CSC 379 SUM2008:Week 1, Group 3: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(47 intermediate revisions by 3 users not shown)
Line 1: Line 1:
'''DUE FRIDAY 11:30PM'''
'''DUE FRIDAY 11:30PM'''


==Spam==
=Spam=
Spam is disruptive or unwanted message sent to a user especially through email, often in bulk. It is often sent as advertisements or scams, but sometimes it's purpose is just to annoy. There is little or no cost to spamming and the methods to do so are relatively simple, which accounts for its persistence over the years.
 
===History===
===History===
The term spam is believed by most to be coined by a [http://youtube.com/watch?v=anwy2MPT5RE Monty Python Skit]. In the skit a group of vikings start singing a song about spam that drowns out the rest of the conversation. Users of [http://en.wikipedia.org/wiki/Multi-User_Dungeon MUD] groups would fill the screen of other users with the lyrics to the spam song to discourage users from chatting. This became referred to as spamming.
The first commercial spam was by a lawyer group called Canter and Siegel. At the beginning of the internet, USENET was a system that had many different discussion groups that were very useful for gathering and discussing specific information. On April 12, 1994, Canter and Siegel hired a programmer to write a script that would post their add to every single USENET group. Soon after this other people started mass posting irrelevant ads and then people discovered that they could send unwanted emails over email.


==Media==
==Media==
===USENET===
USENET was a networked discussion system. It was the best source of specific information before search engines became popular. It is known as the first system to be programatically spammed for commercial reasons.
===Fax===
===Fax===
===Usenet===
Also known as junk faxes, companies would send mass unsolicited advertisements via fax. Junk faxing is very similar to SPAM in nature, but is usually not referred to by that title. Junk faxing has been all but shut down by the Telephone Consumer Protection Act of 1991 banning unsolicited faxes and requiring that a source number be required for all outgoing faxes.
 
===E-Mail===
===E-Mail===
Email spam or junk mail, is currently the most popular type of spam. Spam email usually is trying to get a user to buy something or to visit a certain website. Spam email offers range from weight loss schemes, advanced loans, adult products, work from home scams, offers to rebuild credit, and many more.  Many of these email addresses are untraceable as the attackers who send the emails use web bots to take advantage of free webmail addresses.  By doing this, it makes it practically impossible for a user to block all incoming spam mail.  Besides using this technique, webmail servers spammers also use "spam art" to keep the junk mail filters from blocking their emails.
; Examples of "Spam Art" :
* Viagra ---> V1agra  ---> Vi@gra 
In the United States in 2007 alone, it was estimated that Email spam cost businesses $198 billion dollars, up from 23 billion in 2003.
Spam email does not always just advertise scams and products.  Many emails sent from spammers contain harmful viruses that can do serious damage to a users computer.  In some cases these viruses use the users computer to send out more spam.
===Text Message===
===Text Message===
With over 1 billion messages sent daily in the United States, text messaging is largely taking over much of the communication world. Knowing this fact, spammers knew they needed to broaden their field, thus text message spam was created.  Much like Email spam, text message spam advertises products and scams.  Most users say they get advertisements wanting them to download ringtones, go to dating sites, or look at their horoscope.  In text message spam, the user is sent text messages from companies who through emails can send messages straight to a users phone, costing the company nothing.  These messages quickly build up for the user costing him money and storage space in his/her inbox.
As for what to do about this growing problem, many phone companies are indecisive on this issue as they are profiting from the text messages that are sent to the user.
===Instant messenger===
===Instant messenger===


==Types==
With many types of instant messengers out on the market, spammers have a large playing field on which to flame people with messages.  Many instant messenger services do not can encrypted servers allowing spammers to create many false internet identities.  Using these new screen names the spammers go about sending messages to users asking them to "check out this picture" or other similar tactics.  Once the user clicks on the link they are taken to a website usually prompting a certin product or scam.  Instant message spam is very costly as it interrupts the user immediately unlike emails which users have to check.
 
