November 7, 2008

SPAM: You Have Mail!

SPAM:
you have mail!

How many times has your email inbox been flooded with unsolicited email messages? How many times do you have to say that you do not want Viagra, nor interested in any sort of pharmaceutical drugs offered on these messages? Do you catch yourself sometimes thinking how good it would be if you could get rid of all that spam? The bottom line is that all of us get spammed every day.

What is spam?

 

You may have heard of spam, and might fight with it daily, but have you ever questioned yourself what is Spam? According to Wikipedia Spamming is “the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages to multiple recipients”.

Many say that unsolicited messages are codenamed “Spam” due their similarity to the actual product SPAM which is know to contain suspicious ingredients such as pig shoulders and lips. Others may state the name “spam” originated from a Monty Python Skit where the only thing offered on a menu was SPAM, SPAM, and SPAM!

Independent of its origins, spam has become a corporate nightmare for messaging administrator and users. According to the Messaging Anti-Abuse Working Group, MAWG, 85% of incoming corporate email is “Spam”. The total volume of spam has been calculated at over 100 billion emails per day just in the US. Spam has become such an issue that The California legislature found that spam cost United States organizations alone more than $13 billion in 2007. The costs entail the lost productivity, the need to purchase appropriate anti-spam equipment and software, and the extra manpower needed to combat the problem.

Internet-based communication technologies grow rapidly each day, but unfortunately so do the methods individuals use to send you these unwanted messages. According to recent studies, the numbers of spam-related messages being distributed are increasing every day.

Who is sending me this?

Have
you ever asked yourself who could be sending these unwanted messages? How did they
get your email address, and how in the world do they know your name? Rescent
studies show that only 20% of all spam
that is sent out worldwide can be traced back to the actual spammers. The whole problem
is that humans are not the only ones which send out spam. Botnets,
which are software “robots” send out automatically most of the bulk unsolicited messages.

 

Spam
is also sent out by multiple networks of virus-infected
computers scattered all over the world often reffered to as “infected clusters”, which
when triggered send usnsolicited mail to multiple targets worldwide. Together
these agents are responsible forsending
out 80% of the spam worldwide. Spamming is a very cost effective advertisement method,
and prefered mainly by underground communities. The first spam incident was reported
way before the dawn of the internet. Back in 1978 Gary
Thuerk
“spammed” information
of a new digital
equipment model
to 393
recipients on ARPANET.

What are the types of Spam?

Though
you may think that all junk email might look the same, spam continues to mutate daily,
varying from innocent informational emails to lethal attacks.

These
messages can arrive in the following “ flavors” :

  • Advertising:
    Spam is used to promote a wide variety of products and services, from the latest gadgets
    to questionable pharmaceutical offerings.
  • Malware
    Delivery
    : Spam is currently
    one of the main distribution channels for delivering viruses and
    other types of malware and spywares. Users believe they have received an important
    document or media file, which turns out to be a link to a malicious code.

 

  • Scams:
    sometimes spam messages disguise themselves as institutions for poor and needy children,
    ridiculously cheap paradise vacations and other fictitious institutions, these scammers
    often prey on the recipients’ sympathy and greed.

 

  • Phishing:
    Hiding behind the names of respected financial institutions, businesses, and government
    bodies, spammers attempt to lure recipients to fake Web sites where they steal personal
    financial or identity information.

 

How did I end up there?

 

You
may be asking yourself how in the world your email ended up in the wrong hands.A
single spam agent may target tens of millions of possible addresses, many of which
are invalid, malformed, or undeliverable. Sometimes,
if the sent spam is “bounced” or sent back to the sender by various programs that
eliminate spam, or if the recipient clicks on an unsubscribe link, that may cause
that mail address to be marked as “valid”, which is interpreted by the spammer as
“send me more”. Today’s spammers use a variety of
techniques to discover and harvest your personal or corporate email address.

The
most common tactics are:

Dictionary Attack: Most
of the free
email providers
like Hotmail or Yahoo are
a spammer’s paradise, when it comes to finding spammable addresses. In these scenarios,
millions of users share one common domain name, spammers send messages to variety
common names such as mike@hotmail.com, where “mike” is a fairly common name. Spammers
will select a domain and send spam messages to common guessable email addresses.

 

Brute Searching Force: Another
common tactic used by spammers to harvest emails, is to scan multiplewebsites
for valid email addresses. Spammers use “Search Robots”, which scans the target websites
contents, searching for anything with the “@” character.Spammers
will usually target web forums, chat rooms, blogs and corporate websites.

 

Spam Zombies: To
avoid being detected, spammers send their emails from a distributed network of infected
computers. These infected computers are
often called “Spam Zombies”, these computers are infected by computer viruses, which
load small undetectable programs used to send out the unwanted messages. These unauthorized
and covert applications also scan the user’s email address book and files, searching
for valid email addresses.

 

What to do?

Although spamming will never stop, there are some ways in which you can reduce the amount of
spam you receive. These are the main tools that can keep spam under control:

Spam
Filters:
A growing number
of technology vendors are targeting spam with products that are designed to block
and quarantine suspected messages. They often use complex algorithms, which scans
each incoming message for spam “red flags”. These filter search for tags such as “Viagra”
or if the message comes from an open relay etc. Spam Filters can also work against
your company; they can sometimes block important messages, especially if the nature
of your organization deals with some of the products offered by spam.

Anti-Malware
Filters:
Anti-malware filters
can block dangerous message attachments from reaching your employee’s inbox. It is
important to constantly check if your computer is properly patched with the latest
security patches and that you have some sort of anti virus and firewall in place.

 

Client Control: Leading email
clients, such as Microsoft
Outlook and Outlook Express, offer built-in controls that are designed
to minimize inbox spam.

 

White Lists/Black Lists: This
feature is found and used by many spam filters. White lists of trusted email addresses
allow messages to proceed to the user’s inbox. Black lists work in the opposite way,
routinely blocking incoming email from known offenders. Some
institutions sometimes use a Real Time Block Lists (RBL), a dynamically updated list
used to filter out known offenders.

 

Legal Action: While it’s rare
for an individual business to sue a junk-mail sender, a growing number of law-enforcement
bodies are targeting spammers, particularly organized crime rings that use the technology
for financial and identity theft.

 

Policies: All
businesses need a comprehensive anti-spam policy. Besides mandating the use of filtering
and other good spam-fighting technologies, employees need to be trained with security
best practices. Business Web sites, for example, should never publish visible email
addresses that can be “harvested” by spammer software. Employees should also be encouraged
not to post business email addresses on message boards, social-network sites and personal
Web pages.

 

Reporting: There
are a number of sites which monitor spam activity. All users which receive spam are
encouraged to report them to anti spam enforcement agencies such as Spam Cop. These
institutions help identify offenders and maintain multiple blacklists.

 

Education: The
simple task of training employees not to open unknown attachments and messages can
help any business minimize spam’s impact. Remember it only takes one internal email
to tell spammers that you domain is valid.

 

For more information on spam:

http://www.ftc.gov/bcp/conline/edcams/spam/index.html

http://www.spamcop.net/