2 The SPAM Phenomenon

The problem of undesired electronic messages is nowadays a serious issue. As spam constitutes more than 70% of total amount of email messages worldwide, and this crisis is projected to increase up to 80% by 2010, predicted by Trend corp[2]. Spam makes users not only waste their time, but cause loss of work productivity, and eventually lead to enormous social cost.

Imagine that if spammers sends 10,000 messages suggesting to buy their product, and only one person follows the lead. Then, they could made a small profit, however, a pure profit. Now, why not send out 10,000,000 messages and make a 100 times bigger profit. There are many spammers out there, all wanting to make a big profit. The result is as of estimated 70+% of all email traffic is occupied by undesired email.

2.1 Source of Spam

• BotNet
  It was relatively easy to block spammers by checking from a handful of IPs, such as blacklist or whitelist mechanism, as spammers were getting blocked as soon as they start sending spam. However, the new threat used by spammers is the botnets. Bonnet is a cluster of computers that were broken into by a person or via a virus attack (usually mounted via email). A program is installed on all these computers, which now the distributer, or often is called bot master, controls these computers remotely - those machines are usually referred to as zombies. Now a spammer who wants to send a lot of spam does not need to send it from one machine, but they would simply distribute the attack via thousands of computers, which now makes it really hard to detect, based on the volume of email coming from the same IP, since each zombie sends just one or a few messages to the same target.
• Directory Harvest Attacks
  Spammers collect the email addresses mainly by crawling the Internet and picking up mailing addresses from articles, forums, mailing list archives, etc. Some people try to obfuscate their addresses when they put it online, for instance, ’username at domain dot org’, which is still circumvented by those crawlers since most people use the same obfuscation technique. The best way to protect your address to be harvested is probably to put it in an image file. Unless you never email anybody, there is no really a way to keep your address from the praying eyes of the spammers.

  The more recent trend for harvesting email addresses is the DHA (Directory Harvest Attack). In most cases, many people use common names or names of common objects as their usernames, so that spammers could take a dictionary of common words and try to use those, or its various combinations as usernames, all starting with the same prefix. Nevertheless, the SMTP protocol has a special command ’VRFY’, which was designed to help the senders whether the username exists before attempting to send an email. However, this is exactly the wonderful tool for spammer to perform the directory harvesting attack.

• Internet Hoaxes and Chain Letters
  There are usually many hoaxes (fake stories) or chain letters (other fake stories) flowing in the internet. Those letters sometimes suggest that you will make a fortune if you forward it to at least 50 people, or sometimes tell a heart breaking story, urging you to forward the story to your friends. However, a few people actually do not realize this helps providing spammers with fodder for their activity. The spammer can use the same DHA trick mentioned above to collect massive of email address from these kind of chain emails. The reason is average people usually forward the email using CC email header (and not BCC header), which cause the email address of everyone you are sending to being exposed to others.

2.2 Type of Spam

• Sales-pitch (advertisement)
  Unsurprisingly, spam is mostly sales advertisement (which suggests you to buy their certain product).
• Phishing mails (internet-scam)
  Phishing is a relatively new phenomenon, which allows scammers to fool thousands of people at once. A typical phishing email contains a message which seems to be very similar to the usual email you get from your bank, where the difference is, however, they try to make you give them your bank credentials. The typical one is you are told that your account was hacked and they need your login/password to fix it. Once you naively give them your credentials, they go and take your money.
• Email Scam
  A typical scam suggests that someone has a huge amount of money in some third world country and they beg you to help them transfer the money out of that country and offering you a huge cash reward. If you respond, they will ask for a relatively little amount of money so that they can open a new account on your name and where they would transfer the money to. If you ever do that, say bye bye to your money. Neither you will get the promised bounty, nor you will ever again see your money. ebay is a very common place to get scammed. Be especially every of those vendors who have hundreds of ”excellent vendor” comments and votes, many of those are fake users created to inflate the reputation of the scam artist. So that if someone reports as a scam it will disappear in the sea of positive votes.