Network specialists speculate that up to 90% of email traffic is spam. Once you get on the dreaded spam list, it's nearly impossible to be removed, resulting in wasted time and lost productivity searching the inbox for legitimate messages amongst the offers for body-part augmentation (whether you have that part or not). At best, email can be rendered ineffective, while the most evil spam messages will try to trick you out of your life savings, steal your identity, or infect your computer with viruses and other unwanted software.
There are ways you can strike back. ... more, click to expand full article
/images/spam.gif" align=right vspace=4 border=1 > Many people use the filters in their email program to send spam messages directly to the junk folder. The problem with this method is that the unwanted messages still have to be downloaded from the server, which confirms the address to be active. Plus, many messages end up caught by the filter in error, resulting in searches through the junk folder for missing emails. It's more desirable for the Internet Service Provider to simply block the spam before it gets into their server.
Spam does not normally originate from some person sitting bathed in the glow of his computer. Anyone sending millions of emails each day would likely raise the suspicions of their internet host and be shut down. Instead, spammers try to stay a few steps ahead by using networks of "zombie" computers which have been infected with malicious software. With more and more people using high-speed internet, and leaving computers on 24/7, there is no shortage of computers to attack and control. The spammer profits from his victim's internet connection, while being completely untraceable.
Fortunately, most spam messages share some characteristics that can help in detection and rejection. Many things are "fake" including the sender. Some spam appears to be addressed to someone else, or a variation of your own address. If an internet provider checks the headers of incoming messages for known spam signatures, much spam can be refused before it enters the system. As an added benefit, the message then bounces back to the spammer without confirming the address to be real.
The best answer, as much as there is one, is for the ISPs to take an active role. Make sure your ISP uses the latest spam blocking technology, such as verifying senders, blocking known spam domains, using blacklists (like SORBS and spamhaus), and virus scanning. The new SPF protocol promises to eliminate faked connections by allowing the mailserver to query the sender's domain and confirm it's being sent from where it's supposed to be. There's no excuse for the ISP to take a passive role in spam control and leave the customer to deal with it.
Email is inherently insecure, but if the industry works together by repairing the many weak links, then spam can be reduced to the point where email is useful again. Most of it ought to be blocked by the ISP so it never ends up in the user's inbox in the first place.
Some tips for avoiding spam:
-
Since most spam comes from computers turned into robots by being infected with virus or trojan horse programs, anybody that leaves a computer on all the time better make sure it's secure and free from malicious software. This means running a firewall and up-to-date virus checker.
-
Use the security features in wireless network hardware. These are usually turned off by default out of the box. An open wireless network could give access to your computer and internet connection by anyone within blocks. You don't want some pervert shielding himself by downloading child porn over your connection, or storing it on your hard-drive! Don't forget to change the default user name and password in the router!
-
Almost all spam uses a fake sender. Hitting reply will just result in it bouncing back to you, or worse. Frequently, the sender's address is a real one stolen from an innocent victim, because many ISP mailservers now refuse messages where the sender is spoofed. So you don't want to add to their problem by blasting them. Blocking a sender is futile since they rarely send twice with the same address.
-
Never post your address on a website. Spam robots scour the web constantly looking for addresses to harvest, and if yours is found, it can end up on spam lists for years. Even the most innocent site, like business directories, forums or classified sites where you can advertise your lost dog often result in your inbox filling up with perplexing spam. If you must post an email address online, ask your ISP for an extra "disposable" address so you don't risk having your main address hijacked.
-
Avoid common email address, such as info, sales, contact and webmaster @yourdomain.com. These are easy to guess, and often are. Some spammers just bombard your domain with common mailbox names until something is accepted.
-
Anyone who registers their own domain should use an alias email address. Unless a privacy service is used, this address shows in the master internet database available to anyone, and will be the source of all kinds of problems.
-
Don't "unsubscribe" unless it's a legitimate service. Clicking the unsubscribe link in spam just verifies your address is real, gives them your IP address, and according to studies, results in your email address being sold to even more spammers, because it proves the message was delivered and read.
-
Use BCC to send messages to multiple recipients, not TO or CC. (Just look at a typical chain email and see how many addresses were forwarded!) This prevents your list from appearing on everyone's computer and being forwarded on to others, which lessens the risk of an infected computer harvesting your address somewhere along the line. This is how most viruses pretend to come from a sender you know.
-
If an email invites you to open an attachment that you aren't expecting, or has a link to click " DON'T. This will probably infect your computer with the kind of program that sends spam or steals personal information. Sending a link to a greeting card is a common trick. Also avoid downloading programs on peer-to-peer networks, since many contain malicious programs with attractive titles.
-
A computer that starts running slow, with frequent hard-drive access or internet activity should be scanned for viruses and malicious software without delay. There is a good free scan available at www.pandasoftware.com. Use it regularly.
-
Remember to install all software updates and security patches. New exploits are being discovered daily, so make sure your operating system isn't vulnerable. If running Windows ME, upgrade it because that version tends to run slow after being on for a while.
-
Above all, never respond to any part of an unsolicited email message, now matter how legitimate or tempting it seems! People have lost their life savings this way. No deceased general in Iraq has chosen you to inherit a fortune (but still needs your name, phone number and banking information). There are no unsolicited online lotteries. Your bank didn't lose your password, and no matter how real the message looks, do not click the link or send personal information. Most bank robberies happen online these days.
It is important to use common sense when using email and remain vigilant. Even the best spam killing system will let the odd message through. The reason spam is so prevalent is that somewhere, companies are paying to have it sent, and consequently, people are responding and sending money. If that cycle were broken, the spammer could be less effective.
Collapse article