Understanding the Different Types and Impacts of Spam Email, Papers of Creative writing

Download Understanding the Different Types and Impacts of Spam Email and more Papers Creative writing in PDF only on Docsity! WRIT 5550 2004-1Q Duerrmeyer 1/12 FW: Fire your boss, with eBay while C1ALI`S & LEV1T`RA a1l0ws men to achieve an erectiOn up to 36 hours after Ingesti0n . Fw: B@ckgr0und H!5tory Although spam may not be news there are many aspects of it which distinguish it from other annoyances of the past. The term spam originated from a Monty Python skit where the name of the canned meat product is used so abundantly that it crowds everything else out. Despite the fact that the term, after being adopted as internet lingo, was originally used for unwanted messages sent to USENET newsgroups and mailing lists, it is now used more generally for all unsolicited email sent indiscriminately to a large number of people. In more practical terms, spam is the email equivalent of junk-mail and thus is generally of marketing nature. Unfortunately the quantity and abundance of spam being sent and received has never ceased to increase and has become a growing threat to companies and individuals alike. For the purposes of this paper the term spam will apply to all unsolicited email sent indiscriminately to a large number of people. Flavors of Spam Unlike the canned meat, spam comes in a dozen or more different flavors. Much like everything in the world, the primary driving source is money, greed and desire for power and fame. These are the same forces which ruined postal mail and they have the power and WRIT 5550 2004-1Q Duerrmeyer 2/12 likelihood of poisoning email as well. Who wants to pay close to a dollar to send a letter? Technology is not to blame for the high cost of postal mail nor for its decline. The greed of the postal office offering unbeatable bulk mail prices to large clients forcing them to raise the stamp price for us common folk to make up for their losses is at blame here. And now Bill Gates is talking about implementing a small math quiz in order to be able to send each email. How much more of this do we have to take ? Of these different flavors marketing and scams occupy the significant majority. This is also where one of the largest gray areas can be found. Not all spam is illegitimate, illegal or misleading. Some companies use email to advertise a product, service or announce their existence through mass emailing. They typically honor unsubscribers or do not keep you subscribed unless you answer and ask to remain on their list. Typically this type of email is sent either directly from the mail servers of the company in question or it is sent through contracted services of companies which specialize in mass-emailing and email address list management. The unfortunate side to this is that these legitimate non misleading emails are a rather small minority of the spam which circulates. The other type of spam backed by large companies is the slightly more dishonest one which is either sent out through specialized third parties or by individuals working off of commissions for click-throughs. These operate much in the same way as the summer jobs students sometimes pick up folding fliers and putting them in envelopes and mailing them out on behalf of a company. Since WRIT 5550 2004-1Q Duerrmeyer 5/12 necessary to sort through the growing numbers of email to determine what is legitimate or not. Marketing spam poses a threat because there are no rules by which it must abide. On TV a product must be advertised following certain guidelines. Even if laws were passed making companies more accountable for their email content, they could always circumvent this by having non-affiliated third parties send their marketing email much in the way they do it already. This permits the companies to make all sorts of claims about a product or service which may be entirely false or inaccurate. Scams on the other hand target in particular the readers pride or typical insecurities large amounts of people share. Using these techniques they can either gaining the readers trust and confidence or incite a specific reaction with as goal to defraud the reader of something, whether it be information or simply money. These are very dangerous because there is an inherent trust associated with something in written form. The other breed of scam which attempts to trick the reader into divulging information by imitating a site or service they already belong too is becoming a more dangerous one. With the widespread use of HTML email, messages can be tailored to look exactly like they were sent from a credible service such as CitiBank or an online merchant, asking to verify a username and password or credit card information. This brings up the need to question a great deal of email and its authenticity before paying any attention to it. WRIT 5550 2004-1Q Duerrmeyer 6/12 Hoaxes in turn are often perceived by many as harmless, yet they have a distinct power of their own. Despite this apparently innocent nature, hoaxes, when spread through email, can have a very dangerous outcome. Because of the far reach of email and the relative simplicity of spreading email, hoaxes can affect the stock market as well as public perception, public opinion and credibility. It is the rumor-spreader of the internet age and it is practically unstoppable. The previously mentioned Nieman Markus cookie recipe hoax is a good example of this. It has been traced back as far as 1986 and still makes its way around to email boxes globally as well as occasional airing in newspapers. Nieman Markus still receives phone calls about this issue and regardless of what they do they have not been able to undo the damage of this simple and rudimentary hoax. The fact that we continue to receive hoaxes goes to show the power they maintain and that people still believe in them regardless of how much they