|
What Is Spam?
By: Orhan Mc Millan
Used by some senders despite laws to limit its use, spam floods the internet with a particular message copied many times in an attempt to force that message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam costs the sender very little to send -- most of the costs are paid by the recipient or the service carriers rather than the sender.
There are two main types of spam, and they have different effects on Internet users. Cancellable Usenet spam is a single message sent to 20 or more Usenet newsgroups. As a result, Usenet users have learned that any message posted to such a broad range of newsgroups is usually not relevant to most or all of them. Usenet spam is aimed at "lurkers," people who read newsgroups but rarely or never post and give their address away. Usenet spam robs users of the utility of the newsgroups by overwhelming them with a barrage of advertising or other irrelevant posts. Furthermore, Usenet spam subverts the ability of system administrators and owners to manage the topics they accept on their systems.
Email spam targets individual users with direct mail messages. Email spam lists are often created by scanning Usenet postings, stealing Internet mailing lists, or searching the Web for addresses. In addition to time, email spams typically cost users money out-of-pocket to receive. Many people-- anyone with measured phone service-- read or receive their mail while the meter is running, so to speak. Spam costs them additional money. On top of that, it costs money for ISPs and online services to transmit spam, and these costs are transferred directly to subscribers.
One particularly troublesome form of email spam sends spam to mailing lists (public or private email discussion forums). Because many mailing lists limit activity to their subscribers, spammers will use automated tools to subscribe to as many mailing lists as possible, so that they can grab the lists of addresses, or use the mailing list as a direct target for their attacks.
How it works
There are many ways that email addresses can be obtained online. The main way spammers obtain email addresses is by deploying bots to harvest email addresses (from Web pages and newsgroups etc.), to which they then send spam that can contain nuisances like advertising and hoaxes or serious threats such as pornography and viruses. This is one of the reasons Internet users should be very careful about how they use their email address online.
Spammers use various ruses to trick users into opening their emails, such as placing "Dear friend" or "Remember me" in the subject line. More generic subjects like, "Your money has been refunded" or "About your Web site" attempt to peak users interest.
A lot of the time, simply opening the spam email completes the spammers’ "research" work. Many spam emails contain files (including pictures) that, once downloaded in an email, confirm that the email address receiving the spam is active, which opens the floodgates for an endless stream of junk email. Other spam email will include an "unsubscribe" link which, when you follow it does not unsubscribe you. Instead, it confirms that the junk email has been received, which again, makes the user's email address vulnerable to spam.
Because email is a relatively cheap form of advertising, spammers can afford to send copies of their junk email to tens of thousands of email addresses. They know that only a small percentage of the recipients will be duped into responding, even less (in the case of advertising spam) into buying their product. Spam ranges from pleas for financial to advertising for adult Web sites. It can contain offers to buy pirated computer software or cheap computer ink and pharmaceutical products. Also on the rise are phishing attempts, in which spam email is sent by identity thieves who are looking to steal Internet users' personal and financial information.
What to do with it
Typical spam emails will advertise products or services at competitive rates. Others will appear to be messages from "long lost friends" or from a stranger, hoping curiosity will get the better of users.
Look for emails (both from strangers and people you know as their email address may have been spoofed) with spelling mistakes in the subject line, attachments you aren't expecting and exaggerated punctuation (multiple asterisks *** and exclamation marks!!!). Be particularly careful with email that appears to be from a legitimate source (like your bank) that asks you to update your personal information - it is almost certainly a phishing attempt.
What to do about spam
The tide of spam hitting the Internet causes problems as it (among other things) drains bandwidth and causes legitimate (and sometimes important) email to be overlooked or deleted as spam. It also can expose children to pornographic images, because spam is sent indiscriminately.
What to do if you think you have been a victim of spam
•Do not respond to a spam email to complain.
•Send a copy of the spam email to the spam email sender's ISP. The email address for this is usually abuse@theirisp.com or postmaster@theirisp.com but if you are not sure, visit their ISP's Web site and search for the information. It will be there! Your ISP want to stop spammers as much as you.
•Include full email headers when you file a spam report.
•Ignore spam.
•Delete junk email messages without opening them. Sometimes even opening spam can alert spammers or put an unprotected computer at risk.
•Don't reply to spam unless you're certain that the message comes from a legitimate source. This includes not responding to such messages that offer an option to "Remove me from your list." Do not “unsubscribe” unless the mail is from a known or trusted sender.
