Goodreads helps you keep track of books you want to read.

Start by marking “Spam Nation: The Inside Story of Organized Cybercrime — from Global Epidemic to Your Front Door” as Want to Read:

Other editions

Enlarge cover

Rate this book

Clear rating

1 of 5 stars 2 of 5 stars 3 of 5 stars 4 of 5 stars 5 of 5 stars

Open Preview

Spam Nation: The Inside Story of Organized Cybercrime — from Global Epidemic to Your Front Door

Brian Krebs

3.73 · Rating details · 2,265 ratings · 232 reviews

There is a Threat Lurking Online with the Power to Destroy Your Finances, Steal Your Personal Data, and Endanger Your Life.

In Spam Nation, investigative journalist and cybersecurity expert Brian Krebs unmasks the criminal masterminds driving some of the biggest spam and hacker operations targeting Americans and their bank accounts. Tracing the rise, fall, and alarming There is a Threat Lurking Online with the Power to Destroy Your Finances, Steal Your Personal Data, and Endanger Your Life.

In Spam Nation, investigative journalist and cybersecurity expert Brian Krebs unmasks the criminal masterminds driving some of the biggest spam and hacker operations targeting Americans and their bank accounts. Tracing the rise, fall, and alarming resurrection of the digital mafia behind the two largest spam pharmacies and countless viruses, phishing, and spyware attacks he delivers the first definitive narrative of the global spam problem and its threat to consumers everywhere.

Blending cutting-edge research, investigative reporting, and firsthand interviews, this terrifying true story reveals how we unwittingly invite these digital thieves into our lives every day. From unassuming computer programmers right next door to digital mobsters like "Cosma" who unleashed a massive malware attack that has stolen thousands of Americans' logins and passwords, Krebs uncovers the shocking lengths to which these people will go to profit from our data and our wallets.

Not only are hundreds of thousands of Americans exposing themselves to fraud and dangerously toxic products from rogue online pharmacies, but even those who never open junk messages are at risk. As Krebs notes, spammers can—and do—hack into accounts through these emails, harvest personal information like usernames and passwords, and sell them on the digital black market. The fallout from this global epidemic doesn't just cost consumers and companies billions, it costs lives too.

Fast-paced and utterly gripping, Spam Nation ultimately proposes concrete solutions for protecting ourselves online and stemming this tidal wave of cybercrime, before it's too late.

"Krebs's talent for exposing the weaknesses in online security has earned him respect in the IT business and loathing among cybercriminals. His track record of scoops has helped him become the rare blogger who supports himself on the strength of his reputation for hard-nosed reporting." Bloomberg Businessweek ...more

Get A Copy

Hardcover, 256 pages

Published November 18th 2014 by Sourcebooks (first published September 1st 2014)

More Details... Edit Details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about Spam Nation, please sign up.

Lists with This Book

Social Engineering by Christopher Hadnagy

The Art of Deception by Kevin D. Mitnick

The Web Application Hacker's Handbook by Dafydd Stuttard

Information Security, Penetration Testing, Social Engineering, Counter-Intelligence, Hacker/Hacking Culture and History.

91 books — 65 voters

Cybercrime and Cyber War

50 books — 17 voters

More lists with this book...

Community Reviews

Showing 1-30

Average rating 3.73 ·

Rating details

· 2,265 ratings · 232 reviews

More filters

Sort order

Start your review of Spam Nation: The Inside Story of Organized Cybercrime — from Global Epidemic to Your Front Door

Jan 11, 2015 Gwern rated it liked it

Moved to gwern.net.

flag 14 likes · Like · see review

Nov 24, 2014 Scott Baxter rated it it was ok

Fascinating subject, less than stellar execution.

This book illustrates just how difficult it is to write a first book, even if the author has a long career as a writer writing short pieces. Krebs has trouble deciding which things require longer explanation and which can be glossed over. For example, at one point he points out the importance of understanding what IP addresses are, but Krebs would have done well to spend much more time going into detail about what an IP address is, why it is ...more

flag 11 likes · Like · see review

Jun 17, 2015 Jean rated it really liked it

Shelves: audio-book, non-fiction

Even though we have good filters on our e-mail programs these days and no longer see all the spam, the author maintains it is a critical problem. Krebs claims the crooks are no longer content with standard commercial fraud, e-mail criminals infect millions of computers worldwide with toxic digital parasites, designed to extort our wealth and steal our personal data.

Krebs states that Russia is the key spam Nation with skilled hackers and corrupt police and is now the global epicenter of cyber ...more

flag 7 likes · Like · see review

Mar 03, 2015 Rob rated it liked it · review of another edition

Shelves: audio-book, nonfiction, own, computers, read-2015, author-male

Executive Summary: Interesting read, but a bit too much of Mr. Kreb's personal story in places. 3.5 Stars.

Audio book: Christopher Lane does a decent job. He has a passable Russian accent, but for some reason he didn't always use it for the Russian characters. I wouldn't have done this in audio except it was on sale. I wouldn't bother with the audio book otherwise, and you'd be better off borrowing this from the library.

