Press Kit

KnujOn is transforming the "unsolvable" spam problem into a situation that can be understood, managed, minimized and defeated. Spam filtering and blocking isn't working, in fact spam has increased in the last two years, flooding the global network. Email and Internet users are demanding solutions but the technology market is slow to respond to consumer need.

At KnujOn we are providing consumers with a no-nonsense way to report junk mail. In return they receive feedback and action they are not getting elsewhere. Through persistent policy enforcement, KnujOn is reducing the value of junk email by eliminating the transaction platforms (websites) and increasing the operational costs for the spammers.

White Papers

Project KnujOn - October 2007(PDF)

Bios and Contact

Articles and Commentary

Analysis: Crackdown on domain name crooks - SHAUN WATERMAN

WASHINGTON, May 29 (UPI) -- The non-profit association that oversees Internet addresses is trying to crack down on shady Web pages used by spammers and hackers... "It's a huge problem," said Burnette, declining to give more detailed figures on the numbers of registrants reported to have submitted inaccurate or incomplete information. "If we find that registrars are not investigating reports (of inaccurate or non-existent WHOIS data) as they are required to, our escalation procedure can ultimately result in their accreditation being terminated," effectively shutting them down, she said.

ICANN looks to lend a hand in spam fight (betanews.com)

"Worst Spam Offenders" Notified by ICANN

In order to clarify the system for dealing with incorrect “Whois” domain name registration information, and deal with community concern, ICANN is releasing the following information regarding its compliance work.

MARINA DEL REY, Calif.: ICANN has sent enforcement notices and notices of concern to certain registrars, including those reported this week as being the registrars for the majority of websites advertised in spam emails.

Earlier this week, an investigation by KnujOn, widely reported online, publicly identified 10 registrars as being the companies used to register the majority of domain names that have since appeared in spam email messages.

More than half of those registrars named had already been contacted by ICANN prior to publication of KnujOn’s report, and the remainder have since been notified following an analysis of other sources of data, including ICANN’s internal database.

With tens of millions of domain names in existence, and tens of thousands changing hands each day, ICANN relies upon the wider Internet community to report and review what it believes to be inaccurate registration data for individual domains. To this end, a dedicated online system called the Whois Data Problem Report System (“WDPRS”) was developed in 2002 to receive and track such complaints.*

"ICANN sends, on average, over 75 enforcement notices per month following complaints from the community. We also conduct compliance audits to determine whether accredited registrars and registries are adhering to their contractual obligations," explained Stacy Burnette, Director of Compliance at ICANN.** "Infringing domain names are locked and websites removed every week through this system."

Although the majority of registrars offer excellent services and contribute to the highly competitive market for domains, ICANN’s compliance department has developed an escalation process to protect registrants and give registrars an opportunity to cure cited violations before ICANN commences the breach process.

However, while registrars are responsible for investigating claims of Whois inaccuracy, it is not fair to assume a registrar that sponsors spam-generating domain names is affiliated with the spam activity. A distinction must be made between registrars and an end user who chooses to use a particular domain name for illegitimate purposes.

"But if those registrars, including those publicly cited, do not investigate and correct alleged inaccuracies reported to ICANN, our escalation procedure can ultimately result in ICANN terminating their accreditation and preventing them from registering domain names," Ms Burnette said. (icann.org)

Most Spam Sites Tied to a Handful of Registrars - Brian Krebs

So who are the top 10 registrars most favored by spammers? You can see the list along with Knujon's methodology here. A few of the names on it are unsurprising simply by virtue of their market share. Number five -- Bellevue, Wash., based eNom -- is the second largest registrar, according to DomainTools's registrarstats.com. Number six -- Pompano Beach, Fla., based Moniker -- has the eighth largest market share among registrars.

But size doesn't explain most of the names on the list. The registrars that scored the worst overall - Xinnet Bei Gon Da Software, BEIJINGNN, and Todaynic -- are all located in China, and are 18th, 47th and 99th in terms of market share, respectively.

Perhaps the most interesting name on the list is number 7 - a registrar out of Broomfield, Colo., called Dynamic Dolphin. According to Knujon, more than 10 percent of the company's 45,000-plus domains have false WHOIS data, and more than 17 percent of the domains registered through the company have been observed being advertised through spam.

