E-mail spam, also known as junk e-mail, is a subset of spam Spam is the abuse of electronic messaging systems to send unsolicited bulk messages indiscriminately. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile that involves nearly identical messages sent to numerous recipients by e-mail Electronic mail, commonly called email or e-mail, is a method of exchanging digital messages across the Internet or other computer networks. Email systems are based on a store-and-forward model in which email server computer systems accept, forward, deliver and store messages on behalf of users, who only need to connect to the email infrastructure,. A common synonym for spam is unsolicited bulk e-mail (UBE). Definitions of spam usually include the aspects that email is unsolicited and sent in bulk.^{[1][2][3][4][5]} "UCE" refers specifically to unsolicited commercial e-mail.

E-mail spam has steadily grown since the early 1990s. Botnets A Botnet is a collection of software agents, or robots, that run autonomously and automatically. The term is most commonly associated with malicious software, but it can also refer to a network of computers using distributed computing software.[citation needed] While botnets are often named after their malicious software name, there are typically, networks of virus A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another when its-infected computers, are used to send about 80% of spam. Since the cost of the spam is borne mostly by the recipient,^[6] it is effectively postage due While the problem of what to do about letters not paying the full correct fee had existed since the creation of regular postal systems, it was greatly heightened by the advent of postage stamps, since customers were now making their own decisions about the right amount to pay, without the assistance of a presumably-knowledgeable postal clerk advertising.

The legal status of spam varies from one jurisdiction to another. In the United States, spam was declared to be legal by the CAN-SPAM Act of 2003 The CAN-SPAM Act of 2003 , signed into law by President George W. Bush on December 16, 2003, establishes the United States' first national standards for the sending of commercial e-mail and requires the Federal Trade Commission (FTC) to enforce its provisions. The acronym CAN-SPAM derives from the bill's full name: Controlling the Assault of Non- provided the message adheres to certain specifications. ISPs An Internet service provider , also sometimes referred to as an Internet access provider (IAP), is a company that offers its customers access to the Internet[citation needed]. The ISP connects to its customers using a data transmission technology appropriate for delivering Internet Protocol Paradigm, such as dial-up, DSL, cable modem, wireless or have attempted to recover the cost of spam through lawsuits against spammers, although they have been mostly unsuccessful in collecting damages despite winning in court.^[7][8]

Spammers collect e-mail addresses from chatrooms, websites, customer lists, newsgroups, and viruses which harvest users' address books, and are sold to other spammers. They also use a practice known as "e-mail appending" or "epending" in which they use known information about their target (such as a postal address) to search for the target's email address. Much of spam is sent to invalid e-mail addresses. Spam averages 78% of all e-mail sent.^[9]

Overview

From the beginning of the Internet (the ARPANET ARPANET , created by a small research team at the head of the Massachusetts Institute of Technology and the Defense Advanced Research Projects Agency (DARPA) of the United States Department of Defense, was the world's first operational packet switching network, and the predecessor of the contemporary global Internet. The packet switching of the), sending of junk e-mail has been prohibited,^[10] enforced by the Terms of Service Terms of service are rules by which one must agree to abide by in order to use a service. Usually, such terms are legally binding.[citation needed]/Acceptable Use Policy An acceptable use policy is a set of rules applied by the owner/manager of a network, website or large computer system that restrict the ways in which the network site or system may be used. AUP documents are written for corporations, businesses, universities, schools, internet service providers, and website owners often to reduce the potential (ToS/AUP) of internet service providers (ISPs) and peer pressure. Even with a thousand users junk e-mail for advertising is not tenable, and with a million users it is not only impractical,^[11] but also expensive.^[12] It is estimated that spam cost businesses on the order of $100 billion in 2007.^[13] As the scale of the spam problem has grown, ISPs and the public have turned to government for relief from spam, which has failed to materialize.^[14]

Types

Spam has several definitions varying by source.

• Unsolicited bulk e-mail (UBE)—unsolicited e-mail, sent in large quantities.
• Unsolicited commercial e-mail (UCE)—this more restrictive definition is used by regulators whose mandate is to regulate commerce, such as the U.S. Federal Trade Commission The Federal Trade Commission is an independent agency of the United States government, established in 1914 by the Federal Trade Commission Act. Its principal mission is the promotion of "consumer protection" and the elimination and prevention of what regulators perceive to be harmfully "anti-competitive" business practices,.

Spamvertised sites

Many spam e-mails contain URLs to a website or websites. According to a Commtouch Commtouch is a messaging and Web security technology company founded in 1991. The company is headquartered in Netanya, Israel, with a subsidiary in Sunnyvale, California report in June 2004, "only five countries are hosting 99.68% of the global spammer websites", of which the foremost is China, hosting 73.58% of all web sites referred to within spam.^[15]

Most common products advertised

According to information compiled by Spam-Filter-Review.com, E-mail spam for 2006 can be broken down as follows.^{[unreliable source?] [16]}

"Pills, porn and poker" sums up the most common products advertised in spam. Others include replica watches.^[17][18]

419 scams

Advance fee fraud spam such as the Nigerian "419" scam may be sent by a single individual from a cyber cafe An internet café or cybercafé is a place where one can use a computer with Internet access, most for a fee, usually per hour or minute; sometimes one can have unmetered access with a pass for a day or month, etc. It may serve as a regular café as well, with food and drinks being served in a developing country. Organized "spam gangs A gang is a group of three or more people who, through the organization, formation, and establishment of an assemblage, share a common identity. In current usage it typically denotes a criminal organization or else a criminal affiliation. In early usage, the word gang referred to a group of workmen. In the United Kingdom the word is still often" operating from Russia Russia (pronounced /ˈrʌʃə/ ; Russian: Россия, tr. Rossiya, pronounced [rɐˈsʲijə] ( listen)), also officially known as the Russian Federation (Russian: Российская Федерация, tr. Rossiyskaya Federatsiya, pronounced [rɐˈsʲijskəjə fʲɪdʲɪˈraʦəjə] ( listen)), is a country in northern Eurasia. It is a federal or eastern Europe Eastern Europe is a region lying in the Eastern part of Europe. The term is highly context-dependent and even volatile, as there are "almost as many definitions of Eastern Europe as there are scholars of the region". A related UN paper adds that "every assessment of spatial identities is essentially a social and cultural construct& share many features in common with other forms of organized crime Organized crime or criminal organizations is a transnational grouping of highly centralized enterprises run by criminals for the purpose of engaging in illegal activity, most commonly for the purpose of generating a monetary profit. The Organized Crime Control Act defines organized crime as "The unlawful activities of [...] a highly organized,, including turf battles and revenge killings.^[19]

