“Uncover the Truth Behind Spam” / 迷惑メールを追う(1)

in #news7 years ago

Uncover the Truth Behind Spam

-Your Special Mission News Crew-

In this modern day and age, over 80% of the population has either a smartphone or cellphone. Most people have likely experienced receiving a variety of unexpected “spam” messages. These messages can be fraudulent and there have been victims in some cases. Who and how are these messages actually being sent? The Special Mission News Crew set out of uncover the truth behind spam.

Mr. Sato (30s, alias) arrived at the train station in Tokyo at the agreed time. As a system engineer in his twenties, he was involved in a spam messaging scheme while working at a venture company in Tokyo. He agreed to this interview on the condition of anonymity.

“A certain organization asked us to develop a system that would send a mass volume of emails. We complied and actually sent these emails.” According to his statement, the system they developed was not particularly unique. Rather, it was a bulk mail system similar to a system where users sign up for e-mail newsletters.

03f7a5f353ca8b7d237f9cc66b008939_s.jpg

Tokyo, image

“On a busy day, we would send 200 million emails.”

Dummy corporations were established in nine different countries such as China and the United States of America, as well as countries in South America, Europe and Africa. These corporations were founded to protect themselves from investigators. Over one thousand servers used to send and receive emails were scattered across these countries. Sato operated all these systems from Japan. These servers were used to send seventy to eighty thousand emails per minute. “On a busy day, we would send 200 million emails.” He frequently went on international business trips to develop this system and was even in Beijing, China for a month.

They even had a plan to evade authorities. The CEOs of their dummy corporations were paid approximately three million Japanese yen per month to act as the scapegoat if the authorities ever investigated their practice. In fact, two of their CEOs were arrested in China by the Public Security Bureau. “We bribed the authorities with 10-20% of our income. After being released the next day, we went out for drinks with the authorities.”

They further protected themselves by posting certain characters online that would automatically erase all evidence of the system they created. “My life was on the line. There was no way I was going to let myself get caught.”

What kind of organization was behind asking Mr. Sato to develop this system?

Hosts Responded to Lure Repliers to Online Dating Websites

Mr. Sato (30s, alias), a system engineer, testified that he developed a spam messaging system and even sent the messages. The organization that asked him to develop this system claimed to be an advertising agency. This organization’s registered address was a single room apartment in Tokyo.
 
“Including the part-time employees, there were about ten people working at this business. Five of them were full-time employees. They were either overweight, seemed meek, or were freshly out of university. It was a group of ordinary, young adults.”
Sato was tasked with sending spam messages given to him by the full-time employees. He would then send the messages to a specific list at a designated time.

◆ ◆

“I’m waiting for you at ABC station.”
 
According to his testimony, they would send a standardized email. For example, for every 100 million emails sent, they would receive about a thousand responses. The part-time employees would then be tasked with sending finely tuned responses to each of them.

Scouted by the full-time employees, most of these part-timers were hosts and hostesses who worked at night clubs in Kabukicho and Ikebukuro, Tokyo. Utilizing their linguistic ability to lure guests into night clubs, the part-timers would sweet talk people who responded to their spam messages. Using their cellphones, they would do this throughout the day from home and at the office.

1eddc736ac4f8599fda49099fdc6525b_s.jpg

Kabukicho, image

The objective was to lure people to an “online dating website” where users would purchase points to send and receive messages from the opposite sex. This scheme was actually an online “non-dating” website. When promised a date, no one would show. Conveniently, someone would message, “I’m having a terrible tummy ache” and would request to postpone the date as many times as possible. This scheme ended up luring ten to twenty people who became heavy spenders by purchasing points repeatedly.
 
“There was a middle-aged woman who ended up spending thirty million yen. Women in their forties or fifties whose husbands wouldn’t give them any attention, those who were divorced, and those who were frustrated were easy targets.”

Sato says, “This advertising agency made over ten million yen per month.”