Full Review
I continue to be fascinated by computer crime. This is another Executive Summary: Interesting read, but a bit too much of Mr. Kreb's personal story in places. 3.5 Stars.

Audio book: Christopher Lane does a decent job. He has a passable Russian accent, but for some reason he didn't always use it for the Russian characters. I wouldn't have done this in audio except it was on sale. I wouldn't bother with the audio book otherwise, and you'd be better off borrowing this from the library.

Full Review
I continue to be fascinated by computer crime. This is another interesting book in that realm, though not as much as Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground.

This is far from technical, and I think that's fine. Mr. Krebs gives you the basics on botnets and some of the other techniques common for spammers without going into too much detail to scare the layman off.

If I have one real complaint about the book is that Mr. Kreb's spends too much time talking about himself, especially at the start. I understand that he plays a part in the story, but he spent part of an early chapter complaining about how the Washington Post would make him sit on stories for month due to red tape and legal concerns.

I never really knew the main players in the spam game. I still really don't. That isn't Mr. Kreb's fault though. I'm just really bad at names. He does list them out in the front of the book. Most of the people here were interchangeable to me. This likely wasn't helped by the fact that I did this in audio. It would be nice if the list of people came as a pdf for reference.

I still found it interesting. I guess I never realized just how much of spam was driven by online pharmacies. I haven't really had to deal with spam in years. I almost never wander into my spam folder looking for legitimate email.

It's interesting that there is a legitimate market for this stuff. It just goes to show the lengths and risks people will take when they can't afford proper health care and medication.

Overall I'm glad I picked this up, but it probably would have better borrowed than bought. ...more

flag 5 likes · Like · see review

May 07, 2015 Monica Willyard Moen rated it it was amazing

Shelves: bookshare, tech

This book offers a clear, easy to read introduction of spam, the people behind it, and the reason for its rise in prominence.

flag 5 likes · Like · see review

Oct 02, 2018 Audrey rated it really liked it

Shelves: 2018-books, non-fiction

While this book was published in 2014, theres been plenty of new cybercrime thats popped up since then. I suggest following Brian Krebss blog to keep up to date. Krebs started off as in investigative reporter but left to run his own blog when his articles became too hot to handle for the paper.

The book follows the history of email spam in its heyday. Its actually been declining in favor of phishing, ransomware, and other scams.

It turns out the vast majority of spam came from Russia from only a While this book was published in 2014, there’s been plenty of new cybercrime that’s popped up since then. I suggest following Brian Krebs’s blog to keep up to date. Krebs started off as in investigative reporter but left to run his own blog when his articles became too hot to handle for the paper.

The book follows the history of email spam in its heyday. It’s actually been declining in favor of phishing, ransomware, and other scams.

It turns out the vast majority of spam came from Russia from only a handful of people. They viewed spam as legitimate advertising for prescription drugs, porn, and fake antivirus programs (scareware), especially drugs. Enough people buy spammed products for it to be a lucrative business.

Researchers concluded that spam—and all of its attendant ills—will remain a prevalent and pestilent problem because consumer demand for the products most frequently advertised through junk email remains constant.

Spam was seen as more of a nuisance than a threat, even though spammers infect personal computers and use them to send spam. Krebs had an incredibly difficult time getting spam-sold pills tested. Drug companies were also to crack down on spam since some of the drugs were safe enough.

Incredibly, the [University of Alabama at Birmingham] researchers have legal approval from federal regulators and law-enforcement agencies to test and handle highly controlled and illegal substances, such as cocaine, heroin, and a methamphetamine, but they had not yet received permission from the FDA and DEA to test pills ordered through junk email.

Spam rivalry seriously hurt the spam industry, and when the credit card companies got involved, they took a big hit.

So it’s an interesting history and not quite what I expected. I was most interested in who was buying from spam and why. I would have liked to hear more about the anti-spammers and their efforts. The spammers themselves were not that interesting.

Recommended for anyone interested in computers and cybercrime. Editing is pretty well done. There is some strong language in quoted material.

Book Blog ...more

flag 4 likes · Like · see review

Jun 21, 2015 RC1140 rated it really liked it

A really well structured and informative book into the underground dealings that are always happening but we are not aware off. The coverage was excellent and thought provoking giving you all the information you need even if you are not intimately informed about spam or cyber crime. It is always motivating that after reading a non fiction book like this that I find myself motivated to research more on the topic since it shows just how well the author captured my attention and allowed me to fill ...more

flag 3 likes · Like · see review

Nov 18, 2014 Will rated it really liked it · review of another edition

Overall, this was pretty good, 3.5 stars, but I'll round up.

I think it fell a bit into the pitfall that some non-fiction writers fall into in terms of following the narrative of such a small number of people; I would have liked to see more about other folks involved in the spam wars (including anti-spammers), but I understand why the book was structured the way it was.

