Jump to content

Email spam: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Blanked the page
m Reverting possible vandalism by 62.171.196.100 to version by Philip Trueman. False positive? Report it. Thanks, ClueBot NG. (0) (Bot)
Line 1: Line 1:
{{for|information about all spam in general|Spamming}}
{{Cite check|date=December 2009}}
[[Image:spammed-mail-folder.png|thumb|300px|An [[email box]] folder filled with spam messages.]]

'''Email spam''', also known as '''junk email''' or '''unsolicited bulk email''' (''UBE''), is a subset of [[spam (electronic)|electronic spam]] involving nearly identical messages sent to numerous recipients by [[email]]. Clicking on [[Html email#Security vulnerabilities|links in spam email]] may send users to [[phishing]] web sites or sites that are hosting [[malware]]. Spam email may also include malware as scripts or other executable file attachments. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk.<ref name="spamfaq">{{cite web|url=http://www.spamfaq.net/terminology.shtml#specific_spams|title=3.4 Specific Types of Spam|first=James John|last=Farmer|accessdate=2008-08-19|date=2003-12-27|format=FAQ|work=An FAQ for news.admin.net-abuse.email; Part 3: Understanding NANAE|publisher=Spam FAQ|archiveurl=http://web.archive.org/web/20040212175535/http://www.spamfaq.net/terminology.shtml#specific_spams|archivedate=2004-02-12}}</ref><ref name="rhyolite">{{cite web|url=http://www.rhyolite.com/anti-spam/you-might-be.html#spam-fighter-4|title=You Might Be An Anti-Spam Kook If...|accessdate=2007-01-05|date=2006-11-25|publisher=Rhyolite Software}}</ref><ref name="spamcop">{{cite web|url=http://www.spamcop.net/fom-serve/cache/14.html|title=On what type of email should I (not) use SpamCop?|accessdate=2007-01-05|format=FAQ|work=SpamCop FAQ|publisher=IronPort Systems}}</ref><ref name="abuse">{{cite web|url=http://spam.abuse.net/overview/whatisspam.shtml|title=What is spam?|accessdate=2007-01-05|author=Scott Hazen Mueller|work=Information about spam|publisher=Abuse.net}}</ref><ref name="monkeys">{{cite web|url=http://www.monkeys.com/spam-defined|title=Spam Defined|accessdate=2007-01-05|date=2002-12-22|publisher=Infinite Monkeys & Co}}</ref> One subset of UBE is ''UCE'' (unsolicited commercial email). The opposite of "spam", email which one wants, is called "ham"{{citation needed|date=September 2014}}, usually when referring to a message's automated analysis (such as Bayesian filtering).<ref>{{cite web|url=http://www.sciencetext.com/spam-or-ham.html|title=Spam or Ham?|last=Bradley|first=David|date=2009-05-13|work=Sciencetext|accessdate=2011-09-28}}</ref> Like [[Spam (electronic)|other forms]] of unwanted bulk messaging, it is named for [[spam (food)|Spam]] luncheon meat by way of a [[Spam (Monty Python)|Monty Python sketch]] in which Spam is depicted as [[ubiquitous]] and unavoidable.<ref>{{cite web|url=http://www.merriam-webster.com/dictionary/spam|publisher=Merriam-Webster|title=Merriam Webster Dictionary}}</ref>

Email spam has steadily grown since the early 1990s. [[Botnet]]s, networks of [[computer virus|virus]]-infected computers, are used to send about 80% of spam. Since the expense of the spam is borne mostly by the recipient,<ref name="spam-costs"/> it is effectively [[postage due]] advertising.

The legal status of spam varies from one jurisdiction to another. In the United States, spam was declared to be legal by the [[CAN-SPAM Act of 2003]] provided the message adheres to certain specifications. [[Internet service provider|ISP]]s have attempted to recover the cost of spam through lawsuits against spammers, although they have been mostly unsuccessful in collecting damages despite winning in court.<ref>{{citation|publisher=QC Times|url=http://qctimes.com/news/local/article_7a7b6e00-fba9-5039-bfcb-974b92647deb.html|title=Clinton Internet provider wins $11B suit against spammer}}</ref><ref name="AOL gives up treasure hunt">{{citation|publisher=Boston Herald|url=http://www.bostonherald.com/business/general/view.bg?articleid=1013094&srvc=biz|title=AOL gives up treasure hunt}}</ref>

Spammers collect email addresses from chatrooms, websites, customer lists, newsgroups, and viruses which harvest users' address books, and are sold to other spammers. They also use a practice known as "email appending" or "epending" in which they use known information about their target (such as a postal address) to search for the target's email address. Much of spam is sent to invalid email addresses. According to the Message Anti-Abuse Working Group, the amount of spam email was between 88–92% of email messages sent in the first half of 2010.<ref name="MAAWG.org">{{citation|url=http://www.maawg.org/email_metrics_report|publisher=MAAWG|title=Email metrics report|date=Nov 2010}}</ref>