◆ ◆ ◆

As of December 2017, 1.31 billion emails are sent to cellphones and smartphones every day, according to the Ministry of Internal Affairs and Communications. Of these messages, 493.62 million or approximately 38% of these messages are spam. Regardless of the recent decline, this is still a staggering number of spam messages.

During 2016, the National Consumer Affairs Center of Japan received 45,853 consultations. Of these, over 40% were from seniors over sixty. One man in his sixties was swindled when he paid a “processing fee” after responding to a message that claimed he won over 100 million yen.

201802160001_001_m.jpg

Sato is aware that he was an accomplice to a crime. He had just started his career, however, and had been ordered to do so by the company that hired him when he was desperately looking for work. “What I did made me feel like a mosquito drinking human blood. I had to do it to survive.” He resigned a few years ago and is currently working a regular job as an engineer.

Considering that spam continues to victimize people, we asked what the best course of action is.

First and foremost, “do not respond to spam.” Furthermore, “do not include personal information in your email address and make sure your SNS passwords are complicated.” Also, be sure to use a mixture of capitalized and lower-case letters, numbers, and symbols. Avoid using words and make your password at least 12 characters.

“However,” he added, “spam is intended to appeal to dissatisfactions and human emotions. As long as spam exploits this psychological aspect, there will continue to be victims.” It seems the problem is not a vulnerable system but a vulnerable human psyche.
     ××
This is the first of a four-part Your Special Mission News Crew to “Uncover the Truth Behind Spam”. The second and third part will introduce what happened when we responded to spam. The fourth part will explore how email addresses are handled.


【迷惑メールを追う】1日2億通、送信元は9カ国に分散 システム開発者が仕組み証言

国民の8割以上が携帯電話やスマートフォンを持つ時代。誰しも、さまざまな文面の「迷惑メール」を一方的に送り付けられた経験があるだろう。詐欺的な内容も含まれ、被害の実例もある。一体誰が、どうやって送信しているのだろう。特命取材班は迷惑メールのからくりに迫った。

東京都内の駅改札口前。約束の時間通りに、佐藤さん(30代、仮名)は現れた。職業はシステムエンジニア。実は、首都圏のベンチャー企業に勤務していた20代の頃、迷惑メールに関わっていたという。今回、匿名を条件に取材に応じた。

「ある業者から依頼を受け、大量にメールを送信するためのシステムを開発し、実際の送信業務まで担っていました」

証言によると、システム自体は特別なものではなく、登録者に一斉送信するメールマガジンと構造は同じという。

捜査の手が及びにくいように、中国をはじめ、欧州や南米、アフリカなどの9カ国にダミー法人を設立。メールの送受信を管理するメールサーバーを計千台以上、各国に分散して配置した。それらのシステムを、佐藤さんは日本から操作した。1台当たり1分間に7、8万通を送信できる。「1日当たりの送信数は、多いときで2億通を超えましたね」。システム構築のために海外出張も重ね、中国・北京には1カ月ほど滞在した。

201802160001_000_m.jpg

当局の目を意識した対策も。現地で雇ったダミー法人の社長には、いざというときの「捕まり役」との含みで月300万円ほどの報酬が支払われていた。実際、中国で現地の社長ら2人が公安当局に身柄を拘束されたことがあった。「報酬の1、2割を当局の役人に賄賂として渡せばいい。翌日には出てきて、役人と飲みに行ってましたね」

運営元が露見しないように、ネット上の掲示板に特定の文字を書き込めば、システムの証拠が自動的に消える仕掛けもしていたという。「自分の命が懸かっているから、絶対にばれるわけにはいかなかった」

では、佐藤さんに依頼してきた業者とは、どんな組織だったのか-。

返信対応はホスト 甘い言葉で「出会い系」誘導

依頼を受け、迷惑メールの送信システムの開発や送信業務に関わったと証言したシステムエンジニアの佐藤さん(30代、仮名)。依頼者は「広告代理店」を名乗る業者だった。東京都内のアパートの一室に事務所を置いていた。