Phishing

Spam is also a medium for fraudsters The specific legal definition varies by legal jurisdiction. Fraud is a crime, and also a civil law violation. Defrauding people or entities of money or valuables is a common purpose of fraud, but there have also been fraudulent "discoveries", e.g. in science, to gain prestige rather than immediate monetary gain to scam A confidence trick or confidence game is an attempt to defraud a person or group by gaining their confidence. The victim is known as the mark, the trickster is called a confidence man, con man, confidence trickster, or con artist, and any accomplices are known as shills. Confidence men or women exploit human characteristics such as greed and users to enter personal information on fake Web sites using e-mail forged to look like it is from a bank or other organization such as PayPal PayPal is an e-commerce business allowing payments and money transfers to be made through the Internet. PayPal serves as an electronic alternative to traditional paper methods such as checks and money orders. This is known as phishing In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment. Spear-phishing is targeted phishing, using known information about the recipient, such as making it look like it comes from their employer.^[20]

Spam techniques

Appending

If a marketer has one database containing names, addresses, and telephone numbers of prospective customers, they can pay to have their database matched against an external database containing email addresses. The company then has the means to send email to persons who have not requested email, which may include persons who have deliberately withheld their email address. ^[21]

Image spam

Image spam The basic rationale behind image spam is that it is difficult to detect using spam filtering software designed to detect patterns in text in the plain-text E-mail body. Attempts to filter text in image spam are easily defeated because optical character recognition of text in image spam can be prevented using a variety of obfuscation techniques is an obfuscating method in which the text of the message is stored as a GIF The Graphics Interchange Format is a bitmap image format that was introduced by CompuServe in 1987 and has since come into widespread usage on the World Wide Web due to its wide support and portability or JPEG In computing, JPEG is a commonly used method of lossy compression for photographic images. The degree of compression can be adjusted, allowing a selectable tradeoff between storage size and image quality. JPEG typically achieves 10:1 compression with little perceptible loss in image quality image and displayed in the email. This prevents text based spam filters from detecting and blocking spam messages. Image spam is currently used largely to advertise "pump and dump "Pump and dump" is a form of microcap stock fraud that involves artificially inflating the price of an owned stock through false and misleading positive statements, in order to sell the cheaply purchased stock at a higher price. Once the operators of the scheme "dump" their overvalued shares, the price falls and investors lose" stocks.^[22]

Often, image spam contains nonsensical, computer-generated text which simply annoys the reader. However, new technology in some programs try to read the images by attempting to find text in these images. They are not very accurate, and sometimes filter out innocent images of products like a box that has words on it.

A newer technique, however, is to use an animated GIF The Graphics Interchange Format is a bitmap image format that was introduced by CompuServe in 1987 and has since come into widespread usage on the World Wide Web due to its wide support and portability image that does not contain clear text in its initial frame, or to contort the shapes of letters in the image (as in CAPTCHA A CAPTCHA or Captcha is a type of challenge-response test used in computing to ensure that the response is not generated by a computer. The process usually involves one computer (a server) asking a user to complete a simple test which the computer is able to generate and grade. Because other computers are unable to solve the CAPTCHA, any user) to avoid detection by OCR tools. People with bad eye sight may find it hard to decode the text, there is now an audio option available.

Blank spam

Blank spam is spam lacking a payload advertisement. Often the message body is missing altogether, as well as the subject line. Still, it fits the definition of spam because of its nature as bulk and unsolicited email.

Blank spam may be originated in different ways, either intentional or unintentionally:

1. Blank spam can have been sent in a directory harvest attack A Directory Harvest Attack or DHA is a technique used by spammers in an attempt to find valid/existent e-mail addresses at a domain by using brute force. The attack is usually carried out by way of a standard dictionary attack, where valid e-mail addresses are found by brute force guessing valid e-mail addresses at a domain using different, a form of dictionary attack In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities for gathering valid addresses from an email service provider. Since the goal in such an attack is to use the bounces to separate invalid addresses from the valid ones, the spammer may dispense with most elements of the header and the entire message body, and still accomplish his or her goals.
2. Blank spam may also occur when a spammer forgets or otherwise fails to add the payload when he or she sets up the spam run.
3. Often blank spam headers appear truncated, suggesting that computer glitches may have contributed to this problem—from poorly-written spam software to shoddy relay servers, or any problems that may truncate header lines from the message body.
4. Some spam may appear to be blank when in fact it is not. An example of this is the VBS.Davinia.B email worm which propagates through messages that have no subject line and appears blank, when in fact it uses HTML code to download other files.

Backscatter spam

Backscatter is a side-effect of e-mail spam, viruses A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another when its host is taken to the and worms A computer worm is a self-replicating malware computer program. It uses a computer network to send copies of itself to other nodes and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least, where email servers receiving spam and other mail send bounce messages In the internet's standard e-mail protocol SMTP, a bounce message, or Delivery Status Notification (DSN) message, aka Non-Delivery Report/Receipt (NDR), Non-Delivery Notification (NDN), or simply a bounce is an automated electronic mail message from a mail system informing the sender of another message about a delivery problem. The original to an innocent party. This occurs because the original message's envelope sender A bounce address is an e-mail address to which bounce messages are delivered. There are many variants of the name, none of them used universally, including return path, reverse path, envelope from, envelope sender, MAIL FROM, 2821-FROM, return address, From_, Errors-to, etc. It is not uncommon for a single document to use several of these names is forged to contain the e-mail address of the victim. A very large proportion of such e-mail is sent with a forged From: header, matching the envelope sender.

