Stop Payments Stop Spam, Researchers Find

“Follow the money” – it was good advice for Woodward and Bernstein in their investigation of the Watergate scandal. It turns out to be good advice for those wishing to stamp out spam e-mail, also.

“Follow the money” – it was good advice for Woodward and Bernstein in their investigation of the Watergate scandal. It turns out to be good advice for those wishing to stamp out spam e-mail, also.

That’s the conclusion of researchers from the University of California, San Diego and the University of California, Berkeley, who subjected themselves to three spam-filled months last year in an attempt to analyze the “trajectory” behind multiple spam campaigns. The first step to eliminating spam, they concluded, severing the spammer’s connection to their payment processors.

Traditional spam fighting have focused on message filtering and e-mail proxy server takedowns. But those approaches have done little to stem the tide of malicious spam. The researchers set out to study spam flows and identify “bottlenecks” – variables that could be used to disrupt the spam chain of command. After crawling 15 million URLs, the researchers narrowed their focus to
businesses selling three commonly spammed about products:
pharmaceuticals, replicas and software. They then followed each campaign, going so far as to make 120 purchases using prepaid Visa cards, allowing them to follow the spam value chain to its terminus.

Researchers found only three banks, located in Azerbaijan, Denmark and Nevis, a small island in the West Indies, were used as payment clearinghouses for 95% of the spammed goods in their study, which  was presented at the IEEE Symposium on Security and Privacy on Tuesday in Oakland, Calif.

More telling, just two credit card companies: Visa and Mastercard have the global reach that makes them accessible in the countries where rogue banks are likely to operate.

The conclusion: putting pressure on the relatively few banks and credit card firms to stop enabling “high risk” transactions could disrupt the spam marketplace by forcing spammers to look for new banks.

And, unlike spam proxy server takedowns, a “financial blacklist” of banks could be updated and enforced quickly.

The researchers don’t see a “solution” to the spam problem – just a better line of defense. “Spam-based advertising is a business… it continues to exist because it fuels a profitable enterprise,” the authors argue.  While spam levels fluctuate, rising with the ebb and flow of botnets, spam will continue to thrive worldwide until a new avenue is investigated.

The research, Click Trajectories: End-to-End Analysis of the Spam Value Chain, can be found here (PDF).

Suggested articles