Spam Delenda Est
A Proud Member of the Internet's Immune System

Privacy and Security
Spam tracing resources
Protecting your E-mail address from spam
Messenger spam
Illegal spam (reportable to law enforcement)
Links, other anti-spam pages

Online Store
This Page

(1) Privacy and Security resources

(2) Spam tracing resources. Domain lookup, IP address lookup, registrars

(3) Protecting yourself from spam, revenge spam, and subscription list abuse


(4) Messenger spams

(5) Illegal and tortuous spams. These are punishable by criminal and/or civil sanctions.

(6) Links to other anti-spam pages

(7) Why we fight spam

(8) How to ban Web sites from your computer

Other pages in this domain

Tracing E-mail headers

Tracing Web pages that are advertised in spam

General examples

Newsgroup spams

How to trace E-mail form spams
(spams that use JavaScript to generate the spammer's real E-mail address and Web site from ASCII character codes.)

The Carthage Checklist: tracking down the name servers of the spammer's  backbone providers

Humor: Uncle Romulus' Internet Sideshow. Spammers as sideshow freaks. Anti-spam songs and Net-NAZIs.

Tomahawk missile
and "Just hit Delete"

Uncle Romulus says,
Please Pass the Salt
* Electronic bulk mail (spam with small "s"), not the Hormel product
Revision Date: V/XIV/MMCIII (05/14/2013)

After the Romans killed every man in Carthage, they sold the women and children as slaves, looted and burned the city, and finally plowed up the fields and sowed them with salt so nothing would ever grow there again. When applied to spammers, those Romans had some good ideas!

  • An interviewer asked Uncle Romulus how he knows he actually exists. "Caedo, ergo sum," he replied.  ("I kill, therefore I am.")
  • Latin is an easy language to learn. If it's a verb, it probably means, "To kill." (Decimate = kill every tenth person, for example.) If it's a noun, it probably means war or something related to war.
  • The gates of the temple of Janus were kept open in time of war and closed in times of peace. It is said that the gate became a regular thoroughfare.

Mission Statement:
It is the official position of that spam (unsolicited bulk commercial E-mail or UCE) raises the costs for all Internet users while wasting users' time and impeding their enjoyment of the Internet. advocates the wholesale destruction of spammers' online operations through all available methods, provided only that they are legal and nonviolent. This page is intended to provide resources for this purpose.

(8/12/12) Malwarebytes' free download is effective against some browser hijackers (Google redirect virus)
(8/10/10) Verisign is now a Symantec company--and we can tell.
(7/20/08) How to Ban Web Sites from Your Computer
(2/2/08) Report illegal telemarketing calls. These include anonymous non-commercial (e.g. political "robocalls.") FCC Form 1088, Junk Faxes and Telemarketing
(1/24/07) Report spam blogs to Blogger and Blogspot
(10/19/06) Report fraudulent domain registrations, e.g. where the spammer has entered inaccurate contact information for his domain.
(8/5/05) Report Problem Registrars that won't enforce ICANN standards
(5/12/05) Abuse of VeriSign and TrustE logos
(5/12/05) CAN-SPAM violation if sexually-explicit spam is not labeled
(12/4/04) Netscape Communicator 7.2: NOT RECOMMENDED due to file losses, no technical support
(7/7/04) Symantec security and antispam products: NOT RECOMMENDED due to poor technical and customer support.

For the past few years, Symantec has been getting deservedly-poor reviews at and elsewhere. Symantec is permanently disqualified from selling us anything because of essentially-nonexistent customer support and also the reputation of its products for rendering some people's computers unusable. It is quite clear from where we sit that the company's only interest is its customer's money, and that neither quality or customer satisfaction are important aspects of its business strategy. Update (8/10/10) Verisign is now a Symantec company and, based on our efforts to contact it with regard to an illegal online pharmacy that is misusing its logo (endless hold on phone followed by being transferred to voice mail after holding, "Message Refused" for an attempt to E-mail them), its customer service is entirely consistent with our experience with Symantec.)


Paid Advertisement: does not imply's endorsement of the advertised product or service, or the advertiser's endorsement of the positions expressed by

Many internet marketing strategies include spam filters with cheap web hosting and domain registration domain name registration plans.

You can earn an Engineering Management Master's Degree Online or a Master's of Law Degree online from established universities.

