CSC 379 SUM2008:Week 1, Group 3

From Expertiza_Wiki
Jump to navigation Jump to search

DUE FRIDAY 11:30PM

Spam

Spam is disruptive or unwanted message sent to a user especially through email, often in bulk. It is often sent as advertisements or scams, but sometimes it's purpose is just to annoy. There is little or no cost to spamming and the methods to do so are relatively simple, which accounts for its persistence over the years.

History

The term spam is believed by most to be coined by a Monty Python Skit. In the skit a group of vikings start singing a song about spam that drowns out the rest of the conversation. Users of MUD groups would fill the screen of other users with the lyrics to the spam song to discourage users from chatting. This became referred to as spamming.

The first commercial spam was by a lawyer group called Canter and Siegel. At the beginning of the internet, USENET was a system that had many different discussion groups that were very useful for gathering and discussing specific information. On April 12, 1994, Canter and Siegel hired a programmer to write a script that would post their add to every single USENET group. Soon after this other people started mass posting irrelevant ads and then people discovered that they could send unwanted emails over email.

Media

USENET

USENET was a networked discussion system. It was the best source of specific information before search engines became popular. It is known as the first system to be programatically spammed for commercial reasons.

Fax

Also known as junk faxes, companies would send mass unsolicited advertisements via fax. Junk faxing is very similar to SPAM in nature, but is usually not referred to by that title. Junk faxing has been all but shut down by the Telephone Consumer Protection Act of 1991 banning unsolicited faxes and requiring that a source number be required for all outgoing faxes.

E-Mail

Email spam or junk mail, is currently the most popular type of spam. Spam email usually is trying to get a user to buy something or to visit a certain website. Spam email offers range from weight loss schemes, advanced loans, adult products, work from home scams, offers to rebuild credit, and many more. Many of these email addresses are untraceable as the attackers who send the emails use web bots to take advantage of free webmail addresses. By doing this, it makes it practically impossible for a user to block all incomming spam mail. Besides using this webmail servers spammers also use "spam art" to keep the junk mail filters from blocking thier emails.

  (Examples of "spam art")
  • Viagra ---> V1agra ---> Vi@gra

In the United States in 2007 alone, it was estimated that Email spam cost buisnesses $198 billion dollars, up from 23 billion in 2003.

Spam email does not always just advertise scams and products. Many emails sent from spammers contain harmfull viruses that can do serious damage to a users computer. In some cases these viruses use the users computer to send out more spam.

Text Message

Instant messenger

Types

Phishing

Phishing is the fraudulent process of obtaining sensitive information, generally passwords and logins. Phishing generally takes place in E-mails and instant messages. Email phishing consists of the attacker creating a "look a-like" of a login page to a secure website. When the user puts in their login information, it is sent to the attackers computer, where the attacker can gain access to personal information and money accounts. Notable phishing attacks have occurred on eBay, Youtube, and many online banks. Instant messaging phishing interupts the user immediatly. The attacker sends a message like: "Hey, look at this picture.", after clicking on the link, the user is taken to a malicious website.


Pump and Dump

"Pump and Dump" is the act of an investor or group of investors sending out tons of messages promoting a stock which they hold calling it, "the next big thing". The stocks chosen are usually micro-cap stocks that are subject to frequent shifts in price. These investors keep on promoting the stock untill it has risen enough to where they know they will make sizable profits from selling the stock after the rise in interest.

Nigerian Prince

Pharmaceutical

Adult ads

Methods

There are many methods in which spam organizations operate. To maximize out and to avoid prosecution many methods involve the use of control of machines owned by others. In other situations where the spam company is based in the United States, the actual servers sending the spam are being operated in foreign countries or through a proxy server to avoid location of the spamming operation source.

Zombie

Spam is increasingly sent from computers and users that have no idea that they are in fact sending unwarranted and sometimes illegal material to thousands of other users. An unprotected computer becomes a zombie when a virus or worm is sent not to disable or damage data on the machine but to utilize its own resources. This allows both bandwidth and processing power outside the physical mean of the individual sending the spam to output many times what one machine could produce. A zombie computer also creates spam from thousands and possibly millions of sources that is highly untraceable back to the one source of the spam for prosecution.

The term zombie is used to refer to such machines due to the fact the that local user usually has no idea that their machine is under the control of another. Typically zombie computers are used to distribute e-mail spam but can also be used to host phishing servers, performing click fraud, as well as money mule websites.

