RealTime IT News

Spammers Help Push Google to Dubious Milestone

Google has moved up to Number Three on The Spamhaus Project's list of the world's worst spam problem networks. Last month, the search giant hit the top 10 list for the first time in last place.

Spamhaus' list shows Google (NASDAQ: GOOG) has 31 unresolved abuse-related issues, including various types of fraud and hosting known as spam gangs.

A Google spokesperson told InternetNews.com by e-mail that Google is working with Spamhaus in connection with the report. "The relevant accounts indicated in this report have already been disabled," the spokesperson said. "Spam is an issue that we take seriously at Google."

Spamhaus is an international non-profit organization that tracks spammers on the Internet to provide real time anti-spam protection, works with law enforcement agencies to identify and pursue spammers worldwide and lobbies governments for more effective anti-spam legislation.

Richard D.G. Cox, chief information officer (CIO) at Spamhaus, said Google first made its list a month ago at Number 10 and kept bobbing in and out as other networks had been cleaned up or got worse.

The problems, according to the Spamhaus list, include lottery fraud; mule fraud (where victims are tempted by Internet money-making schemes); hosting known spam gangs; and having the docs.google.com site used by spammers to redirect people to Web sites hosting malware.

According to Cox, his organization had been trying unsuccessfully to work with Google for the past year or so. "Some of these issues have been outstanding for over a year," he said. "If there's malware and Google is routing the traffic, they should be able to shut it down within an hour, not a year."

Google docs aren't all good

Spammers began using the Google Docs site to lure visitors to their tainted Web sites earlier this year. These documents are hosted at docs.google.com, and Spamhaus blocks any message whose URL includes docs.google.com.

Google is addressing the Google Docs problem. "We're aware of this issue, and we have already implemented improvements to minimize the impact," the company's spokesperson said. "We're actively working on more features to limit the potential for misuse."

One reason Google is a spammer's favorite is that its Gmail service is free and there is no meaningful account validation, Randy Abrams, director of technical education at antivirus vendor ESET told InternetNews.com. "If the name isn't taken by Disney, you can open a Gmail account like mickeymouse@gmail.com," he explained.

Also, Gmail users tend to use weak passwords so hijacking their accounts is relatively easy, Abrams said.

However, these charges can also be leveled at other providers of free Web-based e-mail services. Sarah Palin's account, for example, was hacked using Yahoo's forgotten password feature which asks users simple questions. The hacker, Tennessee college student David Kernell, found those answers by looking up personal information publicly available about Palin.

Cox of Spamhaus thinks Google can do more to fight spammers. "Google is a company with enormous resources and some very clever people, so there's no reason why they could not deploy the technology that we use to identify abuse and then mitigate it automatically," he said.