•Windows Live Hotmail gives you the option to unsubscribe from mail that you previously had trusted or requested. This sends a notice back to the sender to have you removed from their list, while at the same time automatically adding the sender to your block list.
•Update your email junk mail program and email filters. Spammers continually try new tricks, trying to bypass anti-spam technologies. The Outlook Junk EMail Filter is powered by Microsoft SmartScreen technology, which helps prevents spam from cluttering your inbox.
•Updates are available from the Office Update and Microsoft Update and can be downloaded automatically, providing you up-to-date protection against spam and phishing.
•Don't give personal information in an email or instant message. It could be a trick. Most legitimate companies won't ask for personal information by email.
•If a company you trust, such as your credit card company or bank, appears to ask for personal information, check into it further. Call the company using a number you retrieve yourself from the back of your credit card, a bill, or phone book, not a number given in the email message. If it's a legitimate request, the company's customer service department should be able to help you.
•Think twice before opening attachments or clicking links in email or instant messages, even if you know the sender. If you cannot confirm with the sender that an attachment or link is safe, delete the message.
•If you must open an attachment that you're less than sure about, save it to your hard disk first so that your anti-virus software can check it before you open it.
•Don't buy anything or give to any charity promoted through spam. Spammers often swap or sell the email addresses of those who have bought from them, so buying something through spam may result in even more spam.
•Plus, spammers can make their living (and a lucrative one, too) on people's purchases of their offerings. Resist the temptation to buy products through spam, and help to put spammers out of business.
•Criminals use spam to prey on people's desire to help others. If you receive an email request from a charity you'd like to support, avoid donation scams by calling the organization directly to find out how to contribute.
•Don't forward chain email messages. Not only do you lose control over who sees your email address, but you also may be furthering a hoax or aiding in the delivery of a virus.
•Plus, there are reports that spammers start chain letters expressly to gather email addresses. If you don't know whether a message is a hoax or not, a site like Hoaxbusters can help you separate fact from fiction.
How to protect yourself
•Use more than one email address. One for personal email and the other for mandatory fields in online forms and access areas.
•Make your email address difficult to guess. Spammers will use every name combination they can find to send spam (known as "dictionary attacks"), so sus4756xan@yourisp.com, although unattractive and possibly difficult to remember, might attract less spam than susan@yourisp.com. Generic email addresses like webmaster@yoursite.com will always attract spam, unfortunately.
•Never post your real email address anywhere online, such as newsgroups, online chat and online profiles.
•Use a "throwaway" email address or disguise your email address so that harvester bots cannot read it.
•Always check the privacy policy of any Website that requests personal details, such as email addresses. If the Website is requesting this type of information and either does not provide an option to opt out or does not have a privacy policy, it is not wise to submit your information.
•When you are responding via a Website form, read it thoroughly. Some Websites who do include an opt out option usually require you to check a box to say that you agree to be sent email (either from them or their associates). However, some of them ask that you uncheck a pre-checked box not to be sent email, so double check.
•Never code email addresses into Web pages with the "mailto" tag, use a contact form or a javascript email scrambler.
•Never open email and/or download attachments from anyone if you are not expecting them and if you must open an attachment-- always virus scan it first.
•Block future messages from unknown users, if your email client allows it.
•Never reply to a spam email, not even to "unsubscribe."
•Keep your operating system, anti-virus, anti-spyware, and firewall software up-to-date.
•Use any spam filters available by default from your ISP.
•Run anti-spam software like Mailwasher.
•Use anti-virus software and/or firewalls on every computer you own/use. Remember that children are easy prey to the ‘just click here’ tactic.
•Stay up-to-date with current scams and always report suspicious activity.
•Only share your primary email address with people you know. Avoid listing your email address in large Internet directories and job-posting Websites. Don't even post it on your own Website.
•Disguise your e-mail address when you post it to a newsgroup, chat room, bulletin board, or other public Web page. (For example, SairajUdin AT example DOT com). This way, a person can interpret your address, but the automated programs that spammers often use cannot.
Spam is definitely one of the most troublesome and sometimes dangerous aspects of email and using the internet. There are many things you can do to reduce the impact of spam and yet it will always be with us. The most important thing you can do about spam is not make your email address available to spammers and when you do receive spam, delete it.
|