==Overview==
From the beginning of the Internet (the [[ARPANET]]), sending of junk email has been prohibited. [[Gary Thuerk]] sent the first email spam message in 1978 to 600 people. He was reprimanded and told not to do it again.
<ref>[http://www.latimes.com/technology/la-fi-spam11may11001420,1,5168218,full.story Opening Pandora's In-Box]. {{dead link|date=December 2013}}</ref> The ban on spam is enforced by the [[Terms of Service]]/[[Acceptable use policy|Acceptable Use Policy]] (ToS/AUP) of internet service providers (ISPs) and peer pressure. Even with a thousand users junk email for advertising is not tenable, and with a million users it is not only impractical,<ref>{{cite web|url=http://gandalf.home.digital.net/spamfaq.html|title=alt.spam FAQ|publisher=Gandalf.home.digital.net|accessdate=2012-12-10}}</ref> but also expensive.<ref>{{cite web|url=http://spam.abuse.net/overview/spambad.shtml|title=Why is spam bad?|publisher=Spam.abuse.net|accessdate=2012-12-10}}</ref> It was estimated that spam cost businesses on the order of $100&nbsp;billion in 2007.<ref>[http://www.ferris.com/research-library/industry-statistics/ Ferris Research: Cost of Spam]</ref> As the scale of the spam problem has grown, ISPs and the public have turned to government for relief from spam, which has failed to materialize.<ref>[http://www.washingtonpost.com/ac2/wp-dyn/A17754-2003Mar12 Spam's Cost To Business Escalates]</ref>

==Types==
[[Image:Mutt.png|thumb|300px|[[Mutt (email client)|Mutt]] in action]]

Spam has several definitions varying by source.
*''Unsolicited bulk email'' (UBE)—unsolicited email, sent in large quantities.
*''Unsolicited commercial email'' (UCE)—this more restrictive definition is used by regulators whose mandate is to regulate commerce, such as the U.S. [[Federal Trade Commission]].

===Spamvertised sites===
Many spam emails contain URLs to a website or websites. According to a [[Commtouch]] report in the first quarter of 2010, there are "...183&nbsp;billion spam messages" sent every day. The most popular spam topic is "pharmacy ads" which make up 81% of email spam messages.<ref name="commtouch">{{cite press release|title=Q1 2010 Internet Threats Trend Report|publisher=Commtouch Software Ltd.|url=http://www.commtouch.com/download/1679|format=PDF|accessdate=2010-09-23}}</ref>

===Most common products advertised===
According to information compiled by Commtouch Software Ltd., email spam for the first quarter of 2010 can be broken down as follows.<ref name="commtouch"/>

{|class="wikitable sortable"
|+ EMail Spam by Topic
|-
!Pharmacy
|81%
|-
!Replica
|5.40%
|-
!Enhancers
|2.30%
|-
!Phishing
|2.30%
|-
!Degrees<ref name="commtouch"/>
|1.30%
|-
!Casino
|1%
|-
!Weight Loss
|0.40%
|-
!Other
|6.30%
|}

===419 scams===
{{Main|Advance fee fraud}}

Advance fee fraud spam such as the [[419 scams|Nigerian "419" scam]] may be sent by a single individual from a [[cybercafé]] in a developing country. Organized "[[Gang|spam gangs]]" operate from sites set up by the [[Russian mafia]], with turf battles and revenge killings sometimes resulting.<ref name="wired">{{cite news|author=Brett Forrest|title=The Sleazy Life and Nasty Death of Russia’s Spam King|url=http://www.wired.com/wired/archive/14.08/spamking_pr.html|work=Issue 14.08|publisher=Wired Magazine|date=August 2006|accessdate=2007-01-05}}</ref>

===Phishing===
{{Main|Phishing}}

Spam is also a medium for [[fraudster]]s to [[scam]] users into entering personal information on fake Web sites using emails forged to look like they are from banks or other organizations, such as [[PayPal]]. This is known as ''[[phishing]]''. Targeted phishing, where known information about the recipient is used to create forged emails, is known as ''spear-phishing''.<ref name="sophos8"/>

==Spam techniques==

===Appending===
{{Main|Email appending}}

If a marketer has one database containing names, addresses, and telephone numbers of customers, they can pay to have their database matched against an external database containing email addresses. The company then has the means to send email to people who have not requested email, which may include people who have deliberately withheld their email address.<ref>{{cite web|url=http://www.cluelessmailers.org/articles/2008-01-19-gettingitwrong.html|title=Getting it Wrong: Corporate America Spams the Afterlife|publisher=Clueless Mailers|author=Bob West|date=January 19, 2008|accessdate=2010-09-23}}</ref>