For the most part, Krebs does a good job of not getting bogged down with technical details, but still explaining technical ...more

flag 3 likes · Like · see review

Nov 11, 2014 Rick Howard rated it really liked it · review of another edition

Shelves: csc-official, csc-crime, csc-winner

Executive Summary

In Spam Nation, Brian Krebs covers a key portion of our cyber security and cyber crime history: 20072013, that period when we started to learn about the Russian Business Network, bulletproof-hosting providers, fast-flux obfuscation, criminal best business practices, underground cyber crime forums, and strange-sounding botnet names like Conficker, Rustock, Storm, and Waledac. This period just happens to coincide with Krebss rise in popularity as one of the leading cyber security ...more

flag 2 likes · Like · see review

Dec 04, 2014 Jacob rated it liked it

Shelves: nonfiction, history, from_library

To me, the subject matter of this totally hooked me: what is the source of spam sent worldwide? Why is it profitable for them? Why is spam not nearly the problem it used to be? Fortunately, the author provides plenty of answers to those questions. In addition, he recounts a feud that started between two of the most prominent spammers that ended up with both of them kind of destroying each other and causing significant damage to the spamming industry (not that most of us are sad about that). It's ...more

flag 2 likes · Like · see review

Dec 31, 2014 Richard Miller rated it liked it · review of another edition

I was turned on to this book after reading the author's blog at http://www.krebsonsecurity.com and becoming intrigued to learn about the sources of and reasons for the torrent of spam that we are hit with in our inboxes each and every day. The author is obviously well-versed on this topic, and his story about the competing cybercrime factions made for a compelling story. There is some technical jargon sprinkled throughout this book, but the author made the topic approachable for any reader by ...more

flag 2 likes · Like · see review

Dec 23, 2014 Mo rated it liked it

Very interesting story about two spam kingpins destroying each other. Definitely shows you another side of spam that I don't think most people know or understand. The story was captivating, but the author struggled with sounding egotistical, though I don't think he is, having read his blog for a while now. I think he made a good attempt at making the story exciting. Had he simply retold information, it would have been boring, but he didn't find the right balance between telling an excting story ...more

flag 2 likes · Like · see review

Dec 10, 2014 Vasil Kolev rated it it was amazing

Shelves: tech, history

It's a very good and mostly in-depth look into the world of spammers, especially the ones that deal with selling drugs. It concentrates mostly on some Russians, but still paints a petty good picture of most of the business, and the advice in the end seems good enough for beginners and most people.

The parts on why people buy from spammers were really interesting, which point to why most of the big pharma companies don't really want to investigate them, as it mostly seems that they sell the same ...more

flag 2 likes · Like · see review

Sep 17, 2015 Isa K. rated it really liked it

Brian Krebs's favorite word is miscreant. >.>

An interesting, richly detailed account of the cyber crime ecosystem. I must admit I was slightly bemused by the fact that the author doesn't know that Livejournal was an American company sold to a Russian one, not the other way around (at one point he says that Russian Livejournal bought Six Apart and I was like ORLY? Also remember when having a MovableType install as a blogger was like buying a BMW? *sigh*) ... but this is just olds on the ...more

flag 2 likes · Like · see review

Dec 29, 2014 Rick Radinsky rated it really liked it

Interesting behind the scenes at the largest spam operators until recently. The intrigue between the competing companies led to their downfall. The money involved led to the organizations coordinating the spam to fight and prove the consequence of Mutually Assured Destruction. Anyone interested in the global effects of what most of us consider nothing more than an annoyance should give this a read.

flag 2 likes · Like · see review

Jan 01, 2015 Jeanne Boyarsky rated it really liked it

Shelves: technology

Brian Krebs has spent much time and money looking into both spam and security. I've learned a lot reading his blog so I picked up his book. Aside from epilogue on how to protect yourself, this isn't an actionable book. It's about what happened. Still interesting though to see what he went through and learned. I'm glad he has a "who's who" at the beginning was helpful to keep track of all the names.

flag 2 likes · Like · see review

Dec 23, 2016 Mishlaev rated it it was amazing

Great story. It feels like great detective tv show, but about hackers and spammers.
Brain Krebs did an incredible work. This book it 'untold' story of global web.

flag 2 likes · Like · see review

Dec 21, 2016 Wesley Fryer rated it it was amazing

Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door by Brian Krebs (@briankrebs) is an eye opening dive into the world of Internet spam, pharmaceutical drugs sold online, cyberattacks, malware, the dark web, and corruption within the Russian justice system. It should be required reading (or listening) for anyone working in or interested in the field of information technology today.

Do you know someone who has had their email account hacked? A few years “Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door” by Brian Krebs (@briankrebs) is an eye opening dive into the world of Internet spam, pharmaceutical drugs sold online, cyberattacks, malware, the dark web, and corruption within the Russian justice system. It should be required reading (or listening) for anyone working in or interested in the field of information technology today.

