Why Do Spam and Malware Exist?

Category: Security

Computer viruses are everywhere. Spam is abounding. Ransomware, identity theft, denial of service attacks and other cybercrimes are commonplace. Who does this stuff, and what’s wrong with them? Let's take a look at what motivates the miscreants who menace millions on the Internet...

Hackers, Spammers and Cybercriminals

Have you ever wondered why there's so much spam, so many computer viruses, rampant identity theft, and other perils of using the Internet? Perhaps it boils down to the ancient philosophical question, “Why is there evil in the world?”

Greed is the most common motivation for cybercrimes, as it is in the real world. There are big bucks to be made in malware that steals credit card, bank account, and identity details, corporate secrets, and other valuable data. The gullible will readily give money in exchange for counterfeit goods or just the false promise of goods. Some people will pay good money to damage the reputation of business competitors. Ransomware affects the entire spectrum of the online world, from large companies to home users. Most of the online damage is done for money.

Hatred is another ugly motivator. Often, it is disguised as heroism, a noble fight against a perceived evil enemy, which may be an individual, organization, corporation or government. But it’s hatred, none the less. Examples of this include those who spread disinformation or maliciously deface the websites of organizations with whom they disagree. Or it could be a "hacktivist" group that perpetrates denial of service attacks against their philosophical enemies.

Why Does Cybercrime Exist?

Egotism is a third motivation. The desire to show the world how good your skills are, to do what others have failed to do, to make yourself look smart by making others look stupid, are all very satisfying to insecure egos. Some hacking groups have done this by breaking into websites, stealing embarrassing or confidential information, and publishing it online.

Grab That Cash With Both Hands and Make a Stash...

How do cybercrooks make money? The answer has changed over time. But mostly, it’s All About the Money. (Hat tips to Pink Floyd and Travis Tritt.)

Sanford Wallace was the original self-styled “Spam King.” In the 1990's, he had an ostensibly legitimate advertising business, sending out millions of unsolicited emails that advertise products or services for sale. He got paid a pittance for each email he sent, and a commission for each sale consummated in response to an email. According to “Spamford,” he made millions of dollars providing a perfectly legal service to merchants and consumers.

But eventually, spam stopped paying so well. Spam filters improved, and consumers became more wary of unsolicited offers. Spammers increasingly switched from selling things in annoying but legitimate ways to deliberately trying to defraud people. (More on the fate of Spamford below.)

That accounts for the rapid rise of ransomware and high-profile data breaches. By exploiting human error and security vulnerabilities, even low-skilled hackers can lock up the files of a single user or an entire company, and demand that a ransom be paid to restore access. Massive data breaches make the news regularly, compromising millions of usernames, passwords, credit cards, social security numbers, and other private information. These valuable troves of data are sold in the dark corners of the Internet, and the information is used to perpetrate fraud and identity theft.

If you heed the advice in my article Ten Ways to Protect Yourself From Identity Theft, it will go a long way toward protecting you from malware, spammers, hackers, and other cyber-crooks.

Then there are the low-volume, high-value cybercrooks. They include so-called Nigerian "419 scammers" who find affluent and gullible victims to milk for thousands of dollars. I wrote about the 419 Scam back in 2006, and it's still going strong today. They also include online bank robbers who hack into financial institutions and steal millions at once, often just skimming a few unnoticed cents off of each customer’s account.

One of the boldest cases involved the 2013 theft of over $45 million in 27 countries over the course of a few hours. In that case, hackers broke into the networks of several banks and swiped PINs associated with the banks’ own accounts, not those of customers. Debit cards were forged that could use the stolen PINs to withdraw cash from ATMs. Hundreds of co-conspirators drained ATMs dry at approximately the same time, delivering the ringleaders’ share of the cash to their bosses and pocketing their wages.

Cybercrime and (occasionally) Punishment

Relatively few online crooks are caught and punished. It’s very difficult to investigate and prove such crimes because the criminal activity is hard to trace and often spans international borders. The few successful prosecutions we read about tend to be very large cases that are worth the trouble and expense to prosecutors.

