S P A M (It's Not Just For Dinner Anymore!)

---

Spam! Some of us hate to eat it, but we all hate to see it in our email! It's is believed that as of 2007, spam accounted for 70% of all email traffic. Some people get up to 1000 or more spam emails every day as the list of spam email addresses gets around the net. Spam can best be defined as, "unsolicited commercial email usually sent to a large number of email addresses at one time". Over the last decade, spam has become an increasing problem with ads promising cheaper prescriptions, lasting erections, get rich quick schemes, cheap authentic watches, extended warranties and the like. They flood our mail boxes, slow down network traffic and some carry with them, viruses and malware. So how do we stop the spam? The truth is we never will until stringent laws are in place, and strictly enforced, with penalties severe enough to discourage it altogether.

Don't become to discourage though. There are ways of dealing with spam and things that can be done to minimize the amount of spam you receive. First off, we will talk about what you should not do with spam and why.

NEVER return a spam email (even if there is an opt-out clause) for several reasons:

• The email is likely been spoofed and not coming from a valid email address or not the spammers address.
• If the email is coming from a legitimate address, responding to it will confirm that your email address is valid resulting in more spam.
• If the email was sent using someone else's email address, by responding to it, you are spamming others.
• Our email systems are already overloaded with spam and replying to it simply increases the load on servers further slowing down the networks and will not be effective.
• Never open email attachments from someone you don't know. It could contain a virus. Instead, delete the spam.
• NEVER make a purchase from an unsolicited email. It could be a fraudulent email or phishing scam in which case you could be ripped off by supplying your banking or credit information. In any case, it allows the spammer to profit from the spam thus supplying motivation to continue spamming.

So now that we know what not to do, what are some things we can do?

• Setup a disposable email address. Use that email address for people you don't know or when you need to fill out a form with your email address. Also, if you start getting spammed you can close that account and setup a new one. It may also give you an idea of who gave out your email address.
• If you use Newsgroups, do not use your email address. Many spammers use "Web Bots" (Web Robot) to harvest email addresses from newsgroups and forums. Look for the reply back in the newsgroup.
• Use a spam filter. Most online email accounts have one you can setup. If you download your email, there are several good filtering programs you can use. We use MailWasher Pro by Firetrust.
• Be creative in choosing an email address. Don't use common email addresses that are easily guessed such as johnp@msn.com. Mix it up with numbers or characters that do not form words such as john64p@msn.com
• When sending or replying to a large number of people, use the blind carbon copy (BCC) field to conceal their email addresses. This helps keep other email addresses private preventing their email addresses from being harvested by spammers.

Of course if you signed up with a newsletter service, we don't really consider that to be spam as you authorized the transmission of the email. If you wish to stop receiving the emails, follow the sender's procedures for removing yourself from their list.

There are of course other actions you can take to help combat the spam problem like searching through the email headers and reporting offenders but for our purposes here, we are trying to make this a pain free and user friendly as possible.

If you get spammed with an email warning of a problem, Snopes is a great place to check it out for legitimacy.

In the 2nd half of 2009, the number of malicious spam messages increased from 200 million to 3 billion per day according to a report from M86 Security. Spam accounts for 80%-90% of all inbound email to organizations 78% of which originated from the top 5 botnets alone. Even with adequete protection from anti-virus software, users are left vunerable to potential attacks 40% of the time.

A botnet is a collection of software robots, or bots, that run autonomously and automatically and is often associated with malicious software, but it can also refer to the network of computers using distributed computing software.

The spamming botnets are constantly changing, being taken down and replaced so it's important to identify the major contributors to the volume of spam, so that the industry can take action against them. Often, these botnets are taken down as a result of actions taken by the Federal Trade Commission.

Attacks through social networking sites are on the increase due to the ease of obscuring malicious links and exploiting end users trust through social engineering.

Pharmaceutical spam which mainly advertises fake prescription drugs comprises of 74% of the spam followed by fake designer products such as watches at 16% while fake diplomas gaming and other malicious spam and phishing comprise the rest.

Malicious spam is defined as an email that has a malicious attachment or an embedded URL that leads to a malicous website.

• Spam techniques are changing all of the time. Take the time to learn and keep up with the best practices for everyday internet usage.
• Review you current security products and keep them up to date.
• Be wary of links, even from trusted sources as they themselves may have had their accounts compromised or their identity spoofed.
• Keep your browser, email program, add-on, extensions and desktop applications up to date. Make sure you have the latest operating system updates.
• Be wary or SEO Poisoning.

SEO or Search Engine Optimization is a method to increase the volume of traffic to a web site via search engines through "organic" search results, intended to move a web site up in the search engine rankings.

SEO Poisoning is a method employed by cyber criminals to poison search engine results for popular news items, trending topics and overall hype. Common instances of this have been seen in deaths of celebrities, natural disasters and product releases (such as Apple's iPad and Windows 7).