Since these messages were not solicited by the recipients, are substantially similar to each other, and are delivered in bulk quantities, they qualify as unsolicited bulk email or spam. As such, systems that generate e-mail backscatter can end up being listed on various DNSBLs A DNSBL is list of IP addresses published through the Internet Domain Name Service in a particular format. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists and be in violation of internet service providers An Internet service provider , also sometimes referred to as an Internet access provider (IAP), is a company that offers its customers access to the Internet[citation needed]. The ISP connects to its customers using a data transmission technology appropriate for delivering Internet Protocol Paradigm, such as dial-up, DSL, cable modem, wireless or' Terms of Service Terms of service are rules by which one must agree to abide by in order to use a service. Usually, such terms are legally binding.[citation needed].

Legality

Sending spam violates the Acceptable Use Policy An acceptable use policy is a set of rules applied by the owner/manager of a network, website or large computer system that restrict the ways in which the network site or system may be used. AUP documents are written for corporations, businesses, universities, schools, internet service providers, and website owners often to reduce the potential (AUP) of almost all Internet Service Providers An Internet service provider , also sometimes referred to as an Internet access provider (IAP), is a company that offers its customers access to the Internet[citation needed]. The ISP connects to its customers using a data transmission technology appropriate for delivering Internet Protocol Paradigm, such as dial-up, DSL, cable modem, wireless or. Providers vary in their willingness or ability to enforce their AUP. Some actively enforce their terms and terminate spammers' accounts without warning. Some ISPs lack adequate personnel or technical skills for enforcement, while others may be reluctant to enforce restrictive terms against profitable customers.

As the recipient directly bears the cost of delivery, storage, and processing, one could regard spam as the electronic equivalent of "postage-due" junk mail.^[6][23] Due to the low cost of sending unsolicited e-mail and the potential profit entailed, some believe that only strict legal enforcement can stop junk e-mail. The Coalition Against Unsolicited Commercial Email (CAUCE) argues "Today, much of the spam volume is sent by career criminals and malicious hackers who won't stop until they're all rounded up and put in jail."^[24]

European Union

All the countries of the European Union The European Union is an economic and political union of 27 member states which are located primarily in Europe. Committed to regional integration, the EU was established by the Treaty of Maastricht in 1993 upon the foundations of the European Communities. With over 500 million citizens, the EU combined generated an estimated 28% share (US$ 16.5 have passed laws that specifically target spam.

Article 13 of the European Union The European Union is an economic and political union of 27 member states which are located primarily in Europe. Committed to regional integration, the EU was established by the Treaty of Maastricht in 1993 upon the foundations of the European Communities. With over 500 million citizens, the EU combined generated an estimated 28% share (US$ 16.5 Directive on Privacy and Electronic Communications Directive 2002/58 on Privacy and Electronic Communications, otherwise known as E-Privacy Directive, is an EU directive on data protection and privacy in the digital age. It presents a continuation of earlier efforts, most directly the Data Protection Directive. It deals with the regulation of a number of important issues such as confidentiality of (2002/58/EC) provides that the EU The European Union is an economic and political union of 27 member states which are located primarily in Europe. Committed to regional integration, the EU was established by the Treaty of Maastricht in 1993 upon the foundations of the European Communities. With over 500 million citizens, the EU combined generated an estimated 28% share (US$ 16.5 member states shall take appropriate measures to ensure that unsolicited communications for the purposes of direct marketing are not allowed either without the consent of the subscribers concerned or in respect of subscribers who do not wish to receive these communications, the choice between these options to be determined by national legislation.

Canada

The Government of Canada The government of Canada is the system whereby the federation of Canada is administered by a common authority; in Canadian English, the term can mean either the collective set of managerial institutions or specifically the Queen-in-Council. In both senses, the construct was established at Confederation, through the Constitution Act, 1867, as a has introduced anti-spam legislation called the Electronic Commerce Protection Act The Electronic Commerce Protection Act is anti-spam legislation introduced in 2009 by the Government of Canada at the House of Commons at the House of Commons to fight spam.^[25]

Australia

In Australia, the relevant legislation is the Spam Act 2003 which covers some types of e-mail and phone spam, which took effect on 11 April 2004. The Spam Act provides that "Unsolicited commercial electronic messages must not be sent," which is an opt-in requirement. This contrasts with the U.S. CAN-SPAM act, which is opt-out (i.e., companies are free to send spam until the recipient directs the sender not to). Penalties are up to 10,000 penalty units, or 2,000 penalty units for a person other than a body corporate.

United States

In the United States, most states enacted anti-spam laws during the late 1990s and early 2000s. These have since been pre-empted by the less restrictive CAN-SPAM Act of 2003.

Spam is legally permissible according to the CAN-SPAM Act of 2003 provided it follows certain criteria: a "truthful" subject line, no forged information in the technical headers or sender address, and other minor requirements. If the spam fails to comply with any of these requirements it is illegal. Aggravated or accelerated penalties apply if the spammer harvested the email addresses using methods described earlier.