「社員は5人、アルバイトを入れて10人弱。メタボな人や気が弱そうな人、大学を卒業したばかりのごく普通の若者たちでした」

佐藤さんの役割は、社員から渡された文面の迷惑メールを指示された日時に、リストの送信先に送る作業だった。

◆ ◆

○○駅で会えますよ~。待ってるね

佐藤さんの証言によると、最初のメールは定型文を一括送信する。例えば1億人に送った場合、返信があるのは千人ほど。その一人一人ときめ細かにやりとりを重ねるのは、バイトの仕事だ。

主に担うのは、社員が東京・歌舞伎町や池袋の繁華街でスカウトしてきたホストやキャバクラ嬢たち。夜の街で培った絶妙な駆け引き、甘い言葉を駆使しながら、携帯電話を通じて昼も夜も事務所や自宅でやりとりを続ける。

誘導するのは「出会い系サイト」。異性とメッセージを交換するためのポイントを購入させる。実体は「出会えない系サイト」だ。待ち合わせの約束をしても、実際には姿を現さない。「おなかが痛くなっちゃって」などとはぐらかし、言葉巧みに引き延ばせるだけ引き延ばす。最終的には、10~20人程度が高額のポイントを繰り返し購入するようになるという。

「3千万円をつぎ込んだ中年女性もいました。旦那が相手をしてくれないとか、離婚したとか、欲求不満を抱える40、50代の女性が一番のかもでした」

「広告代理店」は、少なくとも月に数千万円を稼いでいた、と佐藤さんは話した。

◆ ◆ ◆

総務省によると、スマートフォンや携帯電話ユーザーの1日当たりの受信メール数(2017年12月時点)は13億1179万通。このうち迷惑メールは約38%に当たる4億9362万通に上る。近年は減少傾向にあるものの、とてつもない数字だ。

全国の消費生活センターなどには、16年度に4万5835件の相談が寄せられた。4割以上が60歳以上の高齢者。「数億円が当選した」とのメールに返信してしまい、受け取るための「手数料」をだまし取られた60代男性もいた。

佐藤さんに、犯罪の片棒を担いでいるという自覚はあった。ただ、就職氷河期にやっと採用されたシステム会社で命じられた業務。「やっていることは、人間の血を吸って生きてる蚊みたいなもん。でも、やらないと生きていけなかった」。数年前に退職し、今はエンジニアとして普通の仕事をしているという。

201802160001_001_m.jpg

今も迷惑メールの被害は後を絶たない。最大の防御策は何なのか尋ねた。

一つは「迷惑メールが来ても相手にしない」。さらに「アドレスを含めた個人情報が盗まれないように、会員制交流サイト(SNS)のパスワードを複雑にする」。単語を避け、大文字や小文字、数字、記号を不規則に組み合わせた12文字以上が理想的だという。

「ただし」と佐藤さんは言葉をつないだ。

「迷惑メールは、欲求不満など人間のコンプレックスにつけ込んでいる。心の隙間が狙われる限り、被害はなくならないでしょう」。問題はシステムの脆弱(ぜいじゃく)性よりも、心の弱さか。

××

特命取材班の「迷惑メールを追う」。実際に迷惑メールに返信して見えてきた新しい手口や、メールアドレスが取引される実態に迫る。

Sort:  

So the problem is not strictly in the design of systems, but in the psychological dependencies of users of systems . . . Exactly.

Frank Herbert would've agreed.

Among other things I study networks and correspond with many other academics on the subject. Most of them believe at the moment also that no automatic design can get around the issue of psychology. And the issue of the specific preferences of users.

Experiments like Steem will make it clearer whether that is the case. Such systems allow users to cash out. Therefore they arguably supply sufficient incentives for users to behave in a way that reveals their preferences.

Then observed user behavior can test theories in a valid way, in the sense of experimental economics in the tradition of Vernon Smith.