Section 1: Privacy and Security Resources

Telemarketer cockroach exclusion program
Do Not Call Registration can be completed at or at 1-888-382-1222. It will be illegal for telemarketers to continue to harass anyone who is on this list after a certain date.
Violations, including not only of Do Not Call but also prerecorded calls that fail to identify their source or a phone number/address for the caller, can be reported to the FCC here.

Internet Security and Privacy Resources

  • F-Prot Antivirus (we currently use this)
  • AVG (anti-virus)
  • Kerio Personal Firewall (firewall)
  • LavaSoft AdAware (anti-adware)
    • Freeware program that removes adware that advertising systems (e.g. Doubleclick) plant on your computer. Version 6 available as of October 2003.
  • Spyware Search and Destroy (anti-adware)
  • Symantec Norton Internet Security (firewall, antivirus, ad-blocking)
    • NO LONGER RECOMMENDED. We experienced what seems to be a very serious problem with SYMPROXYSVC.EXE, with Web pages loading at 100 bytes per second (dialup)-- if we were lucky. Symantec refused to provide technical support for Norton Internet Security 2002, even though it was quite willing to take our money to renew our subscription to it in 2004. Customer service refused to reply to E-mails and even faxes addressed to the manager (thus showing that the problem extends beyond lazy and uncaring tech support people-- and this attitude may well come from the top down).
    • Symantec was given numerous negative recommendations on You might want to see what other users have to say about Symantec's products before buying.
    • Update (8/10/10) Verisign is now a Symantec company and, based on our efforts to contact it with regard to an illegal online pharmacy that is misusing its logo (endless hold on phone followed by being transferred to voice mail after holding, "Message Refused" for an attempt to E-mail them about this misuse of their company seal), its customer service is entirely consistent with our experience with Symantec's.
    • We currently use F-Prot Antivirus and will no longer buy any Symantec product or even accept it for free.
  • (anti-spyware, anti-adware)

Spam-blocked E-mail services

Banner advertisers: you can thank the proprietors of refreshing (i.e. bandwidth-wasting) advertisements for having your ads blocked on many computers. We never had a problem with simple banner ads, but refreshing ones got Doubleclick banned from access to our computer.

Section 2: Spam Tracing and Reporting Resources

Key Antispam Resources


Domain Registrars (a)
DirectI (b) (a,b) (b) (b)  
Network Solutions /Verisign (b)

(a) Considers provision of inaccurate contact information a breach of contract
(b) Will terminate a domain registration for confirmed spamvertising. Copy abuse "at" the indicated registrar's domain.


IP Address Lookup


Examples of Spam Tracing

  1. How to analyze and trace E-mail headers
  2. How to trace Web pages that are advertised in spam
  3. General examples (E-mail and Web page)
  4. How to handle newsgroup spams
  5. How to trace E-mail form spams that use JavaScript to generate the spammer's real E-mail address and Web site from ASCII character codes.
  6. The Carthage Checklist: tracking down the name servers of the spammer's domain and their backbone providers

Report Fraudulent Domain Registrations

Many spammers provide phony E-mail addresses and inaccurate phone numbers (including phone numbers that belong to innocent third parties) in their domain registrations. This is cause for revocation of the domain. Report it to

Report Spam Blogs to Blogger

Spammers are now creating blogs at Blogspot and Blogger for the sole purpose of redirecting to other sites like illegal online pharmacies. They will frequently try to spam these blogs' URLs onto other people's blogs and bulletin boards. See this page for reporting spam blogs to Blogspot and Blogger.

Section 3: Protecting Yourself from Spam, Revenge Spam, and Subscription List Abuse

Protecting your Address

When posting your address on a Web page, don't use the mailto: function. Instead, post your address as an image that cannot be recognized by harvesting software, like this:

To prevent spam software from extracting your E-mail address from newsgroup postings, set your mail I.D. to something like yourname@SPAMBLOCKisp.###, where isp.### is your internet service provider. Spam sent to this address will bounce or go into a dead letter office (wastebasket, where it belongs), but people who actually read your article and want to reply can delete SPAMBLOCK from your address.

Important (10/28/97): DON'T use a block like nobody@realdomain.realsuffix, since the mail WILL go to realdomain.realsuffix. Instead, try realname@SPAMBLOCKrealdomain.realsuffix (realsuffix = com, org, net, edu, and so on). That is, make sure the spam is not deliverable to a real domain, even with a nonexistent user I.D. In summary, don't use a spamblocked (munged) address that will cause inconvenience to a real domain owner.