A review of the effectiveness of CAN-SPAM in 2005 by the Federal Trade Commission (the agency charged with CAN-SPAM enforcement) stated that the amount of sexually explicit spam had significantly decreased since 2003 and the total volume had begun to level off.^[26] Senator Conrad Burns, a principal sponsor, noted that "Enforcement is key regarding the CAN-SPAM legislation." In 2004 less than 1% of spam complied with the CAN-SPAM Act of 2003.^[27]

Effectiveness

Legislative efforts to curb spam have been ineffective or counter-productive. For example, the CAN-SPAM Act of 2003 requires that each message include a means to "opt out" (i.e., decline future e-mail from the same source). It is widely believed that responding to opt-out requests is unwise, as this merely confirms to the spammer that they have reached an active e-mail account. To the extent this is true, the CAN-SPAM Act's opt-out provisions are counter-productive in two ways: first, recipients who are aware of the potential risks of opting out will decline to do so; second, attempts to opt-out will provide spammers with useful information on their targets. A 2002 study by the Center for Democracy and Technology found that about 16% of web sites tested with opt-out requests continued to spam.^[28]

Other laws

Accessing privately owned computer resources without the owner's permission counts as illegal under computer crime statutes in most nations. Deliberate spreading of computer viruses is also illegal in the United States and elsewhere. Thus, some common behaviors of spammers are criminal regardless of the legality of spamming per se. Even before the advent of laws specifically banning or regulating spamming, spammers were successfully prosecuted under computer fraud and abuse laws for wrongfully using others' computers.

The use of botnets can be perceived as theft. The spammer consumes a zombie owner's bandwidth and resources without any cost. In addition, spam is perceived as theft of services. The receiving SMTP servers consume significant amounts of system resources dealing with this unwanted traffic. As a result, service providers have to spend large amounts of money to make their systems capable of handling these amounts of email. Such costs are inevitably passed on to the service providers' customers.^[29]

Other laws, not only those related to spam, have been used to prosecute alleged spammers. For example, Alan Ralsky was indicted on stock fraud charges in January 2008, and Robert Soloway plead guilty to charges of mail fraud, fraud in connection with electronic mail, and failing to file a tax return in March 2008.^[30]

Deception and fraud

Spammers may engage in deliberate fraud to send out their messages. Spammers often use false names, addresses, phone numbers, and other contact information to set up "disposable" accounts at various Internet service providers. They also often use falsified or stolen credit card numbers to pay for these accounts. This allows them to move quickly from one account to the next as the host ISPs discover and shut down each one.

Senders may go to great lengths to conceal the origin of their messages. Large companies may hire another firm to send their messages so that complaints or blocking of email falls on a third party. Others engage in spoofing of e-mail addresses (much easier than IP address spoofing). The e-mail protocol (SMTP) has no authentication by default, so the spammer can pretend to originate a message apparently from any e-mail address. To prevent this, some ISPs and domains require the use of SMTP-AUTH, allowing positive identification of the specific account from which an e-mail originates.

Senders cannot completely spoof e-mail delivery chains (the 'Received' header), since the receiving mailserver records the actual connection from the last mailserver's IP address. To counter this, some spammers forge additional delivery headers to make it appear as if the e-mail had previously traversed many legitimate servers.

Spoofing can have serious consequences for legitimate e-mail users. Not only can their e-mail inboxes get clogged up with "undeliverable" e-mails in addition to volumes of spam, they can mistakenly be identified as a spammer. Not only may they receive irate e-mail from spam victims, but (if spam victims report the e-mail address owner to the ISP, for example) a naive ISP may terminate their service for spamming.

Theft of service

Spammers frequently seek out and make use of vulnerable third-party systems such as open mail relays and open proxy servers. SMTP forwards mail from one server to another—mail servers that ISPs run commonly require some form of authentication to ensure that the user is a customer of that ISP. Open relays, however, do not properly check who is using the mail server and pass all mail to the destination address, making it harder to track down spammers.

Increasingly, spammers use networks of malware-infected PCs (zombies) to send their spam. Zombie networks are also known as Botnets (such zombifying malware is known as a bot, short for robot). In June 2006, an estimated 80% of e-mail spam was sent by zombie PCs, an increase of 30% from the prior year. An estimated 55 billion e-mail spam were sent each day in June 2006, an increase of 25 billion per day from June 2005.^[31]

Statistics and estimates

The growth of e-mail spam

Spam is growing, with no signs of abating^{[citation needed]}. The amount of spam users see in their mailboxes is just the tip of the iceberg^{[weasel words]}, since spammers' lists often contain a large percentage of invalid addresses and many spam filters simply delete or reject "obvious spam". A 2010 survey of US and European e-mail users showed that despite knowing the risks of opening spam e-mails, 46% of the respondents still opened them, putting their computers at risk.^[32]

In absolute numbers

• 1978 - An e-mail spam advertising a DEC product presentation is sent by Gary Thuerk to 600 addresses, which was all the users of that time's ARPANET, though software limitations meant only slightly more than half of the intended recipients actually received it.^[33]
• 2002 - 2.4 billion per day^{[34][unreliable source?]}
• 2004 - 11 billion per day^{[35][unreliable source?]}
• 2005 - (June) 30 billion per day^{[31][unreliable source?]}
• 2006 - (June) 55 billion per day^{[31][unreliable source?]}
• 2007 - (February) 90 billion per day^{[citation needed][unreliable source?]}
• 2007 - (June) 100 billion per day^{[36][unreliable source?]}

As a percentage of the total volume of e-mail

More than 97% of all e-mails sent over the net are unwanted, according to a Microsoft security report.^[37]

MAAWG estimates that 85% of incoming mail is "abusive email", as of the second half of 2007. The sample size for the MAAWG's study was over 100 million mailboxes.^[38][39][40]

Spamhaus estimates that 90% of incoming email traffic is spam in North America, Europe or Australasia.^[41] By June 2008 96.5% of e-mail received by businesses was spam.^{[20][unreliable source?]}

Highest amount of spam received

According to Steve Ballmer, Microsoft founder Bill Gates receives four million e-mails per year, most of them spam.^[42] (This was originally incorrectly reported as "per day".^[43])

At the same time Jef Poskanzer, owner of the domain name acme.com, was receiving over one million spam emails per day.^[44]