 
==Types of Spam Scams==
 
===Phishing===
===Phishing===
Phishing is the fradulent process of obtaining sensative information, generally passwords and logins. Phishing generally takes place in E-mails and instant messages.  Email phishing consits of the attacker creating a "look a-like" of a login page to a secure website.  When the user puts in thier login information, it is sent to the attackers computer, where the attacker can gain access to personal information and money accounts. Notable phishing attacks have occured on eBay, Youtube, and many online banks.
 
Phishing is the fraudulent process of obtaining sensitive information, generally passwords and logins. Phishing generally takes place in E-mails and instant messages.  Email phishing consists of the attacker creating a "look a-like" of a login page to a secure website.  When the user puts in their login information, it is sent to the attackers computer, where the attacker can gain access to personal information and money accounts. Notable phishing attacks have occurred on eBay, Youtube, and many online banks.
Instant messaging phishing interupts the user immediatly.  The attacker sends a message like: "Hey, look at this picture.", after clicking on the link, the user is taken to a malicious website.
   
   
===Pump and Dump===
===Pump and Dump===
===Nigerian Prince===
 
===Pharmaceutical===
"Pump and Dump" is the act of an investor or group of investors sending out tons of messages promoting a stock which they hold calling it, "the next big thing". The stocks chosen are usually micro-cap stocks that are subject to frequent shifts in price. These investors keep on promoting the stock until it has risen enough to where they know they will make sizable profits from selling the stock after the rise in interest.
===Adult ads===
 
   
===Advanced Fee===
 
Advanced Fee scams, also known as 419; Nigerian prince; or Inheritance fraud, are messages that have a user send the spammer money in hope of a greater return. In these scams the spammer constructs a story where they need money to unlock a great deal more money. Many people fall for this not only because the spammer promises them a reward, but because the spammer presents an opportunity for the victim to help someone out. According to snopes.com, an estimated 100 million dollars was lost in 1997 because of scams of this nature.  
 
 
==Methods==
==Methods==
There are many methods in which spam organizations operate.  To maximize message output and to avoid prosecution many methods involve the use of control of machines owned by others.  In other situations where the spam company is based in the United States, the actual servers sending the spam are being operated in foreign countries or through a proxy server to avoid location of the spamming operation source.
===Zombie===
===Zombie===


Line 29: Line 66:
It is estimated that currently the large majority of e-mail spam is now sent via zombie computers.
It is estimated that currently the large majority of e-mail spam is now sent via zombie computers.


** ADD LINKS **
===Address Farming===
 
There must be a repository setup for spammers to have the ability to constantly send e-mail spam to millions of users a time.  In addition, there must be measures in place to harvest this repository for new addresses.  Without the side task for farming for address, the spam source would not have targets to send e-mail to.  These large banks of e-mails are either collected by the spammer or purchased by a side company that primarily collects valid e-mail addresses for the purpose of spamming. 
 
A primary method used to collected valid and up to date e-mails is by the use of search engines to crawl the internet for e-mails that are placed on websites, newsgroups, or message boards.  In a similar manner how Google searches and collects information about websites.  These spambots search and collect information on websites that contain values of text that are the same as a valid e-mail address.  Another method that is often used is the act of probing for e-mail addresses.  A address farmer will create a website with associated advertisement to lure users to go to that site to enter their contact information for the chance to win a large prize.  If you sign up for a newsletter or register a product with a company and choose to allow your e-mail address to be shared with "partners", often that partner is a firm that collects e-mail addresses for spammers.
 
The last main way of farming for address is to simply guess an e-mail address.  With the many main free web based e-mail providers such as MSN, Yahoo, and Google, spammers may simple just randomly choose names for e-mail addresses in hopes that some of them are valid and active.
 