Warning! Address collection software like Extractor Pro, Floodgate, Web Weasel and so on may comb entire newsgroup postings or Web sites for addresses. The programs apparently look for xxx@yyy.zzz, where zzz = net, com, or org. (They may avoid .edu or .gov, I'm not sure.) This means that, if there is a mailto: expression on your Web page, the software will collect the address. The software may collect every xxx@yyy.zzz from your newsgroup posting or Web site. As long as it fits the pattern xxx@yyy.zzz, where zzz is a valid suffix, the program will extract it. Don't put a real address anywhere in a newsgroup posting, or it may be extracted.


  • nobody@landfill4spam is not extracted, since it lacks a valid suffix.
  • is extracted, since .net is a valid suffix

Recognizing Revenge Spams or "Joe Jobs"

These take several forms, but they all involve framing an innocent party for spamming.

E-mail header forgery: This involves forging someone else's E-mail address in the header of a spam. For example, a spammer can set the Identity preference in Netscape Navigator to This is unlikely to get myenemy kicked off his service provider for spamming, since the forgery should be obvious from the headers (the message probably doesn't originate from and, even if it does, the message I.D. won't trace back to myenemy.) However, the victim may get a lot of complaints from people who aren't familiar with this form of harrassment. Forward the spam to the postmaster of the originating mail ISP. They can track the real spammer with the message I.D.

Web site forgery. The spammer gets a throwaway account and spams an ad for someone else's web site. Spamming a Web site is cause for removal of the web site from many service providers.
A Web site was advertised on several newsgroups with a highly obscene .JPG. The site, however, looked reputable and had nothing to do with pornography. I forwarded the newsgroup spam to the E-mail service provider (NNTP posting host), since this is where the spam actually came from. I did not report the spam to the Web site's hosting ISP, but I forwarded it to the Web site's owner. I am not a lawyer, but he could probably sue the perpetrator for defamation (framing him for posting obscene materials on newsgroups). A court could probably order the E-mail provider to reveal the identity of the message's originator.

Spamming a link that shows one domain but connects to another. E.g.'s hyperlink is (it may differ by only one letter). Check the hyperlink.

How to tell:

  • If the advertised Web site doesn't look like something a spammer would advertise, it's probably a revenge spam.
  • If the advertised Web domain has no contact information (no E-mail contact address, home page is blank), it's probably a real spam. Domains owned by spammers usually don't contain contact information, but only forms for placing orders.

What to do:
Send a copy of the revenge spam, with full headers, to the victims. This gives them the evidence they probably need to subpoena the sender's identity and initiate legal action against him.

Warning: Any spammer who doesn't like me or this Web page, don't do it. Your identity can be traced via the E-mail service that you use to spam. The ISP will reveal your identity under a subpoena or court order. A civil tort (defamation) would probably be adequate reason for a judge to issue one. Forgery of my Web site in your spam would be prima facie evidence of malice, and malice is what brings the big punitive damages in defamation lawsuits. So be smart; it's not worth the risk.

Preventing Subscription List Abuse

Allowing people to enter E-mail addresses via Web page is an invitation to subscription list abuse. Be VERY careful of how you allow people to sign up to get E-mail from your company. More information here:

  1. Yahoo groups and other discussion forums often use a confirmed opt-in mechanism. If you sign up for a distribution list, the site sends the E-mail address that you provided a link that you must click to confirm that you asked to be signed up. If you don't click it, you are not signed up. This is an example of closed-loop opt-in.
  2. Consider having subscribers E-mail you, and return their E-mail to them for confirmation. If the subscription request was forged, the mail they sent you will contain full headers for abuse reporting.

The excuse that "someone must have entered your address on my Web page opt-in form" hasn't been accepted for years. This problem has been known for years and, if you are stupid enough to put up an attractive nuisance, you will have to take the consequences (being reported for spam) when someone abuses it.

Dealing with Telemarketers

(1) Register your home or cell phone number on the Do Not Call registry.
(2) Although Do Not Call exempts political and other non-commercial messages, automated or recorded messages ("robocalls") must still follow certain rules. According to the FCC,

FCC rules prohibit prerecorded advertising calls to home telephone numbers unless someone in the household has given prior express permission for the call to be made or has an established business relationship with the caller. For telemarketing purposes, making a purchase or having some other transaction within the past 18 months or making an inquiry or application within the past 3 months establishes a business relationship. Any allowable prerecorded telemarketing messages to residential telephone lines (those made under prior express permission or an established business relationship) must not be made before 8 am or after 9 pm.

