CSC 379 SUM2008:Week 1, Group 3: Difference between revisions
(→Proxy) |
|||
Line 51: | Line 51: | ||
==Links and Resources== | ==Links and Resources== | ||
[http://www.templetons.com/brad/spamterm.html Origin of Spam] An essay on the origen of the term spam. | [http://www.templetons.com/brad/spamterm.html Origin of Spam] An essay on the origen of the term spam. | ||
[http://computer.howstuffworks.com/spam.htm HowStuffWorks "How Spam Works"] A in depth analysis on the workings of spam | |||
=Assignment definition REMOVE WHEN DONE= | =Assignment definition REMOVE WHEN DONE= | ||
The [http://news.bitdefender.com/NW764-en--E-Mail-Spam-Morphs-in-First-Half-of-2008.html tactics and content of spam] are continuously changing as countermeasures to combat it become more effective. Once simple advertisements, spam now comes in a wide variety of forms from phishing, to [http://www.sec.gov/answers/pumpdump.htm “pump and dump”] stock scams, to other deceptive business offers. Examine the current nature of spam content and tactics, providing an overview of each major type of spam, a brief review of the ethical considerations each raise, and links to online resources that cite specific instances or effects of each. | The [http://news.bitdefender.com/NW764-en--E-Mail-Spam-Morphs-in-First-Half-of-2008.html tactics and content of spam] are continuously changing as countermeasures to combat it become more effective. Once simple advertisements, spam now comes in a wide variety of forms from phishing, to [http://www.sec.gov/answers/pumpdump.htm “pump and dump”] stock scams, to other deceptive business offers. Examine the current nature of spam content and tactics, providing an overview of each major type of spam, a brief review of the ethical considerations each raise, and links to online resources that cite specific instances or effects of each. |
Revision as of 16:55, 11 July 2008
DUE FRIDAY 11:30PM
Spam
Spam is disruptive or unwanted message sent to a user especially through email, often in bulk. It is often sent as advertisements or scams, but sometimes it's purpose is just to annoy. There is little or no cost to spamming and the methods to do so are relatively simple, which accounts for its persistence over the years.
History
The term spam is believed by most to be coined by a Monty Python Skit. In the skit a group of vikings start singing a song about spam that drowns out the rest of the conversation. Users of MUD groups would fill the screen of other users with the lyrics to the spam song to discourage users from chatting. This became referred to as spamming.
The first commercial spam was by a lawyer group called Canter and Siegel. At the beginning of the internet, USENET was a system that had many different discussion groups that were very useful for gathering and discussing specific information. On April 12, 1994, Canter and Siegel hired a programmer to write a script that would post their add to every single USENET group. Soon after this other people started mass posting irrelevant ads and then people discovered that they could send unwanted emails over email.
Media
USENET
USENET was a networked discussion system. It was the best source of specific information before search engines became popular. It is known as the first system to be programatically spammed for commercial reasons.
Fax
Also known as junk faxes, companies would send mass unsolicited advertisements via fax. Junk faxing is very similar to SPAM in nature, but is usually not referred to by that title. Junk faxing has been all but shut down by the Telephone Consumer Protection Act of 1991 banning unsolicited faxes and requiring that a source number be required for all outgoing faxes.
Text Message
Instant messenger
Types
Phishing
Phishing is the fraudulent process of obtaining sensitive information, generally passwords and logins. Phishing generally takes place in E-mails and instant messages. Email phishing consists of the attacker creating a "look a-like" of a login page to a secure website. When the user puts in their login information, it is sent to the attackers computer, where the attacker can gain access to personal information and money accounts. Notable phishing attacks have occurred on eBay, Youtube, and many online banks.
Pump and Dump
Nigerian Prince
Pharmaceutical
Adult ads
Methods
Zombie
Spam is increasingly sent from computers and users that have no idea that they are in fact sending unwarranted and sometimes illegal material to thousands of other users. An unprotected computer becomes a zombie when a virus or worm is sent not to disable or damage data on the machine but to utilize its own resources. This allows both bandwidth and processing power outside the physical mean of the individual sending the spam to output many times what one machine could produce. A zombie computer also creates spam from thousands and possibly millions of sources that is highly untraceable back to the one source of the spam for prosecution.
The term zombie is used to refer to such machines due to the fact the that local user usually has no idea that their machine is under the control of another. Typically zombie computers are used to distribute e-mail spam but can also be used to host phishing servers, performing click fraud, as well as money mule websites.
It is estimated that currently the large majority of e-mail spam is now sent via zombie computers.
- ADD LINKS **
Address Farming
There must be a repository setup for spammers to have the ability to constantly send e-mail spam to millions of users a time. In addition, there must be measures in place to harvest this repository for new addresses. Without the side task for farming for address, the spam source would not have targets to send e-mail to. These large banks of e-mails are either collected by the spammer or purchased by a side company that primarily collects valid e-mail addresses for the purpose of spamming.
A primary method used to collected valid and up to date e-mails is by the use of search engines to crawl the internet for e-mails that are placed on websites, newsgroups, or message boards. In a similar manner how Google searches and collects information about websites. These spambots search and collect information on websites that contain values of text that are the same as a valid e-mail address. Another method that is often used is the act of probing for e-mail addresses. A address farmer will create a website with associated advertisement to lure users to go to that site to enter their contact information for the chance to win a large prize. If you sign up for a newsletter or register a product with a company and choose to allow your e-mail address to be shared with "partners", often that partner is a firm that collects e-mail addresses for spammers.
Anything else?
Links and Resources
Origin of Spam An essay on the origen of the term spam. HowStuffWorks "How Spam Works" A in depth analysis on the workings of spam
Assignment definition REMOVE WHEN DONE
The tactics and content of spam are continuously changing as countermeasures to combat it become more effective. Once simple advertisements, spam now comes in a wide variety of forms from phishing, to “pump and dump” stock scams, to other deceptive business offers. Examine the current nature of spam content and tactics, providing an overview of each major type of spam, a brief review of the ethical considerations each raise, and links to online resources that cite specific instances or effects of each.