===Proxy Servers and Multiple Server Locations===
 
To accommodate the large abundance of bandwidth required to send out billions of e-mails a day from one source requires more than just one server.  Spam only works based on the pure volume of e-mails sent out per unit of time.  To accomplish this, spammers set up hundreds or thousands of servers all over to globe in countries that are eager to sell their bandwidth regardless of the purpose or legality.  Even though a large percentage of spam originates from the United States, the largest majority comes from Asia and eastern block third world and developing countries.
 
For companies that do in fact send their bulk amount of spam within countries where it is illegal, the use of proxy servers are much more useful.  Proxy servers are used to hide the originated source of the data transmission to another location.  The spam is sent through proxy servers so that the originating location of the spam can not be determined.
 
===Specially Formatted E-mails and Websites===
 
Most mail servers and search engines have advanced filters that are able to determine if either an e-mail will be useful to read or if a website actually contains the information you are searching for.  Both mail servers and search engines will block information that obviously appears to be spam. 
 
In an effort to give the spam the appearance of legitimacy, the art of obscuring the spam in creative ways has grown.  This is done in many clever ways.  Sometimes spam e-mail will include a large amount of bogus text to appear like full blocks of paragraphs and sentences resembling a personally written e-mail when it has, in fact, been written automatically.  To block spelling filters, spammers will creatively change the spelling of certain products that are key to spamming to bypass the blocks.
 
Also, using special HTML formatting to break up the letters of an e-mail text while allowing the viewer to read the spam correctly is another popular means of fooling an automated spam filter.
 
===Other Methods===
 
There are a myriad of ways that spammers foil filters and accomplish their task.  Each day new ways are developed to block spam and at the same time new ways are developed to send spam.  Most of these involve maximizing spam output and hiding the source of the spam by means of working through an unknown entity.  This could be through e-mail relay to hide the real domain of the e-mail while also allowing the e-mail to look legitimate by modifying the header. 
 
Spammers also trick spam recipients by modifying the to and from tag headers of an e-mail, Bypassing the actual e-mail server and sending directly to the recipient, or false or obscured URLs that may be use in conjunction with redirected URLs to heavily camouflage the e-mail as legitimate.
 
==Issues==
 
===Proponents of Spam===
For many people, spam is the cheapest and most effective way to advertise. New businesses can use spam to get their message to a wide range of users or almost little cost. Politicians use mass emails to send out messages to their constituents or to voters for campaign reasons.
Many spam advertises for adult sites as well. This is ethically questionable because there is no doubt that a large amount of pornographic material are reaching minors[http://www.wired.com/culture/lifestyle/news/2003/06/59164] through spam. It is both illegal and unethical for minors to view this material.
 
Developing countries that are desperate to sell bandwidth and servers at any cost are also in favor of the act of spamming, as it bring money and resources to businesses within that country. In addition, spam may be used for truly humanitarian and non-business purposes to spread some need or to advertise a political agenda. Unfortunately there are many companies that have lost huge sums of money from the act of spamming. This is due to maintenance of servers loaded with spam, buying software and teams to filter the spam, and productivity lost when employees click on and are distracted by the spam.  It is estimated that $20 billion dollars are lost annually in the United States from spam[http://www.linuxinsider.com/story/32478.html].
 
==Links and Resources==
 
[http://www.templetons.com/brad/spamterm.html Origin of Spam] An essay on the origin of the term spam.
 
[http://computer.howstuffworks.com/spam.htm HowStuffWorks "How Spam Works"] A in depth analysis on the workings of spam
 
[http://www.yale.edu/its/email/spam/whyspam.html Why is there so much spam?] A description of spam tactics and methods
 
[http://www.rickconner.net/spamweb/tricks.html Popular spammer tricks] Detailed tips and methods for the modern spammer
 
[http://www.ftc.gov/spam/ FTC-SPAM] United States Federal Trade Commission Spam Headquarters
 
[http://www.crn.com/security/23904957 IM phishing] Information on instant messaging phishing
 
[http://www.microsoft.com/athome/security/email/phishing.mspx?ifs=1%22%20class=l%20onmousedown=%22return%20clk(this.href Email phishing] Microsoft warns users about phishing techniques
 