The prohibition on prerecorded messages covers advertisements – “any material advertising the commercial availability or quality of any property, goods, or services.” Messages that claim to be surveys actually may be advertisements if they are a pretext for the promotion of any property, goods, or services. In addition, messages that offer “free” information or products may also be covered if the offer is a pretext to a sales pitch. Further, messages that invite you to press a keypad or call another number to hear an advertisement are also prohibited. The rules do not cover calls made by tax-exempt nonprofit organizations and calls that are not advertisements, such as solicitations for charitable contributions, political and religious messages, and debt collection calls.

At the beginning of the message, all allowable prerecorded messages must state the identity of the business, individual, or other entity that is responsible for initiating the call. During or after the message, the caller must give the telephone number (other than that of the automatic dialing system or prerecorded message player that placed the call) of the entity responsible for the call.

Automatic dialing systems that deliver a prerecorded message must release your telephone line within 5 seconds of the time that the calling system receives notification that your line has hung up. In certain areas, telecommunications systems may not be capable of terminating the call this quickly and there might be a delay before a dial tone is restored. Your local telephone company should be able to tell you whether there is a delay in your area.

Noncompliant calls may be reported to the FCC on Form 1088

Section 4. Messenger Spams

Spammers are now using direct message systems to send advertisements. I got one in a grey box whose only option was to check "OK" and close the box; there was no way to discover who sent it. Advice from
  1. Go to CONTROL PANEL ==> Administrative Tools ==> Services ==> Messenger and disable Messenger. This will not interfere with things like AOL and MSN Instant Messenging services, which do identify the sender.
    • See the next items. Disabling Messenger might NOT be adequate by itself.
  2. Per Bruce Lane, Blue Feather Technologies: block ports 135-139. "That will not only stop messenger spam, it will also keep outsiders from making NetBIOS calls to your system."
  3. Also recommended: block ports 140 and 145.

Here's what I did with ports 135-139 in Norton Internet Security:

Click on HELP for an explanation of what this does.

The following also may be helpful.

Furthermore, when someone attempts to send you a message box spam, Norton Internet Security displays an alert and logs the attempt, with the spammer's IP address number.

Testing your system for vulnerability to messenger pop-up spams and other intrusions. From
More information from

Section 5: Illegal and Tortuous Spams (punishable by criminal sanctions and/or lawsuits)

This section's importance cannot be overemphasized. In many cases, you will be dealing with unresponsive service providers that are based in China or Russia, and they will not terminate their customers for spamming. Even if they do, the spammer will simply find another service provider. The spammer hopes that, if it can keep you jumping through hoops long enough, you will wear yourself out and stop. So we go to a new stance on dealing with spam: "Every time you (the spammer) make us jump, we will hurt you as badly as we possibly can by all available legal and nonviolent methods."

In other words, we use the moral equivalent of nuclear weapons as the first resort. Causing the spammer to lose his domain, domain registration, or E-mail account may cost him ten dollars and some inconvenience. That is an example of using a conventional weapon. Getting him charged with a crime or sued by a software company can cost him thousands of dollars and perhaps everything he has. That is an example of dropping the Bomb on him. In addition, even a spam-tolerant internet service provider is not going to want to be around when the Big One lands on his customer; too much fallout in the form of bad publicity, subpoenas, and that sort of thing. To quote Major Kong in Dr. Strangelove: "YA-hooo! Eee-YA-hah!"  (Tomahawk missile animation and "Just hit Delete")

The Federal CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography and Marketing Act)
Federal Trade Commission site (As a publication of the U.S. Government, this is believed to be in the public domain)

  • It bans false or misleading header information. Your email's "From," "To," and routing information – including the originating domain name and email address – must be accurate and identify the person who initiated the email
  • It prohibits deceptive subject lines. The subject line cannot mislead the recipient about the contents or subject matter of the message.
  • It requires that your email give recipients an opt-out method. You must provide a return email address or another Internet-based response mechanism that allows a recipient to ask you not to send future email messages to that email address, and you must honor the requests. You may create a "menu" of choices to allow a recipient to opt out of certain types of messages, but you must include the option to end any commercial messages from the sender.
    • Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your commercial email. When you receive an opt-out request, the law gives you 10 business days to stop sending email to the requestor's email address. You cannot help another entity send email to that address, or have another entity send email on your behalf to that address. Finally, it's illegal for you to sell or transfer the email addresses of people who choose not to receive your email, even in the form of a mailing list, unless you transfer the addresses so another entity can comply with the law.
  • It requires that commercial email be identified as an advertisement and include the sender's valid physical postal address. Your message must contain clear and conspicuous notice that the message is an advertisement or solicitation and that the recipient can opt out of receiving more commercial email from you. It also must include your valid physical postal address.

