Types of Spam Bots – Darkside of Software and Artificial Intelligence
What is a Spam Bot? How Spam Bots ruin the internet, and cost you and your business a lot of money and headaches? In today’s topic we’re looking at the evil side of software!
We like to think of ourselves as a force of good, a team that pushes the boundaries of software development with each project. For that purpose, we spend a lot of time on doing our homework and learning on a daily basis! Like that one time we travelled back in time to the invention of the computer, or the use of the first compiler!
And it should be no secret that many specialists in the business sphere predict that the future of commerce lies within Artificial Intelligence!
However, with good comes the bad, and today we’re looking at the dark side of software, marketing, and business practices. Specifically, the Spam Bot.
Let’s visit the Tortuga of illegit engagement statistics and malicious marketing activity; and try to decipher why people would want to use one of these, and how it will eventually come back to bite them in the posterior.
What is a Spam bot?
We start with the basics. A spam bot is a software that is programmed to perform repetitive set of tasks on a wide scale; primarily on the internet in places where people interact online. Usual places where spam bots are most active are forums, social media platforms, emails, and even personal messengers.
And spam in turn usually refers to unsolicited junk email, intrusive messages, unwanted product ads, fake backlinking, fraud emails and malware. It can also be massive quantities of data targeted at a server, fake phone-scams, or something as simple as amounts of clicks/likes.
Your automatic systems such as reCAPTCHA or integrated spam defences on most CMS providers can easily spot and ignore these. However, some of the people employing spambots can be surprisingly imaginative and easily find loopholes to abuse.
With more and more progress into adaptive self-learning AIs, the fight is just heating up!
Types of Spam Bots
Now, not all following types are “spam” bots per se; however, they do fall under the category of ill intent, repetitive-task-software or malicious-software that defines a spam bot.
We’ll start from the harmless variants to more evil ones as we progress.
However, not all of them are bad out of the box or in premise, starting off our list.
Email marketing campaign bots
The typical cold-offer email bots. These send out emails with preprogramed schedules and to predefined recipients. Many still use these today to send out marketing campaigns, and some with good results as well.
However, “good” results are in only after careful consideration of your target market segments, meticulous diligent research and masterful crafting of proper email campaigns.
Simply using free databases of random emails on the internet and sending your offer, will lead to negative results for your brand name and IP address.
If poorly programmed without proper oversight into sending intervals and recipients there is a high-risk of IP/name/location-bans – lowering your brand/name sending-reputation in certain global “anti-spam” lists, which is never great.
Speaking of cold email offers and databases.
Information gathering bots
These bots appear benign and simply scour the internet for “[email protected]” or phone numbers at every open public forum or database they can get into. Basic in nature and architecture they can do only so much damage. However, they are essentially the first step for gathering large quantities of “targets” or victims.
You might consider this as “prospect-client gathering”, however we would argue it leads to more damage than its worth. Because there is very little one can do in order program it to find and acquire quality addresses with supplement information to craft a worthwhile offer.
And the days of cold-email or cold-phone offers to millions, are mostly behind us, most email providers block these right off the bat. The ones that pass, are almost always ignored by savvy customers, especially due to inherent dangers associated with opening emails from unknown sources.
A darker side of these types of “information prospectors” and that is the much more sophisticated and complex software phishing for identity theft. These gather all the relevant information like social security numbers, credit card details and more, in illegal databases for later use by internet scammers, speaking of which.
Fraud emails and messages
Everybody is familiar with the popular “Nigerian-prince with millions” trope or Advance-fee scams. Which, incidentally, dates back to the 18th century and the letters with requests for “prison-guard bribes” in Spanish prisons or fake inheritances. But we digress.
These spam bots send out huge numbers of emails or messages with requests for relatively small amounts of money for bigger returns later to their victims.
Even 10 years ago these were usually in form of emails, but now that is no longer the case. I’m sure you’ve seen the “I earn 27.115 dollars per month, from home! Click here to find out how!” comments to various articles, YouTube videos and other, same goes for messengers. All of those are fraudulent spam bots.
Recent statistics by the federal trade commission in US, show that these basic scams, by the 2nd quarter of 2020, have amounted to 56 million US dollars.
Those simple “broad” scam nets are easy to avoid, but what happens when you receive a Facebook message or an email from your loved one asking for urgent financial aid?
Some people would say “I’ll just call my loved ones” and that would help in most cases, but…
RoboCalls – Telephone Spam Bots
The “RoboCall” spam bot is a variant working with pre-recorded phone calls, usually imitating government agencies or other high-level organizations, but sometimes even your close ones in distress.
Frauds relating to official agencies became infamous in 2019 after the now well known “Chinese embassy scam”. It involved multiple victims receiving messages via email, messenger and phone, with individuals claiming to represent the Chinese consulate or Chinese law enforcement. Essentially extorting large sums of cash to be wired to Hong Kong to “keep it under wraps”.
