This is the third part of our email feature. With an estimated 80% of internet traffic made of SPAM we have to take
this seriously! This article describes SPAM and what you can do about it.
What is Spam?
SPAM is junk mail, just like the stuff that comes through your letterbox a fortnight after you get a new bank
account or have to put your name on the dotted line somewhere.
Junk mail is only junk when it's of no interest to you, I get junk mail too and like everyone else I throw it away without
even reading it - but if I'm honest I'd have to admit; every now and then, however rare something will catch my eye.
That's what it's all about, it's a numbers game. If a company send enough mail to enough people sooner or later they'll
reach a door with a buyer behind, because junk mail is always about selling. Spam is the internet version of this, with
a few nasty twists.
Why is it called Spam anyway?
Ever heard of Monty Python? Well if you haven't this won't mean anything to you - if you have you've already
guessed....
....spam spam spam spam, spam spam spam spam, spam spam spam spam, spam spam spam spam, spam spam spam spam, spam spam
spam spam, spam spam spam spam, spam spam spam spam, WONDERFUL SPAM!
What are the 'nasty twists'?
First is financial, spam uses your internet connection to get deliverd and if you pay per minute, like we do
for dial-up's in the UK that means you are paying for THEM to sell to you! - Not good.
If you're old enough to remember when fax machines arrived you'll no doubt have memories of finding your machine emptied
overnight by spurious sales faxes - companies you'd never heard of trying to sell you products you didn't want at prices
you (well, I) couldn't aford.
In the case of the fax machine, the phone call to connect to your machine was paid for by the caller, the company sending
you the fax but of course it used YOUR paper to print the message out, that's YOUR paper, you PAID FOR! Hence, you were
paying for them to send you their marketing message. In the UK this practice was banned with legislation to back it
up. At the end of 2003 the UK government followed the European lead and legislated against internet spammers, there
are now a list of rules companies must observe regarding unsolicitated mail but there's a catch.
The legislation is meant to protect the private individual, since dot com address' are meant for commercial use anyone
with an email address that ends with a dot com or ".co.uk etc" is technically on a business domain. So the
legislation doesn't really apply in any meaningful sense. This is my personal interperation and I'm not a lawyer so
don't take my word for it - go read it for your self!
You might ask, "Doesn't spam cost companies money, after all they have to pay for their connection too" -
true companies have to cover the cost of whatever connection they use but each day that passes more and more companies
subscribe to broadband or some "perminant connection" deal so the fact that some of the traffic on their connection
is spam is besides the point - they're commited to the payment whatever and the spam doesn't really effect their line
charges. It's like saying you are commited to any mail coming through your letterbox because it's always there. Besides,
there's a stack of reasons why one might need to send an unsolicited mail to a company that don't fall into the spam
category.
The real cost is in the time personnel take to weed the rubish from the real mail in their inbox. That's where spam
tools come into their own.
Any more "nasty twists"?
Yep, real nasty, just look at this:
- SPAM can be (and often is) forged mail.
It's a simple matter to forge an eMail, so it looks like it's come from some other a person or company who
might have no idea it's being sent!
- SPAM can carry embeded code.
HTML eMail looks great, like a web page in your inbox but you should be aware of the security risks. Spammers
can embed or attach malicious code! Contry to popular belief, a clever spammer can cover his tracks so well it is
impossible to trace the source of the mail. In 2004 it was discovered that Windows computers can be attacked by embedding
code into jpeg images so the next time you're looking at some images in your inbox ask yourself what it's doing in
the background!
- SPAM can feed through legitimate servers
Spammers can "Hi-Jack" legitimate servers to send their mail, thousands, millions of messages can be sent
which costs the server owner thousands in bandwidth usage (it's like someone breaking into your home, putting a hose
pipe on a tap and filling their swimming pool - you don't know it's happend until you get a massive water bill)
- SPAM can stop internet services
Sometimes there can be so much spam a server simply grinds to a halt. This in internet parlance in known as a DOS
attack - (denial of service). Effectivly, the network runs so slowly that to the user (that's you and me) it looks
like the service just went away. A unix server can usually recover as soon as the spam feed is stopped but I've heard
Windows and Mac based systems have to be re-booted, which can be bad news if you're a system administrator or a website
owner.
- SPAM is a weapon
A type of internet terrorism known as the DDoS (that's ditributed
denial of service attack) can, has and IS being used to extort money from legitimate vendors through their websites
and internet services. This form of attack takes a number of net technologies and exploits them accordingly. For instance:
Terrorists modify a 'worm' which leaps from one PC to another by reading the address book and emailing itself pretending
to be harmless spam. It doesn't do anything else to it's 'host' machine, it just sits in the background waiting. This
goes on for a while until it's spread to millions of PC's then at a given date the worm(s) start calling a particular
web server. The business running the server get a call from the terrorists saying unless they pay a randsom they'll
sudenly find their service has stopped working because it's getting millions of hits at the same time!
- SPAM is slowing the whole internet down
There is now so much spam on the internet the whole system is slowing down. An estimate in December 2003 claimed over
half of internet traffic is spam!
- SPAM gets worse if you tell them to stop!
If you reply to a spam you're simply confirming that you have a valid email address - you'll get even more! (don't
trust the "click here to be removed")
- SPAM is evolving
That's right, it's getting harder to identify what is and isn't spam