Each violation of the above provisions is subject to fines of up to $11,000. Deceptive commercial email also is subject to laws banning false or misleading advertising. Additional fines are provided for commercial emailers who not only violate the rules described above, but also:

  • "harvest" email addresses from Web sites or Web services that have published a notice prohibiting the transfer of email addresses for the purpose of sending email
  • generate email addresses using a "dictionary attack" – combining names, letters, or numbers into multiple permutations
  • use scripts or other automated ways to register for multiple email or user accounts to send commercial email
  • relay emails through a computer or network without permission – for example, by taking advantage of open relays or open proxies without authorization.

The law allows the DOJ to seek criminal penalties, including imprisonment, for commercial emailers who do – or conspire to:

  • use another computer without authorization and send commercial email from or through it
  • use a computer to relay or retransmit multiple commercial email messages to deceive or mislead recipients or an Internet access service about the origin of the message
  • falsify header information in multiple email messages and initiate the transmission of such messages
  • register for multiple email accounts or domain names using information that falsifies the identity of the actual registrant
  • falsely represent themselves as owners of multiple Internet Protocol addresses that are used to send commercial email messages.

Federal Trade Commission rules for sexually-explicit material says,
Starting May 19th 2004, spam that contains sexually oriented material must include the warning “SEXUALLY-EXPLICIT: ” in the subject line or face fines for violations of federal law. The CAN-SPAM Act, passed by Congress in 2003, directed the Federal Trade Commission to adopt a rule requiring a mark or notice to be included in spam that contains sexually oriented material. The purpose of the notice is to inform recipients that a spam message contains sexually oriented material and to make it easier to filter out messages they do not wish to receive.
...The FTC’s final rule prescribes the phrase “SEXUALLY-EXPLICIT: ” as the mark or notice mandated by the CAN-SPAM Act. The final rule follows the intention of the CAN-SPAM Act to protect email recipients from unwitting exposure to unwanted sexual images in spam, by requiring this mark to be included both in the subject line of any e-mail message that contains sexually oriented material, and in the electronic equivalent of a “brown paper wrapper” in the body of the message. This “brown paper wrapper” is what a recipient initially will see when opening a message containing sexually oriented material. The “brown paper wrapper will include the prescribed mark or notice, certain other specified information, and no other information or images.

Piracy and warez

Selling pirated software is illegal. Ads for "backups" of commercial software are often really ads for pirated software.

Report movie piracy to hotline "at" (Motion Picture Association of America).'s customer,, spammed us with an ad for "Lord of the Rings: The Fellowship of the Ring" and other movies. (The site itself is advertising "Die Another Day.") It was in Chinese so we couldn't tell if the prices suggested piracy or not but Heaven help them if it is.

New (Feb. 2005) spam fighting tactic for dealing with product counterfeiters and software pirates

If the Internet Service Provider will not terminate the spammer's domain, E-mail both the ISP and the owner of the intellectual property (brand name or software) to put it ON RECORD that the ISP has been informed that it is hosting a product counterfeiter or a software pirate. As an example, if someone is selling "OEM Microsoft Warez," you send your complaint (in the same E-mail) to the ISP and to piracy "at"

This tactic, which was apparently successful in getting a product counterfeiter kicked off at least two service providers, is based on the ancient adage "Do it but don't tell me about it." In King Richard II, one of Henry Bolingbroke's (later Henry IV's) retainers murders the deposed king (Richard II). Then he goes to Henry IV, tells what he has done, and expects to be rewarded. Instead, Henry IV exiles him from the kingdom on pain of death if he ever returns, because now that Henry "knows about it," he cannot be seen to condone or reward the murder of his rival. If, on the other hand, he had merely suspected his retainer, he might well have rewarded him had he (the retainer) kept his mouth shut.

