What is Spam
Spam is unsolicited junk mail sent to you or your mail server. People who indulge in such activities are called Spammers. Commercial advertisers who may offer dubious products, get rich schemes, products that do not suit your life style, promote illegal activities, etc, send Spam. The intent here is to make you spend money. Almost 60% - 70% of Spam is related to Porn. It costs the Spammer almost nothing to send mails and invariably get an eyeball count.
There is another type of spammer who sends large number of e-mails that flood your mailbox or mail server. The intent here is to cripple your e-mail service to such an extent that you cannot receive genuine mails. This is termed as Denial-of-Service (DoS) attack.
Losses Caused by Spam
Experts estimate that almost 50% of all email exchanged across the world’s networks is Spam and this assessment is expected to increase despite anti-Spam laws in countries such as the United States and United Kingdom. Apart from clogging important network and email resources such as servers and network bandwidth, Spam is a major nuisance for many email users in terms of the time wasted sifting through their mailboxes for legitimate mail as well as being exposed to obscene and at times offensive content. Though the majority of Spam targets individuals for the sale of products and services, some are also used as tools for committing frauds as well as for stealing account and personal information.
Earlier, Spam mails could be filtered using simple word/phrase based content filters. However, over the past couple of years, Spammers have started using techniques (such as message hiding using rogue html tags, including non-alphabetic characters in their messages, using invisible fonts, impersonation, etc.) that allow their messages to bypass simple filters. Since the message content and presentation also keeps changing, it becomes even more difficult for administrators and users to keep their custom filters updated.
Sometimes, Spam is indistinguishable from legitimate mail because of it's innocent content. Setting filters for such mails may lead to a high false positive (legitimate mails tagged as Spam) rate. What is required is a dynamic solution that identifies new Spam, keeps the false positive rates low and requires minimum intervention.
How Spam is delivered
Some of the methods used to spread Spam are listed below:
- Spam is received through e-mails and may have alluring subjects like: Free offer, Chance of a lifetime, etc. Invariably you try to open the mail and read it. That is what the Spammer wants you to do. Opening the mail, reading it and then deleting it, consumes your Internet access time and costs you money. The mail servers that have delivered the mail through a series of servers have spent money and used bandwidth to deliver junk you did not want. Probably the junk mail was ahead in the queue for mails to be delivered and was given precedence over an urgent mail.
- Some Spam mails have attachments and the mail asks you to open it. If you do so, you risk running a virus that may be hidden in the mail. The costs involved in removing a virus from your system are massive.
- Some Spam mails after enclosing an alluring description of products or services, ask you to click on a link for further information. These links may open porn or other sites that you had no business visiting. But details of the visit are recorded in your server and you may have a lot of explaining to do.
- Products advertised through Spam require that you provide your credit card number and other personal information. Besides getting your account billed for junk items, you also open yourself to more Spam.
How Spamming is Done
There are many ways in which Spamming is done. The commonly used ones are:
- Rogue ISPs: Spammers who have enough cash to fund their illegal activities run these. Rogue ISPs obtain their own network numbering and multiple domain names from the InterNIC. Spammers use multiple domain names and manage to get across Spam blocks. While it is possible to block a domain, it is not possible to block an ISP provider.