Do you know someone who has had their email account hacked? A few years ago I helped a woman in our church whose Yahoo account was hacked not once but several times. After reading "Spam Nation," I strongly suspect that one of the main reasons she was a victim of email hacking was her online purchase of pharmaceutical drugs for herself and her husband. Before reading Brain's book I knew online drugs were very prevalent, but his research and analysis helped "connect the dots" for me to better understand this landscape of medical needs and financial opportunities. Many of the same drug manufacturers in India whose products we purchase at corner drugstores in the United States like WalGreens and CVS are also sold by Russian pharma peddlers who have extremely sophisticated networks of malware-infested spam sending computers. Brian's book was published in 2015 and his stories are a few years old, but they are still very important to understand within the broader security landscape of our twenty-first century communications and media environment.

"Spam Nation" helped me better understand the economics and political environment (especially in Russia) which have created fertile ground for spamming and malware. The high prices of pharmaceutical drugs in the United States, and our ongoing need for comprehensive health care reform, also play an important role in these complex relationships. I certainly have a greater motivation to help members of our family, my school community, our church, and other groups understand the need for and know how to follow better personal digital security practices. See my recent post, "Give the Gift of Digital Security to Your Family," for more on those topics. That post, along with my ongoing work at school to upgrade our firewall, develop a plan to adopt two-factor authentication for all faculty/staff, and support other secure password and digital security initiatives were all influenced strongly by my reading (actually listening via Audible) to "Spam Nation" by Brian Krebs.

The large scale cyberattack which took place in October 2016 was powered primarily by a new IoT (Internet of Things) botnet which allows hackers to compromise and exploit home wifi devices like security cameras. The malware, named Mirai, is documented well by WikiPedia. Incidentally, current issues and events like this highlight the value of WikiPedia as an information source. This is something many educators do not yet fully understand or appreciate. When you're seeking information about a very new topic like the latest botnet cyberattack, however, it becomes clear immediately that archaic forms of information analysis and distribution (like printed books) are far less helpful than crowdsourced digital platforms like WikiPedia and Twitter.

"Scareware" is an important cybersecurity and digital security term which Brian Krebs introduced me to through "Spam Nation." I personally know several individuals at school and through our church who have been challenged by these kinds of advertisements and software programs. Scareware programs are promoted by website popup advertisements which try to convince users their computer has been compromised by a hacker, and they need to install recommended "security software" to remove the vulnerable malware programs. In some cases these scareware ads are effective, convincing users to install software which is itself malware, and/or part with money to purchase "software protection" which is bogus and not needed.

Part of digital literacy today must include the ongoing development of what Neil Postman termed a "crap detector" in his excellent (and prescient) 1985 book, "Amusing Ourselves to Death: Public Discourse in the Age of Show Business." As a technology director and digital citizenship advocate at our school, "scareware" is a vocabulary term I'm using now and will continue to use with students, parents, faculty and staff in the months ahead.

During the 1990s and into the 2000s, Apple / Macintosh computer users were relatively immune from the computer virus and malware attacks which plagued users of Microsoft's dominant Windows operating systems. In 2016, that's not the case anymore. According to Krebs, in 2011 scareware and malware developers started large scale efforts to compromise Apple computers. Apple computer systems need to run security software today just as Windows systems do. This is true for school computers or the computers you use at home.

The large price disparities between medications sold in the United States and elsewhere in the world create powerful economic incentives for people to purchase drugs online from unknown or shadowy companies. It's likely we all know people who do this. While the crackdown on credit card processors documented by Krebs in "Spam Nation" had a negative effect on the online pharmaceutical industry, the power of these economic incentives makes it likely to persist. As other authors I cited in a 1993 research paper on drug control in the Americas noted, counter-drug efforts tend to exhibit a "balloon effect" where enforcement in one area pushes traffickers to increase their efforts and drug availability in others. The takeaways here are:

1- It's extremely risky for anyone to purchase drugs from shadowy companies online.
2- Purchasers risk their health and the health of loved ones taking medications which are not adequately checked for quality.
3- Purchasers also risk compromising the security of their computers, phones, and their connected digital identities if they purchase drugs online from mysterious, foreign companies.

I highly recommend reading or listening to "Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door" by Brian Krebs (@briankrebs). As a result of listening to this book, I am not only better educated to understand many of the malicious and damaging dynamics involving spam and malware which affect us within our increasingly digital society, but am also better equipped to help students, educators and parents in our school community navigate these issues as more savvy digital citizens. ...more

flag 1 like · Like · see review

Feb 07, 2018 Elly rated it really liked it · review of another edition

Shelves: audiobooks

Interesting view on the people who worked with spam emails. Slightly outdated advice at the end, as it was published in 2014, but still worthwhile to listen to the epilog. Most people know, or SHOULD know that advice by now, but it is still important to follow. 2 factor login is much more common nowadays than then.
Specifically for the audible version: big parts were spoken with a to my ears Russian accent, a nice touch to indicate the words of the Russian people involved.

flag 1 like · Like · see review

Sep 25, 2017 Cristina Ana rated it liked it

Interesting read, but too biographical for a supposedly technical non-fiction book. Still, I learned a great deal from it.

