|The Federal Trade Commission is proposing there
should be financial rewards for informing on spammers
The Federal Trade Commission in the US has submitted a report to
Congress, stating that the information provided by the vast
majority of consumers who are forwarding spam emails to the FTC's
database, is not helping to identify spammers. Instead, it is
examining whether it would be appropriate to initiate a "reward
scheme" for information leading to the conviction of spammers.
The report reveals that the FTC believes that substantial
financial rewards could tempt "whisteblowers" or insiders within
spam gangs to provide the necessary evidence and high-value
information required to secure a conviction. It suggests that
rewards would need to be approximately $100,000, but sometimes as
much as $250,000.
"Although there have been some convictions of US spammers, these
have been few and far between, and have done little to slow the
tidal wave of unsolicited emails - it's therefore unsurprising that
the FTC is proposing a bounty for the heads of spammers," said
Graham Cluley, senior technology consultant for Sophos. "Making the
decision to inform upon your criminal spamming colleagues may not
be an easy one for many whistleblowers. The FTC believes that
substantial rewards will overcome an individual's concern about
losing their revenue stream and the very real fear that losing
their anonymity may lead to personal retaliation."
The FTC was required to submit the report to Congress as part of
the CAN-SPAM Act which became active in the USA on 1 January 2004,
in an attempt to discover whether financial rewards would assist in
the capture and sentencing of spammers.
"It's a sad reflection on society that people can not question
their own behaviour, but need a financial incentive to break up
criminal gangs engaged in spamming," continued Cluley. "However, if
this is what is necessary to make the spammers sleep uneasily in
their beds at night, it's probably the right step."
In the last year, software companies such as Microsoft and SCO
have offered substantial rewards for information leading to the
successful conviction of virus writers who have launched attacks
against their websites or customers.
The full report by the FTC can be found on its website.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.