===Image spam===
{{Main|Image spam}}

[[Image spam]], or image-based spam,<ref name="Image Based spam name">Giorgio Fumera, Ignazio Pillai, Fabio Roli,{{cite web|url=http://jmlr.csail.mit.edu/papers/v7/fumera06a.html|title=Spam filtering based on the analysis of text information embedded into images}} Journal of Machine Learning Research (special issue on Machine Learning in Computer Security), vol. 7, pp. 2699-2720, 12/2006.</ref><ref name="Image Based spam name 2">Battista Biggio, Giorgio Fumera, Ignazio Pillai, Fabio Roli,{{cite web|url=http://www.sciencedirect.com/science/article/pii/S0167865511000936|title=A survey and experimental evaluation of image spam filtering techniques, Pattern Recognition Letters}} Volume 32, Issue 10, 15 July 2011, Pages 1436-1446, ISSN 0167-8655.</ref> is an obfuscating method in which the text of the message is stored as a [[GIF]] or [[JPEG]] image and displayed in the email. This prevents text-based spam filters from detecting and blocking spam messages. Image spam was reportedly used in the mid-2000s to advertise "[[pump and dump]]" stocks.<ref name="techtarget">{{cite news|author=Eric B. Parizo|title=Image spam paints a troubling picture|url=http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1204126,00.html|publisher=Search Security|date=2006-07-26|accessdate=2007-01-06}}</ref>{{Failed verification|date=February 2011}}

Often, image spam contains nonsensical, computer-generated text which simply annoys the reader. However, new technology in some programs tries to read the images by attempting to find text in these images. These programs are not very accurate, and sometimes filter out innocent images of products, such as a box that has words on it.

A newer technique, however, is to use an animated [[GIF]] image that does not contain clear text in its initial frame, or to contort the shapes of letters in the image (as in [[CAPTCHA]]) to avoid detection by [[optical character recognition]] tools.

===Blank spam===
Blank spam is spam lacking a payload advertisement. Often the message body is missing altogether, as well as the subject line. Still, it fits the definition of spam because of its nature as bulk and unsolicited email.

Blank spam may be originated in different ways, either intentional or unintentionally:
# Blank spam can have been sent in a [[directory harvest attack]], a form of [[dictionary attack]] for gathering valid addresses from an email service provider. Since the goal in such an attack is to use the bounces to separate invalid addresses from the valid ones, spammers may dispense with most elements of the header and the entire message body, and still accomplish their goals.
# Blank spam may also occur when a spammer forgets or otherwise fails to add the payload when he or she sets up the spam run.
# Often blank spam headers appear truncated, suggesting that computer glitches may have contributed to this problem—from poorly written spam software to malfunctioning relay servers, or any problems that may truncate header lines from the message body.
# Some spam may appear to be blank when in fact it is not. An example of this is the VBS.Davinia.B email worm<ref>{{cite web|url=http://www.symantec.com/security_response/writeup.jsp?docid=2001-020713-3220-99|title=symantec.com|publisher=symantec.com|accessdate=2012-12-10}}</ref> which propagates through messages that have no subject line and appears blank, when in fact it uses HTML code to download other files.

===Backscatter spam===
{{Main|Backscatter (email)}}
Backscatter is a side-effect of email spam, [[computer viruses|viruses]] and [[computer worm|worms]], where email servers receiving spam and other mail send [[bounce message]]s to an innocent party. This occurs because the original message's [[envelope sender]] is forged to contain the email address of the victim. A very large proportion of such email is sent with a forged ''From:'' header, matching the envelope sender.

Since these messages were not solicited by the recipients, are substantially similar to each other, and are delivered in bulk quantities, they qualify as unsolicited bulk email or spam. As such, systems that generate email backscatter can end up being listed on various [[DNSBL]]s and be in violation of [[internet service provider]]s' [[Terms of Service]].

==Legality==
{{See also|Email spam legislation by country}}

Sending spam violates the [[acceptable use policy]] (AUP) of almost all [[Internet service provider]]s. Providers vary in their willingness or ability to enforce their AUPs. Some actively enforce their terms and terminate spammers' accounts without warning. Some ISPs lack adequate personnel or technical skills for enforcement, while others may be reluctant to enforce restrictive terms against profitable customers.

As the recipient directly bears the cost of delivery, storage, and processing, one could regard spam as the electronic equivalent of "postage-due" junk mail.<ref name="spam-costs"/><ref>{{citation|url=http://img.en25.com/Web/McAfee/CarbonFootprint_12pg_web_REV_NA.pdf|format=PDF|publisher=McAfee/ICF|title=The Carbon Footprint of Email Spam Report|quote=Over 95% of the energy consumed by spam is on the receiver}}</ref> Due to the low cost of sending unsolicited email and the potential profit entailed, some believe that only strict legal enforcement can stop junk email. The Coalition Against Unsolicited Commercial Email (CAUCE) argues "Today, much of the spam volume is sent by career criminals and malicious hackers who won't stop until they're all rounded up and put in jail."<ref>[http://icubes.in/blog/resources/spam-has-changed-and-so-must-cauce/ CAUCE accessed July 13, 2007] November 2014</ref>

===European Union===
All the countries of the [[European Union]] have passed laws that specifically target spam.

