SPAM : Scourge of the Internet

What is it?

While this may seem unnecessary to most of us, let's start on the same page by defining what spam is.

First and foremost it is any unwanted, unsolicited communication. Note that I didn't say 'email', since this particular Internet menace has recently started showing up as messages via Instant Messaging and also to VoIP (Voice over IP) phones. Email still makes up the majority of spam communication though, and is the one most people will be affected by, at least for the foreseeable future.

Spam is also known as BCE (Bulk Commercial Email) and UBE (Unsolicited Bulk Email).

Some Spam Figures

First, it is estimated that about 15 billion (15,000,000,000) emails are sent every day. In 3 years that figure is expected to more than double.

Approximately 80% of all the e-mail traffic on the Internet during the first three months of 2006 was spam according to The Messaging Anti-Abuse Working Group. See this Information Week article. Another way of looking at this is that 4 out 5 mail servers deal only with spam, leaving just 1 out of 5 to deal with legitimate mail. MessageLabs [www.messagelabs.com] also has several white papers, reports and statistics available.

Microsoft and AOL combined typically block 5 billion pieces of spam every day. That's 5,000,000,000 every day.

At Hotmail, almost 90% of all messages are spam, but 95% of those get blocked from reaching their intended mailbox.

Why do people send spam?

Surprisingly, even with all the negative exposure spam gets, it works. People actually respond to advertisements they get, but didn't ask for. Only a very tiny percentage of success can generate huge profits for the spammers, in the form of identity theft, or actual bank account theft.

Spam is also incredibly cheap to send. In fact nowadays, it's free as I will explain later.

It's fast. As fast as email, although some defences exist that identify known spammer IP addresses and can slow down or throttle delivery, thus timing out, and sending the unwanted mail back to the spamming address.

Spam can potentially hit millions of mailboxes in a very short time. It is by far the most lucrative way to shotgun a market.

Now for the bad news. It's not enough that spammers hit you with ads for pornography sites, or herbal remedies. No no no. Now they are adding a hidden payload to every message. These messages are now being combined with viruses, spy ware, and key logging software. Upon even viewing some of these messages, you could be activating the hidden payload.

This recent trend to combine malware with spam has the white hats very concerned, and it should scare the pants of the average user.

The reason this is so worrisome, is that an unprotected computer that is connected to the Internet is wide open to these kinds of attacks. These attacks take over business and personal computers WITHOUT THEIR USERS KNOWING IT. Once they have access to such a computer, several options are open to the bad guys.

They can use your computer to send out even more spam, using your email address and your address book as a starting point. This is how spam can be sent for free.

They can also make your computer part of a distributed network of thousands of other computers, which can then be used to set up a coordinated attack on a particular web server or IP address. These are known as Denial of Service (DoS) attacks, since the server is so busy responding to these illegitimate requests, that it can't provide service to its own customers, and in many cases crashes.

And as if that wasn't enough, spammers are now including phishing scams in their messages. Phishing is an attempt to convince an end user to give up confidential information such as passwords and bank account information. Emails appear to come from real sources, such as a bank, PayPal, or eBay. They imply that a problem has occurred with your account, and your password or other private information is needed to verify activity.

Can we stop it?

I don't believe spam will ever be completely eliminated. From everything I've read over the years, and through my own experiences, I've come to the conclusion that we are stuck with it. The very open nature of the Internet makes it virtually impossible to trace spammers. Add to that the problems of legal jurisdiction. Spammers take advantage of everything possible in order to avoid detection and prosecution. Your typical spammer is no longer a lone computer geek, or even a geek cluster. Now, they are more likely to be highly skilled programmers, hired by organized crime and hidden behind innocent and legitimate users.

Legal attempts are too weak and not technically savvy enough to address the problem. We are always playing catch-up with spammers. I once read a paper years ago, implying that even the motivation to catch spammers does not match the spammers' motivation not to get caught.

What are the defences?

