In Information Technology, Spam refers to unsolicited bulk email (junk email). This usually means that a message with an advertising or even irrelevant content is sent to a multitude of recipients, who never requested it.

Spam is a much disputed issue in Courts of Law all over the World, especially regarding the permission to send messages to public or private email addresses. It has become a consent matter, rather than a content problem.

Apart from email messages, spammers are developing new ways of attack, for example using instant messaging (spim), weblogs, Short Messagaing Service (SMS) or faking search engine optimization services (spamdexing).
 

Aims of email Spam

The aim of spammers is to tempt the naïve computer users to buy products and services of legitimate or prohibitive nature. If in the past the main reason was to flood a newsgroup or mailing list with irrelevant or inappropriate messages, in present days the spam has changed a lot, being money oriented. Currently we see mostly commercial spam and sometimes, spam bound to a specific moment (international championships, events, international issues).

The most common email-spamming objectives are:

  • Promoting and selling products and services.
  • Harvesting sensible information (from emails & passwords to bank accounts) via online lotteries, bank frauds and requests for help.
  • Advertising concepts and ideologies.
  • Sending viral spam:
    • Infecting and turning the recipient computers into zombie PCs, which form dangerous botnets.
    • ID theft and fraud.

Email Spamming Methods

Spammers usually offer their (sometimes illegal) services to companies or individuals looking for a "cheaper" way to advertise their products.

Spammers sell the databases to the promoting companies or they sell the complete service: harvesting, designing the message route to avoid detection and sending the spam email.

The promoters gain by shifting advertising costs to the message recipients.

The spam message is sent to collections of email addresses, gathered in various ways:

  • Harvesting (using computer programs to search for email addresses in public areas, on websites or insecure mail servers);
  • Flooding or dictionary spamming (using automatically generated accounts on given domains);
  • e-pending (searching valid addresses for specific persons and criteria);
  • Usenet posting (newsgroup posting);
  • Subscribing to email lists, in order to access the list of all available email addresses;
  • Using malware to access the users' address books or personal data;
  • Spying network traffic;
  • Stealing information databases;
  • Using viruses to grab data entered by the users in online ordering applications.

Consequences

$ The spam emails pass through various systems until they reach the destination, in order to hide the real sender.
$ Internet Service Providers face serious cost and performance problems (CPU time, processor speed, bandwidth costs).
$ Organizations and home users need to apply filtering lists or filtering schemes, which increase the volume on their systems: processing and storing grater amounts of data.
$ Mail delivery and web surfing are considerably slower.
$ Viral spam spreads malware and ID theft.
$ The mail-inbox overload is an important disturbance factor for all computer users.
 

How to Avoid Spam

$ Use antivirus and firewall solutions and keep them permanently up-to-date.
$ Regularly update your operating systems and apply security patches.
$ Always check sender's authenticity and use digital signature.
$ Apply content filtering, heuristic rules, Bayesian filters, graylists.
$ Do not open or preview suspect messages.
$ Do not reply or forward spam.
$ Do not use the unsubscribing or opt-out instructions in spam emails.
$ Ignore the emails saying "you requested" something or that you tried to send a message and returned "delivery failure".
$ Use separate email accounts and screen names, when you subscribe to newsgroups and chat rooms.
$ Mask your email address (for example, adding a string to the domain name, yourname@nospam.domain.com) or do not publish it on websites at all.

Virus Science


Previous article
What is phishing

Next article
How to stay protected against malware infections

https:// This window is encrypted for your security.