Electronic messaging is become the important part of our life. Users’ ability to send messages to recipients on the other side of the world at nearly no cost. The low cost of message delivery has enabled unsolicited senders to deliver their messages using the electronic messaging. Some of these unsolicited messages have been classified as spam by users.
Spam is a growing problem for Internet users, whether you are an individual or large corporation. The cost to corporations in bandwidth, delayed email, and employee productivity has become a tremendous problem for anyone who provides email services.
What is Spam?
Unwanted messages sent over the Internet, typically to large numbers of users, for the purposes of advertising, phishing, spreading malware, etc. Some spam is annoying but harmless. However, some spam is part of an identity theft scam or other kind of fraud. Identity theft spam is often called a phishing scam.
The percentage of spam in email traffic, H1 2013
Security Implications of Spam
· Waste of time: People take certain amount of time in reading messages or taking certain action on them.
· Storage overload: Spam consumes storage on the server till the time the actual recipient takes some action on it.
· The loss of an important email that accidentally gets deleted along with the plethora of spam.
· Communications overload: Spam blocks communication channels and creates traffic.
· Malware carrier: Some spam carries email attachments that if opened can infect your computer with viruses or spyware.
Motto behind Spamming
· Marketing: Spammers are trying to sell a product or service but the messages they send are unsolicited bulk Email.
· Fraud: Spam sends to various email addresses to try to gain personal information and once the personal information has been gained, fraudsters can use it to commit fraud, which could include financial institution fraud, credit card fraud and identity fraud.
Spam Categories
· Email Spam
· Instant Messaging Spam
· Comment Spam
· Junk Fax
· Internet Telephony Spam
· Unsolicited Text Messages
Sources of Spam
The major sources of email spam are as following:
- Open Relay: An open relay is a poorly configured SMTP server that allows anyone to relay messages through it to any other destination email address. Servers that are found to be open relays are often added to block lists.
- Botnet: A group of these Compromised computers is referred to as a botnet, and is used by a spammer to send out millions of emails containing spam, phishing scams, and computer viruses.
- Get Addresses: Firstly spammers require a list of address to send e-mails to, for either infecting or marketing. There are various companies and people that sell millions of valid e-mail addresses illegally.
Email Extractor: Email Extractor is email spider software. It collect email id from Search Engines, Website, Url List, Email Accounts etc
The Harvester: This tool allows us to quickly catalog e-mail addresses that are directly related to the target system. The Harvester can be used to search Google and Bing for e-mails, hosts, and sub domains.
- Verify Addresses: Before sending mail to the addresses first we have to check whether these addresses are exists or not. By verifying addresses we can avoid the condition of blocking.
Email Addresses Checker: This email checking tool connects to the mail server and checks whether the email exists. You can check the email address validation just by going to site www.tools.email-checker.com.
For valid email addresses, you can view additional intelligence including pictures, web, blog and local searches. Click the info button for interesting research data on email addresses.
- Send Mail
Bulk Mailer: Bulk Mailer is a bulk email sending software program that excels with the myriad aspects of emailing a large number of people simultaneously.
Anti Spam
Anti-spam refers to services and solutions that focus on blocking and mitigating the effects of junk emails.
There are a number of things you can do to stop Spam email. Which ones suit you best will depend upon your needs, the type of email you generally receive, whether you have complete control over your email account, the number of legitimate correspondents you may have and how long you tend to keep them.
Anti Spam techniques
Some spam control techniques include:
· Keyword filtering: Keyword Filtering is a type of application layer filtering that helps you identify unwanted e-mail messages by analyzing the contents of the message body as it is being transported by the Transport scan job. By creating keyword lists, you can filter messages based on a variety of words, phrases, and sentences.
· Black listing: Blacklists are records of email addresses or IP addresses that have been previously used to send spam. When an incoming message arrives, the spam filter checks to see if its IP or email address is on the blacklist; if so, the message is considered spam and rejected White listing: filtering method that, instead of specifying which senders should be blocked specifies which senders should be allowed.
· White listing: An email white list is a list of contacts that the user deems are acceptable to receive email from and should not be sent to the trash folder.
· Address blocking: This is a filtering method that blocks mail from particular IP addresses, email addresses or domains of known spammers.
· Bayesian filtering: Bayesian spam filters calculate the probability of a message being spam based on the learning experience.
Bayes’ Formula
Using this technique, a cumulative likelihood that a message is spam is calculated by combining the probability associated with tokens in the message
occurring in actual spam with the probability associated with tokens in the message occurring in non-spam. Messages having a calculated spam score
exceeding some threshold are identified as spam.
· Challenge/Response filtering: Instead of trying to filter out the spam, C/R filters look for mail from White List senders and let it through. Everything else is thought to be spam and quarantined. This makes for a fantastic spam detection rate. Moreover, a Challenge/Response system automatically sends a reply with a challenge to the alleged sender of every quarantined email. In this reply, the sender is asked to perform some action to assure delivery of the original message, which would otherwise not be delivered.
· Collaborative Filtering: Collaborative content filtering takes a community-based approach to fighting spam by collecting input from the millions of email users around the globe. Users of these systems can flag incoming emails as legitimate or spam and these notations are reported to a central database. After a certain number of users mark a particular email as junk, the filter automatically blocks it from reaching the rest of the community's inboxes.
End-user Anti Spam techniques
· Address Munging.
· No Response to Spam
· Disable HTML in e-mail
· Disposable e-mail addresses: Disposable temporary address forwards email to valid address.
Conclusion
Spam is a big problem for everyone from the individual home Internet user to the multi-national corporation that depends on email communications to conduct business. With spam increasing steadily, it is important to take a proactive stance and arm yourself with knowledge about the methods that spammers use, so you can decide how to best implement strategies to block spam.
References
- http://en.wikipedia.org/wiki/Email_spam
- http://en.wikipedia.org/wiki/Anti-spam_techniques
- http://www.securelist.com/en/analysis/204792297/Spam_in_Q2_2013
%2Bdork%2Blist%2Binfosec%2Baffairs.png)
No comments:
Post a Comment