Cost of spam

A 2004 survey estimated that lost productivity costs Internet users in the United States $21.58 billion annually, while another reported the cost at $17 billion, up from $11 billion in 2003. In 2004, the worldwide productivity cost of spam has been estimated to be $50 billion in 2005.^[45] An estimate of the percentage cost borne by the sender of marketing junk mail (snail mail) is 88%, whereas in 2001 one spam was estimated to cost $0.10 for the receiver and $0.00001 (0.01% of the cost) for the sender. ^[6]

Origin of spam

Origin or source of spam refers to the geographical location of the computer from which the spam is sent; it is not the country where the spammer resides, nor the country that hosts the spamvertised site. Because of the international nature of spam, the spammer, the hijacked spam-sending computer, the spamvertised server, and the user target of the spam are all often located in different countries. As much as 80% of spam received by Internet users in North America and Europe can be traced to fewer than 200 spammers.^[46]

In terms of volume of spam: According to Sophos, the major sources of spam in the fourth quarter of 2008 (October to December) were:^{[unreliable source?] [20][47][48][49][50][51][52][53][54][55]}

• The United States (the origin of 19.8% of spam messages, up from 18.9% in Q3)
• China (9.9%, up from 5.4%)
• Russia (6.4%, down from 8.3%)
• Brazil (6.3%, up from 4.5%)
• Turkey (4.4%, down from 8.2%)

When grouped by continents, spam comes mostly from:

• Asia (37.8%, down from 39.8%)
• North America (23.6%, up from 21.8%)
• Europe (23.4%, down from 23.9%)
• South America (12.9%, down from 13.2%)

In terms of number of IP addresses: The Spamhaus Project (which measures spam sources in terms of number of IP addresses used for spamming, rather than volume of spam sent) ranks the top three as the United States, China, and Russia,^[56] followed by Japan, Canada, and South Korea.

In terms of networks: As of 5 June 2007)^[update], the three networks hosting the most spammers are Verizon, AT&T, and VSNL International.^[56] Verizon inherited many of these spam sources from its acquisition of MCI, specifically through the UUNet subsidiary of MCI, which Verizon subsequently renamed Verizon Business.

Spam in culture

The often rambling and incomprehensible nature of spam has led to an underground culture, with video tribute on the video sharing service YouTube, cartoons based on spam titles (Spamusement!) as well as spam blogs such as My Pet Spam, Delightful Spam^{dead link. Partial Archive in the Wayback Machine here.} and The Spam Hunter Diaries.

Anti-spam techniques

The U.S. Department of Energy Computer Incident Advisory Capability (CIAC) has provided specific countermeasures against electronic mail spamming.^[57]

Some popular methods for filtering and refusing spam include e-mail filtering based on the content of the e-mail, DNS-based blackhole lists (DNSBL), greylisting, spamtraps, Enforcing technical requirements of e-mail (SMTP), checksumming systems to detect bulk email, and by putting some sort of cost on the sender via a Proof-of-work system or a micropayment. Each method has strengths and weaknesses and each is controversial because of its weaknesses. For example, one company offers for "removing some spamtrap and honeypot addresses" from email lists, defeating the ability of those methods for identifying spammers.

How spammers operate

Gathering of addresses

In order to send spam, spammers need to obtain the e-mail addresses of the intended recipients. To this end, both spammers themselves and list merchants gather huge lists of potential e-mail addresses. Since spam is, by definition, unsolicited, this address harvesting is done without the consent (and sometimes against the expressed will) of the address owners. As a consequence, spammers' address lists are inaccurate. A single spam run may target tens of millions of possible addresses — many of which are invalid, malformed, or undeliverable.

Sometimes, if the sent spam is "bounced" or sent back to the sender by various programs that eliminate spam, or if the recipient clicks on an unsubscribe link, that may cause that email address to be marked as "valid", which is interpreted by the spammer as "send me more".

Delivering spam messages

Obfuscating message content

Many spam-filtering techniques work by searching for patterns in the headers or bodies of messages. For instance, a user may decide that all e-mail they receive with the word "Viagra" in the subject line is spam, and instruct their mail program to automatically delete all such messages. To defeat such filters, the spammer may intentionally misspell commonly filtered words or insert other characters, often in a style similar to leetspeak, as in the following examples: V1agra, Via'gra, Vi@graa, vi*gra, \/iagra. This also allows for many different ways to express a given work, making identifying them all more difficult for filter software. For example, using most common variations, it is possible to spell "Viagra" in over 1.3 * 10²¹ different ways.^[58]

The principle of this method is to leave the word readable to humans (who can easily recognize the intended word for such misspellings), but not likely to be recognized by a literal computer program. This is only somewhat effective, because modern filter patterns have been designed to recognize blacklisted terms in the various iterations of misspelling. Other filters target the actual obfuscation methods, such as the non-standard use of punctuation or numerals into unusual places. Similarly, HTML-based e-mail gives the spammer more tools to obfuscate text. Inserting HTML comments between letters can foil some filters, as can including text made invisible by setting the font color to white on a white background, or shrinking the font size to the smallest fine print. Another common ploy involves presenting the text as an image, which is either sent along or loaded from a remote server. This can be foiled by not permitting an e-mail-program to load images.

As Bayesian filtering has become popular as a spam-filtering technique, spammers have started using methods to weaken it. To a rough approximation, Bayesian filters rely on word probabilities. If a message contains many words which are only used in spam, and few which are never used in spam, it is likely to be spam. To weaken Bayesian filters, some spammers, alongside the sales pitch, now include lines of irrelevant, random words, in a technique known as Bayesian poisoning. A variant on this tactic may be borrowed from the Usenet abuser known as "Hipcrime" -- to include passages from books taken from Project Gutenberg, or nonsense sentences generated with "dissociated press" algorithms. Randomly generated phrases can create spoetry (spam poetry) or spam art.

