informa
/
Risk
News

Fighting Fire With Fire

Everyone has a spam revenge fantasy. What's yours?

5:15 PM -- Okay, 'fess up: Aren't you the tiniest bit curious about the human behind that automated spam message?

Not the obvious spam riddled with typos, but the one that somehow appears legit enough to evade your spam filter and nearly trick you into opening it when you're slogging through your inbox in the wee hours of the morning, before the caffeine kicks in.

Assuming you got past the bot-controlled machine to a real human on the other end of the "pitch," what would you do if you actually made contact with the human behind the smelly spam? Play along? Say, "You're punk'd?" Cuss him/her out?

Researchers at the University of Illinois at Chicago's Artificial Intelligence Laboratory recently turned the tables on spammers. (See Fighting Spam With Spamalot .) Before they built their Spamalot toolkit -- which engages spammers with intelligent agents that pose as victims and interact as much as possible with the human behind the spam -- they communicated with spammers themselves, by email and phone. They got 25 return phone calls from mortgage brokers after following one spam link to a mortgage refinance Website.

The goal of the experiment, and ultimately, Spamalot, is to weaken the spammers by tying them up with a fake victim's correspondence, or to gather enough information to nail a phisher.

Sounds cool. Revenge can be sweet. But is scamming the spammers to derail or identify them worth the risk?

Share your spam turnabout fantasy with us. And please, not by email or spam, but by posting to our message board using the "Discuss" button a few lines down.

No agents will call.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5