Similarly, even an ISP that might be willing to tolerate a spammer cannot afford to know (officially) that the spammer is selling counterfeit watches or, for that matter, pirated software. The spammer may not have enough money to be worth a land shark's while. The ISP does. We suspect that, if an ISP sees a spam (and piracy) complaint copied to piracy "at", it is going to take the matter very seriously.

Online "Pharmacies" selling Viagra and so on

  • Report Web sites to the Food and Drug Administration at 
    • "To report e-mails promoting medical products that you think might be illegal, forward the email to webcomplaints 'at'"
  • "Pharmacies are regulated by states, and must be licensed by the states they are in. The also nearly always must be licensed in other states to which they ship medicines. Doctors' activities are overseen primarily by state medical boards, and in evey state but Utah, it's not considered legal for physicians to issue prescriptions to people based soleley on an online consultation, said a spokesman for the Federation of State Medical Boards." Source: " Battles Portals with Imported-Drug Ads," Wall Street Journal, 31 October 2003, pages B1 and B3.
  • Report online pharmacy spams for controlled substances to the U.S. Drug Enforcement Agency at

Drug Enforcement Administration
Mailstop: AXS
2401 Jefferson Davis Highway
Alexandria, VA 22301

  • NEW (8/30/04), DEA takes complaints about illegal pharmacies here. The DEA is interested primarily in illegal sales of controlled substances. Not all prescription medications are controlled substances, although it is not acceptable to sell any prescription drug without a bona fide (i.e. based on an actual doctor-patient relationship) prescription.
    • Report illegal online pharmacies that sell non-controlled prescription drugs like Viagra to the FDA. Also E-mail webcomplaints "at"
  • NEW (12/21/04) DEA Unveils International Toll-Free Hotline to Report Illegal Prescription Drug Sales and Rogue Pharmacies Operating on the Internet: Call 1-877-RxAbuse
    • "DEA has launched a toll-free international hotline to report the illegal sale and abuse of pharmaceutical drugs.  People now will be able to provide anonymous telephone tips about the diversion of prescription drugs into the illegal market by individuals and suspicious Internet pharmacies. In addition, such information can be reported online through the DEA Webpage."
    • Note: the DEA is interested primarily in illegal online pharmacies that sell controlled substances. Viagra and Lipitor do not seem to be on this list so Internet sites that sell them without a prescription should be reported to the FDA.
  • U.S. Drug Enforcement Agency position on online pharmacies:

Many people have asked about on-line prescribing. A prescription for a controlled substance is valid only if it is written by a DEA-registered practitioner acting within the course of professional practice. This includes having an established doctor-patient relationship based upon a medical history, a physical exam and diagnosis. There must be a logical connection between the medical diagnosis and the controlled substance prescribed. A prescription written based soley upon an on-line questionnaire does not meet these requirements. It is not a valid prescription and the distribution of any controlled substance pursuant to an invalid prescription is illegal.

The responsibility for writing a valid prescription for controlled substances rests primarily upon the physician. It is his or her obligation to ensure that controlled substances are prescribed for valid medical reasons and according to state and federal regulations. However, there is also a corresponding liability that rests on pharmacists to ensure that they dispense controlled substances only pursuant to a valid prescription. If the pharmacist fills a prescription knowing that it is based soley upon a 2-minute telephone consultation or on-line questionnaire, the pharmacist is also violating the law.

Illegal Pornography

Pornography by itself is not illegal but sending it to minors is.

Transmission of pornography to minors.

I spoke with the National Fraud Information Center (~1997), and I understood that a "fig leaf" (my term, not NFIC's) disclaimer like, "Don't click on this URL if you are under 18," or "entry to this site means you are declaring yourself over 18" is enough to protect the porn spammer. If, however, the "fig leaf" is not there, and following the URL takes the viewer to explicit pornography (display of the female chest, male or female genitals; the posterior is not enough), that could be enough to burn the spammer for transmission of pornography to minors. Of course, an E-mail with such material embedded could easily violate this law.

Transmission of child pornography is automatically illegal.
But beware of revenge spams that advertise a domain as child pornography simply to cause trouble for that domain's owner. W would suspect (not legal advice) that revenge- spamming another person's domain as a kiddie porn site is libelous because it is automatically libel to knowingly and willfully make a false accusation of a crime.

