CSC 379 SUM2008:Week 1, Group 3: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
Line 59: Line 59:


For companies that do in fact send their bulk amount of spam within countries where it is illegal, the use of proxy servers are much more useful.  Proxy servers are used to hide the originated source of the data transmission to another location.  The spam is sent through proxy servers so that the originating location of the spam can not be determined.
For companies that do in fact send their bulk amount of spam within countries where it is illegal, the use of proxy servers are much more useful.  Proxy servers are used to hide the originated source of the data transmission to another location.  The spam is sent through proxy servers so that the originating location of the spam can not be determined.
===Other Methods===
There are a myriad of ways that spammers foil filters and accomplish their task.  Each day new ways are developed to block spam and at the same time new ways are developed to send spam.  Most of these involve maximizing spam output and hiding the source of the spam by means of working through an unknown entity.  This could be through e-mail relay to hide the real domain of the e-mail while also allowing the e-mail to look legitimate by modifying the header. 
Spammers also trick spam recipients by modifying the to and from tag headers of an e-mail, Bypassing the actual e-mail server and sending directly to the recipient, or false or obscured URLs that may be use in conjunction with redirected URLs to heavily camouflage the e-mail as legitimate.


==Links and Resources==
==Links and Resources==

Revision as of 17:42, 11 July 2008

DUE FRIDAY 11:30PM

Spam

Spam is disruptive or unwanted message sent to a user especially through email, often in bulk. It is often sent as advertisements or scams, but sometimes it's purpose is just to annoy. There is little or no cost to spamming and the methods to do so are relatively simple, which accounts for its persistence over the years.

History

The term spam is believed by most to be coined by a Monty Python Skit. In the skit a group of vikings start singing a song about spam that drowns out the rest of the conversation. Users of MUD groups would fill the screen of other users with the lyrics to the spam song to discourage users from chatting. This became referred to as spamming.

The first commercial spam was by a lawyer group called Canter and Siegel. At the beginning of the internet, USENET was a system that had many different discussion groups that were very useful for gathering and discussing specific information. On April 12, 1994, Canter and Siegel hired a programmer to write a script that would post their add to every single USENET group. Soon after this other people started mass posting irrelevant ads and then people discovered that they could send unwanted emails over email.

Media

USENET

USENET was a networked discussion system. It was the best source of specific information before search engines became popular. It is known as the first system to be programatically spammed for commercial reasons.

Fax

Also known as junk faxes, companies would send mass unsolicited advertisements via fax. Junk faxing is very similar to SPAM in nature, but is usually not referred to by that title. Junk faxing has been all but shut down by the Telephone Consumer Protection Act of 1991 banning unsolicited faxes and requiring that a source number be required for all outgoing faxes.

E-Mail

Text Message

Instant messenger

Types

Phishing

Phishing is the fraudulent process of obtaining sensitive information, generally passwords and logins. Phishing generally takes place in E-mails and instant messages. Email phishing consists of the attacker creating a "look a-like" of a login page to a secure website. When the user puts in their login information, it is sent to the attackers computer, where the attacker can gain access to personal information and money accounts. Notable phishing attacks have occurred on eBay, Youtube, and many online banks.

Pump and Dump

Nigerian Prince

Pharmaceutical

Adult ads

Methods

There are many methods in which spam organizations operate. To maximize out and to avoid prosecution many methods involve the use of control of machines owned by others. In other situations where the spam company is based in the United States, the actual servers sending the spam are being operated in foreign countries or through a proxy server to avoid location of the spamming operation source.

Zombie

Spam is increasingly sent from computers and users that have no idea that they are in fact sending unwarranted and sometimes illegal material to thousands of other users. An unprotected computer becomes a zombie when a virus or worm is sent not to disable or damage data on the machine but to utilize its own resources. This allows both bandwidth and processing power outside the physical mean of the individual sending the spam to output many times what one machine could produce. A zombie computer also creates spam from thousands and possibly millions of sources that is highly untraceable back to the one source of the spam for prosecution.

The term zombie is used to refer to such machines due to the fact the that local user usually has no idea that their machine is under the control of another. Typically zombie computers are used to distribute e-mail spam but can also be used to host phishing servers, performing click fraud, as well as money mule websites.

It is estimated that currently the large majority of e-mail spam is now sent via zombie computers.

  • NEED LINKS!

Address Farming

There must be a repository setup for spammers to have the ability to constantly send e-mail spam to millions of users a time. In addition, there must be measures in place to harvest this repository for new addresses. Without the side task for farming for address, the spam source would not have targets to send e-mail to. These large banks of e-mails are either collected by the spammer or purchased by a side company that primarily collects valid e-mail addresses for the purpose of spamming.

A primary method used to collected valid and up to date e-mails is by the use of search engines to crawl the internet for e-mails that are placed on websites, newsgroups, or message boards. In a similar manner how Google searches and collects information about websites. These spambots search and collect information on websites that contain values of text that are the same as a valid e-mail address. Another method that is often used is the act of probing for e-mail addresses. A address farmer will create a website with associated advertisement to lure users to go to that site to enter their contact information for the chance to win a large prize. If you sign up for a newsletter or register a product with a company and choose to allow your e-mail address to be shared with "partners", often that partner is a firm that collects e-mail addresses for spammers.

The last main way of farming for address is to simply guess an e-mail address. With the many main free web based e-mail providers such as MSN, Yahoo, and Google, spammers may simple just randomly choose names for e-mail addresses in hopes that some of them are valid and active.

  • NEED LINKS!

Proxy Servers and Multiple Server Locations

To accommodate the large abundance of bandwidth required to send out billions of e-mails a day from one source requires more than just one server. Spam only works based on the pure volume of e-mails sent out per unit of time. To accomplish this, spammers set up hundreds or thousands of servers all over to globe in countries that are eager to sell their bandwidth regardless of the purpose or legality. Even though a large percentage of spam originates from the United States, the largest majority comes from Asia and eastern block third world and developing countries.

For companies that do in fact send their bulk amount of spam within countries where it is illegal, the use of proxy servers are much more useful. Proxy servers are used to hide the originated source of the data transmission to another location. The spam is sent through proxy servers so that the originating location of the spam can not be determined.

Other Methods

There are a myriad of ways that spammers foil filters and accomplish their task. Each day new ways are developed to block spam and at the same time new ways are developed to send spam. Most of these involve maximizing spam output and hiding the source of the spam by means of working through an unknown entity. This could be through e-mail relay to hide the real domain of the e-mail while also allowing the e-mail to look legitimate by modifying the header.

Spammers also trick spam recipients by modifying the to and from tag headers of an e-mail, Bypassing the actual e-mail server and sending directly to the recipient, or false or obscured URLs that may be use in conjunction with redirected URLs to heavily camouflage the e-mail as legitimate.

Links and Resources

Origin of Spam An essay on the origen of the term spam.

HowStuffWorks "How Spam Works" A in depth analysis on the workings of spam

Why is there so much spam? A description of spam tactics and methods

Popular spammer tricks Detailed tips and methods for the modern spammer

Assignment definition REMOVE WHEN DONE

The tactics and content of spam are continuously changing as countermeasures to combat it become more effective. Once simple advertisements, spam now comes in a wide variety of forms from phishing, to “pump and dump” stock scams, to other deceptive business offers. Examine the current nature of spam content and tactics, providing an overview of each major type of spam, a brief review of the ethical considerations each raise, and links to online resources that cite specific instances or effects of each.