Why India Is the World’s Largest Spammer

Image: 7MB
The Prime Minister's Office spams users with his messages. Does this explain why India is the world's largest spamming nation?

In 2017, India had the largest bot army in the world. But these weren’t of the apocalyptic kind, they’re spam bots – more than 800 thousand of which generate 14.5 percent of the world’s spam. According to a Cisco Cyber Security Report, 85 percent of emails sent in India are spam, the highest ratio in the world.

Bots don’t necessarily source from the host country. They are systems infected with viruses that send out bulk mails – often without their owners knowing (the symptoms can be a slower PC, or increased internet usage). They can get installed by clicking on a malicious link, or installing infected software.

Indian spammers are not often highlighted (as opposed to their Nigerian counterparts) but they’ve been in practice since the late 1990s. And in certain Usenet forums and image-boards, Indian ISP ranges are banned altogether.

A PhD thesis on ‘Internet Bad Neighborhoods‘ mentions India prominently – as source of the largest absolute number of spamming IP addresses. The study claims a single ISP, belonging to a BSNL user, “concentrated 7.39% of all the spamming addresses observed for the entire world in our datasets.” As an automated system provider, BSNL was the largest source of spammy IP addresses – with a Pakistani state-owned network next in the list. There’s not much BSNL can do about it, however. The problem is that India lacks anti-spam legislation.

The birth of spam in India

India’s journey through the internet has long been dogged by state-owned digital liabilities. In the late 1990s, the Videsh Sanchar Nigam Limited (VSNL) had a monopoly over internet in India, a situation that would later change as private players entered the market.

While not known for its speed, VSNL was early enough that Indian users had TCP/IP internet connectivity. This let users log onto Usenet forums – a sort of early internet haven for file-sharing and piracy. It was the place to be for the first generation of hackers. An Indian user named HipCrime, mostly based in New Delhi, began to spam the forums there with a custom bulk-email messaging software. His work grew so prevalent that Indian ISPs were banned altogether from several boards.

It was a beginning, and the era of data breaches was about to loom. In 1998, an Indian student gained access to VSNL’s “allusers” database – and sent out an email to every one of its subscribers (effectively the entire internet user base in India). He promised VSNL accounts at Rs. 2000 for 500 hours of use (the cost then was about Rs. 10000 for the same). Before VSNL could plug the leak of its ‘allusers’ database, several hackers had downloaded the data.

The bulk mail era had begun in India. Companies began sending out mass mails – including their addresses and phone numbers at the bottom. This was a trend from those days, evident from the very first computer virus ‘Brain’ from Pakistan.

Hackers would include the following disclaimer:

Since India has no anti-spamming law, we follow the US directive passed by the 108th US Congress (CAN-SPAM Act 2003), which states that email cannot be considered Spam if it contains contact information, which all our email list does, and a remove mechanism.

It sounded legitimate, but it wasn’t. The mails refer to a bill that a senator from Alaska tried to pass – but couldn’t. Called the Markowski Bill, it found prominence in bulk mailers across the world.

Initially, many of these were mails by legitimate companies trying to boost their reach. But the promise of the great internet heist was appealing. Soon enough, scams like the “Mobile Tower Fraud” emerged – where users were duped into making advance payments to set up mobile towers on their land. The scammers promised huge rent payments for the towers – and hundreds were duped from a variety of backgrounds.

The Telecom Regulatory Authority of India has issued advisories against the mobile phone scam (sometimes perpetuated in its name). While regulating spam is difficult (involving a degree of monitoring a user’s browsing, unadvisable from a privacy standpoint), it has managed to reduce its incidence via SMS – through the Do Not Disturb option.

Moving forward

Internet penetration was proportionately low in India even when the country topped the world’s spam production. Now, as the digital population is set to grow exponentially, the fear is that spamming will grow with it. A block on Indian ISPs, such as that employed by underground websites such as 4chan, may not end up so much out of racism than out of necessity.

Cracking down on the spam menace is a policy requirement for the government. But to do this, they need to understand what spam really is. It’s a word that gets its prominence from an early Monty Python skit – but it’s by definition unsolicited messages sent to a large number of people on the internet. Since the advent of the BJP to power, the Prime Minister’s Office (and occasionally those of other departments) have been mailing citizens with updates of their events – with no indication of how users signed up for this.

You might already have some in your spam folder – search your mail for “no-reply@sampark.gov.in” and you might see some of the PMO’s spam. Perhaps it’s a plan to ensure we stay number one – at spamming.


Copyright Madras Courier 2017. All rights reserved. You may share using our article tools. Please don't cut articles from madrascourier.com and redistribute by email, post to the web, mobile phone or social media.
Please send in your feed back and comments to editor@madrascourier.com