In his article "Trench Warfare in the Age of the Laser-guided Missile," Neil Schwartzman gives a brief description of the history of spam and the anti-spam movement, provides a summary of the current state of spam, and makes a series of recommendations concerning what actions the anti-spam community should take.
History of Spam and the Anti-Spam Movement: According to Schwartzman, both spam and the anti-spam movement have steadily evolved since 1995. The anti-spam movement has seen the rise of government groups, NGOs, and industry coalitions as well as anti-virus and spyware technologists and companies working individually to stop spam. Spam, however, has stayed ahead of the anti-spam movement, becoming more and more sophisticated in its ability avoid filters, collaborate with viruses, and reach users.
The Current State of Spam: Schwartzman sums up the current situation as a "blended criminal threat." He examines penny stocks, promoted using 'image-only' payloads. Stock spamming leaves paper trails and this led to some successful prosecutions at the end of 2006. He reaches the conclusion that although currently popular, stock spamming will decline as prosecutions increase. He also looks at phishing, which he feels is far more serious than stock spamming, because "personal information is the currency used by criminals on the net."
Consumer Confidence & Organized Crime: Although online commerce continues to grow, user confidence is e-commerce is decreasing as the number of threats from spam increase. Recent studies show that up to 90% of polled consumers are deeply skeptical about their ability to conduct business safely online. Schwartzman feels that as more users become victims or personally know victims of online fraud, they will cease their online purchasing and return to traditional retail outlet purchasing. One major concern is the possible failure of a major online financial service, which would certainly speed up users return to traditional retail and cause massive damage to the reputations of all online service providers. There is also additional concern as there is now "full integration with the bad-guy technologists and sophisticated groups of computer-aware criminals." The large amount of money that can be made from spam has now attracted organized crime including the Russian mob, the Italian mafia, the Hell's Angels, and the Columbian drug cartels.
The Future: At the inbox level, anti-spam technologies are very effective at blocking spam; however, the resource cost is becoming an issue as "major receiving sites have said privately that their systems are all but overwhelmed by the new levels of spam." The latest spam/malware threat is known as SpamThru. Although not yet being used to its full capacity, it caused an 80% increase of spam on some sites in the last three months of 2006. It also has the capability of avoiding complete deletion by removal programs. Other technologies which are also popular right now are 'Queen bots', which are capable of changing profiles and controlling subservient zombie computers, and 'fast-flux dns', which is a DNS server hosted on an infected machine that resolves human-recognizable URLs to a multitude of similarly infected machines. If spam continues to increase, and there are several ways it can, the result could be the end of e-mail or the Internet itself or virtual attacks on the real world (several of which have already been realized),
What Should Be Done: According to Schwartzman, the anti-spam movement is losing. This can be mostly attributed to the fact that the movement is disjointed and disorganized. Companies often have various groups dealing with different aspects of spam and malware who never communicate or coordinate. This is also seen in the interaction of the various anti-spam groups organized within the industry. Schwartzman believes that active participation and cooperation by all stakeholders is necessary to successfully fight spam and he makes a series of suggestion as to how this can be achieved.
See the complete article here.