flag 1 like · Like · see review

Nov 03, 2014 Noorilhuda rated it really liked it · review of another edition

Shelves: politics-war-god-biz-development

I love 'Mr. Robot''s Elliot - he is right in everything he thinks, and wrong in everything he does! Mr. Robot (U.S. TV series) tells the story of disillusioned hackers trying to change the injustices of the world - one hack at a time - and getting played by criminals unknowingly. Part of the problem is how much of us is on the internet - i.e. ID, banking / medical records, personal photographs, family, friends, likes and dislikes - the more in control we think we are, the more vulnerable we I love 'Mr. Robot''s Elliot - he is right in everything he thinks, and wrong in everything he does! ‘Mr. Robot’ (U.S. TV series) tells the story of disillusioned hackers trying to change the injustices of the world - one hack at a time - and getting played by criminals unknowingly. Part of the problem is how much of us is on the internet - i.e. ID, banking / medical records, personal photographs, family, friends, likes and dislikes - the more in control we think we are, the more vulnerable we actually are.

I just finished reading ‘Spam Nation’ by Brian Krebs (2014; NYT bestseller) that focusses primarily on Krebs own investigation into cyber crime world that creates ‘botnets’ i.e. hacking ordinary citizens’ PCs and infecting them in such a way that when the criminal / hacker sends an email (spam) no one can link it back to the originator of the email = you may have a zombie computer without knowing it! And it may be is being used to spread spam mail of all sorts all over the world - cheap drugs (life-saving and pleasure-seeking), porn, child pornography, etc. For example, one spammer referred to his botnet as ‘Topol Mailer’ and that single botnet once delivered a third of all spam to inboxes around the globe, principally to Americans! And hacking your PC is not even that tough!

According to the book, ‘anti-virus companies combat an average of 82,000 new malicious software variants attacking computers every day - and a large %age of these strains are designed to turn infected computers into spam zombies that can be made to do the attacker’s bidding remotely. Security giant McAfee said it detected more than 25 million new pieces of malware in fourth quarter of 2014.’

The hackers / spammers in the book (like the TV series Mr. Robot) have cool Super-hero / Dr. Evil names like ‘Hellman’, ‘Red Eye’, ‘Gugle’, ‘Pet’, ‘Engel’, ‘Kolya’. And they have their own discussion forums! (‘Spamdot.biz’ etc.) and enemies: competitors and ‘Antis’ (anti-spam vigilantes).

The interesting thing about the book is the expanse of the networks (a guy sitting in China or Russia is sending spam via zombie computer in Africa to someone sitting in America/ Canada) and the universal need for cheap drugs - for e.g. most Americans who check spam and order prescription drugs through links given in spam get the same quality prescription drug as the expensive American version - the cheap version having been made in India and delivered to the consumer’s doorstep in America! The risk of course is that the drug maybe adulterated and result in deadly side effects and because it was a spam dealer, you have no recourse under law against it.

The disturbing bit is that the spammers helped the growth of child abuse business.

Krebs' book is focussed on his own limited investigative experience - Russian cyber criminals - but it made me wonder about terrorism and how botnets may exist to serve a terror objective (put information in an account, thus implicating the guy; or deleting crucial information of a bank; or arms purchase). In Pakistan, it has been used for digital identity theft (ATM passwords) - what else? I don’t know.

I had an unusual experience just the other week: I routinely get photocopies and print outs from a shop in F-7, Islamabad and when I tried to print out a doc from my Yahoo account using a PC there - Well, my email account wouldn’t open in spite of repeated attempts. I go back home and check the account and Yahoo has sent me an email: “Hi noor, On Mon, Sep 28, 2015 8:48 AM GMT+3, we noticed an attempt to sign in to your Yahoo account ********* from an unrecognized device in Romania. If this was you, please sign in from your regularly used device. If you haven't recently signed in from an unrecognized device and believe someone may have accessed your account, please visit this link to change your password and update your account recovery information. Thanks for taking these additional steps to keep your account safe. Yahoo”

So the shop in F-7 actually is a spambot! For what? Only hackers know!
...more

flag 1 like · Like · see review

Feb 11, 2016 Tony rated it really liked it

I borrowed this book, as an eBook, from the local library. I had only 14 days to read it. and I did so.

I've often wondered just how profitable it is to spam people. I mean, if it wasn't profitable people wouldn't be doing it. The vast majority of us despise spam and we go to great lengths to avoid it. We set up elaborate spam filters on our email, or we pointedly choose email providers that will do that for us.

As with so many things, the different components of it are outsourced to different I borrowed this book, as an eBook, from the local library. I had only 14 days to read it. and I did so.

I've often wondered just how profitable it is to spam people. I mean, if it wasn't profitable people wouldn't be doing it. The vast majority of us despise spam and we go to great lengths to avoid it. We set up elaborate spam filters on our email, or we pointedly choose email providers that will do that for us.

As with so many things, the different components of it are outsourced to different groups. One group runs a credit card payment processing system. Another group runs a "bulletproof" web hosting system, which won't shut you down when everyone gripes about you. Another group actually arranges shipments of drugs, ordered by people after it was advertised by spam.

