Tuesday, March 14, 2006

Everything You Should Know About SPAM. Part I

SPAM involves sending nearly identical messages (usually advertisements) to thousands of recipients.

Most Common Kinds of SPAM

Advertising is most common and popular among spammers. Some companies that provide legal business advertise their product or service using SPAM. Such advertising is relatively cheap and targets many potential customers. If the advertising delivery is properly organized, SPAM can increase the sales effectiveness without harming users.

Advertisements for Illegal Goods
Such products as pornography, small-lot production medicine, stolen information (e.g. database), etc. are often advertised with the help of SPAM.

‘Nigerian Letters’
SPAM is also used to swindle some money from the receiver. Such letters are called ‘Nigerian Letters’ due to their origin. They involve the following principle: the receiver is informed that he can get a big sum of money and the sender can help with it. Then the sender asks to give him some money for paper work, opening the account, etc. If the receiver gives this money he will never hear a word from the sender again.

Phishing is the spammer’s attempt to swindle the recipient’s credit card numbers or passwords for access to his online payments. These letters are usually masked as an official notification from the bank administration. They ‘inform’ the receiver that he must confirm his personal data; otherwise his account will be blocked. A site address (which belongs to spammers) and the form that is to be filled are included.

Other Kinds of SPAM
• Delivery of religious letters;
• Mass mailing in order to knock-out mailing system (denial of service)
• Mass mailing on behalf of another person with the aim to give rise to negative attitude to this person.
• Mass mailing of computer viruses (for their initial spreading)

There are two types of Mass mailing that are not considered SPAM because they are not deliberate. However, they cause the same (if not more serious) problems for network administrators and final users.
• Computer viruses of definite type (mail worms) are spread with e-mails. When such a worm infects a PC, it searches e-mail addresses and sends itself to these addresses.
• Mail worms put accidental e-mail addresses (from those found on the infected PC) in the field ‘From’. Badly tunned antivirus programs on other PCs send notification about a found virus to this address. As a result lots of people receive notification that they spread viruses, but in reality they do not.

Ways of Spreading SPAM
SPAM is spread mostly via e-mails. Today, the share of viruses and SPAM in the general e-mail traffic is about 85-95 percent.
Spammers pick up e-mails with the help of a special robot or manually (seldom), using web pages; conferences Usenet; lists of mailings; guest books; chats, etc. A program-robot is able to pick up thousands of addresses per hour and create a database for further SPAM mailing. Some companies send their clients e-mails to spammers. Another way to get a list of valid e-mail addresses is to generate a huge random list of e-mail addresses (from a thousand to million) according to the defined templates and then to check for their validity with a special validation program.
SPAM is sent from badly protected PCs, connected to the Internet. These can be:
• Servers that are mistakenly set in such a way that they permit free mail (open relay, open proxy);
• Web mail servers that permit anonym access or access with simple new users registration (which can be done by special program-robots);
• Computers-zombie. Some spammers use known vulnerabilities in software or computer viruses in order to control a great number of connected to the Internet computers and use them for mailing SPAM.
To avoid automatic SPAM filtration, the messages are often distorted – figures or Latin symbols are used instead of letters, spaces are added, etc.
Different tricks are used to be sure that the message is delivered and read by the recipient:
• Inquiry to confirm delivery. Some mail clients can send it automatically.
• Letters that include pictures downloading from the spammers controlled sites.
• Links to web pages that offer some additional information.
• The offer to refuse subscription for this mailing by sending an e-mail to the defined address.
If spammers receive notification that the e-mail is really used, the SPAM flood can increase enormously.

Many news groups Usenet (especially non-moderated) were abandoned by users and currently include advertisements mostly. Instead of them other moderated conferences were developed.

Instant messagers
The development of instant messaging delivery services, such as ICQ, AIM, etc. encouraged spammers to use them for their own purposes. The majority of these services offer lists of users, which can be used for mailing SPAM.

Blogs, Wikis
Today there are web sites that can be freely edited – blogs and wikis. For example, Wikipedia is developed using this technology. These pages are open for free editing, therefore they may contain SPAM.

SPAM can be spread not only via the Internet. Advertising messages that are sent to mobile phones with the help of SMS-messages are especially unpleasant as it is more difficult to protect from them. Moreover, sometimes the receiver has to pay for them. This can be a solid sum, especially if the receiver is in roaming.


Post a Comment

<< Home