[http://www.investopedia.com/ask/answers/05/061205.asp Pump and Dump] Investopedia warns about pump and dump scams
 
[http://www.ftc.gov/bcp/edu/pubs/consumer/tech/tec02.shtm Email Spam] The Federal Trade Commission warns about spam


===Proxy===
[http://seattletimes.nwsource.com/html/nationworld/2004271901_spam10.html Text Message Spam] The Seattle Times talks text message
===Anything else?===


The [http://news.bitdefender.com/NW764-en--E-Mail-Spam-Morphs-in-First-Half-of-2008.html tactics and content of spam] are continuously changing as countermeasures to combat it become more effective.  Once simple advertisements, spam now comes in a wide variety of forms from phishing, to [http://www.sec.gov/answers/pumpdump.htm “pump and dump”] stock scams, to other deceptive business offers.  Examine the current nature of spam content and tactics, providing an overview of each major type of spam, a brief review of the ethical considerations each raise, and links to online resources that cite specific instances or effects of each.
[http://www.informationweek.com/news/showArticle.jhtml?articleID=17500466 Instant message spam] Information week warns about IM spam

Latest revision as of 01:50, 16 July 2008

DUE FRIDAY 11:30PM

Spam

Spam is disruptive or unwanted message sent to a user especially through email, often in bulk. It is often sent as advertisements or scams, but sometimes it's purpose is just to annoy. There is little or no cost to spamming and the methods to do so are relatively simple, which accounts for its persistence over the years.

History

The term spam is believed by most to be coined by a Monty Python Skit. In the skit a group of vikings start singing a song about spam that drowns out the rest of the conversation. Users of MUD groups would fill the screen of other users with the lyrics to the spam song to discourage users from chatting. This became referred to as spamming.

The first commercial spam was by a lawyer group called Canter and Siegel. At the beginning of the internet, USENET was a system that had many different discussion groups that were very useful for gathering and discussing specific information. On April 12, 1994, Canter and Siegel hired a programmer to write a script that would post their add to every single USENET group. Soon after this other people started mass posting irrelevant ads and then people discovered that they could send unwanted emails over email.


Media

USENET

USENET was a networked discussion system. It was the best source of specific information before search engines became popular. It is known as the first system to be programatically spammed for commercial reasons.

Fax

Also known as junk faxes, companies would send mass unsolicited advertisements via fax. Junk faxing is very similar to SPAM in nature, but is usually not referred to by that title. Junk faxing has been all but shut down by the Telephone Consumer Protection Act of 1991 banning unsolicited faxes and requiring that a source number be required for all outgoing faxes.

E-Mail

Email spam or junk mail, is currently the most popular type of spam. Spam email usually is trying to get a user to buy something or to visit a certain website. Spam email offers range from weight loss schemes, advanced loans, adult products, work from home scams, offers to rebuild credit, and many more. Many of these email addresses are untraceable as the attackers who send the emails use web bots to take advantage of free webmail addresses. By doing this, it makes it practically impossible for a user to block all incoming spam mail. Besides using this technique, webmail servers spammers also use "spam art" to keep the junk mail filters from blocking their emails.

Examples of "Spam Art"
  • Viagra ---> V1agra ---> Vi@gra

In the United States in 2007 alone, it was estimated that Email spam cost businesses $198 billion dollars, up from 23 billion in 2003.

Spam email does not always just advertise scams and products. Many emails sent from spammers contain harmful viruses that can do serious damage to a users computer. In some cases these viruses use the users computer to send out more spam.

Text Message

With over 1 billion messages sent daily in the United States, text messaging is largely taking over much of the communication world. Knowing this fact, spammers knew they needed to broaden their field, thus text message spam was created. Much like Email spam, text message spam advertises products and scams. Most users say they get advertisements wanting them to download ringtones, go to dating sites, or look at their horoscope. In text message spam, the user is sent text messages from companies who through emails can send messages straight to a users phone, costing the company nothing. These messages quickly build up for the user costing him money and storage space in his/her inbox.