Transmission of pornography even to adults may be illegal says,
"Starting May 19th 2004, spam that contains sexually oriented material must include the warning “SEXUALLY-EXPLICIT: ” in the subject line or face fines for violations of federal law. "

Morality in Media, Inc. Form for reporting illegal pornographic spam to your state's attorney general

Securities Fraud (e.g. "pump and dump")

Report these to the Securities and Exchange Commission, enforcement "at"

Credit Card, Bank Account, and PayPal Phishing

"Phishing" means fishing for personal financial information like your bank account number, PayPal or E-bay password, or credit card number. This may fall under the FBI's jurisdiction (since it often crosses state lines). Examples might include requests that are purportedly from E-bay (report to spoof "at" and PayPal to "verify your credit card information." The idea is to get you to give the spammer your credit card information. You can submit a tip to the FBI here.

  • Report E-bay and PayPal phishing to spoof "at" and Be sure to include the full headers so they can trace the spammer.

Internet Fraud Complaint Center (IFCC)

Internet Fraud Complaint Center (IFCC) and Internet Crime Complaint Center (, run by the FBI
"IFCC provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation. For law enforcement and regulatory agencies at all levels, IFCC offers a central repository for complaints related to Internet fraud..." Types of complaints processed include:

  • Child pornography
  • Credit/Debit card fraud
  • Counterfeit goods and materials (e.g. fake Rolex watches currently being spamvertized?)
  • Internet auction fraud and other non-delivery of goods and services
  • Software piracy

More on the Nigerian "419" scam From "Nigeria - The 419 Coalition Website."
This scam is similar to the "Spanish Prisoner" scam in which someone claims to have found a lot of money. He needs your help to get it out of the country, though, and you have to put up money of your own for fees, bribes, and so on before you can get your share of the "found" money. "419 Fraud" (Four-One-Nine) comes from the relevant section of the Criminal Code of Nigeria regarding cons. The U.S. Secret Service has taken an interest in this scam.

"If you are a United States Citizen or Resident and have suffered No Financial Loss write "No Financial Loss - For Your Database" on the documents you received and Fax them to the US Secret Service Task Force handling Scam matters at 202-406-6930 or 202-406-5031. Actual hardcopy of the 419er document(s) is required to add your 419ers information to the Task Force Database for legal reasons, merely telling Task Force about it will NOT suffice." You are unlikely to get a reply, though, unless you suffered a financial loss. Nonetheless, your report will still help the task force deal with this scam.

"You may also email the 419er documents, especially any Banking Data they may have given you, marked No Loss, to Task Force Main in DC; that is also acceptable." E-mail  419.fcd "at" (A good place to forward E-mail spams for 419 scams; be sure to include the full headers of the spam.) Also copy 419 "at" (if it's from Nigeria) and wafl "at" (especially if it has Canadian contact information).  "If you have NOT suffered a financial loss, so the matter is not Urgent, you may alternatively SNAILMAIL the Scam documents you have received to the United States Secret Service, Financial Crimes Division, 419 Task Force, 950 H Street, Washington, DC, 20001-4518, USA. But be sure to mark your documents "No Financial Loss - For Your Database" as described above."

fraud.alert "at" for advance-fee frauds with United Kingdom contact information

419-related humor, including photos of 419 scammers!

Misuse of the VeriSign or TrustE Logo

Seen at, which was advertised to me by spam.
In both cases, clicking on the VeriSign logo does nothing. According to VeriSign's Web page, "When the seal is clicked, no information pops-up" is evidence of misuse or fraudulent use. You should report this misuse to Verisign.

Abuse of TrustE sealThis one was seen at after we received a spam from that source.

(1) List of TrustE-registered domains

(2) Check to see if a specific domain is registered with TrustE and file a complaint if it is not. In this case, "The URL does not belong to a TRUSTe licensee."

