In an old post I made passing reference to something called ‘The Rules Of Spam‘ that were collaboratively formulated within a certain community back in the 90s. They contain some truisms that a specific part of the anti-spam community decided should be written down. They are/were mostly noncontentious.
Rule 1 had near universal agreement and went ‘Spammers Lie.’
Spammers lie in what they say: whether it’s a message, a statement, an offer or an opinion, it’s a lie. Spammers lie in how they say it: there is no rule they will not break, no standard they will not violate, no one that they will not exploit to get their ‘content’ delivered. Spammers lie in who they say they are: every email address used by a spammer is either a forgery or a disposable address that doesn’t reflect who they are.
Rule 2 is essentially a reiteration of Rule 1: ‘If a spammer seems to be telling the truth, see Rule 1.’
The summary so far? Spammers are liars.
There is (I’ve always thought) some room for discussion on Rule 3: ‘Spammers are stupid.’
Are they? Sometimes it’s easy to think so but they’ve found a lucrative business that exploits, well, everyone but it’s not likely that they’ll be punished. (This looks like a success story, but it took well over a decade, the punishment was light and he’s out now anyway.) They demonstrate a great deal of resilience, adaptability and persistence. They aren’t necessarily rocket scientists, but they’re not necessarily stupid. Heck, sometimes they’re darned clever.
(An example? Oh, all right. This is grossly oversimplified but I think it will serve to show some cunning at the very least. Email routing and delivery is often controlled by what are called ‘MX Records‘. A given mail ‘domain’ will often have several MX records (for example, hotmail.com currently has four). Often (not always) these represent — more or less — a ‘main’ mail server and one or more ‘backups’ for when the main one is busy or down or whatever. Historically it was often the case that the heaviest amount of anti-spam software was installed on the main server; the backups got less because, after all, they’re intended to be idle most of the time and a full suite of anti-spam software can be expensive in money and/or time. Spammers realized this and modified their delivery software to try the backups — even when the main sever was available. This cost them next to nothing and probably increased their delivery percentages by some measurable amount. It’s a pity that they’re peddling lies and not doing something, you know, productive.)
There are, of course, telephone spammers as well and Rules 1 and 2 definitely apply to them as well. Rule 3? This is unclear to me but my understanding of how telephone systems work suggests that they’d be fairly easy to find and shut down. The fact that they haven’t been suggests things like resourcefulness, persistence and determination — not necessarily stupidity.
I have a fairly persistent telephone spammer that contacts me every couple of weeks. The Caller ID (which I assume is forged) is always the same. The taped message (it’s always a robocall) is always the same (‘you need our credit protection’). It’s the same spammer.
I ignore them most of the time but sometimes I answer (same caller ID, remember?). I have different ‘strategies’ on those occasions that I do answer. Sometimes I’m hostile. Sometimes I’m abusive. Sometimes I’m self-righteous. Sometimes I play dumb. I’ve been known to tell them that I’ll get my dad and they should hold — then put the phone down and walk away. Their reaction is always the same — they hang up. No surprise. Last week they made their latest ‘scheduled’ call and I tried something new.
“Credit protection? Um, sure. How would I find out more?”
They hung up.
Maybe Rule 3 does apply.