Many of the drugs delivered as a result of these orders are perfectly legitimate. They have the correct active ingredients, in the correct concentrations and appropriate packaging. The reality is that major pharmaceutical companies outsource the actual mixing and production of their prescription drugs to a variety of factories in India and China. It isn't difficult to have the same companies produce a few extra above and beyond the contracted orders. Once you have those, it's just a matter of getting orders and fulfilling them.

Who is ordering prescription drugs from these groups? People who don't have health insurance and are paying out of pocket for prescription drugs. People who do have insurance, but the copays on the prescriptions are so high that they can buy it cheaper, out of pocket through these channels. People who are self medicating and don't actually have a prescription for this.

These pharmaceutical supply companies, responding to orders from spam advertising, are motivated to ship quality products in a timely fashion. Failing that, they are motivated to refund your money to your credit card with very few hassles. Why are they so motivated? If you contact your credit card company and issue a fraud statement, that raises all kinds of red flags. Credit cards are the lifeblood of these companies. The absolute last thing they want to happen is to get fraud charges. If the credit card companies think they are committing fraud, they will stop processing orders for the suppliers. So they're motivated to do a good job, look totally legitimate and work hard for your repeat business.

Some of the measures they go to, both to get the email out to the wider world and to host the websites which collect the orders, are quite ingenious. Most of it involves creating a botnet, a network of machines which have been compromised by viruses and various malware, and pressed into service for the spammers. The actual owners of the machines, frequently, have no idea that their computers are working for someone else.

Why weren't the major pharmaceutical companies fighting these guys? It would take some research to figure out whether the drugs were legitimate or not. Certain pharmaceutical companies were willing to fund such research if it showed that the spammers were delivering inferior products. However, if they were delivering legitimate products, they absolutely did NOT want word getting out. Better to leave it a grey area and let people SUSPECT that inferior products were being delivered than to actually publish research that might indicate legitimate sales.

In the end, it was greed, hubris and personal vendettas that brought the major spam organizations down. Along with the fact the credit card companies refused to process payments for things that were illegal (shipping a prescription to someone in the USA, without a confirmed prescription, is illegal). And they made it very easy to report illegal activity. Finally, spammers were priced out of the market for programmer talent in Russia. When a talented programmer could get a legitimate job and get paid better than the spammers could pay, it was the beginning of the end. ...more

flag 1 like · Like · see review

Jan 05, 2015 Daniel rated it liked it

Shelves: non-fiction

This review originally published in Looking For a Good Book. Rated 3.25 of 5

You probably wouldn't be reading this blog, or this review as posted on-line, if you didn't know what 'spam' is, or if you only thought it was a canned meat-like food. And if you know what spam is, you probably find it annoying -- a clutter filling your email in-box -- but not necessarily dangerous. You would be wrong.

Brian Krebs, the cybersecurity expert who first reported the infamous security breach at Target®, is a This review originally published in Looking For a Good Book. Rated 3.25 of 5

You probably wouldn't be reading this blog, or this review as posted on-line, if you didn't know what 'spam' is, or if you only thought it was a canned meat-like food. And if you know what spam is, you probably find it annoying -- a clutter filling your email in-box -- but not necessarily dangerous. You would be wrong.

Brian Krebs, the cybersecurity expert who first reported the infamous security breach at Target®, is a journalist and blogger who has devoted himself to investigating and reporting on cyber security. In Spam Nation, he details the rise and fall of the world's leading spammers. Perhaps it's not too surprising (especially to anyone who has actually read through some spam) that the leading spammers are from the Russian Federation and neighboring states. What is surprising (at least to me) is how much of the spam is fueled by so few people; how a personal feud between the top two leading spammers brought about their own downfall; and how much money these criminals actually make.

For an example of the latter... Krebs reports that one leading cyber-criminal had his very expensive import car stolen and decided that because it was a vehicle that was considered to be highly valuable property he decided to by a different car (a BMW, I believe it was) rather than try to get the car returned. I can't imagine having the kind of money where you just buy a new vehicle (and a BMW or Mercedes) instead of trying to recover a stolen vehicle.

The book is incredibly interesting, but also more than a little technical. It likely wouldn't have mass appeal because too many people may find the computer jargon difficult to follow. On top of that, because of the nature of who the criminals are, it also reads a bit like Dostoevsky with a great many East Slavic language names. Keeping them straight was often a challenge, made more difficult by the fact that they often were referred to by their on-line nicknames, which sometimes changed.

Krebs, on the one hand, occasionally came across as arrogant and boastful -- making sure we know how much the spammers kept an eye on him because of what he could do -- but on the other hand, as we read through the book we learn that much of what he presents was gifted to him by insider sources, likely because of the feud.

The presentation of material felt a bit scattered, as though Krebs had so much he wanted to share but didn't know what to give us first. He is a good blogger and journalist, but putting information in a book-length format requires a different sort of thinking and planning. It might have been just as successful if he had simply published a collection of his blog posts.

