Introduction

Electronic messaging has become an important part of our lives. Users can send messages to recipients on the other side of the world at nearly no cost. The low cost of message delivery has enabled unsolicited senders to deliver their messages using electronic messaging. Some of these unsolicited messages have been classified as spam by users.

Spam is a growing problem for Internet users, whether you are an individual or large corporation. The cost to corporations in bandwidth, delayed email, and employee productivity has become a tremendous problem for anyone who provides email services.

What Is Spam?

Spam includes unwanted messages sent over the Internet, typically to large numbers of users, for the purposes of advertising, phishing, spreading malware, etc. Some spam is annoying but harmless. However, some spam is part of an identity theft scam or other kind of fraud. Identity theft spam is often called a phishing scam.

The percentage of spam in email traffic, H1 2013

Security Implications of Spam

  • Waste of time: People take a certain amount of time reading messages or taking action on them.
  • Storage overload: Spam consumes storage on the server until the recipient takes some action on it.
  • The loss of an important email that accidentally gets deleted along with the plethora of spam.
  • Communications overload: Spam blocks communication channels and creates traffic.
  • Malware carrier: Some spam carries email attachments that, if opened, can infect your computer with viruses or spyware.

Motive behind Spamming

  • Marketing: Spammers are trying to sell a product or service but the messages they send are unsolicited bulk email.
  • Fraud: Spam sends to various email addresses to try to gain personal information and, once the personal information has been gained, fraudsters can use it to commit fraud, which could include financial institution fraud, credit card fraud, and identity fraud.

Spam Categories

  • Email spam
  • Instant messaging spam
  • Comment spam
  • Junk FAX
  • Internet telephony spam
  • Unsolicited text messages

Sources of Spam

The major sources of email spam are:

  • Open relay—An open relay is a poorly configured SMTP server that allows anyone to relay messages through it to any other destination email address.
    Servers that are found to be open relays are often added to block lists.
  • Botnet—A group of compromised computers is referred to as a botnet, and is used by a spammer to send out millions of emails containing spam, phishing scams, and computer viruses.

Process of Spamming

  • Get Addresses: First, spammers require a list of addresses to send emails to, for either infecting or marketing. There are various companies and people that sell millions of valid email addresses illegally.

To extract email addresses from various sources: local files, websites, search engines, etc., spammers use various software programs. Software is used to crawl the web and extract email addresses. Some of them are:

Email Extractor: Email Extractor is email spider software. It collects email IDs from search engines, websites, URL lists, email accounts, etc.

The Harvester: This tool allows us to quickly catalog e-mail addresses that are directly related to the target system. The Harvester can be used to search Google and Bing for e-mails, hosts, and sub-domains.

  • Verify Addresses: Before sending mail to the addresses, we have to check whether they exist or not. By verifying addresses, we can avoid blocking.

Email Verifier: Through the Email Verifier software, invalid and non-existent email addresses are removed from the list. This can eliminate bounced messages to avoid the possibility of being blocked by the ISP mail server for sending too many emails to invalid addresses.

Email Addresses Checker: This email checking tool connects to the mail server and checks whether the email exists. You can check the email address validation just by going to site www.tools.email-checker.com.

For valid email addresses, you can view additional intelligence including pictures, web, blog, and local searches. Click the info button for interesting research data on email addresses.

Want to learn more?? The InfoSec Institute CISSP Training course trains and prepares you to pass the premier security certification, the CISSP. Professionals that hold the CISSP have demonstrated that they have deep knowledge of all 10 Common Body of Knowledge Domains, and have the necessary skills to provide leadership in the creation and operational duties of enterprise wide information security programs.

InfoSec Institute's proprietary CISSP certification courseware materials are always up to date and synchronized with the latest ISC2 exam objectives. Our industry leading course curriculum combined with our award-winning CISSP training provided by expert instructors delivers the platform you need in order to pass the CISSP exam with flying colors. You will leave the InfoSec Institute CISSP Boot Camp with the knowledge and domain expertise to successfully pass the CISSP exam the first time you take it. Some benefits of the CISSP Boot Camp are:

  • Dual Certification - CISSP and ISSEP/ISSMP/ISSAP
  • We have cultivated a strong reputation for getting at the secrets of the CISSP certification exam
  • Our materials are always updated with the latest information on the exam objectives: This is NOT a Common Body of Knowledge review-it is intense, successful preparation for CISSP certification.
  • We focus on preparing you for the CISSP certification exam through drill sessions, review of the entire Common Body of Knowledge, and practical question and answer scenarios, all following a high-energy seminar approach.
  • Send Mail

The final step is to find software and hardware for sending emails. We can send mails through open relays or by botnets. There are a number of companies set up to send bulk e-mail in the name of email marketing.

Bulk Mailer: Bulk Mailer is a bulk email sending software program that excels with the myriad aspects of emailing a large number of people simultaneously.

Anti-Spam

“Anti-spam” refers to services and solutions that focus on blocking and mitigating the effects of junk emails.

There are a number of things you can do to stop spam email. Which ones suit you best will depend upon your needs, the type of email you generally receive, whether you have complete control over your email account, the number of legitimate correspondents you have, and how long you tend to keep your emails.

Anti-Spam Techniques

Some spam control techniques include:

  • Keyword filtering—Keyword filtering is a type of application layer filtering that helps you identify unwanted e-mail messages by analyzing the contents of the message body as it is being transported by the transport scan job. By creating keyword lists, you can filter messages based on a variety of words, phrases, and sentences.
  • Black listing—Blacklists are records of email addresses or IP addresses that have been previously used to send spam. When an incoming message arrives, the spam filter checks to see if its IP or email address is on the blacklist; if so, the message is considered spam and rejected
  • White listing—This is a filtering method that, instead of specifying which senders should be blocked, specifies which senders should be allowed by using a list of contacts deemed to be acceptable.
  • Address blocking—This is a filtering method that blocks mail from particular IP addresses, email addresses, or domains of known spammers.
  • Bayesian filtering—Bayesian spam filters calculate the probability of a message being spam based on the learning experience.

    Bayes’ Formula

    Using this technique, a cumulative likelihood that a message is spam is calculated by combining the probability associated with tokens in the message occurring in actual spam with the probability associated with tokens in the message occurring in non-spam. Messages having a calculated spam score exceeding some threshold are identified as spam.

  • Challenge/response filtering—Instead of trying to filter out the spam, C/R filters look for mail from white list senders and let it through. Everything else is thought to be spam and quarantined. This makes for a fantastic spam detection rate. Moreover, a challenge/response system automatically sends a reply with a challenge to the alleged sender of every quarantined email. In this reply, the sender is asked to perform some action to assure delivery of the original message, which would otherwise not be delivered.
  • Collaborative filtering—Collaborative content filtering takes a community-based approach to fighting spam by collecting input from the millions of email users around the globe. Users of these systems can flag incoming emails as legitimate or spam and these notations are reported to a central database. After a certain number of users mark a particular email as junk, the filter automatically blocks it from reaching the rest of the community’s inboxes.

End-User Anti Spam techniques

  • Address munging
  • No response to spam
  • Disabling HTML in e-mail
  • Disposable e-mail addresses: A disposable temporary address forwards email to a valid address.

Conclusion

Spam is a big problem for everyone from the individual home Internet user to the multi-national corporation that depends on email communications to conduct business. With spam increasing steadily, it is important to take a proactive stance and arm yourself with knowledge about the methods that spammers use so you can decide how best to implement strategies to block spam.

References