SPAM: The Real Deal
Written by: Jeffrey Olsen
What is one food product where no one ever asks for it and is most likely to be pushed aside, but might be the most talked about technological acronym in today’s computer driven world? You guessed it, SPAM. Who would have thought
You might be wondering what the various techniques spammers use to send out millions of spam messages per day without getting caught. There is approximately 20 different methods spammers use but I will only touch on the top five most relevant methods used today.
1. Use of offshore ISP (Internet Service Providers) – Spammers use offshore ISP’s to transmit their spam or host spam websites because these operators usually charge less money and are usually harder to trace back to because they are often hosted in third world countries
2. Transfer of mail via open proxies or what is known as “Zombies”- What spammers do is implant proxy software on computers and mail servers that use this software to send spam via remote control. This method is popular because they can take advantage of the victim’s existing infrastructure to transmit spam without paying for these services. This method is also extremely difficult to trace back to the sender. In most cases, when the spam is traced, the results the investigators receive show that the spam is being sent from the individual or company that had their infrastructure taken over remotely.
3. Fake “to” and “from” addresses – Spammers use fictitious or stolen e-mail addresses in the visible headers of their messages. To the recipient, the message looks legitimate and the user is more apt to open the message they received.
4. Embedding recipients e-mail address in hyperlinks or “web bugs” – They put your e-mail address into a URL contained within the message body of the e-mail. The result is that the spammers get a signal back that you personally opened the message. It is useless to send mail to non-functioning e-mail addresses because it is a waste of bandwidth and resources. E-mails that are sent to non-functioning addresses that get bounced back to the sender can also be a path back to the originator of the message creating additional problems to the individual who sent the message.
5. Dictionary Attacks – Dictionary attacks a domain’s mail exchanger by continuously sending messages that may or may not be delivered. What this does is, it collects a list of working e-mail addresses within a particular domain. Spammers use this trick to verify the existence of e-mail addresses. This method also allows spammers to develop a list of targeted addresses allowing visiting mail-sending servers to send thousands of messages in a very short amount of time
The originators of these spam marketing campaigns do sometimes get caught. On May 30, 2007, a 27 year old man who has been labeled as one of the worlds most prolific spammers was arrested on charges of using networks comprised of “zombie” computers to send out millions of spam e-mail messages. According to MSNBC.com, a federal grand jury returned a 35 count indictment against Robert Soloway charging him with mail fraud, wire fraud, e-mail fraud, aggravated identity theft and money laundering. The impact Soloway has made on businesses, individuals, and local, state and federal government institutions has been extensive. Many business owners and individuals face the impact of their reputations being damaged when it appeared spam was originating from their organizations computers or mail servers. Soloway’s main objective with sending out these spam messages were to get the recipients to use his internet marketing company to advertise their products. People who clicked on a link in the e-mail were directed to his website. Soloway would then advertise his ability to send out as many as 20 million advertisements over a 15 day period for $495.00. But please, if you are the type who hacks away at code all day long, don’t get involved in this SPAM business, unless, of course, you want to share your fate with Soloway!