Even so, I learned some things from this book, which is often more than I can hope for from a non-fiction title. I was more thana little shocked to learn that at one point in 2013, "nearly 70 percent of all email sent daily was unsolicited bulk email relayed via spam botnets" and that the cyber-jerks sending spam were sending approximately 85 BILLION junk/spam messages every DAY. Ouch.

I've come away with new knowledge and perhaps even a way to make myself a little better, and that's definitely worth something.

Looking for a good book? Spam Nation gives you a look inside the belly of the cyber-spamming beast, and you might not like what you see inside but the knowledge is a good thing to have.
...more

flag 1 like · Like · see review

Oct 23, 2017 Jonathan rated it really liked it · review of another edition

WARNING: Parental guidance should be observed because of the adult subject matter. It is R rated.

For those who in IT Security (as I am) or curious about spam industry and history this is an excellent book. The narrator does an A+ job and even talks in Russian and New York accents when recounting discussions. You will get a chuckle at times at the absurdity of various conversations Krebs had with cyber criminals.

I think in one sense the cyber criminals come off as humanized and everyday citizens ...more

flag 1 like · Like · see review

May 15, 2016 Glenn rated it really liked it

Shelves: cybercrime

This book is focused on the evolution, decline, re-emergence and ongoing transformation of loosely-connected Russian cybercrime networks (called Partnerka) whose business is stealing from average citizens around the world.

The Partnerka harvests millions of email addresses (with a special focus on the US) and spams them relentlessly through armies of botnets (networks of infected computers) in an attempt to sell everything from unregulated drugs to illegally copied software to child porn. The This book is focused on the evolution, decline, re-emergence and ongoing transformation of loosely-connected Russian cybercrime networks (called Partnerka) whose business is stealing from average citizens around the world.

The Partnerka harvests millions of email addresses (with a special focus on the US) and spams them relentlessly through armies of botnets (networks of infected computers) in an attempt to sell everything from unregulated drugs to illegally copied software to child porn. The Partnerka constantly troll for new computers to press into their botnets - using scareware, fake anti-virus programs, and other infected software downloads. Once in your computer they may monitor your keystrokes, steal email accounts, harvest passwords, and collect financial data, all with the express intent of robbing you (and your friends, and their friends) -- or selling your information to someone who will. The strategies constantly evolve. One of the more recent is Ransomware -- malware which encrypts everything on your computer and demands a ransom (generally in bitcoins) for unlocking it again. Bottom line -- these are serious, well-organized criminals, based in a country where they can operate as fairly large enterprises as long as they bribe the right FSB agents and politicians.

This is a scary, incredibly well-researched book, filled with hard-won information, gathered by an author courageous enough to interview and challenge some very dangerous people. However, it has a few flaws (the only reason I gave this a 4 instead of a 5):
1) No index (the book contains a lot of well researched information that would be valuable to other researchers. An index would help them find it.)
2) The relevant time-line is difficult to tease out. The dates are somewhat skewed toward activities of the author. I would like to see a timeline focused on the evolution of the criminal activity.
3) Insufficient footnotes (esp in the last 2/3rds of the book.) There is a section called "Sources", where the sources are outlined in prose but not the more traditional set of notes.

That said, this book is definitely worth reading cover to cover. The beginning of the book covers the evolution of this cybercrime business and makes it clear how serious these people are. The middle covers the internecine conflicts which led to the downfall of some of the biggest players. The last part brings us up-to-date and provides a clearer picture on the complex work governments, corporations and the FBI, Interpol and other agencies are doing to fight these criminals. The book closes with ways to protect yourself, as well as ways to be a more responsible cyber-citizen.
...more

flag 1 like · Like · see review

Jul 09, 2015 Mike Smith rated it really liked it

Shelves: non-fiction

Spam Nation is a thoroughly researched investigation of the heyday of online pharmacies (in the late 2000s) and the unsolicited e-mail, known as "spam", that is used to sell pills to people around the world. Spam involves a complex ecosystem of hackers, programmers, and businessmen. Hackers take over personal computers and then use them to send out billions of e-mail messages advertising medicines, fake anti-virus software, sexual enhancement aids, and other products. Programmers write the web Spam Nation is a thoroughly researched investigation of the heyday of online pharmacies (in the late 2000s) and the unsolicited e-mail, known as "spam", that is used to sell pills to people around the world. Spam involves a complex ecosystem of hackers, programmers, and businessmen. Hackers take over personal computers and then use them to send out billions of e-mail messages advertising medicines, fake anti-virus software, sexual enhancement aids, and other products. Programmers write the web sites that actually sell the merchandise. Corrupt business owners, many of them Russian or Eastern European, host the web sites, process the payments, and ship the products.

The main thrust of this book is an examination of how two of the largest figures in this semi-legal world of online pill-pushers got into a feud that almost destroyed their so-called industry. Although hundreds of millions of dollars are involved in this market, there are so many players and middlemen taking a cut, that very, very few actually get rich doing it. Amazingly, they get by largely on repeat customers, most of them American, who can't afford their prescriptions through legitimate pharmacies and turn to the Internet for cheap meds. More often than not, the pills bought from Indian manufacturers through Russian web sites posing as Canadian pharmacies are actually chemically identical to the brand-name drugs. The businesses couldn't survive if they sold bad drugs that didn't do what they're supposed to do.

