E-mail spammers make their money by leveraging the scale of the Internet: by sending out as many spam e-mails as possible, via as many e-mail accounts as possible. Eventually enough unsuspecting people will respond to the spam to make the whole endeavor profitable.
Owners of free e-mail account services really do not want spammers to acquire accounts for the purpose of sending spam. So service owners use captchas to help ward off automated account registrations. Of course we believe our captcha works better than all the others out there, but still there are some spammers who continue to acquire e-mail addresses despite security tactics. How do they do so?
The answer, for some, is decidedly low tech.
Today’s NY Times has an article describing how some nefarious spammers simply hire others to answer captchas on their behalf. In other words, outsourcing!
I certainly can’t imagine a more tedious job: most captchas are difficult to read, and typically not that interesting (although there are some humorous exceptions). Indeed, one company who used to offer such outsourced captcha-solving services no longer does so as it is neither all that profitable nor interesting:
“We found that it’s not worth doing,” said Mr. Paveri, a manager in SBL’s business process outsourcing and graphics unit. Moreover, he added, “after some time, the productivity of people comes down because it’s a monotonous job. They lose their interest.” (source: NY Times).
So should you worry about it? Perhaps, but your volume of new accounts should be on the order of MSN’s (thousands per day) to make it worth spammers’ time.
No comments yet.
In a blog post by Pollstar, an interesting legal conjecture was made based upon the indictment of the Wiseguys who hacked reCAPTCHA’s CAPTCHA (see earlier news coverage). Namely, that there wasn’t really a crime committed so much as an exploitation of technology to gain a business advantage. I.e., Wiseguys merely used technology to rapidly answer Ticketmaster’s (easy-to-crack) CAPTCHAs to buy up tickets. In other words, Wiseguys followed the rules (”answer a CAPTCHA to buy a ticket”). Thus, say the pundits, there was no crime.
The real problem is the motive for such actions: acquiring an inventory of limited quantities (concert tickets) for resale on a gray market (i.e. Wiseguy’s ticket site) at a significant mark-up. The motive (suspicious pundits also say) for the indictment: Ticketmaster has undue competition for its subsidiary (TicketsNow). The end: Ticketmaster rids itself of a competitor. The corollary: consumers still end up paying too much for their tickets.
That’s a lot of ‘wrongs’ — are we really getting the ‘right’ out of this?
No comments yet.
I don’t, in my wildest dreams, beleive we’ll ever find the most definative example of the “worst CAPTCHA ever” — there are just too many to choose from(!). But I’ve got to believe this has to be considered a candidate:
The Worst CAPTCHA Ever?
What’s worse, it came on an announcement from the Baltimore Sun regarding the introduction of CAPTCHAs to protect one of their blogs from bot-initiated spam posts. That I found the CAPTCHA above is completely coincidental: I received a notification they were using a CAPTCHA and I went to check out whose they were using and was given the above CAPTCHA to answer. Methinks they need an easier-to-read, superior CAPTCHA! I mean really — that’s horrible!
No comments yet.
Today is a great day at BotProof: after months of planning and tremendous effort, we have re-launched our website! We’ve focused our branding and products on CAPTCHA 2.0 with AdEmbed, making the site easier for publishers to sign up for the world’s best CAPTCHA (if we do say so ourselves!) — as well as creating more of a resource for advertisers looking for better, more effective ways to get their messages out.
For those looking for our breakthrough IT security product that protects “in use” data, CamoKey, visit our sister site Cernious.
So please poke around the site, let us know what you think, and by all means: sign up!
Hello, the new site looks great! I am very pleased with the captcha I’ve been using on my WordPress blog. No spambot posts, and users find it easy to read.
Recently, I discovered that I could customize the colors of the captcha using botproof.net. Awesome! I wish you had made that a little easier to figure out, since it took me some research and experimentation to get it right. But I was happy with the results.
Comment by Victor Zeno — February 1, 2010 @ 9:12 pm
Victor: thank you for the kind review! I appreciate you finding the need for better documentation. I’ll make sure our development team works on creating an easier way to find the support documentation and configuration options!
Comment by admin — February 10, 2010 @ 3:15 pm