Another method used to masquerade spam as legitimate messages is the use of autogenerated sender names in the From: field, ranging from realistic ones such as "Jackie F. Bird" to (either by mistake or intentionally) bizarre attention-grabbing names such as "Sloppiest U. Epiglottis" or "Attentively E. Behavioral". Return addresses are also routinely auto-generated, often using unsuspecting domain owners' legitimate domain names, leading some users to blame the innocent domain owners. Blocking lists use IP addresses rather than sender domain names, as these are more accurate. A mail purporting to be from example.com can be seen to be faked by looking for the originating IP address in the email's headers; also Sender Policy Framework, for example, helps by stating that a certain domain will only send email from certain IP addresses.

Spam can also be hidden inside a fake "Undelivered mail notification" which looks like the failure notices sent by a mail transfer agent (a "MAILER-DAEMON") when it encounters an error.

Spam-support services

A number of other online activities and business practices are considered by anti-spam activists to be connected to spamming. These are sometimes termed spam-support services: business services, other than the actual sending of spam itself, which permit the spammer to continue operating. Spam-support services can include processing orders for goods advertised in spam, hosting Web sites or DNS records referenced in spam messages, or a number of specific services as follows:

Some Internet hosting firms advertise bulk-friendly or bulletproof hosting. This means that, unlike most ISPs, they will not terminate a customer for spamming. These hosting firms operate as clients of larger ISPs, and many have eventually been taken offline by these larger ISPs as a result of complaints regarding spam activity. Thus, while a firm may advertise bulletproof hosting, it is ultimately unable to deliver without the connivance of its upstream ISP. However, some spammers have managed to get what is called a pink contract (see below) — a contract with the ISP that allows them to spam without being disconnected.

A few companies produce spamware, or software designed for spammers. Spamware varies widely, but may include the ability to import thousands of addresses, to generate random addresses, to insert fraudulent headers into messages, to use dozens or hundreds of mail servers simultaneously, and to make use of open relays. The sale of spamware is illegal in eight U.S. states.^[59][60][61]

So-called millions CDs are commonly advertised in spam. These are CD-ROMs purportedly containing lists of e-mail addresses, for use in sending spam to these addresses. Such lists are also sold directly online, frequently with the false claim that the owners of the listed addresses have requested (or "opted in") to be included. Such lists often contain invalid addresses. In recent years, these have fallen almost entirely out of use due to the low quality e-mail addresses available on them, and because some e-mail lists exceed 20GB in size. The amount you can fit on a CD is no longer substantial.

A number of DNS blacklists (DNSBLs), including the MAPS RBL, Spamhaus SBL, SORBS and SPEWS, target the providers of spam-support services as well as spammers. DNSBLs blacklist IPs or ranges of IPs to persuade ISPs to terminate services with known customers who are spammers or resell to spammers.

Related vocabulary

Unsolicited bulk e-mail (UBE)

A synonym for e-mail spam.

Unsolicited commercial e-mail (UCE)

Spam promoting a commercial service or product. This is the most common type of spam, but it excludes spam which are hoaxes (e.g. virus warnings), political advocacy, religious messages and chain letters sent by a person to many other people. The term UCE may be most common in the USA. ^[62]

Pink contract

A pink contract is a service contract offered by an ISP which offers bulk e-mail service to spamming clients, in violation of that ISP's publicly posted acceptable use policy.

Spamvertising

Spamvertising is advertising through the medium of spam.

Opt-in, confirmed opt-in, double opt-in, opt-out

Opt-in, confirmed opt-in, double opt-in, opt-out refers to whether the people on a mailing list are given the option to be put in, or taken out, of the list. Confirmation (and "double", in marketing speak) refers to an email address transmitted eg. through a web form being confirmed to actually request joining a mailing list, instead of being added to the list without verification.

Final, Ultimate Solution for the Spam Problem (FUSSP)

An ironic reference to naïve developers who believe they have invented the perfect spam filter, which will stop all spam from reaching users' inboxes while deleting no legitimate email accidentally.^[63][64]

Bacn

Bacn is a rarely used term to refer to e-mail sent to a user who at one time subscribed to a mailing list - not unsolicited, but also not personal.

History

See also

• Address munging
• Anti-spam techniques
• Bacn
• Botnet
• Boulder Pledge
• The Canadian Coalition Against Unsolicited Commercial Email
• CAUCE
• Chain e-mail
• Direct Marketing Associations
• Disposable e-mail address
• E-mail address harvesting
• E-mail spammers
• Junk fax
• List poisoning
• Make money fast, the infamous Dave Rhodes chain letter that jumped to e-mail.
• Mule (e-mail)
• Netiquette
• news.admin.net-abuse.email newsgroup
• Nigerian spam
• Pump and dump stock fraud
• Ratware
• Spam (electronic)
• Spambot
• SpamCop
• Spamtrap
• Spamware
• Spider trap
• Spamhaus