One of the best things anyone can do, either on their business or home computer is set up a firewall properly. I know several home users who don't use one, and it scares me to think what might be going on that they don't know about. Recently I read that a new computer, right out of the box, that is hooked up to the Internet will be under attack within a few minutes.

Firewalls are software applications that run constantly in the background, like anti-virus software. They allow you to control which doors to your computer are open, and even which direction they allow traffic to move. Your computer talks to other computers on the Internet through these doors or ports. There are some 65,000 of them on your computer, and most applications use specific ports to talk to your computer. For example, email uses port 25; web traffic uses port 80; ftp uses 2 ports: 20 and 21. What you want to do is allow two-way traffic on these ports, and any others that you need, and to lock everything else down. This can be a little tricky in large environments like universities and government sites. But the average home user can be set up and firewalled in a short time.

There are commercial firewalls as well as free or open source ones. Zone Alarm is a freely available one, and I use one from Sygate. Use whatever offers you the best protection in your situation. Read the documentation to learn how to set your defaults, and pay attention to any warnings and messages it presents to you. Mine tells me any time an application on my computer is trying to contact another computer, and gives me the choice to either allow or deny it. A Google search for 'open source fire wall' will present you with several choices.

Obviously keeping up-to-date anti-virus software is a must. In fact keeping up with your operating system updates is crucial. I don't understand people who can't see the value in this. They believe mistakenly that they exist in a vacuum. HELLO PEOPLE. YOU ARE CONNECTED TO THE INTERNET. Anyone who is not running a firewall and anti-virus software nowadays should be fined and refused access until they pass an Internet Safety course. They are one of the biggest reasons why spam is so ubiquitous.

Developing good, smart web and email habits will go a long way to reducing spam and other problems. Educating yourself about the problems and how to protect yourself is the best defence of all.

What not to do

• NEVER REPLY TO A SPAM EMAIL.


• NEVER NEVER NEVER TRY TO 'UNSUBSCRIBE' YOURSELF FROM THEIR LIST.
  In most cases, replying to or checking a box to 'unsubscribe' or 'opt-out' will only verify to the spammer that they have a working email address. Your address has now increased in value, and they will include it in their 'verified' list to trade with other spammers. The result will typically be more spam for you. Don't even send an email to who you think might have sent the spam to you for the same reason. In very rare cases, and only if you are 100% certain that the email is from a legitimate bulk emailer and not a spammer, should you consider any of the above actions. However, most users don't know how to tell the difference, so you are much better off just deleting the message.


• NEVER FOLLOW LINKS IN A SPAM EMAIL.
  In fact you should think twice about following ANY links in an email you get unless you are sure they are from a trusted source, or are expecting the email. The reason for this is that you have no idea what is waiting for you at that link. You could end up at a site that looks fine, but while you are browsing around, your computer is downloading spy ware, or worse, a trojan that leaves your computer open to remote access.


• NEVER BUY ANYTHING YOU HEARD ABOUT IN A SPAM EMAIL.
This only supports the whole spam mechanism, and gives spammers a legitimate reason to justify their actions. You may find value in their offerings, but millions of other people are suffering for it.

Where does it come from?

I (being Canadian) had always been under the assumption that the bulk of spam came from 'overseas'. Imagine my surprise when I recently read a report indicating that about 23% of all spam originates in the good ol' USA. Follow that up with about 22% from China and Hong Kong, and a 'measly' 10% from South Korea. An estimated 60-70% of all spam is delivered via open proxies (hijacked computers).

Shameless Plug

A few years ago I was so fed up with the amount of spam I was getting (I even got spammed from myself!) that I wrote my own anti-spam application called Spam Catcher. If you are an ISP, hosting company, or business I invite you to visit Spam Catcher and find out how it can save your customers time and bandwidth. It's a set of Perl scripts that sits on a secure server.

More info?

Doing a Google search for 'Internet email traffic' and 'Internet spam statistics' will give you lots of starting points.

This has been one of my longer posts, so you can correctly assume this topic is quite important to me. I'd like to hear your thoughts and experiences regarding spam.

Until next time, happy trails and keep on truckin'.