Product Counterfeiting (e.g., sells "replica" Rolex watches that use Rolex's distinctive mark)

Raising the Stakes for International Pirates and Counterfeiters

  • Expose pirates and counterfeiters by publishing the names of overseas firms that produce or trade in fakes in the U.S. Trade Representative's annual Special 301 Report.
  • Encourage companies to exercise their rights under the Lanham Act, which allows them to conduct private seizures of fakes when accompanied by federal marshals with seizure orders and injunction notices.
  • Tighten the global noose on IPR thieves by seeking agreement with like-minded countries to block trade in pirated and counterfeit goods, conduct joint enforcement actions, and actively share information on the movement of suspected fake products.
  • Bring pirates and counterfeiters to justice in America by amending and upgrading U.S. mutual legal assistance and extradition treaties.
Update (2/2/2008): Misuse of the FDA and Health and Human Services seals or logos by illegal online pharmacies may be a felony. (Not legal advice, we are not lawyers)

U.S. Code Title 18 § 506. Seals of departments or agencies

(a) Whoever—
(1) falsely makes, forges, counterfeits, mutilates, or alters the seal of any department or agency of the United States, or any facsimile thereof;
(2) knowingly uses, affixes, or impresses any such fraudulently made, forged, counterfeited, mutilated, or altered seal or facsimile thereof to or upon any certificate, instrument, commission, document, or paper of any description; or
(3) with fraudulent intent, possesses, sells, offers for sale, furnishes, offers to furnish, gives away, offers to give away, transports, offers to transport, imports, or offers to import any such seal or facsimile thereof, knowing the same to have been so falsely made, forged, counterfeited, mutilated, or altered,
shall be fined under this title, or imprisoned not more than 5 years, or both.

You can tell the FDA about misuse of its logo here.

Internet crime can also be reported to the FBI's Internet Crime Complaint Center (IC3)

Section 6. Links to Other Anti-Spam Resources (last verified May 2005)

Newsgroup: (E-mail abuse)


Q: What's worse than finding two dead spam accounts lying face down in pools of cyber-blood?
A: Finding one.

Why We LART (Loser Attitude Readjustment Tool) Spammers
"Why We Need Nosy Parkers: Busybodies, it turns out, may help us coexist." (U.S. News & World Report, June 13) explains why Internet users take more time to report spammers than it takes to "just hit 'Delete.'"

"Social scientists call the behavior 'altruistic punishment': the willingness to step in and enforce societal norms even if doing so carries little chance of reward and significant personal costs."

The concept is demonstrated in a game in which players are given a small amount of real money-- perhaps $20.00-- they are supposed to invest in a joint venture that provides a modest return. Cheaters can prosper by not investing anything while taking their share of the (slightly lower) joint profits. When players are allowed to fine the cheaters they will often do so even if they must forfeit some of their own money to impose this penalty.

"Increasingly, researchers say, it's looking as if our tendency to sanction breaches of social norms is the key to human cooperation."

How to Ban Web Sites From Your Computer

Web site advertising is often reasonable, and it is the way that many sites earn enough money to deliver their content. We found our Web hosting service (Pair Communications), which we have used for more than a decade, through a dignified banner ad.

There are unfortunately advertisers that abuse the privilege of access to people’s computers by pushing ads–usually Shockwave Flash–with excessive bandwidth utilization that slows even DSL Internet connections noticeably. (We banned from our computer eight or nine years ago, when we were still using a dial-up connection, because it kept refreshing its banner ads.) Other ads superimpose themselves over the page content, and have no button on which to click to close them. Still others vibrate or jiggle back and forth, and are unpleasant to look at. Adding the domains to Internet Explorer’s “Red Circle” list does not keep them off one’s browser, either.

We have found that the following method (which is apparently what at least one shareware package does) will ban a Web site from all access to one’s Internet browser. You need to find the HOSTS file on your hard drive. Ours is at C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS. Edit it as follows to ban Web sites from your computer. Note that you have to add the virtual domain (e.g. as well as the base domain ( Note: the sample banned sites are not part of the original Microsoft material. (c) 1993-1999 Microsoft Corp. ends with ” # # x client host.”

# Copyright (c) 1993-1999 Microsoft Corp.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.

# For example:
# # source server
# # x client host localhost

As an example, if we put into our browser line, we get a blank page. We recall banning from our computer because of a Flash advertisement that covered the page content we were trying to view, and there was no way to close it. It’s possible that the ad did not display properly on the browser we were using, but that is not our problem; it is the advertiser’s responsibility to design the ad so it will work properly on all browsers.

The bottom line is that advertisers’ access to people’s computers is a privilege and not a right, and abusive conduct as perceived by the user (such as overuse of connection bandwidth, intrusive ads, opening new browser windows without permission, and so on) is a good way to have a privilege taken away.

  Spammers: sending unsolicited bulk commercial E-mail to any address in this domain constitutes your acceptance of the terms of use.
visitors since 13 December 2002
Image credits and copyright