Spam

Spam(Beta)

Spam is no longer just a nuisance. It has become a primary channel for hostile computer code as well as scams. Malware writers and spammers work in cahoots. They plant a virtual mine field in your inbox.

Go over to my HTCC Episodic blog to see how stay spam-free. It takes work to beat spam, but it can be fun. ;-)

Do the math

Spam = scam: Most spam hides an attempt to short change if not swindle the unwary. Identity theft is the worst kind of email scam -- see "phishing" directly below. Spam may also install spyware that steers you to some Website where you can be more easily fleeced, or even capture sensitive account numbers and passwords directly.

Spam is also used to distribute malware, like viruses, worms and Trojans. Melissa, Love Bug, and MyDoom are examples. Some malware is used to broadcast more spam after it has infested your computer. For example, the SoBig worm installed software that was then used it to relay spam.

Gone phishing

Phishing is one example of fraudulent email. These messages appear to be from a widely recognized business like Sprint, America Online, eBay, Yahoo!, American Express, etc. Some even use copies of the real company's graphics. Some fake messages urgently request some personal information -- your account number, date of birth, Mother's maiden name, credit card expiration date, etc. Others try to sell you a product at an absurdly low price. Phishing works because enough phish bite to make it worthwhile to go phishing. Internet bottom-feeders love to misspell words, especially names for dirty tricks. It's like wearing your cap backwards. Rebels without a cause.

You may be making it easier for Phishing operators to reach you if you're using a Bayesian filter to fight spam. Most good spam filters are Bayesian these days, including those provided by most ISPs.

How did they get my address?

Most spammers get your address by buying lists from other spammers. But how did someone get it in the first place? Often when you give your address to websites that you visit. Some of these sites pass your address on to other sites, who pass it on in turn. More often, your address is "scraped" form the webpage where it appears. For example, in your user profile. If you can see it online, so can the spammers.

They can also get it by harvesting your address from chain messages -- you know -- the ones that have Fw: Fwd: Cute Joke (or whatever) as their Subject. Some people don't know how to forward messages without sending the whole "To:" list to everybody on the list. Eventually one of those messages lands in the web (pun intended) of some spammer. Tell your friend please take me off your humor distribution list, of at least please follow the advice below:

"If you want to forward jokes and stuff properly, put all the "Fwd" addresses in the "Blind Copy" (BCC) line, not in the "To" line so that each recipient gets their own private message, with none of the other addresses in it. Also, it would be polite to edit the original message so that all the previous addresses are removed." See the tutorial by Somewhere in Time to learn more about how to "forward" properly using "BCC".

Spammers also simply guess email addresses. How hard would it be to guess Robert87639@aol.com? It simply follows Robert 87638. Spammers can easily try all these common combinations. It doesn't take much effort with high speed computers doing the work. If you respond in anger, or even to "unsubscribe", they know they've hooked a live one.

Some spam that doesn't even need your email address. This spam uses the Messenger "service" in Windows (not to be confused with Windows Messenger). It just pops up without warning in the middle of what you're doing. You can use a firewall to stop Messenger spam in Windows 98, or you can reconfigure your NetBIOS networking -- something you should do for security anyway. You can disable Windows Messenger in Windows XP, 2000 and NT to stop it.

An ounce of prevention

Disable [View > Layout > uncheck "Show preview pane"] the Preview Pane in Outlook Express (or in any other email program you use). Not only is the Preview Pane a security risk, it's a spam magnet. Some spam sends a request for an image when the Preview Pane opens them. The request confirms that your email address is a live one. You can't even delete an email message without the Preview Pane opening it. (Well you can, but it's a tricky process.)

Turn off "auto replies" or "vacation notices" too. Otherwise, your email client will automatically reply to spammers and let them know they hit a "live" address.

*Never* reply to spam in order to get off the mailing list. All this does is let the spammer know your address is valid. The spammer can then sell your address to other spammers and you'll get even more spam. It's OK to ask legitimate businesses to remove you from their mailing list. [update]

Pick an email address that is not easy to guess. (Change your ISP, or open a new account with the old one if you have to.) BobJones732@aol.com is not hard for a spammer to guess. B2o7b3J5o6n8e9s@aol.com would be virtually impossible to guess, but hard to remember. Bob19Jones29@aol.com would be easy to remember if Bob was born in 1929, but it would still be hard to guess.