"Spamford" Wallace continued with a string of fraudulent enterprises for a dozen years, was eventually fined several hundred thousand dollars, and sentenced to 20 months in prison. He was released in May 2018. Oleg Nikolaenko was a Russian “spam king” in the who allegedly ran a botnet that churned out over 10 billion spam emails every day, an estimated one-third of all spam in the late 2000s. He served three years in prison on charges of violating the U.S. CAN-SPAM Act. The FBI is still busy putting online crooks in custody. See the FBI Cyber Crime news and press releases.

There is no end in sight to the war on cybercrime, and sadly, most goes unpunished. The anonymous nature of digital currencies like Bitcoin makes it difficult to "follow the money". The best that YOU can do is try to avoid becoming a victim. Keep your malware and anti-spam defenses up. Be wary of phishing attempts. Monitor your credit reports and bank accounts for unauthorized transactions.

Your thoughts on this topic are welcome! Post your comment or question below...

Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Check out other articles in this category:

Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 6 Dec 2019

For Fun: Buy Bob a Snickers.

Prev Article:
Does Your Antivirus Software Do This?

The Top Twenty
Next Article:
Gripe Sites: Are They Noble or Nasty?

Most recent comments on "Why Do Spam and Malware Exist?"

Posted by:

06 Dec 2019

There are also steps that can be taken in advance to protect yourself. Companies you have done business with may be hacked and your info gets in the hands of criminals.

The FTC (USA) recommends two options, one is temporary one is permanent until lifted.

Fraud Alert: Temporary, needs to be renewed after 90 days.

A fraud alert requires companies to verify your identity before extending new credit. Usually that means calling you to check if it is really you trying to open a new account.

Credit Freeze: A freeze lasts until you temporarily lift or permanently remove it (except a few states where freezes expire after 7 years).

A credit freeze limits access to your credit file so no one, including you, can open new accounts until the freeze is lifted.


Posted by:

Renaud Olgiati
06 Dec 2019

One reason for Spam is that sending emails is free.
If spammers had to pay for each and every message they send, it would not be worth doing...

Posted by:

06 Dec 2019

If these cyber criminals would work as hard at an honest job just think of all that could be accomplished legally.

Posted by:

07 Dec 2019

I was hoping that there was some 'worthy' mention of buffoons/thugs from Russia, Romania, China, et al. They seem to be in it not for the $$ but for state-sponsored hooliganism and/or the notoriety.

Posted by:

07 Dec 2019

Malware/viruses exist because MS Windows runs in administration mode, unlike Linux or Mac.

One reason why spam exists is because people use their primary addy for everything from communication to signing up for ezines and those free giveaways which are often spam-traps.

Several years ago I joined an affiliate program and used a unique email when I signed up.

Three months later I began to receive spam on the email addy I created for that account which told me the company had sold my info.

Now I keep several email accounts. One is used for communications while the others are used for signups. I do not have a spam problem.

Posted by:

Doug Robison
07 Dec 2019

What I would like to see is make it a 5 yr prison term for anyone causing mass computer problems and convicted and second time lifetime term we need to have stiffer penalties for these things.

Posted by:

08 Dec 2019

Linden: You are correct. I use my own domain and create email addresses that are applicable to the site or account I am creating. E.g., our friend Bob gets his own unique email address for newsletter. Should I ever get an email sent to it that's not really from him, I'd reach out to him and ask about it. One address I've gotten spam sent to is my logmein address. Once they got rid of the free option, I stopped using their service, but I've gotten non-logmein emails sent to it. I flag them as spam.

Posted by:

Emily Booth
13 Dec 2019

Long time apple user. Never got spam with my mac address until a few years ago. I had aliases set up which were originally intended to be disposable but Apple no longer offers aliases and grandfathered in current accounts. Now, my mac addresses, including aliases, have been pwned. I am switching to gmail.

Posted by:

Rob Golding
19 Dec 2019

I agree 100% with Renaud Olgiati's remarks above. I have suggested on many occasions that if emails were charged at say 5 US cents a time it would be uneconomic to send our thousands every day. I was told by my ISP that this would be impossible unless every service provider in the World signed up for this. Spam usual originates from some small country or even Russia but if every ISP automatically deleted ALL emails from that country the authorities there would soon put a stop to it.

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter

Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy     RSS/XML

Article information: AskBobRankin -- Why Do Spam and Malware Exist? (Posted: 6 Dec 2019)
Source: https://askbobrankin.com/why_do_spam_and_malware_exist.html
Copyright © 2005 - Bob Rankin - All Rights Reserved