As for what to do about this growing problem, many phone companies are indecisive on this issue as they are profiting from the text messages that are sent to the user.

Instant messenger

With many types of instant messengers out on the market, spammers have a large playing field on which to flame people with messages. Many instant messenger services do not can encrypted servers allowing spammers to create many false internet identities. Using these new screen names the spammers go about sending messages to users asking them to "check out this picture" or other similar tactics. Once the user clicks on the link they are taken to a website usually prompting a certin product or scam. Instant message spam is very costly as it interrupts the user immediately unlike emails which users have to check.


Types of Spam Scams

Phishing

Phishing is the fraudulent process of obtaining sensitive information, generally passwords and logins. Phishing generally takes place in E-mails and instant messages. Email phishing consists of the attacker creating a "look a-like" of a login page to a secure website. When the user puts in their login information, it is sent to the attackers computer, where the attacker can gain access to personal information and money accounts. Notable phishing attacks have occurred on eBay, Youtube, and many online banks. Instant messaging phishing interupts the user immediatly. The attacker sends a message like: "Hey, look at this picture.", after clicking on the link, the user is taken to a malicious website.

Pump and Dump

"Pump and Dump" is the act of an investor or group of investors sending out tons of messages promoting a stock which they hold calling it, "the next big thing". The stocks chosen are usually micro-cap stocks that are subject to frequent shifts in price. These investors keep on promoting the stock until it has risen enough to where they know they will make sizable profits from selling the stock after the rise in interest.

Advanced Fee

Advanced Fee scams, also known as 419; Nigerian prince; or Inheritance fraud, are messages that have a user send the spammer money in hope of a greater return. In these scams the spammer constructs a story where they need money to unlock a great deal more money. Many people fall for this not only because the spammer promises them a reward, but because the spammer presents an opportunity for the victim to help someone out. According to snopes.com, an estimated 100 million dollars was lost in 1997 because of scams of this nature.


Methods

There are many methods in which spam organizations operate. To maximize message output and to avoid prosecution many methods involve the use of control of machines owned by others. In other situations where the spam company is based in the United States, the actual servers sending the spam are being operated in foreign countries or through a proxy server to avoid location of the spamming operation source.

Zombie

Spam is increasingly sent from computers and users that have no idea that they are in fact sending unwarranted and sometimes illegal material to thousands of other users. An unprotected computer becomes a zombie when a virus or worm is sent not to disable or damage data on the machine but to utilize its own resources. This allows both bandwidth and processing power outside the physical mean of the individual sending the spam to output many times what one machine could produce. A zombie computer also creates spam from thousands and possibly millions of sources that is highly untraceable back to the one source of the spam for prosecution.

The term zombie is used to refer to such machines due to the fact the that local user usually has no idea that their machine is under the control of another. Typically zombie computers are used to distribute e-mail spam but can also be used to host phishing servers, performing click fraud, as well as money mule websites.

It is estimated that currently the large majority of e-mail spam is now sent via zombie computers.

Address Farming

There must be a repository setup for spammers to have the ability to constantly send e-mail spam to millions of users a time. In addition, there must be measures in place to harvest this repository for new addresses. Without the side task for farming for address, the spam source would not have targets to send e-mail to. These large banks of e-mails are either collected by the spammer or purchased by a side company that primarily collects valid e-mail addresses for the purpose of spamming.

A primary method used to collected valid and up to date e-mails is by the use of search engines to crawl the internet for e-mails that are placed on websites, newsgroups, or message boards. In a similar manner how Google searches and collects information about websites. These spambots search and collect information on websites that contain values of text that are the same as a valid e-mail address. Another method that is often used is the act of probing for e-mail addresses. A address farmer will create a website with associated advertisement to lure users to go to that site to enter their contact information for the chance to win a large prize. If you sign up for a newsletter or register a product with a company and choose to allow your e-mail address to be shared with "partners", often that partner is a firm that collects e-mail addresses for spammers.