Never give anyone your main email address when you're in doubt. Use free "throwaway" addresses instead. Yahoo is a good place to get throwaway addresses, but they'll only be "Web mail" accounts (unless you pay a fee -- then you can have a real POP3 account). MyRealBox offers an excellent free email account that by all reports does an excellent job of filtering spam. Yahoo also has a good spam filtering scheme. You'll find more ideas about addresses on the email page.

Spamex, Sneakemail and Spamgourmet, and others make it easy to set up throwaway addresses that you don't have to worry about giving out. If an address gets spammed you just turn it off. Naturally, if your inbox is already inundated with spam, you'll need to change your main email address first before you'll see any improvement.

I've used Spamex for several years. It's worth much more than the $9.95 yearly fee. Spamex works with *anything* -- Gmail, Hotmail, Outlook Express, Thunderbird, AOL, Earthlink -- because Spamex just relays your email to your primary address.

A pound of cure

How's a poor person going to get rid of spam? (Spam has increased by a factor of 5 in the last year, and is still growing.) There are many options: Your ISP may offer a spam filtering option. Juno, AOL, MSN and Earthlink offer very effective filtering. Everyone's Internet is a less expensive ISP that offers spam and virus filtering. MyRealBox offers an excellent free email account that by all reports does an excellent job of filtering spam. http://www.myrealbox.com/

I have used Death2Spam to divert spam to a -- what else -- "Spam" folder in my email program. There is nothing to install. You simply point your email program at their server (much easier to do than to explain in words). Death2Spam "tags" any spam so that you can easily filter it out. It's uncanny how well Death2Spam works. Much better than the pure Bayesian filters that I've tried.

I compared three spam solutions directly against each other. Here's the results: K9, a Bayesian filter, missed 45% of the spam messages. SpamAssassin didn't miss any or the spam, but it wrongly marked 3% of the good messages as spam. That's not surprising, as there is no way to "train" SpamAssassin for your own email. Death2Spam did not miss any spam for a month. It also did not mark any valid messages as spam during that time. Death2Spam also scans your email for viruses using an "enterprise level" service. It really works.

OnlyMyEmail is an interesting service that is much like Death2Spam. Interesting features are the ability to consolidate up to three (POP) accounts, and the ability to read your email through a Webmail interface. [review]

Gmail uses an integral "Bayesian" spam filter, which is quite good.

I use Email Remover on the club's computer. I've used Simplecheck and MailWasher Pro on my own computer with good results. All of these programs are a great way to pre-screen your email for spam and malware before you download it with your regular email program.

You can decide which messages are spam just by looking at the headers (To: From: Subject: and the first few lines if you like). Then you simply delete all unwanted messages before downloading the rest.

MailWasher Pro but has more features than the other two. For example there's a whitelist, a blacklist, and other filters that you can set up to separate spam from ham. MailWasher currently has project to incorporate "FirstAlert!" -- an actively maintained spam database -- which will let it adapt more quickly to new spam sources.

Spam Buster is similar to MailWasher, and has gotten *rave* reviews from Time, PC Magazine and ZDNet.

There's a flotilla of spam solutions out there on the Web. Many are free (some appreciate donations) and some are spyware. [comparison]

The wrong cure

There are a number of services, and increasingly ISPs, that filter out spam for you. The problem with some of them is that they frequently stop important email that you want. One of my addresses ended up on a blacklist because I used it once to send our newsletter to about 130 addresses. Turns out, my ISP blacklists a user's address when a message goes to more than 20 addresses at one time. Silly, because spammers send out anywhere from thousands to millions of messages.

Another wrong cure: Many spam services label messages that have the word spam in them as spam. Dumb. How often have you seen spam with the word spam in the message? As the battle against spam goes on, more of us will be missing some of our messages. If you're missing messages, contact your ISP and find out who's blocking them, and see if you can't get it corrected. (If you can't, maybe it's time for a new ISP.)