Now with advances in text-to-speech synthesis software which uses AI algorithms to imitate someone’s voice, this problem becomes ever harder to combat. But surely, to imitate my parent’s voice they need a big enough sample?
Wrong, this study shows that you need only as much as 5 second audio sample for basic results. It’s not that hard to call your grandparent and ask them some random “survey” and get a big enough sample.
This problem has become such a major issue that since 2015 the Federal Communication Commission in US alone, has issued fines of up to 208.4 million US dollars. (Of which they only collected about 7k, due to outdated cyber related laws)
And I’ll remind you all that is possible due to the “gatherer bots” we discussed, and most of these are done on a wide scale by automated software, calling thousands of people per day.
Wait… we’re not at the end of list? Surely it can’t get worse than that?
Engagement Spam Bots: comments and likes
It gets worse. Welcome to “digital ad fraud” which by broad estimation has cost the marketing and advertisement world anywhere from 18 to 34 billion US dollars!
Now we’re getting somewhere. But let’s start small from small and work our way towards the bigger picture.
The spam bots in question create fake engagements and statistics, hurting the overall data and cutting hugely into your advertisement investments.
There are multiple ways these bots achieve it, fake comments with platitudes like “amazing emoji emoji” or “love it, love you” etc. Fake-clicking or click spamming by imitating a high number of clicks to simulate and take credit for “organic” interaction. Be that on your ad or the like button under one’s content.
And mind you they can inflate this data exponentially by bot emulators. More instances of a bot targeting your ads, more harm it does and deeper is the cut into your ad budget.
With Spam bots targeting your enterprise, you can essentially throw any and all measurable data your marketing department has: traffic, rankings, conversions… sales. All of it.
DDoS attack software
Next on our list, is basically the same premise as the earlier example, but put on overdrive. And that is “spam bot’s role in DDoS attacks”.
Essentially “Distributed Denial of Service” or DDoS happens when multiple systems flood the bandwidth of the victims’ servers, by sending millions of packages simultaneously, from unique IPS every second, slowing it via overload or completely shutting it down. In short it spams your server with requests that overflow it.
It’s incredibly difficult to find any concrete numbers of the collective costs of DDoS attacks on the financial market. But, according to Kaspersky research the average cost of a DDoS attack for a SME ranges in around 100k to 120k US dollars, and up to 1.6 to 2.2 million US dollars for large enterprises. Those numbers add up and it isn’t a pretty picture.
All that is possible, due to these machines overloading the victim’s server’s bandwidth with their own bots, and infected devices emulating and serving the same purpose. That is what we call botnets, infected devices acting much like a zombie army. Doing the bidding of their master, automatically.
Known botnets include – Cyclone; Pushdo/Cutwail; MrBlack; Nitol and many others.
The infected device can “spam” the website with multiple requests for access as part of a bigger DDoS attack. They categorize as full-fledged malware and speak of.
Virus spreading bots
Finally, we have the worst of them all, the malware, the viruses we all know and probably have on our personal computers. We all have been collectively fighting these since the 1990s!
And spam bots are the carrion pigeons, being able to capture huge numbers of people’s digital front yards, they prove to be the best at spreading malicious download links to unsuspecting victims.
Since we’re not talking about all malware, but just spam bots, one of the ways “spam” is used is via hijacking devices with trojan like viruses; and creating fake download/engagement much like the engagement bots among other things.
A “computer virus” much like the spam bot is a form of “automated software” that enables all sorts of dangerous practices that in turn lead us to those astronomical numbers we spoke of in “Ad Fraud”; And every single other instance we mentioned in this article. Matter of fact, the Ad revenue loss pales in comparison to the cybercrime damages in total.
It is impossible to calculate the costs all the innumerable instances of various trojans, worms, ransomwares and other forms of spyware have had on the world individually. Mostly due to the high degree of variance those have when targeting different markets. However, according to some estimations, the global cybercrime damage is said to be in range of 6 Trillion US dollars by the end of 2021.
And that was our list of malicious “spam” bots and how they ruin the fun for everyone. So please don’t use one, don’t ruin it for everyone. Not just because it’s incredibly illegal, just because we asked?; also, it’s incredibly illegal.
And if you’re reading our blog, we know you’re smart, handsome, and really good at picking bespoke software development firms; you would never stoop so low!
There is still so much to cover on this topic, from the future of artificial intelligence and bots; how to improve your cyber security on your website or application; and many other fascinating subjects.
So, what is your favourite/outrageous message you saw a spam bot post? Tell us in the comments! Here’s ours:
But we’re at our time limit, hope you had as much fun reading this as we had writing this article.
Stay classy business and tech nerds!