A bit of digging into Dynamic Dolphin revealed that it is owned by a company called CPA Empire, which in turn is owned by Media Breakaway LLC. Those of you who read this post a few weeks back will recognize this company: Its CEO is Scott Richter, a notorious, self-avowed spammer who claims to have quit the business. As I noted in that post, anti-spam groups claim that Media Breakaway recently hijacked more than 65,000 IP address for use in sending e-mail and hosting commercial Web sites.

Whittling spam down to a manageable level - William Jackson

A recent report by security software maker Symantec reveals that spam accounted for an average of 80 percent of traffic hitting e-mail gateways in April, spiking as high as 87 percent at times. That is a daunting figure, but Garth Bruen of KnujOn looks at the problem in a different way. According to a study being presented this week by KnujOn to the High Technology Crime Investigation Association, 90 percent of the illicit Web sites using spam to generate traffic are clustered on just 20 registrars — that is only 2.5 percent of the 800 registrars accredited by the Internet Corporation for Assigned Names and Numbers. That can make the spam problem seem almost manageable. (gcn.com)

Strategic Developer | Martin Heller: "20 registrars control 90% of illicit domains, says Knujon" (weblog.infoworld.com)

90% of the Illicit Sites Tracked by
KnujOn Clustered at 20 registrars

KnujOn Review and Promotion of Crimeware: Understanding New Attacks and Defenses, by Markus Jakobsson, Zulfikar Ramzan

“This book is the most current and comprehensive analysis of the state of Internet security threats right now. The review of current issues and predictions about problems years away are critical for truly understanding crimeware. Every concerned person should have a copy and use it for reference.”

—Garth Bruen, Project KnujOn Designer

A cure for spam: Attack the cause, not the symptoms - William Jackson

LIKE MOST OF US, computer programmer Garth Bruen doesn’t like spam, phishing e-mails or the other forms of junk that fill up his inbox. Unlike most of us, he is doing something about it. Filtering doesn’t work, he said. We have been filtering e-mail for years, and today, spam accounts for anywhere from 70 percent to 90 percent of all e-mail traffic, according to the best estimates. And although there have been some successful prosecutions, laws don’t seem to be helping much. The Can-Spam law makes it illegal to send unidentified, misidentified or misleading e-mail advertisements and provides civil and criminal penalties for spammers, but since it went into effect in 2004, the volume of junk mail has tripled. The problem, Bruen said, is not spam itself. Spam is a symptom. (gcn.com)

Fink on spammers to get better results - Mark Hall

Since 2005 Knujon has shut down more than 50,000 Web sites on behalf of its customers. (blogs.computerworld.com)

Project Knujon Shuts Down More Than 50,000 Illicit Websites - Stefanie Hoffman

Project Knujon, or no junk spelled backwards, does the work that many other organizations have shied away from -- collecting and sorting through millions of spam messages submitted by the public, and then shutting down the illicit Websites. Since 2005, Project Knujon has shut down more than 50,000 fraudulent Websites. (crn.com)

KnujOn takes the spam fight to the enemy - Neil Roiter

“Filtering and blocking tactics are failing,” says Bruen. “It’s actually making the problem worse. Even if 90 percent of the messages are being filtered, the small percentage that aren’t keeps them in business.” For example, a Consumer Reports survey published in September estimated that 650,000 people had purchased products or services offered via spam in a single month. (security.blogs.techtarget.com)

Antispam group targets transactions, not messages - Cara Garretson

A father-son team that has dedicated time and energy to fighting spam says that as of today, it has shut down more than 50,000 Web sites that use unwanted messages to lure traffic. (networkworld.com)

Is the fight against spam horribly misguided? - Robert McMillan

"Over the past four years, Bruen has tried to move the fight to a new front with his project KnujOn (that's No Junk backwards, for those who aren't into word games), which has helped shut down more than 30,000 spammer Web sites. The project asks volunteers to send in their spam, and it uses these submissions to build a large database linking sites to known spammers. To date, it has helped take down more than 32,000 of these junk mail sites." (abcnews.go.com)

It's about compressing the time interval that a spam bot network has between starting their campaign with an email blast and ending it by taking the url out of service. If their actions cut the useful life of a spam campaign, it affects spammers in two ways:a. makes ISPs more capable of adopting policies that make it hard for spammer sites, perhaps slowing the frequency of spam campaigns; b. cuts revenue from the spam campaign since lots of clicks will not be satisfied with a working website. (networkworld.com)

The Spam Index is the first method for factoring a users' actual experience in assessing the effectiveness of various anti-spam technologies. Based on the experience of over 520 business users, the users of challenge-response technology have the lowest average Spam Index, the most consistent Spam Index and the highest user satisfaction with the email experience. (brockmann.com)

Over the past four years, [Knujon] has tried to move the fight to a new front..., which has helped shut down more than 30,000 spammer Web sites. The project asks volunteers to send in their spam, and it uses these submissions to ... take down more than 32,000 of these junk mail sites.(networkworld.com)

“It is a total cliché to say this is a wake-up call for financial institutions and other companies,” Bruen says. “They all got their wake-up call five years ago. Some of them are still walking around looking for the coffee pot.”

