Why Do Spam and Malware Exist?
Computer viruses are everywhere. Spam is abounding. Ransomware, identity theft, denial of service attacks and other cybercrimes are commonplace. Who does this stuff, and what’s wrong with them? Let's take a look at what motivates the miscreants who menace millions on the Internet...
Hackers, Spammers and Cybercriminals
Have you ever wondered why there's so much spam, so many computer viruses, rampant identity theft, and other perils of using the Internet? Perhaps it boils down to the ancient philosophical question, “Why is there evil in the world?”
Greed is the most common motivation for cybercrimes, as it is in the real world. There are big bucks to be made in malware that steals credit card, bank account, and identity details, corporate secrets, and other valuable data. The gullible will readily give money in exchange for counterfeit goods or just the false promise of goods. Some people will pay good money to damage the reputation of business competitors. Ransomware affects the entire spectrum of the online world, from large companies to home users. Most of the online damage is done for money.
Hatred is another ugly motivator. Often, it is disguised as heroism, a noble fight against a perceived evil enemy, which may be an individual, organization, corporation or government. But it’s hatred, none the less. Examples of this include those who spread disinformation or maliciously deface the websites of organizations with whom they disagree. Or it could be a "hacktivist" group that perpetrates denial of service attacks against their philosophical enemies.
Egotism is a third motivation. The desire to show the world how good your skills are, to do what others have failed to do, to make yourself look smart by making others look stupid, are all very satisfying to insecure egos. Some hacking groups have done this by breaking into websites, stealing embarrassing or confidential information, and publishing it online.
Grab That Cash With Both Hands and Make a Stash...
How do cybercrooks make money? The answer has changed over time. But mostly, it’s All About the Money. (Hat tips to Pink Floyd and Travis Tritt.)
Sanford Wallace was the original self-styled “Spam King.” In the 1990's, he had an ostensibly legitimate advertising business, sending out millions of unsolicited emails that advertise products or services for sale. He got paid a pittance for each email he sent, and a commission for each sale consummated in response to an email. According to “Spamford,” he made millions of dollars providing a perfectly legal service to merchants and consumers.
But eventually, spam stopped paying so well. Spam filters improved, and consumers became more wary of unsolicited offers. Spammers increasingly switched from selling things in annoying but legitimate ways to deliberately trying to defraud people. (More on the fate of Spamford below.)
That accounts for the rapid rise of ransomware and high-profile data breaches. By exploiting human error and security vulnerabilities, even low-skilled hackers can lock up the files of a single user or an entire company, and demand that a ransom be paid to restore access. Massive data breaches make the news regularly, compromising millions of usernames, passwords, credit cards, social security numbers, and other private information. These valuable troves of data are sold in the dark corners of the Internet, and the information is used to perpetrate fraud and identity theft.
Then there are the low-volume, high-value cybercrooks. They include so-called Nigerian "419 scammers" who find affluent and gullible victims to milk for thousands of dollars. I wrote about the 419 Scam back in 2006, and it's still going strong today. They also include online bank robbers who hack into financial institutions and steal millions at once, often just skimming a few unnoticed cents off of each customer’s account.
One of the boldest cases involved the 2013 theft of over $45 million in 27 countries over the course of a few hours. In that case, hackers broke into the networks of several banks and swiped PINs associated with the banks’ own accounts, not those of customers. Debit cards were forged that could use the stolen PINs to withdraw cash from ATMs. Hundreds of co-conspirators drained ATMs dry at approximately the same time, delivering the ringleaders’ share of the cash to their bosses and pocketing their wages.
Cybercrime and (occasionally) Punishment
Relatively few online crooks are caught and punished. It’s very difficult to investigate and prove such crimes because the criminal activity is hard to trace and often spans international borders. The few successful prosecutions we read about tend to be very large cases that are worth the trouble and expense to prosecutors.
"Spamford" Wallace continued with a string of fraudulent enterprises for a dozen years, was eventually fined several hundred thousand dollars, and sentenced to 20 months in prison. He was released in May 2018. Oleg Nikolaenko was a Russian “spam king” in the who allegedly ran a botnet that churned out over 10 billion spam emails every day, an estimated one-third of all spam in the late 2000s. He served three years in prison on charges of violating the U.S. CAN-SPAM Act. The FBI is still busy putting online crooks in custody. See the FBI Cyber Crime news and press releases.
There is no end in sight to the war on cybercrime, and sadly, most goes unpunished. The anonymous nature of digital currencies like Bitcoin makes it difficult to "follow the money". The best that YOU can do is try to avoid becoming a victim. Keep your malware and anti-spam defenses up. Be wary of phishing attempts. Monitor your credit reports and bank accounts for unauthorized transactions.
Your thoughts on this topic are welcome! Post your comment or question below...
This article was posted by Bob Rankin on 6 Dec 2019
|For Fun: Buy Bob a Snickers.|
Does Your Antivirus Software Do This?
The Top Twenty
Gripe Sites: Are They Noble or Nasty?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Why Do Spam and Malware Exist? (Posted: 6 Dec 2019)
Copyright © 2005 - Bob Rankin - All Rights Reserved