Spam: It’s Not Just a Nuisance Anymore

In May of 1978 the first spam email was sent to unsuspecting email users of the ARPANET (the predecessor to the Internet) network in attempt to drum up sales for a prominent computer manufacturer. The response to that first spam email sent out more than 30 years ago was not unlike the response of most email users today: anger, apathy, and unfortunately, positive responses. It is estimated that 95% of all email messages sent on the Internet today are unsolicited commercial email, otherwise known as spam. In recent years, spam has gone from being a mere nuisance to a legitimate threat to the security of our PCs, our credit and even our identity.

Spammers today frequently attempt to do more than just promote the latest porn or gaming site. More often than not they want to obtain your bank account, credit card or personal identification information. They employ a variety of stealthy techniques to steal this information often without your knowledge. I will discuss some of these techniques and provide information on how you can protect yourself from these malicious spammers.

Phishing is a technique used by spammers that attempts to send targeted emails to specific people in an attempt to fool them into providing sensitive personal information. For example, a phishing email might appear to come from a bank used by the email recipient. It would likely use graphics and language that make it appear to be a legitimate email from the recipient’s banking institution. Frequently it will ask the recipient to click on a link and provide username, password and /or bank account information. However, if you follow these instructions you will have just divulged your account information to a hacker who will gladly use it to transfer funds to his own account. This leads to tip #1: banks, credit card companies and nearly every reputable company in business today never send emails requesting account or authentication information. If you receive an email purporting to be from your bank asking you to divulge account or password information, contact them to report the incident. All financial institutions have information security personnel trained to handle these types of incidents.

Many spam emails include links to web sites that attempt to lure you to the site with promises of something for free. Don’t be fooled. Many web sites promoted by spammers contain malicious code than can infect your PC if it has an unpatched software vulnerability. Many vulnerabilities can be exploited remotely by a malicious web site allowing a hacker to install a program on your PC that could record all your keystrokes, search your hard drive for personal information or turn it into a unwitting accomplice in a spam network. This leads to tip #2: don’t ever click on a link in an email from an untrusted sender no matter how enticing the message.

The final tip may seem obvious to most. However, based on data from email researchers it seems that many people don’t know that you should never, ever respond to a spam email by purchasing the advertised product or service. Besides the fact that you are encouraging spammers to continue sending their bulk email, you will also provide your personal information to them during the transaction leading to even more spam in the future. It is also important to note that you should not use the “Unsubscribe” link contained in most spam emails as this only provides the spammer with confirmation of your email address, which will then be sold to other spammers.

Unfortunately, spam is a fact of life for all email users. However, if you adhere to the tips listed above you can limit the possibility of becoming a victim of malicious spam emails.

No Responses to “Spam: It’s Not Just a Nuisance Anymore”

Trackbacks/Pingbacks

  1. Phishing Scammers Targeting Delivery Service Companies | InfoSecStuff - [...] open an attached ZIP file which contains a Trojan that infects the end user’s computer. In a previous article…