snydeq writes "Amazon Simple Email Service and Amazon Web Services look to be a potent combination for businesses and developers, no matter which side of the law they're on, InfoWorld reports. The newly announced bulk email service, which will enable Amazon customers to send 100 emails for a penny, could prove enticing to those seeking a cheap way to bombard inboxes with spam, malware, and phishing lures. Amazon claims its in-house content filtering technology should assuage anyone thinking SES will be used by scammers. 'Those assurances aren't entirely heartening, though, unless Amazon is way ahead of the curve with content-filtering technology. Email services and software vendors have tried for years to keep spam and other unwanted messages from showing up in users' viewing pane, but the crud keeps slipping through.'"

wiredmikey writes "Following a two-week dramatic decline in spam levels, spam now accounts for 78.6 percent of all email traffic, the lowest rate since March 2009, when the global spam rate was 75.7 percent of all email traffic, according to Symantec's January 2011 MessageLabs Intelligence Report, released today. The volume of spam in circulation this month was 65.9% lower than for the same period one year ago, in January 2010, when the spam rate was 83.9% of all email traffic."

coondoggie writes "The folks at Google are taking issue over spam and the quality of Google searches, which some claim has gone down in recent months. Today on Google's official blog, Principal Engineer Matt Cutts said, 'January brought a spate of stories about Google’s search quality. Reading through some of these recent articles, you might ask whether our search quality has gotten worse. The short answer is that according to the evaluation metrics that we’ve refined over more than a decade, Google’s search quality is better than it has ever been in terms of relevance, freshness and comprehensiveness. Today, English-language spam in Google’s results is less than half what it was five years ago, and spam in most other languages is even lower than in English.' Cutts also explained that the company has made a few significant changes to their method of indexing."

Orome1 writes "In a major cybercrime turning point, scammers have begun shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers, and mobile platforms in general, according to the a new Cisco report. The report also finds that 2010 was the first year in the history of the Internet that spam volume decreased, that cybercriminals are investing heavily in 'money muling,' and that users continue to fall prey to myriad forms of trust exploitation."

www.sorehands.com writes "In the first California appeals court ruling (pdf), in Hypertouch v. Valueclick, it is ruled that the I-CAN-SPAM Act does not preempt California Business & Professions Code Section 17529.5. California Business & Professions Code Section 17529.5 prohibits the use of falsified headers and subject lines that are likely to mislead recipients. Spammers have been claiming, and some courts have been ruling, that to survive preemption, a Plaintiff has to show all the elements of fraud (false representation, knowledge, reliance, and damage from the reliance.) The reliance and damage from the reliance is difficult as it would essentially require the recipient to buy the penis enlargement pills and show that they don't work, or to send the money to the Nigerian prince. An ISP could never show reliance and harm, as they are not the recipient and would not be responding to e-mails traversing their systems. The ruling also made it clear that the advertiser is responsible for the acts of their agents, even if their agents promise not to spam."

Trailrunner7 writes "The amount of spam hitting users' inboxes fell off a cliff in late December, with many security experts attributing the decline to the sudden disappearance of the Rustock botnet and other networks from the spam business. But the level of spam has begun to gain back some of the ground it lost today as other spammers have taken up the slack. Researchers say that after the sudden drop-off in spam volumes, things stayed fairly quiet for a time, but now it seems that other spammers have picked up where Rustock and the other spamming operations left off. The volume of spam took a big jump upward in the last 24 hours, according to researchers at Websense. The volume of spam hasn't made it all the way back to the levels of the last few months of 2010, but it seems to be on the way."

krou writes "The Guardian's tech blog is running an interesting piece on Google's next big challenge, which is dealing with the spammers it helped create. 'Google is the 900-pound gorilla of search, with around 90% of the market (excluding China and Russia), and there's an entire industry which has grown up specifically around tickling the gorilla to make it happy and enrich the ticklers.' They quote Paul Kedrosky who notes that 'Google has become a snake that too readily consumes its own keyword tail. Identify some words that show up in profitable searches — from appliances, to mesothelioma suits, to kayak lessons — churn out content cheaply and regularly, and you're done. On the web, no-one knows you're a content-grinder.' Whether searching for reviews, products, businesses, or even conducting academic research, scraper sites are ranking higher than original content. The article speculates that Google may try fix the problem but, from Google's perspective, most of these type of sites use AdSense ads, and generate revenue for Google (89% of clicks come from the first page of results), so Google may not have an incentive to change things too much. Alternatively, people could stop using Google, 'because its search is damn well broken... The question is whether it would be visible enough — that is, whether enough people would do it — that it would show up on Google's radar and be made a priority.'"

Trailrunner7 writes "A new spam campaign that appeared shortly before the New Year is part of a new effort by the crew behind the Storm/Waledac botnet and is using some rather elementary tactics — in combination with fast-flux — to attempt to compromise unsuspecting users. The new attack emerged late last week and is fronted by a fairly lame spam campaign that is sending millions of emails that appear to be holiday e-cards, one of the older and more threadbare techniques in this particular game. According to an analysis of the attack by the researchers at the Shadowserver Foundation, victims who click on the link in the email are directed to one of a number of compromised domains, which then redirect the user to another page that displays a message asking the user to download a fake Flash player. This, of course, installs a piece of malware on the victim's machine."

theodp writes "'The web is better when it's social,' declared Google as it unveiled its OpenSocial initiative. Sounds great, right? Well, maybe not so much, unless you're keen on giving companies the capability to 'exponentially' bombard you with advertising across all of your social networking sites. On Thursday, the USPTO published Google's patent application for Propagating Promotional Information on a Social Network, which the search giant explains 'generally relates to creating and providing promotional information (e.g., advertising, public service announcements, etc.) to users of a social network (e.g., FACEBOOK, MYSPACE, ORKUT, LINKEDIN, TWITTER, etc.).' By doing so 'across multiple social networks,' Google adds, 'the impact of the other promotional information may exponentially expand to other users of a social network."

