 |
 Spam today: more information
September 29, 2004 - Part II
Classification of spam
Spam can be classified as:
Advertising materials--commercial unsolicited emails--offer their recipients certain products or services. This is the most widespread type of SPAM, affecting the majority of mailboxes across the world. We are all familiar with SPAM that peddles some organ enlargement medicines, or that contain messages promising fast and easy money ("Get Rich Quick" scams). Often we find ourselves bombarded with endless product promotions, we notice ourselves included on mailing lists for customer feedback All these and many other examples constitute a primary type of SPAM-spammed advertisement. This type of SPAM is obsessive and is sent in huge volumes.
Another type of SPAM, which should be classified somewhat differently, is email containing computer worms and viruses. This is indeed a very dangerous type of SPAM; it can compromise the security of your machine. Even more, virus-ridden machines can be used to facilitate online crime without the owner being aware of it happening. Possible ramifications for you as the owner of an infected computer would include leakage of business and personal data, loss of critical documents, slowed performance, and malfunction of your computer. In the worst case, your machine would become a "zombie" controlled by hackers at their whim. Skilled individuals can even turn your machine into a mail-server, instructing it to distribute newly created portions of SPAM making you appear to be the spammer!
The third type of SPAM falls into the category of fraudulent email. You can receive deceptive SPAM that claim to give you some beneficial and unique information. Examples of such fraud would be stock purchase recommendations based on secret insider findings, rumors on imminent political resignations, and sensational revelations on the life of a celebrity. Of course, many of us are tempted to investigate these and click on the offered link. Where do we find ourselves? Often at some adult porn site offering special discounts on a yearly membership.
Another steeply growing branch of fraudulent emails' category distinguished today is called phishing.
Phishing is the misuse of trust in a brand, a company or a person in an email to gain illicit access to personal and financial information or to obtain passwords and access to other devices. Phishing is a dangerous new form of SPAM attack. Messages appear to come from a legitimate company's web site or domain address, but in fact are false. In reality, phishing spammers are hijacking a company's trusted brand to engender the confidence of customers and potential clients, often to gain personal information. An example of phishing would be a forged letter from your bank asking you to resubmit your credit card information or account credentials by following a phony hyperlink. This link would be made look like the legitimate location, when in fact it would lead to a phony website designed to look identical to the legitimate one.
In this instance, the criminal so skillfully disguises his or her actions by masquerading as a trusted entity that you may unwittingly divulge everything and end up broke, while the spammer goes off to some luxury resort with all your money.
Judging only from this example, phishing is clearly a very dangerous form of SPAM and you've got to stay vigilant and informed to not fall victim to this kind of attack.
Another example of SPAM is email sent to your Inbox simply to verify that your email address is valid. Having confirmed that, the spammer adds it to his known active emails database and sells the list to interested parties. And, these parties are undoubtedly other members of the SPAM gang.
SPAM could also be sent just for malicious fun or to flood email servers or Inboxes.
Ways to distribute spam
Spammers have long since abandoned the practice of manually composing and disseminating SPAM. Instead, they use smart, multifunctional software to send millions of SPAM messages an hour. These programs, called robots or bots, are configured to automatically send multiple copies of a single SPAM message to a large number of preprogrammed email addresses. Although this automation makes it easy, spammers have the more challenging task of keeping their identities hidden; they try to hide the location from which their SPAM originated. This is done by concealing the ID of the outgoing message, by hiding the true IP of the gateway server from which the mail was dispatched. Spammers cannot send their mail from legitimate sources with known IP addresses, because it would be easy to track and block. Thus, spammers had to devise a system of IP swap.
Spammers exploit improperly configured or virus-infected third-party proxy servers. After taking control of these, spammers use them to disseminate their nagging correspondence. Since proxy servers are powerful computers with a broadband Internet connection, they are capable of sending numerous copies of SPAM through their gateways, thus masking the true location of the spammer. These messages are given the IDs of those network proxy computers, not of the spammer. In these cases, spammers have successfully swapped their real IP with those of the ill-configured third party proxy servers. Needless to say, those compromised proxy servers act as helpless puppets when ordered to send SPAM. It is reported that two thirds of SPAM originate in this manner.
Another-very much increasing-way to send SPAM today is by the use of "zombie" computers. These are millions of home, corporate and/or government machines infected by Internet worms and viruses. The latest viruses, such as the modern Sobig, NetSky or MyDoom, are capable of hijacking thousands of computers worldwide and turn them into obedient instruments exploited by the virus writers. Messages coming from zombie computers bear their own IP's rather than the IP's of the spammers. Recently we heard news of some SPAM being sent from the US Department of Defense's network computers that were hijacked as a result of a virus attack!
Spammers sometimes use trial Internet accounts offered as promotions by some ISP's. These accounts typically expire in two or three days. But, this short period of time is all that's needed to send millions of SPAM.
Read next:
Part III
Back to:
Part I
|
|
