He also said that MSN were working with other industry leaders such as AOL, Yahoo! and EarthLink on a range of joint initiatives to conquer what he described as, "a drain on business productivity, an increasingly costly waste of time and resources that clogs corporate networks and distracts workers. Among consumers, it spreads scams, pornography and even computer viruses. Worse, spammers prey on less sophisticated e-mail users, including children, threatening their safety and privacy."
A few months later, in The Washington Post, Bill Gates predicted a spam-free future, believing that as, "less junk mail reaches recipients -- and violators face stiffer sanctions for illegal activities -- the financial incentives for spammers will decrease, and spamming will lose its appeal."
Unfortunately, despite constant MSN security updates and patches, new more secure product releases, and all the spending by security firms to make users safer, this vision is far from being realised. In fact spam is more prevalent today than ever before, with e-mail filtering firm Postini, reporting that spam volumes increased by a massive 73% over the three months prior to December. Dan Druker, a spokesman for Postini, told the BBC that now, "92.6% of all e-mail messages are spam".
While email security developers continuously build better filtering technology to detect and remove offending spam, the spammers are themselves developing more sophisticated methods of circumventing the filters. As soon as the technology was created to analyse whether the text of an email was structured like a real message rather than unwanted spam, spammers started to include random quotes from stories, and churning out different variants of the messages to fool the anti-spam filters and help to get the unwanted messages through.
As technology has advanced, so have the tools used by the spammers. Gone are the days when targeting specific servers which have historically been used to deliver mass junk emails, will stop these hi-tech criminals. These days, 80% of junk mail is routed through home PCs which have been hijacked after having been infected by an email or software virus or having visited a web site which contains hidden malicious scripting, turning the computer into a "zombie".
These zombie PCs can then be connected up with other compromised machines to form a "botnet" which is then used to send out email spam, commit pay-per-click click fraud, host phishing or money mule recruiting websites, or even become involved in distributed denial of service attacks.
A Get Safe Online campaign released by the government found that during the first six months of 2006, British shoppers spent more than £13bn online however 21% of those who responded in the report felt that they were most at risk from net crime, while only 16% reported that they felt most at risk of being burgled.
It seems that as spammers and hackers are prepared to use any technique they find that works in order to target poorly protected home PCs, service providers, badly secured online shops, banks, etc, users cannot rely on the software manufacturers to provide a magic bullet to defeat spam. Many Cybercrooks have even taken to timing their new attacks for right after Microsoft release their security fixes on the second Tuesday of every month in order to gain the greatest impact before a new patch can be released to plug the exploited security holes. This has lead security experts to this year coin the term "zero-day Wednesdays" to indicate the rise in these types of attacks.
2006 saw some anti-spam successes with Microsoft winning a $1 million lawsuit against Ryan Pitylak who was accused of sending up to 25 million e-mails per day, leading to his announcing that, "I am pleased to announce that I am now a part of the anti-spam community, having started an Internet security company that offers my clients advice on systems to protect against spam. I'm now working earnestly to help other entrepreneurs avoid the traps that deceived me and led me to make questionable business choices."
However the year also saw spam fighters being attacked in return, as Spamhaus, a UK based anti spam database, which is used by many popular anti spam appliances, being taken through the US law courts by e360insight whom they had blacklisted.
The release of the IE7 browser which was intended to be a major step forward in fighting the threats of hackers and spammers, almost immediately required the issuing of security update patches to prevent malicious attackers altering content on the pop-up windows of legitimate websites.
While the uncontested US ruling which found against Spamhaus is not enforceable in the UK, and security holes like the one above in IE7 are rapidly patched up, they do show that there is a full scale fast changing spam war in progress. Whether the introduction of MS Vista will lead to the massive security leap forward which Microsoft claims or how long it takes for the system security to be hacked remains to be seen.
So far Bill Gates predictions have failed the test of time, and rather than the financial incentives for spammers decreasing and spamming losing its appeal, the spammers are merely becoming more inventive in their activities, and it is up to every member of the online community to ensure they have their own up to date protection and stay alert for anything suspicious.
Tony Neate of the Get Safe Online campaign stated that people should treat their PC like their car, taking steps to keep it in good working order and safe from all threats. "It's about crime prevention and awareness". He also advised users to, "take some simple precautions and people are going to be safe."