A combination of the feud between leading players and increased scrutiny from credit card companies, brought about partly by Brian Krebs's reporting, finally started to shut down the pharmacy trade. Banks stopped processing payments when threatened with crippling fines by the credit card companies.

Krebs writes well, but sometimes the intricate details of the financial transactions and the shell companies and the Russian names becomes overwhelming. What really comes through is how easy it can be to make money off trusting consumers who can't tell a phony Russian online pharmacy from a legitimate company. On the Internet, no one can tell you're a dog, or a Russian selling cheap, knock-off, Indian-manufactured pills. ...more

flag 1 like · Like · see review

Oct 25, 2017 George Davidson rated it it was amazing

Shelves: favorites, infosec-cybersec, current-events

One of the greats by renowned author and investigative journalist Brian Krebs. Pulls the covers on the email SPAM industry and looks at it not just from the perspective of criminals and law enforcement, but on consumers who are buying their products.

Unfortunately the spam will go on and even though some of the actors in the book have been taken down, plenty more where that comes from.

flag 1 like · Like · see review

Feb 15, 2017 Jacques Bezuidenhout rated it it was ok · review of another edition

It was ok. Not really something I'd recommend to anyone, unless you are really really really interested in the subject. (which I am not)

I think it covers a lot, and does well in conveying the intended information.

I did learn quite a few things about how spammers and online pharmaceuticals work that I didn't know before.

Like any other cyber crime books, it always makes you a bit worried about your own security and whether you are doing enough.

The book was focused around the Russians a lot, but ...more

flag 1 like · Like · see review

Dec 31, 2016 Paul rated it really liked it

Krebs provides incredible insight into the world of spam and the illegal online pharmaceutical scams that had filled our inboxes for years. This particular plague has evolved into more malicious scams, such as ransomware, but the details of the warring factions trying to dominate this illegal market and how turning on each other brought about their downfall was fascinating.

Krebs provided great detail of the schemes behind botnets, how they are developed and modified, and then sold in a ...more

flag 1 like · Like · see review

Jan 04, 2015 J rated it really liked it

Shelves: kindle

As one of an admin on the front lines of this battle, I have a good grasp of the technical on this matter. What this book did for me is provide the human and political background that I never knew. It really help put a lot of what we were seeing on the front-line into perspective. Some times we get so wrapped up in the technical aspects, we forget the human side that drives it.

Kreb's writing may not be my favorite writer style wise (a bit dry), but I think he is very good investigate journalist ...more

flag 1 like · Like · see review

« previous 1 2 3 4 5 6 7 8 next »

new topic
Discuss This Book

There are no discussion topics on this book yet. Be the first to start one »

Recommend It | Stats | Recent Status Updates

Readers also enjoyed

See similar books…

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »

Genres

Nonfiction

111 users

Science > Technology

51 users

Mystery > Crime

31 users

History

18 users

Audiobook

16 users

Computer Science > Computers

16 users

Science > Computer Science

11 users

Business

11 users

Crime > True Crime

11 users

Computers > Hackers

9 users

See top shelves…

About Brian Krebs

Brian Krebs

46 followers

Books by Brian Krebs

More…

Bill Gates Picks 5 Good Books for a Lousy Year

Bill Gates, tech pioneer, co-founder of Microsoft, and co-chair of the Bill & Melinda Gates Foundation, is an avid reader who people follow...

Trivia About Spam Nation: The ...

No trivia or quizzes yet. Add some now »

Quotes from Spam Nation: The ...

“KrebsOnSecurity.com, a daily blog dedicated to in-depth cybersecurity news and investigation.” — 0 likes

“In nearly all cases, the person who is in control of that address can reset the password of any associated services or accounts—merely by requesting a password reset email.” — 0 likes

More quotes…

See a Problem?

Preview — Spam Nation by Brian Krebs

Spam Nation: The Inside Story of Organized Cybercrime — from Global Epidemic to Your Front Door

Get A Copy

Friend Reviews

Reader Q&A

Lists with This Book

Community Reviews

new topic
Discuss This Book

Readers also enjoyed

Goodreads is hiring!

Genres

About Brian Krebs

Books by Brian Krebs

Related Articles

Trivia About Spam Nation: The ...

Quotes from Spam Nation: The ...

See a Problem?

Preview — Spam Nation by Brian Krebs

Spam Nation: The Inside Story of Organized Cybercrime — from Global Epidemic to Your Front Door

Get A Copy

Friend Reviews

Reader Q&A

Lists with This Book

Community Reviews

new topicDiscuss This Book

Readers also enjoyed

Goodreads is hiring!

Genres

About Brian Krebs

Books by Brian Krebs

Related Articles

Trivia About Spam Nation: The ...

Quotes from Spam Nation: The ...

new topic
Discuss This Book