For those smaller institutions out there reassuring themselves that they can’t possibly be a data breach victim, Bruen advises: Think again. “Is anyone a target? The answer is pretty much yes. As a business person, you’re not looking at it from a criminal’s perspective. You’d be surprised to know what they think is valuable.”

Bruen sees many smaller firms and institutions targeted by hackers, mainly because those companies don’t have the security perimeter built up as larger companies do. “You may not be a major bank, but a smaller bank, or a tiny loan servicer -- you’re still a target,” he adds. Third-party service providers that handle your operations are also possible targets. (bankinfosecurity.com)

While all of these techniques used by vendors do a lot to buffet the onslaught of new spam methods, some experts believe there is a major flaw in this approach...KnujOn says that the prevailing antispam lines of defense are only treating the symptoms of the real problem. “Beyond the analysis, you have to ask a simple question. What do the spammers want?” he says. “In addition to looking at the technical aspects of spam we have to look at what’s driving spam, what’s enabling it in the world of crime. We have to partner up with global initiatives to stop traffic of counterfeit goods and pharmaceuticals across international borders. You have to push the issue with your government and say this is an important problem and we’re also concerned about the problems behind it. And you have to provide law enforcement with actionable information.” (bankinfosecurity.com)

“Reporting fraud works. I can’t stress this enough. The Securities and Exchange Commission (SEC) has suspended trading of stocks featured in spam and frozen assets of those profiting from market manipulation. The CastleCops’ Phishing Incident Reporting and Termination (PIRT) project has shut down thousands of fake bank websites. The Federal Trade Commission (FTC) and the Federal Communications Commission (FCC) have issued millions of dollars in fines for unwanted faxes. Knujon has shutdown more than 22,000 spam websites. Every single one of these success happened because people took the time to report,” (bankinfosecurity.com)

A number of organizations are fighting spammers and phishers proactively, including KnujOn and Castle Cops. I suspect that I'll write about some of them in future postings. (weblog.infoworld.com)

When I wrote about Knujon last Thursday, I didn't realize that I'd been watching a confirmation of their principles in my own attempts to control junk email. If you read the white paper referenced in Garth Bruen's email, you'll see that Knujon has been maintaining for 4 years that filtering email is the wrong solution for the wrong battle, and that a block and delete strategy just makes the problem worse. This reminds me of the rise of superbugs. (weblog.infoworld.com)

Knujon has a solution that might prove fruitful, though. It focuses on the sites that spammers use to peddle their wares. So far, it has removed more than 30,000 sites affiliated with spammers. How will this stop spammers? If they can’t sell their products, there’s no point in spam. (komando.com)

The three finalist prizes of $1,000 each were presented to Cold Rain Technologies, owned by Robert Bruen of Wilmington, for producing, developing, and marketing KnujOn, a system developed by his son Garth Bruen for shutting down junk e-mail and e-fraud websites. (bdccbusinessplancompetition.com)

Instead of tolerating spam and just using all sorts of filters to protect ourselves from it, we should attack spam and take it down. For example, spam doesn't just pop up by itself – it's all being sent either from sites, either from botnets. So, what needs to be done is track spam down and then just kill whatever spawns it. Why just avoid it, when you can destroy it? (softpedia.com)

Knujon wins Linksgiving.com Weekly Link Award

All Web sites of our user-submitted link collection are of unique interest and value. Being featured in it, that already means receiving an award from one's own visitors. In addition, in January 2002 we created the Weekly Link Award for listed Web sites that distinguish themselves for originality of concept, easiness of navigation, pleasant design, clarity and completeness of information, browser-independent accessibility, and that give visitors the sensation to really have found what they are looking for, make them feel at home and want to come back again, give a considerable contribution to the Internet community. Only a "giving" site that enphasizes those qualities, a "gemstone" in our precious collection, can win the Weekly Link Award. The prestige of the Weekly Link Award is increased by the fact that it is not possible to directly apply for it and that only a Web site a week may receive it. (linksgiving.com)