Article 13 of the [[European Union]] [[Directive on Privacy and Electronic Communications]] (2002/58/EC) provides that the [[European Union|EU]] member states shall take appropriate measures to ensure that unsolicited communications for the purposes of direct marketing are not allowed either without the consent of the subscribers concerned or in respect of subscribers who do not wish to receive these communications, the choice between these options to be determined by national legislation.

In the [[United Kingdom]], for example, unsolicited emails cannot be sent to an individual subscriber unless prior permission has been obtained or unless there is a previous relationship between the parties.<ref>[[Privacy and Electronic Communications (EC Directive) Regulations 2003]]</ref> The regulations can be enforced against an offending company or individual anywhere in the [[European Union]]. The [[Information Commissioner]]'s Office has responsibility for the enforcement of unsolicited emails and considers complaints about breaches. A breach of an enforcement notice is a criminal offence subject to a fine of up to £500,000.<ref>{{citation|publisher=ICO|url=http://ico.org.uk/enforcement|title=Enforcement}}</ref>

===Canada===
The [[Government of Canada]] has passed anti-spam legislation called the [[Fighting Internet and Wireless Spam Act]]<ref>{{citation|place=CA|publisher=GC|url=http://www2.parl.gc.ca/HousePublications/Publication.aspx?Docid=4547728&&File=50|title=Fighting Internet and Wireless Spam Act}}</ref> to fight spam.<ref>{{citation|publisher=Circle ID|url=http://www.circleid.com/posts/20101215_canada_anti_spam_bill_c_28_is_the_law_of_the_land|title=Canada's Anti-spam Bill C-28 is the Law of the Land|date=2010-12-15}}</ref>

===Australia===
In [[Australia]], the relevant legislation is the [[Spam Act 2003]], which covers some types of email and phone spam and took effect on 11 April 2004. The Spam Act provides that "Unsolicited commercial electronic messages must not be sent." Whether an email is unsolicited depends on whether the sender has consent. Consent can be express or inferred. Express consent is when someone directly instructs a sender to send them emails, e.g. by opting in. Consent can also be inferred from the business relationship between the sender and recipient or if the recipient conspicuously publishes their email address in a public place (such as on a website).<ref>{{cite web|url=http://www.austlii.edu.au/au/legis/cth/consol_act/sa200366/sch2.html|title=Commonwealth Consolidated Acts: Spam Act 2003 – Schedule 2|publisher=AustLII, Faculty of Law, University of Technology|location=Sydney, AU|accessdate=2010-09-23}}</ref> Penalties are up to 10,000 [[penalty units]], or 2,000 penalty units for a person other than a body corporate.

===United States===
In the [[United States]], most states enacted anti-spam laws during the late 1990s and early 2000s. Many of these have since been [[Federal preemption|pre-empted]] by the less restrictive [[CAN-SPAM Act of 2003]] ("CAN-SPAM").<ref>But see, e.g., [http://scholar.google.com/scholar_case?case=9837985979753739551&q=hypertouch+v+valueclick&hl=en&as_sdt=2,5&as_vis=1 Hypertouch v. ValueClick, Inc. et al., Cal.App.4th] (Google Scholar: January 18, 2011).</ref>

Spam is legally permissible according to CAN-SPAM, provided it meets certain criteria: a "truthful" subject line, no forged information in the technical headers or sender address, and other minor requirements. If the spam fails to comply with any of these requirements it is illegal. Aggravated or accelerated penalties apply if the spammer harvested the email addresses using methods described earlier.

A review of the effectiveness of CAN-SPAM in 2005 by the Federal Trade Commission (the agency charged with CAN-SPAM enforcement) stated that the amount of sexually explicit spam had significantly decreased since 2003 and the total volume had begun to level off.<ref>{{citation|publisher=FTC|place=USA|format=PDF|url=http://www.ftc.gov/reports/canspam05/051220canspamrpt.pdf|title=Effectiveness and Enforcement of the CAN-SPAM Act}} {{dead link|date=February 2014}}</ref> Senator [[Conrad Burns]], a principal sponsor, noted that "Enforcement is key regarding the CAN-SPAM legislation." In 2004, less than one percent of spam complied with CAN-SPAM.<ref>{{citation|publisher=PC World|url=http://www.pcworld.com/article/id,114287-page,1/article.html|title=Is the CAN-SPAM Law Working?}}</ref> In contrast to the FTC evaluation, many observers view CAN-SPAM as having failed in its purpose of reducing spam.<ref>{{citation|author=Ken Fisher|publisher=Ars Technica|date=December 2005|url=http://arstechnica.com/old/content/2005/12/5810.ars|title=US FTC says CAN-SPAM works }}</ref><ref>{{citation|publisher=SC Magazine|place=USA|url=http://www.scmagazineus.com/six-years-later-can-spam-act-leaves-spam-problem-unresolved/article/163857|title=Six years later, Can Spam act leaves spam problem unresolved}}</ref>

===Other laws===
Accessing privately owned computer resources without the owner's permission is illegal under [[computer crime]] statutes in most nations. Deliberate spreading of computer viruses is also illegal in the [[United States]] and elsewhere. Thus, some common behaviors of spammers are criminal regardless of the legality of spamming ''per se''. Even before the advent of laws specifically banning or regulating spamming, spammers were successfully prosecuted under computer fraud and abuse laws for wrongfully using others' computers.