contradict even simple logic. The last type of spam brought up in this document is that containing malicious code, trojans, worms and virii. This is perhaps compared most closely to hoaxes as like hoaxes there is no direct monetary gain from the destruction of other peoples data or the hindering of their computer use. But sometimes the sense of power people gain when feeling that they can have such an effect on such a large amount of people is worth more than money. Whether the Iloveyou worm, Blaster or Netsky, companies have claimed the loss of millions of dollars and the numbers never cease to increase. WRIT 5550 2004-1Q Duerrmeyer 7/12 How much spam would you like today ? Regardless of the type of spam, the quantity being received is phenomenal. One company reports between 71% and 98% of all mail being received as spam. The amount of time and resources put into sorting through this manually is considerable and much better put to use elsewhere. Although unlike the unwarranted faxes, which are now outlawed because of their paper and ink consumption, spam is just as costly if not more when taking into account the lost time. Lastly an often accidental side effect is the unintentional flooding and stressing of servers by spammers who have not correctly configured their software or who do not know what they are doing. Although this may be expected to be a rare case, it unfortunately happens relatively frequently. Visual symptoms of such mis-configured software are for example when you receive empty messages, messages with “%name”, “%RND_number” or similar written items in them. I Can't Take it Anymore! Although this all looks rather gloom, don't bag your email account just yet, there is still hope and not all is lost as there are measures which can be taken to reduce, prevent and perhaps eventually outlaw to some degree at least certain types of spam. From a technological standpoint the first line of defense is preventing the messages from ever being sent, regardless of what type of spam it is. Since spam is sent different ways there are different types of WRIT 5550 2004-1Q Duerrmeyer 10/12 when it is not well configured. For a comparison sake the current GSU configuration seems to allow about 60% of spam through and I receive about 10% false positives which is really high. My own mailserver which is also running SpamAssassin allows at present only about 12% of spam through and I am receiving below 1% false positives. The next line of defense is the actual email client used to check mail. Some have built-in features against spam such as Evolution, MozillaMail, Eudora, etc... The main difference with these is that they don't prevent the wasted bandwidth by stopping the mail before it reaches you. On the other hand this method falls pray to the same downsides as there are high risks of false positives, but with the mail being present on the readers machine there is possibility to help look through the labeled spam for the false positives. A Glimmer of Hope The only real solution is a combination of the above methods with perhaps some new legislation. For example some modifications can be made to the email protocol. Presently there is the ability to flag an email as urgent or low priority. A flag should be implemented which identifies the email as unsolicited or spam. Then legislation should impose steep fines if they do not enable this flag in their unsolicited mail. This would gain the best of both worlds as it would give the ultimate power to the reader. If the reader wanted to receive offers he or she could choose to read these flagged emails. WRIT 5550 2004-1Q Duerrmeyer 11/12 If the reader didn't want to, they could be directly sent towards the trash. This would of course rely and the abidance of laws so it would be important to give incentives or disincentives to those sending the spam. This would not prevent the spam being sent through security holes in servers however. Those too could be reduced by making stricter laws deeming that the use of security exploits to send mail were illegal, enforce stronger punishments for doing so and perhaps by increasing the accountability of the software firm responsible for producing the insecure software. Fortunately the technology and software is available to almost put an end to the worms and malicious emails but the fear of false positives is keeping it from being fully implemented. This is another case where higher accountability would help reduce the risks. Not all mail clients are at risk from these types of mail, those which are should have incentives to be designed to better immunize themselves against this type of attack. Now although the previous idea appears to be a golden solution, albeit perhaps difficult to implement, there is no true golden solution as some email is undesirable to some people yet desirable to others. A good example of this are the chain letters and hoaxes. Some people enjoy receiving and sending them. Although they can be blocked and filtered, notably by monitoring the number of forwards contained within a message, it is not particularly constitutional to do so. Many people are projecting that spam will be the demise of email and although there is cause for alarm, technology is here to help , and all that is needed to start making significant reductions to the WRIT 5550 2004-1Q Duerrmeyer 12/12 amount of spam in your inbox is the creation of stronger laws and legislation which can only be done by the people in power who get to make these decisions. Let's all hold an idealistic and blind hope that they are advised by capable and knowledgeable people who can create true solutions instead of useless unenforced laws like the Can Spam Act. Further Readings http://www.google.com/search?q=define:Spam http://spam.abuse.net/ http://www.colinfahey.com/spam_topics/spam_the_phenomenon.htm http://www.exit109.com/~mstevens/250cooki.html http://www.419eater.com/