular imagination, they were an army of greasy-haired Eastern European thugs; dressing in trench coats and trailing a platoon of vicious former Spetsnaz killer commandos. <\/p>\n<p>In reality, the amount of money they&#8217;re making relative to the amount of work they&#8217;re having to put in, is actually rather pathetic.&nbsp; They are having to demonstrate Mad Spamming Skills just to scrape off a tiny, tiny sliver of revenue.&nbsp; Those kinds of skills, put in to a more legitimate arena, would earn them far more money.&nbsp; <\/p>\n<p>It&#8217;s like seeing someone with the skills of Shaq grifting tourists down at the basketball courts in Venice for pocket change, rather than making $121 million in the NBA.&nbsp; Not sure what&#8217;s at work with these guys&#8230; <\/p>\n<p>And finally, and possibly most importantly: <\/p>\n<p>The research shows that even a small perturbation in the spamcosystem can have a massive effect on their revenues and business models. <br \/><b><br \/><a href=\"http:\/\/blink.ucsd.edu\/Blink\/External\/Topics\/Policy\/0,1162,12759,00.html\">This could mean the end of spam as we know it. <\/a><\/b><\/p>\n<p>Look, these clowns are hanging on by their fingernails. Even a small, incremental improvement in internet security &#8211; cutting down on the numbers of infected zombie &#8216;bots, f&#8217;rinstance.&nbsp; Or better router &amp; packet sniffing, to bounce back spam messages. <\/p>\n<p>If they have to send out 500-some-million messages to get back enough responses to survive on &#8211; well, if you make sure that they don&#8217;t even get those responses back &#8230; the spammers will be <a href=\"http:\/\/www.mall-net.com\/spam\/spamfaq.html\">put out of business very, very quickly.<\/a> Or as the BBC put it: <\/p>\n<blockquote>\n<p>Scaling this up to the full Storm network the researchers estimate that the controllers of the vast system are netting about $7,000 (\u00c2\u00a34,430) a day or $3.5m (\u00c2\u00a32.21m) per year. <\/p>\n<p>While this was a good return, said the researchers, it did suggest that spammers were not making the vast sums of money that some people have predicted in the past. <\/p>\n<p>They suggest that the tight costs might also open up new avenues of attack on spammers. <\/p>\n<p>The researchers concluded: &#8220;The profit margin for spam may be meager enough that spammers must be sensitive to the details of how their campaigns are run and are economically susceptible to new defenses.&#8221; <\/p><\/blockquote>\n<p><!-- E BO --> <br \/>And BTW &#8211; may I just say to the guys at UCSD: kudos.&nbsp; Really.&nbsp; Someone there thought creatively. The way the guys who wrote &#8220;Freakonomics&#8221; did &#8211; they went behind the scenes and did the pick&#8217;n&#8217;shovel work to figure out how something really worked, and they came up with data that contradicted the conventional wisdom.&nbsp; <\/p>\n<p>From one renegade researcher &amp; unconventional thinker to another: well done, sirs. Technorati Tags: <a class=\"performancingtags\" href=\"http:\/\/technorati.com\/tag\/Spam\" rel=\"tag\">Spam<\/a>, <a class=\"performancingtags\" href=\"http:\/\/technorati.com\/tag\/UCSD\" rel=\"tag\">UCSD<\/a>, <a class=\"performancingtags\" href=\"http:\/\/technorati.com\/tag\/botnets\" rel=\"tag\">botnets<\/a>, <a class=\"performancingtags\" href=\"http:\/\/technorati.com\/tag\/Storm\" rel=\"tag\">Storm<\/a>, <a class=\"performancingtags\" href=\"http:\/\/technorati.com\/tag\/hijacking\" rel=\"tag\">hijacking<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Another quick hit here: Just saw this story about how the spammer economy actually works. Apparently, researchers at UCSD hijacked a hijacker&#8217;s network &#8211; the &#8220;Storm&#8221; zombienet that uses Trojans in unprotected home computers to send out the &#8220;V1@gr@&#8221; and &#8220;h00d1@&#8221; spam messages. Their paper on &#8220;spamalytics&#8221; is here. The number that jumps out right [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","wds_primary_category":0,"footnotes":""},"categories":[],"tags":[1],"class_list":["post-766","post","type-post","status-publish","format-standard","hentry","tag-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.artesianmedia.com\/blog\/wp-json\/wp\/v2\/posts\/766","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.artesianmedia.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.artesianmedia.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.artesianmedia.com\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.artesianmedia.com\/blog\/wp-json\/wp\/v2\/comments?post=766"}],"version-history":[{"count":0,"href":"https:\/\/www.artesianmedia.com\/blog\/wp-json\/wp\/v2\/posts\/766\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.artesianmedia.com\/blog\/wp-json\/wp\/v2\/media?parent=766"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.artesianmedia.com\/blog\/wp-json\/wp\/v2\/categories?post=766"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.artesianmedia.com\/blog\/wp-json\/wp\/v2\/tags?post=766"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}