The use of botnets can be perceived as theft. The spammer consumes a zombie owner's bandwidth and resources without any cost. In addition, spam is perceived as theft of services. The receiving SMTP servers consume significant amounts of system resources dealing with this unwanted traffic. As a result, service providers have to spend large amounts of money to make their systems capable of handling these amounts of email. Such costs are inevitably passed on to the service providers' customers.<ref>{{citation|publisher=Find Law|url=http://public.findlaw.com/internet/internet-spam.html|title=You've Got Spam}}</ref>

Other laws, not only those related to spam, have been used to prosecute alleged spammers. For example, [[Alan Ralsky]] was indicted on stock fraud charges in January 2008, and [[Robert Soloway]] pled guilty in March 2008 to charges of mail fraud, fraud in connection with email, and failing to file a tax return.<ref>{{citation|url=http://seattletimes.nwsource.com/html/localnews/2004283998_spamking15m.html|publisher=Seattle Times|title="Spam king" pleads guilty to felony fraud|first=Mike|last=Carter|date=2008-03-15}}</ref>

==Deception and fraud==
Spammers may engage in deliberate [[fraud]] to send out their messages. Spammers often use false names, addresses, phone numbers, and other contact information to set up "disposable" accounts at various Internet service providers. They also often use falsified or stolen [[credit card]] numbers to pay for these accounts. This allows them to move quickly from one account to the next as the host ISPs discover and shut down each one.

Senders may go to great lengths to conceal the origin of their messages. Large companies may hire another firm to send their messages so that complaints or blocking of email falls on a third party. Others engage in [[Spoofing attack|spoof]]ing of email addresses (much easier than [[IP address spoofing]]). The email protocol ([[SMTP]]) has no authentication by default, so the spammer can pretend to originate a message apparently from any email address. To prevent this, some ISPs and domains require the use of [[SMTP-AUTH]], allowing positive identification of the specific account from which an email originates.

Senders cannot completely spoof email delivery chains (the 'Received' header), since the receiving mailserver records the actual connection from the last mailserver's IP address. To counter this, some spammers forge additional delivery headers to make it appear as if the email had previously traversed many legitimate servers.

Spoofing can have serious consequences for legitimate email users. Not only can their email inboxes get clogged up with "undeliverable" emails in addition to volumes of spam, they can mistakenly be identified as a spammer. Not only may they receive irate email from spam victims, but (if spam victims report the email address owner to the ISP, for example) a naive ISP may terminate their service for spamming.

==Theft of service==
Spammers frequently seek out and make use of vulnerable third-party systems such as [[open mail relay]]s and open [[proxy server]]s. SMTP forwards mail from one server to another—mail servers that ISPs run commonly require some form of [[authentication]] to ensure that the user is a customer of that ISP. Open relays, however, do not properly check who is using the mail server and pass all mail to the destination address, making it harder to track down spammers.

Increasingly, spammers use networks of malware-infected PCs ([[Zombie computer|zombies]]) to send their spam. [[Zombie computer|Zombie]] networks are also known as [[botnet]]s (such zombifying malware is known as a ''bot'', short for [[robot]]). In June 2006, an estimated 80 percent of email spam was sent by zombie PCs, an increase of 30 percentfrom the prior year. An estimated 55&nbsp;billion email spam were sent each day in June 2006, an increase of 25&nbsp;billion per day from June 2005.<ref name="ironport">{{cite press release
|title=Spammers Continue Innovation: IronPort Study Shows Image-based Spam, Hit & Run, and Increased Volumes Latest Threat to Your Inbox|publisher=IronPort Systems|date=2006-06-28|url=http://www.ironport.com/company/ironport_pr_2006-06-28.html|accessdate=2007-01-05 }}</ref>

For the first quarter of 2010, an estimated 305,000 newly activated zombie PCs were brought online each day for malicious activity. This number is slightly lower than the 312,000 of the fourth quarter of 2009.<ref name="commtouch"/>

Brazil produced the most zombies in the first quarter of 2010. Brazil was the source of 20 percent of all zombies, which is down from 14 percent from the fourth quarter of 2009. India had 10 percent, with Vietnam at 8 percent, and the Russian Federation at 7 percent.<ref name="commtouch"/>

===Side effects===
To combat the problems posed by botnets, open relays, and proxy servers, many email server administrators pre-emptively block dynamic IP ranges and impose stringent requirements on other servers wishing to deliver mail. [[Forward-confirmed reverse DNS]] must be correctly set for the outgoing mail server and large swaths of IP addresses are blocked, sometimes pre-emptively, to prevent spam. These measures can pose problems for those wanting to run a small email server off an inexpensive domestic connection. Blacklisting of IP ranges due to spam emanating from them also causes problems for legitimate email servers in the same IP range.