References

1. ^ James John Farmer (2003-12-27). "3.4 Specific Types of Spam" (FAQ). An FAQ for news.admin.net-abuse.email; Part 3: Understanding NANAE. spamfaq.net. http://web.archive.org/web/20040212175535/http://www.spamfaq.net/terminology.shtml#specific_spams. Retrieved 2008-08-19.
2. ^ "You Might Be An Anti-Spam Kook If...". Rhyolite Software, LLC. 2006-11-25. http://www.rhyolite.com/anti-spam/you-might-be.html#spam-fighter-4. Retrieved 2007-01-05.
3. ^ "On what type of email should I (not) use SpamCop?" (FAQ). SpamCop FAQ. IronPort Systems, Inc.. http://www.spamcop.net/fom-serve/cache/14.html. Retrieved 2007-01-05.
4. ^ Scott Hazen Mueller. "What is spam?". Information about spam. spam.abuse.net. http://spam.abuse.net/overview/whatisspam.shtml. Retrieved 2007-01-05.
5. ^ "Spam Defined". Infinite Monkeys & Co. LLC. 2002-12-22. http://www.monkeys.com/spam-defined/. Retrieved 2007-01-05.
6. ^ ^{a b c} Make Spammers Pay Before You Do
7. ^ Clinton Internet provider wins $11B suit against spammer
8. ^ AOL gives up treasure hunt
9. ^ "A Brief History of Spam - Time". 2009-11-02. http://www.time.com/time/business/article/0,8599,1933796,00.html. Retrieved 2010-05-01.
10. ^ Gary Thuerk, who sent the first e-mail spam message in 1978 to 600 people, was reprimanded and told not to do it again.Opening Pandora's In-Box
11. ^ alt.spam FAQ
12. ^ Why is spam bad?
13. ^ Ferris Research: Cost of Spam
14. ^ Spam's Cost To Business Escalates
15. ^ Commtouch Software Ltd. (2004-06-30). "Commtouch Reports Spam Trends For First Half of 2004". Press release. http://www.commtouch.com/Site/News_Events/pr_content.asp?news_id=45&cat_id=1. Retrieved 2007-01-06.
16. ^ Evett, Don. "Spam Statistics 2006". http://spam-filter-review.toptenreviews.com/spam-statistics.html. Retrieved 2008-09-05.
17. ^ avalanche of Viagra ads and Rolex pitches
18. ^ recent upsurge in Rolex spam
19. ^ Brett Forrest (August 2006). "The Sleazy Life and Nasty Death of Russia’s Spam King". Issue 14.08 (Wired Magazine). http://www.wired.com/wired/archive/14.08/spamking_pr.html. Retrieved 2007-01-05.
20. ^ ^{a b c} Sophos Plc (2008-07-15). "Only one in 28 emails legitimate, Sophos report reveals rising tide of spam in April - June 2008". Press release. http://www.sophos.com/pressoffice/news/articles/2008/07/dirtydozjul08.html. Retrieved 2008-10-12.
21. ^ Getting it Wrong
22. ^ Eric B. Parizo (2006-07-26). "Image spam paints a troubling picture". SearchSecurity.com. http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1204126,00.html. Retrieved 2007-01-06.
23. ^ McAfee/ICF - The Carbon Footprint of Email Spam Report - Over 95% of the energy consumed by spam is on the receiver.
24. ^ CAUCE accessed July 13, 2007
25. ^ CBC News: Conservatives introduce anti-spam bill
26. ^ Effectiveness and Enforcement of the CAN-SPAM Act
27. ^ Is the CAN-SPAM Law Working?
28. ^ "Why Am I Getting All This Spam? Unsolicited Commercial E-mail Research Six Month Report". Center for Democracy and Technology. March 2003. http://www.cdt.org/speech/spam/030319spamreport.shtml. Retrieved 2007-06-05. (Only 31 sites were sampled, and the testing was done before CAN-SPAM was enacted.)
29. ^ You've Got Spam
30. ^ Seattle Times: "Spam king" pleads guilty to felony fraud
31. ^ ^{a b c} IronPort Systems, Inc. (2006-06-28). "Spammers Continue Innovation: IronPort Study Shows Image-based Spam, Hit & Run, and Increased Volumes Latest Threat to Your Inbox". Press release. http://www.ironport.com/company/ironport_pr_2006-06-28.html. Retrieved 2007-01-05.
32. ^ 2010 MAAWG Email Security Awareness and Usage Report, Messing Anti-Abuse Working Group/Ipsos Public Affairs
33. ^ Brad Templeton (08 March 2005). "Reaction to the DEC Spam of 1978". Brad Templeton. http://www.templetons.com/brad/spamreact.html. Retrieved 2007-01-21.
34. ^ The Big Business of Fighting Spam retrieved 8 December 2008
35. ^ Growth of Spam retrieved 8 December 2008
36. ^ Spam Statistics
37. ^ Spam overwhelms e-mail messages
38. ^ (PDF) Email Metrics Program: The Network Operators' Perspective. Report #7 – Third and Fourth Quarters 2007. Messaging Anti-Abuse Working Group. April 2008. http://www.maawg.org/about/MAAWG_2007-Q3-4_Metrics_Report.pdf. Retrieved 2008-05-08.
39. ^ (PDF) Email Metrics Program: The Network Operators' Perspective. Report #1 — 4^th Quarter 2005 Report. Messaging Anti-Abuse Working Group. March 2006. http://www.maawg.org/about/FINAL_4Q2005_Metrics_Report.pdf. Retrieved 2007-01-06.
40. ^ (PDF) Email Metrics Program: The Network Operators' Perspective. Report #2 — 1^st Quarter 2006. Messaging Anti-Abuse Working Group. June 2006. http://www.maawg.org/about/FINAL_1Q2006_Metrics_Report.pdf. Retrieved 2007-01-06.
41. ^ Effective Spam Filtering (Spamhaus)
42. ^ Staff (2004-11-18). "Bill Gates 'most spammed person'". BBC News (bbc.co.uk). http://news.bbc.co.uk/2/hi/business/4023667.stm. Retrieved 2007-01-06.
43. ^ Mike Wendland (2004-12-02). "Ballmer checks out my spam problem". ACME Laboratories republication of article appearing in Detroit Free Press. http://www.acme.com/mail_filtering/article_2.html. Retrieved 2007-01-06. the date provided is for the original article; the date of revision for the republication is 8 June 2005; verification that content of the republication is the same as the original article is pending
44. ^ Jef Poskanzer (2006-05-15). "Mail Filtering". ACME Laboratories. http://www.acme.com/mail_filtering/. Retrieved 2007-01-06.
45. ^ Spam Costs Billions
46. ^ Register of Known Spam Operations ( ROKSO)
47. ^ Sophos Plc (2004-08-24). "Sophos reveals 'Dirty Dozen' spam producing countries, August 2004". Press release. http://www.sophos.com/pressoffice/news/articles/2004/08/sa_dirtydozenaug04.html. Retrieved 2007-01-06.
48. ^ Sophos Plc (2006-07-24). "Sophos reveals 'dirty dozen' spam relaying countries". Press release. http://www.sophos.com/pressoffice/news/articles/2006/07/dirtydozjul06.html. Retrieved 2007-01-06.
49. ^ Sophos Plc (2007-04-11). "Sophos research reveals dirty dozen spam-relaying nations". Press release. http://www.sophos.com/pressoffice/news/articles/2007/04/dirtydozapr07.html. Retrieved 2007-06-15.
50. ^ Sophos Plc (2007-07-18). "Sophos reveals 'Dirty Dozen' spam producing countries, July 2007". Press release. http://www.sophos.com/pressoffice/news/articles/2007/07/dirtydozjul07.html. Retrieved 2007-07-24.
51. ^ Sophos Plc (2007-10-24). "Sophos reveals 'Dirty Dozen' spam producing countries for Q3 2007". Press release. http://www.sophos.com/pressoffice/news/articles/2007/10/dirtydozoct07.html. Retrieved 2007-11-09.
52. ^ Sophos Plc (2008-02-11). "Sophos details dirty dozen spam-relaying countries for Q4 2007". Press release. http://www.sophos.com/pressoffice/news/articles/2008/02/dirtydozfeb08.html. Retrieved 2008-02-12.
53. ^ Sophos Plc (2008-04-14). "Sophos details dirty dozen spam-relaying countries for Q1 2008". Press release. http://www.sophos.com/pressoffice/news/articles/2008/04/dirtydozapr08.html. Retrieved 2008-06-07.
54. ^ Sophos Plc (2008-10-27). "Eight times more malicious email attachments spammed out in Q3 2008". Press release. http://www.sophos.com/pressoffice/news/articles/2008/10/spamreport.html. Retrieved 2008-11-02.
55. ^ Sophos Plc (2009-01-22). "Spammers defy Bill Gates's death-of-spam prophecy". Press release. http://www.sophos.com/pressoffice/news/articles/2009/01/dirty-dozen.html. Retrieved 2009-01-22.
56. ^ ^{a b} "Spamhaus Statistics : The Top 10". Spamhaus Blocklist (SBL) database. The Spamhaus Project Ltd.. dynamic report. http://www.spamhaus.org/statistics/countries.lasso. Retrieved 2007-01-06.
57. ^ Shawn Hernan; James R. Cutler; David Harris (1997-11-25). "I-005c: E-Mail Spamming countermeasures: Detection and prevention of E-Mail spamming". Computer Incident Advisory Capability Information Bulletins. United States Department of Energy. http://www.ciac.org/ciac/bulletins/i-005c.shtml. Retrieved 2007-01-06.
58. ^ "There are 600,426,974,379,824,381,952 ways to spell Viagra". cockeyed.com. 2004-04-07. http://cockeyed.com/lessons/viagra/viagra.html. Retrieved 2007-01-06.
59. ^ Sapient Fridge (2005-07-08). "Spamware vendor list". spamsights.org. http://www.spamsights.org/. Retrieved 2007-01-06.
60. ^ "SBL Policy & Listing Criteria". The Spamhaus Project Ltd.. 2006-12-22. http://www.spamhaus.org/sbl/policy.html. Retrieved 2007-01-06. original location was Spamhaus.org; the referenced page is an auto-redirect target from the original location
61. ^ Spamware - Email Address Harvesting Tools and Anonymous Bulk Emailing Software. MX Logic (abstract hosted by bitpipe.com). 2004-10-01. http://www.bitpipe.com/detail/RES/1097086148_134.html. Retrieved 2007-01-06. the link here is to an abstract of a white paper; registration with the authoring organization is required to obtain the full white paper
62. ^ "Definitions of Words We Use". Coalition Against Unsolicited Bulk Email, Australia. http://www.caube.org.au/whatis.htm. Retrieved 2007-01-06.
63. ^ Vernon Schryver: You Might Be An Anti-Spam Kook If...
64. ^ Tips for your new anti-spam idea

