Why PDF spam went pffft

It’s no secret that spammers have informal communications channels and freely share tricks of the trade on the Internet. But what happened in August is enough to make you suspect they have an organized trade union, or even a government, that allows what would otherwise be a scattered collection of freelance vermin to operate in surprising unison.

We’re talking about the meteoric rise and fall of .pdf spam. According to a monthly report from Symantec that landed here last week, .pdf spam was accounting for 20 per cent of all junk e-mail in early August but by month’s end had dissipated to less than one per cent. Other spam watchers reported similar plummets.

Maybe there’s some kind of SpamWorld newsletter that provides monthly marching orders and the word went forth on .pdf to cut it the heck out. Unlikely, yes.

So I asked Symantec’s public relations department to ask one of the company’s experts to explain what might account for such a sudden abandonment of what had become a suddenly popular tactic. Here’s what I got back from Doug Bowers, Symantec’s senior director of anti-abuse engineering: “PDF spam burst onto the scene in Mid-June because spammers thought they could use it to get their message through (primarily stock pump-and-dump scams) and make a buck.

“It’s dropped off quickly for one of two reasons: 1) Spammers are recalibrating their attacks and will relaunch after making adjustments; 2) spammers have become convinced that antispam systems are blocking this type of attack effectively enough that their time is better spent on alternative approaches. This could be cooking up a new type of attachment-based spam — using MS Word, Flash video, etc. — or coming up with a new approach entirely.

“My expectation is that we haven’t seen the last of this type of attack just yet.” Makes sense. But I still like my newsletter theory.

Feds kill never-used, $42M data-mining project

Have any of you pulled the plug on any US$42 million, never-operational IT projects recently? … Didn’t think so.

What about invasion of privacy travesties? … No there, too? Good work, even though it looked like a couple of you flinched on that one.

I ask because the Department of Homeland Security last week copped to doing both. The Associated Press reported: “Known as ADVISE and begun in 2003, the Analysis, Dissemination, Visualization, Insight and Semantic Enhancement program was developed by the department and the Lawrence Livermore and Pacific Northwest national laboratories for use by many DHS components, including immigration, customs, border protection, biological defense and its intelligence office.

“Testing of the program had been quietly suspended in March after questions arose over its compliance with privacy rules. Since then two internal Homeland Security reports found that tests had used live data about real people rather than made-up data for one to two years without meeting privacy requirements; one report also found that department analysts found the system time-consuming to use.”

At least they won’t have to worry about wasting time on it now.

Congressional Democrats back in January made noises about providing closer oversight of federal data-mining projects. Two things have become clear since then: They have their work cut out … and they haven’t done much of it yet.

Verizon smokes out another family

This time it’s a Philadelphia family watching smoke billow from the front of their home after another Verizon FiOS tech drills into an electrical wire. The really bad PR news for Verizon? The homeowner happens to be a business reporter for Associated Press. Details available at Buzzblog.