==Statistics and estimates==
The total volume of email spam has been consistently growing, but in 2011 the trend seems to have reversed.<ref>{{cite web|author=Charlie White|url=http://mashable.com/2011/07/04/spam-decreased-82percent|title=Spam Decreased 82.22% Over The Past Year|publisher=Mashable.com|date=2011-07-04|accessdate=2012-12-10}}</ref><ref>{{cite web|url=http://www.symanteccloud.com/globalthreats/charts/spam_monthly|title=Spam|language=nl|publisher=Symantec.cloud|date=|accessdate=2012-12-10}}</ref> The amount of spam users see in their mailboxes is only a portion of total spam sent, since spammers' lists often contain a large percentage of invalid addresses and many spam filters simply delete or reject "obvious spam."

The first known spam email, advertising a DEC product presentation, was sent in 1978 by Gary Thuerk to 600 addresses, which was all the users of [[ARPANET]] at the time, though software limitations meant only slightly more than half of the intended recipients actually received it.<ref name="templetonsreact">{{cite web|url=http://www.templetons.com/brad/spamreact.html|title=Reaction to the DEC Spam of 1978|author=Brad Templeton|authorlink=Brad Templeton|accessdate=2007-01-21|date=8 March 2005<!-- 08:30:08 GMT-->|publisher=Brad Templeton}}</ref> As of August 2010, the amount of spam was estimated to be around 200&nbsp;billion spam messages sent per day.<ref name="TG">{{cite news|url=http://www.guardian.co.uk/technology/2011/jan/10/email-spam-record-activity|title=Email spam level bounces back after record low|author=Josh Halliday|publisher=[[guardian.co.uk]]|date=10 January 2011|accessdate=2011-01-11}}</ref> More than 97% of all emails sent over the Internet are unwanted, according to a Microsoft security report.<ref>{{cite web|last=Waters|first=Darren|url=http://news.bbc.co.uk/2/hi/technology/7988579.stm|title=Spam overwhelms email messages|publisher=BBC News|date=2009-04-08|accessdate=2012-12-10}}</ref> [[MAAWG]] estimates that 85% of incoming mail is "abusive email", as of the second half of 2007. The sample size for the MAAWG's study was over 100 million mailboxes.<ref name="maawgpdf7">{{cite journal|title=Email Metrics Program: The Network Operators' Perspective|version=Report No.&nbsp;7 – Third and Fourth quarters 2007|publisher=Messaging Anti-Abuse Working Group|date=April 2008|accessdate=2008-05-08|url=http://www.maawg.org/about/MAAWG_2007-Q3-4_Metrics_Report.pdf|format=PDF}}</ref><ref name="maawgpdf1">{{cite journal|title=Email Metrics Program: The Network Operators' Perspective|version=Report No.&nbsp;1 – 4th quarter 2005 Report|publisher=Messaging Anti-Abuse Working Group|date=March 2006|accessdate=2007-01-06|url=http://www.maawg.org/about/FINAL_4Q2005_Metrics_Report.pdf|format=PDF|archiveurl=http://web.archive.org/web/20061208004106/http://www.maawg.org/about/FINAL_4Q2005_Metrics_Report.pdf|archivedate=December 8, 2006}}</ref><ref name="maawgpdf2">{{cite journal|title=Email Metrics Program: The Network Operators' Perspective|version=Report No.&nbsp;2 – 1st quarter 2006|publisher=Messaging Anti-Abuse Working Group|date=June 2006|accessdate=2007-01-06|url=http://www.maawg.org/about/FINAL_1Q2006_Metrics_Report.pdf|format=PDF|archiveurl=http://web.archive.org/web/20060924221430/http://www.maawg.org/about/FINAL_1Q2006_Metrics_Report.pdf <!-- Bot retrieved archive -->|archivedate=2006-09-24}}</ref>

A 2010 survey of US and European email users showed that 46% of the respondents had opened spam messages, although only 11% had clicked on a link.<ref>{{cite web|url=http://www.maawg.org/sites/maawg/files/news/2010_MAAWG-Consumer_Survey.pdf|title=2010 MAAWG Email Security Awareness and Usage Report, Messing Anti-Abuse Working Group/Ipsos Public Affairs|format=PDF|accessdate=2012-12-10}}</ref>