The last main way of farming for address is to simply guess an e-mail address. With the many main free web based e-mail providers such as MSN, Yahoo, and Google, spammers may simple just randomly choose names for e-mail addresses in hopes that some of them are valid and active.

Proxy Servers and Multiple Server Locations

To accommodate the large abundance of bandwidth required to send out billions of e-mails a day from one source requires more than just one server. Spam only works based on the pure volume of e-mails sent out per unit of time. To accomplish this, spammers set up hundreds or thousands of servers all over to globe in countries that are eager to sell their bandwidth regardless of the purpose or legality. Even though a large percentage of spam originates from the United States, the largest majority comes from Asia and eastern block third world and developing countries.

For companies that do in fact send their bulk amount of spam within countries where it is illegal, the use of proxy servers are much more useful. Proxy servers are used to hide the originated source of the data transmission to another location. The spam is sent through proxy servers so that the originating location of the spam can not be determined.

Specially Formatted E-mails and Websites

Most mail servers and search engines have advanced filters that are able to determine if either an e-mail will be useful to read or if a website actually contains the information you are searching for. Both mail servers and search engines will block information that obviously appears to be spam.

In an effort to give the spam the appearance of legitimacy, the art of obscuring the spam in creative ways has grown. This is done in many clever ways. Sometimes spam e-mail will include a large amount of bogus text to appear like full blocks of paragraphs and sentences resembling a personally written e-mail when it has, in fact, been written automatically. To block spelling filters, spammers will creatively change the spelling of certain products that are key to spamming to bypass the blocks.

Also, using special HTML formatting to break up the letters of an e-mail text while allowing the viewer to read the spam correctly is another popular means of fooling an automated spam filter.

Other Methods

There are a myriad of ways that spammers foil filters and accomplish their task. Each day new ways are developed to block spam and at the same time new ways are developed to send spam. Most of these involve maximizing spam output and hiding the source of the spam by means of working through an unknown entity. This could be through e-mail relay to hide the real domain of the e-mail while also allowing the e-mail to look legitimate by modifying the header.

Spammers also trick spam recipients by modifying the to and from tag headers of an e-mail, Bypassing the actual e-mail server and sending directly to the recipient, or false or obscured URLs that may be use in conjunction with redirected URLs to heavily camouflage the e-mail as legitimate.

Issues

Proponents of Spam

For many people, spam is the cheapest and most effective way to advertise. New businesses can use spam to get their message to a wide range of users or almost little cost. Politicians use mass emails to send out messages to their constituents or to voters for campaign reasons. Many spam advertises for adult sites as well. This is ethically questionable because there is no doubt that a large amount of pornographic material are reaching minors[1] through spam. It is both illegal and unethical for minors to view this material.

Developing countries that are desperate to sell bandwidth and servers at any cost are also in favor of the act of spamming, as it bring money and resources to businesses within that country. In addition, spam may be used for truly humanitarian and non-business purposes to spread some need or to advertise a political agenda. Unfortunately there are many companies that have lost huge sums of money from the act of spamming. This is due to maintenance of servers loaded with spam, buying software and teams to filter the spam, and productivity lost when employees click on and are distracted by the spam. It is estimated that $20 billion dollars are lost annually in the United States from spam[2].

Links and Resources

Origin of Spam An essay on the origin of the term spam.

HowStuffWorks "How Spam Works" A in depth analysis on the workings of spam

Why is there so much spam? A description of spam tactics and methods

Popular spammer tricks Detailed tips and methods for the modern spammer

FTC-SPAM United States Federal Trade Commission Spam Headquarters

IM phishing Information on instant messaging phishing

Email phishing Microsoft warns users about phishing techniques

Pump and Dump Investopedia warns about pump and dump scams

Email Spam The Federal Trade Commission warns about spam

Text Message Spam The Seattle Times talks text message

Instant message spam Information week warns about IM spam