It is estimated that currently the large majority of e-mail spam is now sent via zombie computers.

  • NEED LINKS!

Address Farming

There must be a repository setup for spammers to have the ability to constantly send e-mail spam to millions of users a time. In addition, there must be measures in place to harvest this repository for new addresses. Without the side task for farming for address, the spam source would not have targets to send e-mail to. These large banks of e-mails are either collected by the spammer or purchased by a side company that primarily collects valid e-mail addresses for the purpose of spamming.

A primary method used to collected valid and up to date e-mails is by the use of search engines to crawl the internet for e-mails that are placed on websites, newsgroups, or message boards. In a similar manner how Google searches and collects information about websites. These spambots search and collect information on websites that contain values of text that are the same as a valid e-mail address. Another method that is often used is the act of probing for e-mail addresses. A address farmer will create a website with associated advertisement to lure users to go to that site to enter their contact information for the chance to win a large prize. If you sign up for a newsletter or register a product with a company and choose to allow your e-mail address to be shared with "partners", often that partner is a firm that collects e-mail addresses for spammers.

The last main way of farming for address is to simply guess an e-mail address. With the many main free web based e-mail providers such as MSN, Yahoo, and Google, spammers may simple just randomly choose names for e-mail addresses in hopes that some of them are valid and active.

  • NEED LINKS!

Proxy Servers and Multiple Server Locations

To accommodate the large abundance of bandwidth required to send out billions of e-mails a day from one source requires more than just one server. Spam only works based on the pure volume of e-mails sent out per unit of time. To accomplish this, spammers set up hundreds or thousands of servers all over to globe in countries that are eager to sell their bandwidth regardless of the purpose or legality. Even though a large percentage of spam originates from the United States, the largest majority comes from Asia and eastern block third world and developing countries.

For companies that do in fact send their bulk amount of spam within countries where it is illegal, the use of proxy servers are much more useful. Proxy servers are used to hide the originated source of the data transmission to another location. The spam is sent through proxy servers so that the originating location of the spam can not be determined.

Specially Formatted E-mails and Websites

Most mail servers and search engines have advanced filters that are able to determine if either an e-mail will be useful to read or if a website actually contains the information you are searching for. Both mail servers and search engines will block information that obviously appears to be spam.

In an effort to give the spam the appearance of legitimacy, the art of obscuring the spam in creative ways has grown. This is done in many clever ways. Sometimes spam e-mail will include a large amount of bogus text to appear like full blocks of paragraphs and sentences resembling a personally written e-mail when it has, in fact, been written automatically. To block spelling filters, spammers will creatively change the spelling of certain products that are key to spamming to bypass the blocks.

Also, using special HTML formatting to break up the letters of an e-mail text while allowing the viewer to read the spam correctly is another popular means of fooling an automated spam filter.

Other Methods

There are a myriad of ways that spammers foil filters and accomplish their task. Each day new ways are developed to block spam and at the same time new ways are developed to send spam. Most of these involve maximizing spam output and hiding the source of the spam by means of working through an unknown entity. This could be through e-mail relay to hide the real domain of the e-mail while also allowing the e-mail to look legitimate by modifying the header.

Spammers also trick spam recipients by modifying the to and from tag headers of an e-mail, Bypassing the actual e-mail server and sending directly to the recipient, or false or obscured URLs that may be use in conjunction with redirected URLs to heavily camouflage the e-mail as legitimate.

Links and Resources

Origin of Spam An essay on the origen of the term spam.

HowStuffWorks "How Spam Works" A in depth analysis on the workings of spam

Why is there so much spam? A description of spam tactics and methods

Popular spammer tricks Detailed tips and methods for the modern spammer

FTC-SPAM United States Federal Trade Commission Spam Headquarters

IM phishing Information on instant messaging phishing

Email phishing Microsoft warns users about phishing techniques

Pump and Dump Investopedia warns about pump and dump scams

Assignment definition REMOVE WHEN DONE

The tactics and content of spam are continuously changing as countermeasures to combat it become more effective. Once simple advertisements, spam now comes in a wide variety of forms from phishing, to “pump and dump” stock scams, to other deceptive business offers. Examine the current nature of spam content and tactics, providing an overview of each major type of spam, a brief review of the ethical considerations each raise, and links to online resources that cite specific instances or effects of each.