===Highest amount of spam received===
According to [[Steve Ballmer]], Microsoft founder [[Bill Gates]] receives four million emails per year, most of them spam.<ref name="bbc">{{cite news|author=Staff|title=Bill Gates 'most spammed person'|url=http://news.bbc.co.uk/2/hi/business/4023667.stm|publisher=BBC News|date=18 November 2004|accessdate=2010-09-23}}</ref> This was originally incorrectly reported as "per day".<ref name="acme1">{{cite news|author=Mike Wendland|title=Ballmer checks out my spam problem|url=http://www.acme.com/mail_filtering/article_2.html|publisher=ACME Laboratories republication of article appearing in Detroit Free Press|date=December 2, 2004|accessdate=2010-09-23}} ''the date provided is for the original article; the date of revision for the republication is 8 June 2005; verification that content of the republication is the same as the original article is pending''.</ref>

At the same time [[Jef Poskanzer]], owner of the domain name [http://acme.com/ acme.com], was receiving over one million spam emails per day.<ref name="acme2">{{cite web|url=http://www.acme.com/mail_filtering|title=Mail Filtering|author=Jef Poskanzer|date=2006-05-15|publisher=ACME Laboratories|accessdate=2010-09-23}}</ref>

===Cost of spam===
A 2004 survey estimated that lost productivity costs Internet users in the United States $21.58&nbsp;billion annually, while another reported the cost at $17&nbsp;billion, up from $11&nbsp;billion in 2003. In 2004, the worldwide productivity cost of spam has been estimated to be $50&nbsp;billion in 2005.<ref>[http://www.informationweek.com/story/showArticle.jhtml?articleID=59300834 Spam Costs Billions]</ref> An estimate of the percentage cost borne by the sender of marketing junk mail ([[snail mail]]) is 88 percent, whereas in 2001 one spam was estimated to cost $0.10 for the receiver and $0.00001 (0.01% of the cost) for the sender.<ref name="spam-costs">{{cite web|url=http://www.clickz.com/showPage.html?page=1432751|title=Make Spammers Pay Before You Do|publisher=The ClickZ Network|author=Rebecca Lieb|date=July 26, 2002|accessdate=2010-09-23|archiveurl=http://web.archive.org/web/20070807113021/http://www.clickz.com/showPage.html?page=1432751|archivedate=2007-08-07}}</ref>

===Origin of spam===
[[File:E-mail spam relayed by country in Q2-2007.png|thumb|300px|Email spam relayed by country in Q2/2007.]]
Origin or source of spam refers to the geographical location of the computer from which the spam is sent; it is not the country where the spammer resides, nor the country that hosts the spamvertised site. Because of the international nature of spam, the spammer, the hijacked spam-sending computer, the spamvertised server, and the user target of the spam are all often located in different countries. As much as 80% of spam received by Internet users in [[North America]] and [[Europe]] can be traced to fewer than 200 spammers.<ref>[http://www.spamhaus.org/rokso/index.lasso Register of Known Spam Operations] ([[The Spamhaus Project|ROKSO]]).</ref>

'''In terms of volume of spam:''' According to [[Sophos]], the major sources of spam in the fourth quarter of 2008 (October to December) were:{{Verify credibility|date=December 2009}}<ref name="sophos8">{{cite press release|title=Only one in 28 emails legitimate, Sophos report reveals rising tide of spam in April–June 2008|publisher=Sophos|date=2008-07-15|accessdate=2008-10-12|url=http://www.sophos.com/pressoffice/news/articles/2008/07/dirtydozjul08.html }}</ref><ref name="sophos1">{{cite press release|title=Sophos reveals 'Dirty Dozen' spam producing countries, August 2004|publisher=Sophos|date=2004-08-24|accessdate=2007-01-06|url=http://www.sophos.com/pressoffice/news/articles/2004/08/sa_dirtydozenaug04.html }}</ref><ref name="sophos2">{{cite press release|title=Sophos reveals 'dirty dozen' spam relaying countries|publisher=Sophos|date=2006-07-24|accessdate=2007-01-06|url=http://www.sophos.com/pressoffice/news/articles/2006/07/dirtydozjul06.html}}</ref><ref name="sophos3">{{cite press release|title=Sophos research reveals dirty dozen spam-relaying nations|publisher=Sophos|date=2007-04-11|accessdate=2007-06-15|url=http://www.sophos.com/pressoffice/news/articles/2007/04/dirtydozapr07.html}}</ref><ref name="sophos4">{{cite press release|title=Sophos reveals 'Dirty Dozen' spam producing countries, July 2007|publisher=Sophos|date=2007-07-18|accessdate=2007-07-24|url=http://www.sophos.com/pressoffice/news/articles/2007/07/dirtydozjul07.html }}</ref><ref name="sophos5">{{cite press release|title=Sophos reveals 'Dirty Dozen' spam producing countries for Q3 2007|publisher=Sophos|date=2007-10-24|accessdate=2007-11-09|url=http://www.sophos.com/pressoffice/news/articles/2007/10/dirtydozoct07.html }}</ref><ref name="sophos6">{{cite press release|title=Sophos details dirty dozen spam-relaying countries for Q4 2007|publisher=Sophos|date=2008-02-11|accessdate=2008-02-12|url=http://www.sophos.com/pressoffice/news/articles/2008/02/dirtydozfeb08.html }}</ref><ref name="sophos7">{{cite press release|title=Sophos details dirty dozen spam-relaying countries for Q1 2008|publisher=Sophos|date=2008-04-14|accessdate=2008-06-07|url=http://www.sophos.com/pressoffice/news/articles/2008/04/dirtydozapr08.html }}</ref><ref name="sophos9">{{cite press release|title=Eight times more malicious email attachments spammed out in Q3 2008|publisher=Sophos|date=2008-10-27|accessdate=2008-11-02|url=http://www.sophos.com/pressoffice/news/articles/2008/10/spamreport.html }}</ref><ref name="sophos10">{{cite press release|title=Spammers defy Bill Gates's death-of-spam prophecy|publisher=Sophos|date=2009-01-22|accessdate=2009-01-22|url=http://www.sophos.com/pressoffice/news/articles/2009/01/dirty-dozen.html }}</ref>

