News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Amir Lev's picture
Amir Lev

Security Levity

More posts | Read bio

October 14, 2009 - 8:09 A.M.

Spam culture, part 2: Russia

6 comments

This week on Security Levity... the second in a series of posts about spam in different cultures. This time: how Russia views spam.

As we saw when we looked at China, it's no surprise that Russian culture is very different from that in the West, whether in North America or western Europe. Spam is just one example of these huge differences.

Many business people in Russia see it Russian flagas their inalienable right to send unsolicited email, perhaps even more so than in China. Since the fall of the USSR, Russia has taken capitalism to its limits; it practices business initiatives to their fullest force. This can sometimes be based on a highly stereotypical understanding of western business culture. They have been led to believe that this is what "capitalism" is; that in the West, all businesses spam and they all work to low moral standards.

In many ways, Russia lost its entrepreneurial business culture during the days of communism. When democracy and capitalism came to Russia, what filled the cultural void were the dubious morals of those that survived despite communism's tight grip on entrepreneurship. In other words, organized criminals and other shady operators grew up into businesspeople.

In contrast to most other parts of the world, the spam ecosystem is more vertically integrated in Russia. In other words, the spammers are often part of the same organization as those running the spam-sending botnets, and those hosting the spamvertised Web sites. Whereas in other places, those roles are usually separate: it's more common for spammers to contract with other gangs who run the botnets and provide the spam-sending services and separately with those who provide Web hosting.

Spam-sending services are far more easily accessible to Russian businesses than they are in the West. One result is a serious lack of targeting: Russian spam is being sent to millions of recipients that couldn't possibly be part of the business' target market. The messages are in Russian and often promote local products and services, yet are being distributed worldwide.

These phenomena aren't, strictly speaking, unique to Russia. Some other former Soviet Union (FSU) countries have a similar experience. But the FSU isn't a single, homogeneous melting pot, any more than the U.S. or Europe are. So we should take care not to characterize all these countries as spam-friendly.
 

This has been the second in a series of posts about how different cultures view spam. Let me know if there are other parts of the world that you're interested in.

I want to make this an interactive place: where I can answer questions and cover topics that you suggest. Feel free to add comments and ask Amir!
 
 
When he's not watching From Russia With Love, Amir Lev is the CTO, President, and co-founder of Commtouch (NASDAQ:CTCH), an e-mail and Web defense technology provider. MORE...

What People Are Saying

Add new comment

Again, this Author Is Way Off-Target

Submitted by Anonymous on October 15, 2009 - 10:03 A.M.

Blogging under the title of "Levity", this author once again ignores the serious criminal side of the spam industry in favor of presenting the positive image of spam as innocent advertising mailers.

But the vast majority of spam is not at all innocent; instead it constitutes serious crime with tragic victims. Spam from Russia to the West is especially rife with criminal intent.

Though he uses the words "organized crime" and "spam-sending botnets" in his blog, the criminal nature of the spam industry is clouded in imagery of organized crime "growing up" to become innocent entrepreneurship. It does not.

This publication should take the criminal nature of the spam industry more seriously, and stop allowing itself to be used by spam apologists. Spam as is actually practiced is computer piracy, robbery through identity theft, fraud, stock market manipulation, and pornography. Computerworld should not ally itself with spammers by presenting spam as innocent advertising.

Reply | Report this comment

Once again, I don't see

Submitted by Anonymous on October 15, 2009 - 11:01 A.M.

Once again, I don't see where you get this idea that he's defending spammers. And your description of Lev's entrepreneurship discussion is *way* off IMHO.

An executive of a security company is an apologist for spammers? Really? Sounds like another one of those wacko conspiracy theories that says security companies are in league with the bad guys.

Reply | Report this comment

What he has written here:

Submitted by Anonymous on October 15, 2009 - 12:41 P.M.

When a highly criminal spammer is brought to trial in the US for spamming activities that have included fraud, computer piracy, theft, etc., his defense is usually that spamming is protected as "free speech".

