This article appeared in daily the Nation April 4, 2010 issue
Spam started as a minor nuisance and over the years the problem has grown into a major issue on the web. Computers now experience spam volumes that account for 40 to 60 per cent of all emails, highlighting the growing need for preventive measures and policies.
Lately, quite a few reports have drawn the professionals’ attention to this issue. For instance, there was a news item about a man in the America, who was sentenced to nine years in jail for sending millions of junk emails promoting pornography and shame products. Based on the analysis of all spam messages received at its global network of spam traps from January to March, Sophos, a network security concern, has announced its annual list of top spam-producing countries. The biggest source of spam fire is Brazil (followed by India, Korea, Vietnam and U.S).
Individual users are spending an increasing amount of time to dump this unwanted garbage called spam and to look into intriguing offers that are too tempting too ignore. Even when one tries to put in simple filters to block spam, chances are that the sender simply changes one character on their address and can, therefore, easily bypass the filters. In a recent report, Ferris Research estimates that spam will cost the world about $50 billion in 2010. According to Gartner, a company with 10,000 employees loses about $13 million worth of productivity annually because of spam alone. This does not account for technical costs and spam from unknown senders. Another report by the European Union, estimates the global bandwidth cost of spam to be at least 8 billion Euros annually.
In 2009, spam attacks targeted social media hangouts like Facebook and Twitter. Spammers have also started to make an effort to improve the quality of their advertisements to ensure that their messages bypass spam filters and are nice to look at. The main innovation in spam last year was the use of YouTube for video spam. In last October, several mailings were found with links to advertisements uploaded to YouTube. At the end of the year, spammers sent out mass mailings with MP3 files attached.
The word “spam” was coined to describe the indiscriminate, internet experience that refers to “unsolicited email on the Internet”. From the sender’s point of view, it is a form of bulk mail, often to a list culled from different sources. To the receiver, it usually seems like junk email.
In general, it is not considered good netiquette to send spam. Some apparently unsolicited emails are, in fact, emails which people agree to receive when they register with a site and check a box agreeing to receive postings about particular products or interests.
Zaheer Hassan, a Pakistani techie now working in USA, has much to say on the subject, “It is almost impossible to tell which unwanted mail is actually spam, especially for those who happen to be on the Internet a lot and sign up for different things online. Sometime an unwanted email might not be spam. True spam is email sent via bulk mailing lists that may not have anything to do with what one ever signed up on the Internet. Purchasing email information from those where one signs up, or many other sources, generate these bulk mailing lists. If it is not a bulk mailing list, it is not a spam. A dead giveaway of spam is that there is no way to unsubscribe.”
When the internet changed from an academic and research network to a commercial tool, the wonderful utility of electronic communication became an easy and economical method for spamming. Commercial spammers, as well as some non-commercial users, started taking advantage of the email as their personal medium to publicize anything they want to promote - hoaxes, ideas, products or services regardless of “netiquettes,” traditional societal courtesies and or established marketing methods.
Techies and Internet-savvy individuals use email services for setting up virus-free multiple email accounts, though it takes more time, navigation, and procedure, as compared to client-based services. The email service providers have ultimate control, over incoming and outgoing mails, which implies that users of these services will keep receiving spam, no matter what. The spam filters of email providers may be effective, but will let their own spam through, as well as spam from their business associates who pay the providers will also find way to the inboxes of their subscribers.
The “free-rider” spammers (people who send spam via PCs using spam for promotion, or contractual third parties engaged in sending out spam) are very innovative, as far as finding the right email addresses is concerned. It is often difficult, if not impossible, to tell how spammers acquire even well-guarded email addresses in the first place. For the better part, websites offering promotional newsletters and commercial mail sometimes violate the choices their subscriber exercise, while registering.
In some cases, the registering sites also have hidden options about use and mutual sharing of email addresses with other partners that most common users fail to notice. Then, there are newsgroups and directories. Surprisingly, the chances of receiving spam are there, even if the email address has not been shared in any way. But the systems used by spammers are not very “smart,” as far as the target audience is concerned. One may find “Dear Mr. johartown” in place of name (read as personal name of the account holder from the email address) in such an email.
What is more, some spam may also carry embedded virus contents that cause damage to the networks or users’ computers. Since the start of email abuse, network administrators and Internet users have been devising various technical methods to overcome this problem. Whereas individual users may use filters, software, delete spam without opening, bear with unsolicited traffic spending Internet time. So far, spammers appear to be winning the spam war.
The effects of the spam may be network breakdowns and congestion in the face of increasing demand for faster and bigger bandwidth. On the other hand, spam costs almost nothing to senders. Spam is unique, because the receiver pays more for it than the sender.
Pakistani businesses, so far, have not added much to the bulk of spam flying around. But Internet users, individual, as well as the corporate sector here, are equally exposed to the nuisance.
Some Pakistani businesses have already deployed system-wide spam filters to protect themselves. But individual users mostly are unprotected and local ISPs are not very receptive to complaints on the subject, which is why an Internet user in Multan keeps getting offers to buy a house in Miami and everyone keeps getting a lot of Viagra offers.
So what can the Internet users do to have email accounts just for own use and not for spammers? The business can, and should, deploy system filters and fight this menace at the organizational level. More importantly, they should not resort to spamming. “Individuals can, in addition to some disposable accounts for a ‘hit-and-run’ strategy with spammers, have one account with no online subscriptions, set filters on highest level provided, and add the addresses they want to communicate with,” says Zaheer. Chances are that spam will not pour into that account, or at least it will be manageable and will not flood their inbox, if it is not emptied for a couple of days.
If spam cannot be managed, email may eventually lose its utility. Sophos says that the “most effective way that businesses can reduce spam and other threats, is to adopt a multi-layered defence in conjunction with implementing a best practice policy regarding email account usage.”
Spam is a ‘business’ used primarily either to distribute malware or sell advertise all type of products, services and or ideas. It seems to continue as long as there are users who trust spam messages (many of us still do). All users should join hands to fight spam war. A combination of technologies, legislations along with good individual practices can certainly have an impact.
