According to a report in the New York Times, over a three-month period, the scientists looked at nearly a billion messages and spent several thousand dollars on 120 items and found that 95 percent of the transactions were handled by just three transaction processors.
The researchers think that by stopping these practices at the processing source, spam can be reduced and they’re set to present their findings at the annual IEEE Symposium on Security and Privacy in Oakland, California on Tuesday.
One of the scientists, Dr. Stefan Savage of the University of California, San Diego told the Times that if a handful of companies like these refused to authorize online credit card payments to the merchants, “you’d cut off the money that supports the entire spam enterprise.”
Antispam company Abaca Technology’s chief executive Steve Kirsch concurred and said the findings held the potential for “a very powerful deterrent” to spammers.”
“If the credit card companies wanted to shut down the spammers, we can easily aid them in rapidly and unambiguously identifying the merchant accounts used by spammers,” Kirsch said.
The report said that earlier studies showed that a single commercial email campaign generated three messages for every person on the planet. So for example, to sell $100 worth of Viagra, a spammer would need to send 12.5 million messages.
Savage said, “In the end, spam is an advertising business, However, it only makes sense if you can find a way to take people’s money.
“This means credit cards. Credit cards are the only payment platform that is ubiquitously available to Western consumers and can be used for Internet commerce.”
The finding maintained most banks will not work with shady sellers and if merchant processors would follow suit, the spammers would then have to find new banks and the high cost to switch would be a likely deterrent.
Moreover, because just a few banks and credit card processors play such a critical part in the overall spam effort, regulators and law enforcement could easily disrupt the chain, the report stated. And because of the difficulty in making high-risk transactions, a blacklist of spammers could be easily maintained.
Despite filtering technologies and legal action, spam has survived for years and accounts for nearly 90 percent of all email.
The bottom line, according to the report, is that transactions must be blocked at the point at which the consumer uses a credit card.
“The defenders can, in principle, identify which banks the scammers are using far faster than they can get new banks, and for basically zero cost,” Savage said.