Spam Explained

Lee Clemmer
Categories : Smb security ,Computing
Tags : Computing smb security topics antispam

Page content

What’s Spam?

The term spam is most often used in a computer context as unwanted messages, most often unwanted e-mail. Usually spam is unsolicited commercial e-mail (UCE), but it can also be unsolicited e-mail, chat messages, forum posts, or other types of messages from hackers, criminals, worms or bots. Newsgroups, blog posts, mobile text messages, IM chat requests, and even faxes can all be subject to spam. Some spam is automated, and once the sender has your e-mail address, continues to send messages at intervals. Often the messages are poorly designed templates, sent to hundreds or thousands of users. Sometimes the spam may contain malware or links to malicious content, viruses, or other problematic content.

A Simple Spam Explanation

So why does it happen? Why do they send spam? That’s a good question–and it boils down to economics and economies of scale. It’s cheap or virtually free for the spammer to send spam, especially e-mail spam. For the thousands of messages sent, they may get one response, or clicks on a link. The spam often has pornographic content, and the sender wants to drive traffic to one or more porn sites. Frequently an embedded link or executable code may let the sender know you’ve opened it, and now they know that there is a user at your e-mail address that they can send more spam to. These days advertisement revenue can be generated if you simply click on a link, open a web page, and ads are displayed, so the spammers goal may be simply for you to look at the site just to see the ads. Scammers want to entice unsuspecting users to investigate further, and glean more and more private information if they can. Some spam is designed to look like “real” e-mail from a common service provider, asking for updates of your password, updating of your payment information, and so forth. Of course, the spammer just wants to get your current user ID, password, and credit card information for their own use.

So What Can We Do?

Fortunately there are some very effective means to combat spam. Not every platform that can receive spam has equally good means to combat it, but often similar techniques and tools can be used. For example, fax spam has legal barriers now, and while that has not eliminated these sorts of faxes, it has reduced them greatly. E-mail has been such a problem over the years due to the ease of spammers in finding the ways and means to send it that there has been much expert focus on combating it.

There are many techniques that are used to fight e-mail spam. Two main categoires are client-side spam filtering, and server-side or mail gateway filtering. The next major comparison of techniques might be considered blacklisting versus whitelisting. E-mail gateways for example almost always only allow authorized, intended users to send messages. This very often prevents spammers from getting started. In the past often a misconfigured e-mail server, called an open relay, could be used by anyone to send mail. Spammers look hard to find servers that they can trick into allowing them to send messages, or find means to access the servers from a trusted location, application, or system they have hacked. Often now e-mail servers require authentication to send messages, although your e-mail client may take care of this automatically for you.

There are other server-side techniques used for inbound messages. Very often known sources of spam can be blocked, whether it is entire servers, domains, or IP addresses or ranges that are blocked. This is one of the more extreme means of filtering, but can be the most effective if the source of the spam is sending no legitimate e-mail. The servers also scan the content of messages and filter them based on advanced algorithms and content filtering of key words, phrases, or other content. This is one of the most effective means of filtering. Servers often have networked databases of spam information, allowing others to benefit from their identification of spam sources. The various techniques are almost always combined to gain the maximum spam prevention effect.

On Your Desktop

On the client side filtering often relies on users marking messages as spam, and the client application takes action based on that. A web e-mail client may update a database on the server, or a list specifically for that user, or both. An application the user runs locally, such as Outlook, may have plug-ins or use anti-spam service from a separate program. Users may whitelist and blacklist senders right in their e-mail client. Unfortunately, this relies on the end user knowing whether they should allow or block the sender. An informed user making careful choices isn’t always the case, especially with young people or inexperienced Internet users. Don’t fall prey to the spammers, be an alert, educated user! Hopefully this article has helped you.

Anti-Spam Software

Looking for a solution to help you combat spam? If you’re a business owner, check out our SpamTitan Review and GFI MailEssentials Review - these are two of the best anti-spam solutions on the market. If you’re a home user looking for a no-cost way to reduce your spam, our article Top 3 Free Spam Filters for Windows will help point you in the right direction.