Orome1 writes "In October Commtouch reported an 18% drop in global spam levels (comparing September and October). This was largely attributed to the closure of Spamit around the end of September. Spamit is the organization allegedly behind a fair percentage of the world's pharmacy spam. Analysis of the spam trends to date reveals a further drop in the amounts of spam sent during Q4 2010. December's daily average was around 30% less than September's. The average spam level for the quarter was 83% down from 88% in Q3 2010. The beginning of December saw a low of nearly 74%."

Michael J. Ross writes "While it is possible to create a simple website using a base installation of Drupal, the real power of this content management system is achieved through the use of modules, which can be thought of as add-ons that extend the capabilities of Drupal in specific ways — oftentimes in conjunction with other modules. These modules are developed and contributed by PHP programmers who understand how to use one or more of the Drupal application programming interfaces (APIs) to access information stored in a Drupal database, such as content, user profiles, and theme settings. These APIs have changed with Drupal version 7, and thus Drupal coders could benefit from a book that explains how to create Drupal 7 contrib modules." Read on for the rest of Michael's review.

MarkvW writes with this welcome bit of Schadenfreude: "People are finally starting to use the anti-spam laws in the malevolent manner in which they were intended — unlimited consumer lawsuits from unlimited plaintiffs!" The story's protagonist is my hero for the season.

achowe writes "Steve Linford of Spamhaus sent this to a private anti-spam list and asked that the message get out far and wide: 'For speaking out about the crime gangs located at the wikileaks.info mirror IP, Spamhaus is now under ddos by AnonOps. As our site cannot be reached now [actually sporadic], we can not continue to warn Wikileaks users not to load things from the Heihachi IP. ... AnonOps did not like our article update, here is what we said and what brought the ddos on us.'" At the conclusion of this message: "Spamhaus continues to warn Wikileaks readers to make sure they are viewing and downloading documents only from an official Wikileaks mirror site. We’re not saying 'don’t go to Wikileaks' we’re saying 'Use the wikileaks.ch server instead.'" Here is Spamhaus's full warning.

Julie188 writes "As public IPv4 addresses dwindle and carriers roll out IPv6, a new problem has surfaced. We have to move through a gray phase where the only new globally routable addresses we can get are IPv6, but most public content we want to reach is still IPv4. Multiple-layers of NAT will be required to sustain the Internet for that time, perhaps for years. But use of Large Scale NAT (LSN) systems by service providers will cause problems for many applications and one of them is reputation filtering. Many security filtering systems use lists of public IPv4 addresses to identify 'undesirable' hosts on the Internet. As more ISPs deploy LSN systems, the effectiveness of these IPv4 filtering systems will be hurt."

An anonymous reader writes "An NYU study reveals that over 40% of the jobs posted by new employers on MTurk are some sort of spam request, such as fake account creation, fraudulent ad clicks, or fake comments, tweets, likes and votes. The study also shows that the bad jobs could be automatically filtered with 95% accuracy, but Amazon is not interested."

An anonymous reader writes "What ever happened to the good old days, when underhanded email practices were only used by shady email marketing companies and spammers? Today, it seems, the mainstream corporate world has begun to employ the same tactics as spammers to track their customers' email. Jonathan Zdziarski noted in a blog entry that AT&T is using web bugs to track email sent to customers. Could this be used for nefarious purposes?"

DaveNJ1987 writes "The FBI believes that one third of the world's spam messages are being generated by one 23-year-old Russian man. Oleg Nikolaenko of Moscow is being blamed for operating the Mega D botnet that sent spam emails from over 500,000 infected computers."

Mark Zuckerberg just held a presentation to unveil Facebook's "next generation messaging" system. He repeatedly drove home the idea that "this is not email," nor is it "an email killer." Their plan is to tie together multiple forms of communication — email, texts, social updates, etc. — and blend them into conversations. As users go about their days, interacting with a variety of devices, the communication method automatically updates to whatever is appropriate at the time. If a user receives an email while he's at a desktop, browsing Facebook, it will bring up the message in a Facebook chat window. If the user is browsing on a smartphone, it will bring up the message there, instead. If it's a dumbphone, then a text message can be sent. Another central feature is the idea that conversation histories from multiple sources and different forms of communication can be integrated through Facebook, so that you no longer have to separately root through IM logs, SMS logs, old emails, etc., to see old correspondence. (Users will have the ability to delete these, should they desire.) The last major feature they mentioned is what they call the "social" inbox, which is based on whitelisting. Users will be able to set up primary inboxes which only display communications they definitely want to see, while leaving low-priority messages, spam, and all the other noise typical to email in an inbox they check less frequently. The new system will be rolled out slowly over the next few months.

ashidosan writes "Hot on the heels of the Adafruit competition, Matt Cutts (a search spam engineer at Google) is sponsoring two more $1,000 bounties for projects using Kinect. 'The first $1,000 prize goes to the person or team that writes the coolest open-source app, demo, or program using the Kinect. The second prize goes to the person or team that does the most to make it easy to write programs that use the Kinect on Linux.'" Relatedly, reader imamac points out a video showing Kinect operating on OS X.

littlekorea writes "MessageLabs claims to have discovered that the systems of one of its customers were hacked by spammers after an entire block of MessageLabs IP addresses was blocked by antispam service SORBS. Customers of the managed email service had problems with outbound mail last week after MessageLabs' IP addresses were included in SORBS' block list. The Symantec-owned service provider has assured customers it has systems in place to prevent such incidents from happening again."