Hi Folks
** Warning long post.
SPAM is fast becoming a major threat to computer security as it is more and more being used to not only try and sell items but also used to distribute spyware, viruses and to assist in Phishing attacks. The tools that criminals use to propogate SPAM are also becoming more sophisticated.
In the past they used email servers, either their own or those they hacked into, to send SPAM. However it soon became relatively easy to block traffic from those email servers and prevent the SPAM from being sent. Criminals now use Botnets to send SPAM. A Botnet is comprised of thousands if not millions of individual PCs that have been infected with a malicious software enabling all of those PCs to be controlled by one person. Thus one botnet can instruct each PC in its "army" to send only 4 or 5 emails each. A small enough figure so the PC owners and/or ISP does not notice anything strange but each of those 4-5 ermails multiplied by the thousands of compromised PCs in the Botnet can result in huge volumes of email.
Untli recently most SPAM was also text based making it easy to search the SPAM email for key words to identify it as SPAM and block it. However, criminals now are using image based SPAM, i.e. instead of sending you a text email it is a grphic file with the message embedded in the image. Most email clients, PC or web based, will simply display the SPAM image. As more and more SPAM becomes image based it is getting harder for the traditional text based anti-technologies to detect it. The other problem with imaged based SPAM is the large amounts of bandwidth they consume, on average about 30 KB per message compared to about 3 KB for a text message, thus using up valuable network and computer resources to process, manage and store.
I include more information on SPAM below taken from a whitepaper on the subject that I wrote;
1. Introduction
Email has become an indispensable business tool allowing us to communicate quickly and effectively with work colleagues, customers and business partners, be they in the same office or in an office on the other side of the world. Documents and information can be transferred quickly and easily at the click of a button resulting in email becoming embedded in our daily business and personal lives as a mission critical communication tool.
However, just as legitimate business communications can be distributed using e-mail, so too can non-business related material such as computer viruses, copyrighted material, SPAM or content of an illegal, immoral or racist nature. All these items can expose your business to risks that need to be managed to minimise their impact on your company’s bottom line.
In particular, Unsolicited Email, more commonly known as SPAM, can impact on your bottom line. SPAM emails have moved from being a slight annoyance to a major threat as they clog up expensive Internet and network connections with unnecessary traffic and expose recipients to unwanted and indeed unsavoury content.
Each SPAM message has to be processed by your network and your mail server. Recent surveys indicate that SPAM emails can account for up to 50% of all email traffic. In effect this means that 50% of your email traffic is SPAM email. There is also the productivity issue as employees sort and deal with the deluge of unwanted email in their inboxes and the invariably lost legitimate email accidentally deleted when dealing with SPAM.
The purpose of this paper is to provide the reader with an overview of SPAM, where it comes from and even why the name for a meat based product became the term for unwanted email.
2. What is SPAM?
Some people argue that there is a very narrow line between SPAM and legitimate marketing emails. This distinction between legitimate marketing emails and SPAM is, SPAM emails are Unsolicited Emails or bulk emails used to promote material that is very often not wanted or applicable to the recipient. In other words there has been no relationship of any form between the sender and the receiver of the email. In the main the content of SPAM emails can also be immoral, illegal and offensive.
3. Why do people send SPAM?
Quite simply, to make money! Email allows the spammer to send emails to thousands, indeed hundreds of thousands of people worldwide with the click of a button. The spammer is often paid on a commission basis by the person or company selling the products in the SPAM email. So it only takes a small percentage of the email recipients to sign up to the advertised product or website for the spammer to make his/her money.
With more and more people coming online to the Internet everyday, the bigger the potential market is for the spammer.
As the spammer only makes money on items sold, there is a lucrative market amongst spammers for lists of email addresses that are active, i.e. are real. Having a list of real email addresses increases the likelihood of the spammer getting someone to buy the product they are touting.
SPAM is also now being used to spread other unwanted software such as viruses, spyware, keyloggers and Trojan horse applications.
4. How did my email address get on spammer’s list?
Your email address can get on spammers’ mailing lists by several routes;
* The most common is posting a reply to a newsgroup on an Internet website.
* Spammers also use automated programs that crawl through websites and newsgroups harvesting anything that looks like a valid email address.
* Another common method is by people subscribing to email lists without realising that those email lists are used and/or sold to spammers.
* Filling in forms on websites that do not have proper privacy policies in place or who do not respect peoples privacy.
* Many spammers also have automated programs that guess the email address of the recipient and will automatically send emails to many different combinations and permutations of email addresses in a particular email domain.
* Finally there is a lucrative market where spammers exchange and sell their list of email addresses to each other. So not only does the spammer make money from sending you emails but also from selling your email address onto other spammers.
5. Can’t I simply unsubscribe to the email to stop receiving SPAM?
Never reply to a spam email, even to unsubscribe, as this simply confirms that your email address is an active address and more spam will subsequently be sent.
6. How do I reduce the amount of SPAM I am receiving?
To following steps can help reduce the amount of SPAM you receive;
* Never reply to a spam email, even to unsubscribe, as this simply confirms that your email address is an active address and more spam will subsequently be sent.
