Saturday, January 21, 2006
On Spam and Viruses, part one
Spam and computer viruses are two of the most annoying scourges our time. In the past two years I’ve gone through several personal email addresses because of spam. I suspect my email address was on a machine which got infected by a virus.
History
Electronic junk mail is called spam after a famous Monty Python skit. In the skit, set in restaurant that serves only Spam dishes, a group of Vikings sings “Spam, Spam, Spam, lovely Spam, Wonderful Spam!” as a couple decides what Spam dishes to order. (You'll find a link to the video at the bottom of this post. It's funny.)
Not surprisingly the first documented case of spam came from a group of lawyers trying to advertise in a cheap cost effective manner. And for the record, Spam the lunch meat is capitalized, and spam the junk mail is lower case.
The Problem
We all know the exasperation of sifting through multiple offensive junk emails in search of legitimate messages. There’s also annoyance of treating them like plutonium as we take care not to open them and gingerly place them in the trash folder for deletion.
But there is also the secondary issue of bandwidth and security which inescapably costs you real money. Bandwidth is the amount of stuff that can be transmitted in a fixed amount of time. When an ISP or a business has to increase it’s bandwidth to deal with the spam, or put safeguards in place to block it, the cost is passed on you as the consumer.
The How
The moment you buy something online, you begin to get unsolicited email from various vendors. It’s not unusual for companies to sell addresses of existing customers. Also vendors are not very good about honoring their “don’t send me email” check boxes.
Aside from companies you do business with, spammers get your address from a variety of sources.
There are programs that scan web sites for email links. There are also programs that scan internet newsgroups constantly. So, if you post to an internet newsgroup even once, you will start getting spam almost immediately.
Another way email viruses propagate is by scanning the address book and emails of an infected machine, and then mailing viruses to every address it finds. That’s why you can get a virus-infected email from someone you don’t know.
This is an important point.
You don’t have to send an email to someone in order for them to have your address. Say you receive an email addressed to yourself and fifty other people. One of those fifty people forwards the email onto a bunch of other people, who keep forwarding it on ad infinatum. Oftentimes all the email addresses of each recipient in the chain are included in the forwarded email. One of the recipients down the chain gets infected with a virus, and bam, everyone who received the email is also sent a virus infected email.
The chain email can also be "captured" by a spammer and the addresses are then sold. I suspect this has happened to my personal email addresses over the past two years.
This is why email administrators generally loathe and despise chain emails, joke lists, etc. If you know someone who sends you chain mail, politely ask them to use the bcc for the addresses. That way your address won't get captured by spammers.
JP
(to be continued)
Next: HTML confirms, Spoofing, and Phishing
Monty Python Spam Skit Video-
Subscribe to:
Post Comments (Atom)
1 comment:
John,
Thanks for posting this. I keep telling some people NOT to put my email on their chain emails without success. Perhaps now they'll listen.
Post a Comment