Click trajectories: End-to-end analysis of the spam value chain
Anyone who has come into even casual contact with the Internet is familiar with the concept of spam advertising, which often promotes questionable financial schemes and pharmaceuticals such as Viagra. The United States, among many other countries, has laws criminalizing certain deceptive tactics frequently employed by spammers. To date, most anti-spam initiatives have focused on defensive tactics such as email filters, URL blacklists and site flagging. Yet a deeper system supports spam advertising, and it could potentially be disrupted.
A 2011 study from the University of California, San Diego and the University of California, Berkeley, “Click Trajectories: End-to-End Analysis of the Spam Value Chain”, cataloged three months of online spam data and researched website naming and hosting infrastructures. As a research endeavor, more than 100 purchases from spam-advertised sites were made. The researchers tried to get an overall picture of the process employed to monetize spam email — from the banks that spammers use to the emails sent out — in order to defend against it.
The study’s findings include:
- Half of all spam programs have their domains and servers distributed over just 8% or fewer of the total available hosting registrars and Autonomous Systems. Overall, 80% of spam programs are distributed over just 20% of all registrars and Autonomous Systems.
- Of the 76 purchases for which the researchers received transaction information, there were only 13 distinct banks acting as credit card acquirers and only three banks provided the payment servicing for 95% of the spam-advertised goods in the study.
- A “financial blacklist” of banking entities that do business with spammers would dramatically reduce monetization of unwanted emails. Moreover, this blacklist could be updated far more rapidly than spammers could acquire new banking resources, an asymmetry favoring anti-spammers.
The researchers concede that there are legal challenges in some countries from which spam originates, and some spammers in non-Western countries complain that they are catering to real needs and “efforts to criminalize their actions are motivated primarily by Western market protectionism.” However, the study points out that spam is primarily supported by Western money: “The payment tier is by far the most concentrated and valuable asset in the spam ecosystem, and one for which there may be a truly effective intervention through public policy action in Western countries.”
Tags: crime, law, technology, Russia, telecommunications
We welcome feedback. Please contact us here.
Read the issue-related Wired article "Robert Soloway Exits Prison, Disavows ‘Spam King’ Ways."
- If you were to write a sidebar using the study to illustrate the wider challenges of anti-spam efforts, which key findings would you use?
Read the full University of California, San Diego and University of California, Berkeley study "Click Trajectories: End-to-End Analysis of the Spam Value Chain" (PDF).
- Summarize the study in fewer than 40 words.
- Express the study's key term(s) in language a lay audience can understand.
- Evaluate the study's limitations. (For example: Do the results conflict with those of other reliable studies? Are there weaknesses in the study's data or research design?)
- Write a lead (or headline or nut graph) based on the study.
- Spend 60 minutes exploring the issue by accessing sources of information other than the study. Write a lead (or headline or nut graph) based on the study but informed by the new information. Does the new information significantly change what one would write based on the study alone?
- Interview two sources with a stake in or knowledge of the issue. Be prepared to provide them with a short summary of the study in order to get their response to it. Write a 400-word article about the study incorporating material from the interviews.
- Spend additional time exploring the issue and then write a 1,200-word background article, focusing on major aspects of the issue.