News

Spammer Targets Blue Frog Anti-Spam List

One spammer has managed to identify e-mail addresses on a "do-not-spam" list touted as secure, taking advantage of an obvious flaw with such lists and prompting critics to wonder what took so long.

Those who submitted their addresses to Blue Security Inc.'s Blue Frog registry have been getting messages that threaten, among other things, "nonsensical spams 20 to 40 times more than you would normally" get, according to a copy provided by the company.

Blue Security described the spammer's tactics as "bullying" and "extortion" as well as a sign the company's controversial anti-spam tactics are working, annoying spammers enough to prompt such a response.

Critics, however, say such lists are fundamentally flawed.

"Do-not-spam" registries work by encouraging users to submit their e-mail addresses -- Blue Security says it has 450,000. Before sending out a batch of messages, spammers are supposed to remove any addresses appearing on such lists.

The lists are generally encrypted so spammers can't mine them for new addresses. Instead, spammers run their lists through an identical encryption algorithm, and the resulting fingerprints are compared. Spammers can then remove any matches.

But John Levine, co-author of "Fighting Spam for Dummies," said spammers merely have to run their lists, see what's been removed and compare that with the original to find out the addresses on the "do-not-spam" lists.

"It's only a surprise that it took this long," Levine said.

Eran Reshef, Blue Security's chief executive, said spammers must already have the e-mail address to learn it is on the "do-not-spam" list.

Blue Security has been criticized for what Levine calls its vigilante approach. Users install software that sends complaints to spammers automatically. Thousands complaining at once can knock out a Web site and, the company says, encourage spammers to stop.

According the company, the spammer responded not only by threatening users if they don't stop but also by making Blue Security's Web site inaccessible outside Israel, where the company has major operations.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.