If one is unknowing, one can talk about spam as if it is merely innocent advertising. Here, Lev's statements address only the "false front" of spamming presented as innocent advertising. The activities of these criminals is presented as Western-style capitalism with enthusiastic vigor.

The reality is that the number of computers world-wide that have been pirated into the service of spammers is in the multiple millions. Billions of dollars are spent annually by companies and private computer owners to protect themselves against the efforts of spammers to take over computers and press them into service as spam e-mail servers. This creates a tax on every computer user that we encounter as the price of Norton, McAffee, Kaspersky, Windows Defender, etc., anti-virus software. Companies spend billions to hire security specialists (Lev's business!) to protect their computers.

Each pirated computer could be easily be fitted with keystroke recorders for the purpose of capturing your credit card numbers, your login credentials for eTrade, etc., and huge losses are experienced yearly by individuals world-wide. These activities are not separate from spam botnets, they are highly connected -- the same programmers who penetrate your computer's vulnerabilities to build botnets are the programmers who capture your keystrokes.

It's a gigantic world-wide crime network, at one time much of it was named "the Russian Mafia".

The spammers don't limit themselves to sending innocent advertising; a high percentage of spam is penny stock fraud. Another big segment is illegal trade in counterfeit pharmaceuticals. A huge part of the spam traffic is pure credit card fraud -- offering something for sale on a false web site running on one of the botnet computers designed to lure you to enter your credit card number to buy something attractively priced. Huge numbers of rubes are tricked daily into entering every which sort of password into false web sites. Huge numbers require only that you visit the false web site in order to infect your vulnerable computer and put it under the control of the spammers.

Spamming is highly criminal because of its ability to shield the sender from being identified correctly. Law enforcement hasn't caught up with the criminal nature of spam yet, the focus of law enforcement is very local. International crime is out of their jurisdiction, and won't be investigated, so we are largely unprotected. Whenever the botnet computer that sent the spam or presented the web site can be identified, the botnet command and control network.

So whenever I hear someone in the computer security business characterize the Russian Mafia couched in phrases such as "entrepreneurship", "their inalienable right", "Western business culture", and "grew up into businesspeople", I instantly recognize the falseness of the thread. I pity anyone who cannot see through this.

Reply | Report this comment

How **RUSSIANS** View It...

Submitted by Anonymous on October 17, 2009 - 12:23 A.M.

The point of this article, as well as the previous one about China is to explain how *their* culture views spam. It is not written from the view of someone from another country (e.g. USA).

It's about how Russians view and deal with spam within their *own culture*, not ours. I don't understand the confusion/misinterpretation about this.

Amir?

Reply | Report this comment

Know Thy Enemy

Submitted by Anonymous on October 21, 2009 - 10:06 P.M.

As a Web developer for many years, I am flooded with spam, so I consider myself something of a professional victim.

Amir is offering insights into the motivations of at least some of those responsible for generating spam. This is entirely sensible. To mindlessly paint every spammer as the same kind of mustache-twirling evil-doer is folly, and doesn't help the cause.

Like it or not, a significant portion of those who send this crap have genuinely convinced themselves they are doing nothing wrong. Agreed, they are more or less delusional, and the bulk are plainly criminal.

But the key to countering this is to enlist the full resources of governments and businesses around the world. This requires an understanding of what motivates them. A huge task, but at least Amir seems to get this.

Reply | Report this comment

Amen

Submitted by Anonymous on October 22, 2009 - 6:31 P.M.

Amen to that. Couldn't have put it better.

Reply | Report this comment

Related Posts

Spammer trick: exploiting CAN-SPAM loopholes
Spammer trick of the month: Delayed DNS
Snarky replies to spammers and scammers
Ask Amir: How do spammers send from my email address?

Editor's Picks

Attacks likely against Windows, PowerPoint, researchers say

Google Buzz takes the fight to Facebook, Twitter

Judge dismisses Windows anti-piracy software lawsuit

Microsoft e-health research taps Xbox, mobile phones

Review: 3 encryption apps keep your data safe

Startup opens offshoring alternative in distressed Michigan

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2010 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.