Newsletter - sign up here
Search Webster
Webster's pieces from The Oldie
Webster's Webwatch

Dealing with Spam
January 2005

We almost all receive lots of junk emails - spam, as it has become known. Bill Gates, the Microsoft founder, gets four million a day.

In the UK we have some fresh anti-spam laws but they will have no effect. The Information Commissioner (, whose job it is to enforce them, is woefully under funded, and the legislation is virtually toothless anyway.

However, the Americans have taken a tougher line and have successfully prosecuted one of their major spammers. Sentencing will not take place until February, but nine years in the chokey is likely.

He started work ten years ago sending old fashioned junk mail by post, but quickly discovered the Internet and moved his grubby business online. When he was shut down, he was sending out over ten million emails each day, and had the sort of computer equipment that only a large company should need, all in a modest house in North Carolina.

His emails would offer some wonder product or other. The deal was always the same - you sent him your money (by credit card) and if he sent you anything at all it was some worthless advice or software, transmitted by automated email.

The key to his business was its scale. Only a very small proportion of recipients responded to his emails, perhaps just one or two from every 30,000 sent, but each of those would pay about $40. It's a small enough amount to lose without bothering to make a fuss. But, given the sheer scale of his operation, it meant that he was often able to pull in up to $750,000 per month, which compared very favourably with the $50,000 per month it cost him in computer time.

Like most successful fraudsters, he was imaginative and creative; he had a constantly changing range of products and aliases, and was technically skilled at covering his tracks, making it almost impossible for his victims to find him.

It is not clear how he found the email addresses, but it was probably in a very old fashioned, pre-digital way, by bribing employees of email providers to give him lists. Also, he would just make them up hope to get lucky.

It sounds pretty clever, but it wasn't clever enough to stop him being caught, and in fact his technique was unsophisticated compared to the serious spammers. They manage their affairs from countries that have more relaxed laws (which is most of them). Also, the tax havens that provide "ask no questions" financial services have not been slow to spot the market, and are quietly creating email havens for the spammers. And naturally, the money earned can easily be deposited in the many obliging and discreet banks that live in these attractive spots.

On top of that there are what are called "zombie servers" which manage to use viruses to send the emails from innocent third party computers (yours or mine) effectively assuming our identities, and using our internet time.

I suppose that it's all part of the price we have to pay for having an Internet that is as free from regulation, but it is a bit of a worry.

The solution is to establish a robust defence. There are three rules: first, treat junk emails like you should treat junk letters that come through the letterbox - chuck them in the bin without reading them. Second, keep your virus checking software up to date, and use an ISP that does the same - the better ones manage to head a lot of this stuff off before it reaches you. And third, remember the golden rule: if it looks too good to be true, that's because it is too good to be true.