14 DAY TRIAL // We all receive junk e-mail messages, sometimes more, sometimes less, but we have generally got used to them filling our inboxes. However, unsolicited e-mails are a threat, and a costly one that is. Yes, spam is all about money and is subsequently fueled by illegal monetary gains. Whether you end up buying useless and potentially dangerous unregulated meds or having your financial information stolen and abused, or if you're a company investing money into software to block it or cleaning your infected computers of malware distributed through it, spam will end up costing you.
Fortunately, there are people out there who have pledged to rid our lives of this cyber threat, or at least limit its impact. Such is the case of an European company that develops a nifty little free spam filter called SPAMfighter. The company is headquartered in Denmark, but also has offices in the U.S. and Thailand. It was founded in 2003 by Martin Thorborg and Henrik Sørensen, two friends who previously created and operated Denmark's largest and most successful Internet portal, Jubii.
SPAMfighter is available as a both free and commercial edition, and provides anti-spam protection for the Microsoft-flavored e-mail clients (Microsoft Outlook, Outlook Express and Windows Mail). The filter takes the interesting approach of using man power in fighting spam, and this is achieved through the impressive community that backs it up, counting nearly 6 million users world-wide.
Since we were curious to hear what the Danish spam fighters were preparing for 2009, we contacted Mr. Thorborg, SPAMfighter's CMO, who was kind enough to give us an exclusive interview. We invite you to read on as Martin Thorborg shares his views on some of the developments on the spam landscape in 2008 and speaks about the future of their flagship product, as well as their plans for the upcoming year.
Softpedia: There have been several wins for the security community in their fight against spam in 2008. The most notable one was probably the shutdown of McColo ISP, which was responsible with hosting the command and control servers for some of the world's biggest spam-sending botnets. Even though the global spam level dropped significantly at that point, some experts argued that this approach only pushes the cyber criminal gangs deeper into the underground, onto servers controlled by unresponsive ISPs that can't be easily reached by authorities. What is your take on this? Are this kind of community efforts beneficial for the long term, or only temporary?
Martin Thorborg: Sadly, these community efforts are only temporary in the fight against spam. We are talking about huge sums of money fueling spammers, and the work is most likely accomplished by organized criminals—they won’t stop because a couple of servers are shut down.
There will always be countries that provide criminals of this nature a safe haven, allowing them to move their servers around in a matter of minutes. Just look at countries like the Cayman Islands, Gurnsey Island, Liechtenstein etc., as examples, that turn a blind eye or help people conceal money from the tax system in their home countries. The same type of system applies with spam.
Softpedia: One of the most frequently-used techniques employed by cyber criminals in order to make their botnets or abusive domains more resilient to takedown attempts is fast flux DNS hosting. ICANN's Generic Names Supporting Organization (GNSO) Council is considering regulating this practice in some way. Therefore, it has recently opened its report on fast flux to public comment. Clearly, there are also legit uses of this technique, for example by content delivery or mobile networks. Having previously ran an Internet Service Provider yourself, what is your opinion regarding this issue? Is fast flux really necessary? Should the practice be restricted, or banned altogether?
Martin Thorborg: If fast flux is necessary, and it is always a matter of opinion of whether it is or not, it only closes one "hole." I don’t believe that closing one "hole" will be of much help in the end. No matter what you do on that level, spammers will always find a way to send spam. The easiest way to stop spam is by having a good spam filter. I know that this is an expected answer coming from a security software vendor in an interview, but this is really my honest belief.
Softpedia: One of the greatest threats to the security landscape at the moment is the Conficker worm, which has infected an estimated 10 million computers world-wide. However, the massive botnet raised by the worm has not yet been activated and security researchers are speculating as to what the second step of this attack might be. Do you think access to this huge botnet will be sold to spammers for launching spam campaigns? If yes, what is your estimation regarding the impact it will have on spam levels?
Martin Thorborg: It is impossible to fully predict what cyber criminals will continue to do. They have this huge global "army" and there is a lot you can do with that kind of power. For example, you can blackmail companies all over the world, and if they don’t pay up, their online activities can easily be hijacked and shut down.
It can also be used for spamming worldwide, and this will probably continue long into the future. The spam levels at this time are extremely high. About 90% of all e-mail today is spam, and to be honest, I don’t see a bigger threat looming if we begin to see even more spam on the rise.
Most companies and Internet users have wised-up to the ills of spam and are already protected by good spam filters, and most likely wouldn’t notice more spam than they see now. And the few people that don’t use effective spam filters, they should be advised to get one now! Softpedia: Please elaborate on the new spam distribution trends you might have observed so far. Will we have more malware-related spam, phishing spam, unregulated drug spam, or just classic junk e-mails in 2009?
Martin Thorborg: Unfortunately, all these tricks seem to continue to work for spammers, so I don’t believe that we will see a dip in any of them. And I am amazed that in this day and age, some people still don’t protect themselves, even with the availability of free, easy-to-download spam filters on the market.
One of the trends we are seeing right now is phishing e-mails targeted at smaller countries. Right now in Scandinavia, they are being heavily attacked with phishing mails in their native language, and I am afraid it works. If you are used to spam in always appearing in English and you suddenly receive spam in Danish, you are more easily fooled.
I estimate that the same will happen with smaller banks and companies. Usually, phishing e-mails are targeted at users of larger sites such as eBay and bigger banks like Citi Group and Wachovia, but we will soon see more attacks on smaller local-based banks and special interest Web sites.
Softpedia: In your opinion, which are the advantages of SPAMfighter that have kept the product "alive and kickin'" for such a long time?
Martin Thorborg: Because SPAMfighter is powered by a very large and global community user base, we have the ability to adapt very fast. You can cheat machines, but real people are much better at determining if what they see is spam or not. So our loyal users give us a very big competitive edge and our highly skilled programmers are experts in getting the most out of that shared knowledge.
Softpedia: Do you plan on including support, or develop separate editions for other popular e-mail clients like Thunderbird or The Bat?
Martin Thorborg: We sure do. We are almost done with developing a new filter that works independently of operating systems and e-mail clients. I expect to see it online within the next 1-2 months, and I am very confident that it will be a huge success with our community of users and then some.
Softpedia: Portability is one of the new/latest trends on the end-user software market. Could it be possible to release Portable SPAMfighter?
Martin Thorborg: The new SPAMfighter version to be release[d] that I briefly mentioned is perfect for this. It is a huge potential market that we do not currently support today, and it will only get bigger.
Softpedia: A lot of spam filters or spam-filter engines have been included in popular security suites. Did you receive any proposals to have SPAMfighter included in such a software? Would you be interested in including the engine in other security programs?
Martin Thorborg: Well, a lot of our competitors have been in contact with us, but we never really spent much time considering it.
Softpedia: A frequently used method for blocking spam nowadays is DNSBL. Did you include this type of filtering in SPAMfighter? Please elaborate.
Martin Thorborg: No, we definitely do not. Filtering based on DNSBL is the main source for false positives, making it less dependable.
Softpedia: A lot of companies are moving their technologies into the cloud and taking the SaaS (Software as a Service) approach. Do you have any plans in this respect? Could this concept be applied to your business in the future?
Martin Thorborg: Well, without giving away too much, this is actually what we do with the new, soon-to-be-released SPAMfighter. But enough said for the time being, you and the rest of the spam fighting community will need to wait a couple of months before we can say any more.