Further reading

• Dow, K., Serenko, A., Turel, O. and Wong, J. (2006). "Antecedents and consequences of user satisfaction with e-mail systems." International Journal of e-Collaboration 2(2): 46-64.
• Sjouwerman, Stu; Posluns, Jeffrey, "Inside the spam cartel: trade secrets from the dark side", Elsevier/Syngress; 1st edition, November 27, 2004. ISBN 978-1-932266-86-3

External links

• Spam info
  • Spam.Abuse.Net
  • SpamHelp.org
  • Spam Links
  • Can The Spam: How Spam is Bad for the Environment June 15, 2009
• Spam reports
  • Worldwide Email Threat Activity
• Government reports and industry white papers
  • Email Address Harvesting and the Effectiveness of Anti-SPAM Filters by US FTC, Retrieved on 13-Oct-2007.
  • The Electronic Frontier Foundation's spam page which contains legislation, analysis and litigation histories
  • Unsolicited Commercial E-mail Research Six Month Report by Center for Democracy & Technology
• from the author of Pegasus Mail & Mercury Mail Transport System - David Harris
  • Spam White Paper - Drowning in Sewage
• Other
  • Delightful Spam blog archive

Categories: Spamming | E-mail

See Also:

• E-mail Spam
• E-mail Spammers
• E-mail Spam: Encyclopedia
• Category:E-mail Spammers: Encyclopedia
• E-mail Spam Legislation By Country: Encyclopedia

What Links Here:

• Home

Recently Viewed Pages:

• Home
• Computers: Internet: E-mail: Spam: Humor: Directory
• Blogs
• Sitemap
• Postage Due: Blogs
• Forum Spam: Blogs
• Forum Spam: Images
• E-mail Spam: Answers
• E-mail Spam: News
• Domain Details

Most Popular Pages:

• Category:Abbreviations, Acronyms and Initialisms: Blogs
• Computers: Internet: E-mail: Spam: Humor: Directory
• Domain Details
• Forum Spam: Images
• E-mail Spam: Web Search
• Blogs
• Radical Index
• Spambot
• Sitemap
• Answers

Related 'E-mail Spam' Searches: