Knowing the threats of spam

Whilst many people may be conscientious Internet users who do not visit adult sites or partake in online gambling, spam is indiscriminate in its attack and no matter how clean and pure one’s Internet habits may be, it is easy to become a target of such unsolicited mail.

Primarily, an email address gets targeted with spam because it’s available in various places on the Internet, and from there gets saved onto numerous spam lists that are available to buy (sometimes quite cheaply). Russia is a big player in this type of business, although by no means the only one. Whilst not all the email addresses that are on the list may be valid, if one is willing to pay more they will have access to a more worthwhile spam list – one with authenticated email addresses of home users on high speed cable or ADSL/broadband that are already infected with a Trojan for remote access to that computer.

The reason that home users are susceptible to these Trojans is because spammers are aware that home-users are not very careful about security and do not always keep their privacy guard up-to-date. This is a big mistake and one security step that should not be avoided. Keeping computer security up-to-date will lead to less spam, which will in turn minimize the chances of spam emails containing malware getting into your inbox and thus infecting your computer.

Email addresses are collected through various methods. Spider bots crawl through the web looking for email addresses listed on websites, forums, newsrooms, etc and once these are found they are transmitted to a mail server and added to a spam database from which lists are compiled.

Another common method is known as a dictionary attack, where a software application connects to a mail server and rapidly submits millions of random e-mail addresses based on words and names commonly found in a dictionary. The software then records which addresses are valid and adds these to the spammer’s junk e-mail list.

Certain websites were created in order to collect email addresses by promising free software ‘gifts’ such as music, porn, entry to competitions, etc. The ‘gift’ is sent to these addresses and a tracker in the email confirms whether the address is valid.

Valid email addresses are very important to spammers so they will try various methods in order to get their hands on them, including pay for them, so the ring of spammers and their affiliates keeps on growing. Lists that are compiled through these methods can all be sold to spammers and are therefore a money-making scheme.

Essentially spammers can collect email addresses through various methods including:

• Requesting or buying lists of mail addresses from the mailing lists of mail servers
• Requesting or buying addresses from registration forms and guest books of various websites
• Searching sites serving as white or yellow pages, where lists of names and mail addresses are featured
• Using social engineering, such as phishing, to trick recipients into giving out their email addresses and other secure data

Armed with the knowledge of the threats that are out there, one can take certain steps to protect their computer from viruses and minimize the amount of annoying spam that clogs their email inbox on a daily basis.