* Never open a spam email. These emails often have hidden scripts or programs in them that acknowledge back to the spammer that your address is active and real.
* Never post your real email address on an online web site or bulletin board. People who send SPAM scour these sites to collect legitimate email addresses. If you do have to include your email address, try using the format “youraddress at somewhere.com” rather than using the normal format of “youraddress@somewhere.com.”
* When filling in any form on the Internet read very carefully the conditions upon which your personal information, such as your email address, will be used. Ensure that you read carefully the website’s privacy policy and make sure to check or uncheck the boxes that allow emails to be sent to you.
* Use a filtering solution to prevent spam from reaching your mail server. This will reduce the amount of spam that the users get and also reduce the overhead on your network and email system
7. Isn’t it illegal to send SPAM?
The Irish minister for communications recently introduced new legislation to help deal with SPAM. Under this legislation individuals must opt-in, or agree to receive, marketing emails from companies, while marketing emails to businesses must be as a result of a pre-existing relationship. This in effect means that people receive emails only from companies that they want to receive emails from. Any organisation breaking this new law can be fined up to €3,000.00 per unsolicited email message sent.
While this is a positive step towards eliminating SPAM, there is still a long way to go. The above legislation only applies to emails originating from companies within the Republic of Ireland, i.e. someone in Ireland has to send you the SPAM email. As the large majority of SPAM is sent from addresses in the United States and Asia, the impact this legislation will have on SPAM from those sources will be negligible
8. How big is the SPAM problem?
The SPAM problem is quite large and is growing larger each day. Recent surveys by the Gartner Group indicate that SPAM emails can account for up to 50% of emails, which in effect means that 50% of your email traffic could be SPAM.
9. Does SPAM pose any risk to my business?
SPAM emails are becoming a major threat to businesses as they clog up expensive Internet and network connections with unnecessary traffic and expose recipients to unwanted and indeed unsavoury content. Each SPAM message has to be processed by your network and your mail server which adds to the costs and overheads to the running of your network.
The content in SPAM emails is often of unsavoury content and can expose your business to litigation by employees for sexual harassment or criminal proceedings if the SPAM emails contain illegal content, such as child pornography.
There is also the productivity issue as employees sort and deal with the deluge of unwanted email in their inboxes and the invariably lost legitimate email accidentally deleted when dealing with SPAM.
Recently, it has been discovered that SPAM emails are also being used to transport computer viruses and spyware (software that secretly collects personal information and sends it back to a third party), which pose a threat to the stability and security of your business.
10. Can’t the SPAMMERS’ computers be blocked from connecting to the Internet?
The people who send SPAM emails are constantly adopting to ensure they can remain in business. Many use ISPs and servers in countries where there is very weak or no legislation against sending SPAM.
They also exploit unprotected email servers to send SPAM on behalf of the spammer.
Recent computer viruses install software on the infected PC to enable the PC, without the owner knowing, to be used to send SPAM. According to an article in USA Today, the going price to rent a network of 200,000 PCs infected with this type of virus is $2,000 to $3,000.
11. How much does SPAM cost my business?
SPAM impacts the bottom line for your business in a number of ways.
Firstly the cost to your business of downloading storing and backing up SPAM has to be taken into account. A Gartner Survey estimates that 50% of all email traffic is SPAM. This means that 50% of the money your business spends on bandwidth for email, storage for email and processing of email is being spent so that you can receive SPAM.
There is also the loss of productivity to take into account. On a per employee basis, if the employee is on an average salary of €27,500 per year and they receive up to 30 emails a day, with each SPAM email taking 2 seconds to be dealt with, this translates into an annual cost per employee of €57. For a company with 100 employees the annual cost due to SPAM in lost productivity alone would be €5,700.
12. Why is SPAM called SPAM?
Spam is a tinned meat product, so what is the connection with the electronic version of SPAM?
Legend has it that the term SPAM comes from a comedy sketch in the British TV comedy series, Monty Python’s Flying Circus. The sketch shows a waitress in a restaurant listing the various menu dishes containing spam to a customer, while in the background a group of Vikings begin incessantly chanting the words “spam, spam, spam .. “ until the waitress can no longer be heard.
In the early days of the Internet, SPAM became the reference for people who excessively posted items into message boards and newsgroups. The term subsequently became used for unsolicited emails and bulk emails.
13. How can I prevent SPAM?
Use a well established andf reputable anti-SPAM filter that has proactive research and development capabilities to counter any new threats and techniques that criminals employ.
If Eircom are your ISP then they have a SPAM filter called Email Protector [broken link removed]. This stops SPAM before it reaches your PC. If you are using other ISPs then they may provide a similar service.
If you are using a company network you should check with your ISP if they provide such a service. Some of the provider this field include
www.ieinternet.ie, Blacknight, Hosting365, Eurokom.ie,
www.spamfilter.ie and
www.messagelabs.com. Note I have no affiliation to any of hte above.
The advantage the above services offer is they stop the SPAM before it reaches your network and they look after managing and upgrading/updating the systems. Otherwise there are numerous packages out there available to install on you rserver/PC/network.
Regads
C