*The United States (the origin of 19.8% of spam messages, up from 18.9% in Q3)
*China (9.9%, up from 5.4%)
*Russia (6.4%, down from 8.3%)
*Brazil (6.3%, up from 4.5%)
*Turkey (4.4%, down from 8.2%)

When grouped by continents, spam comes mostly from:
*Asia (37.8%, down from 39.8%)
*North America (23.6%, up from 21.8%)
*Europe (23.4%, down from 23.9%)
*South America (12.9%, down from 13.2%)

'''In terms of number of IP addresses:''' the [[Spamhaus Project]] (which measures spam sources in terms of number of IP addresses used for spamming, rather than volume of spam sent) ranks the top three as the United States, China, and Russia,<ref name="spaumhaus1">{{cite web|url=http://www.spamhaus.org/statistics/countries.lasso|title=Spamhaus Statistics: The Top 10|accessdate=2007-01-06|date=dynamic report|work=Spamhaus Blocklist (SBL) database|publisher=The Spamhaus Project Ltd.}}</ref> followed by Japan, Canada, and South Korea.

'''In terms of networks:''' {{As of|2007|6|5}}, the three networks hosting the most spammers are [[Verizon]], [[AT&T Inc.|AT&T]], and [[Tata Communications|VSNL International]].<ref name="spaumhaus1" /> Verizon inherited many of these spam sources from its acquisition of [[MCI Inc.|MCI]], specifically through the [[UUNET|UUNet]] subsidiary of MCI, which Verizon subsequently renamed Verizon Business.

==Anti-spam techniques==
{{Main|Anti-spam techniques}}

The U.S. Department of Energy [[Computer Incident Advisory Capability]] (CIAC) has provided specific countermeasures against email spamming.<ref name="ciac">{{cite web|url=http://www.ciac.org/ciac/bulletins/i-005c.shtml|title=I-005c: E-Mail Spamming countermeasures: Detection and prevention of E-Mail spamming|accessdate=2007-01-06|author=Shawn Hernan|author2=James R. Cutler |author3=David Harris |date=1997-11-25|work=Computer Incident Advisory Capability Information Bulletins|publisher=United States Department of Energy}}</ref>

Some popular methods for filtering and refusing spam include [[email filtering]] based on the content of the email, DNS-based blackhole lists ([[DNSBL]]), [[greylisting]], [[spamtrap]]s, enforcing technical requirements of email ([[Simple Mail Transfer Protocol|SMTP]]), checksumming systems to detect bulk email, and by putting some sort of cost on the sender via a [[proof-of-work system]] or a [[micropayment]]. Each method has strengths and weaknesses and each is controversial because of its weaknesses. For example, one company's offer to "[remove] some spamtrap and honeypot addresses" from email lists defeats the ability for those methods to identify spammers.

[[Anti-spam techniques#Outbound spam protection|Outbound spam protection]] combines many of the techniques to scan messages exiting out of a service provider's network, identify spam, and take action such as blocking the message or shutting off the source of the message.

In one study, 95 percent of revenues (in the study) cleared through just three banks.<ref>{{citation|url=http://cseweb.ucsd.edu/~savage/papers/Oakland11.pdf|title=Click Trajectories: End-to-End Analysis of the Spam Value Chain|author=Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Márk Félegyházi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage|publisher=Proceedings of the IEEE Symposium and Security and Privacy|location=Oakland, CA|date=May 2011}}</ref>

==How spammers operate==
{{unreferenced section|date=November 2011}}

===Gathering of addresses===
{{Main|Email address harvesting}}

In order to send spam, spammers need to obtain the email addresses of the intended recipients. To this end, both spammers themselves and ''list merchants'' gather huge lists of potential email addresses. Since spam is, by definition, unsolicited, this ''address harvesting'' is done without the consent (and sometimes against the expressed will) of the address owners. As a consequence, spammers' address lists are inaccurate. A single spam run may target tens of millions of possible addresses – many of which are invalid, malformed, or undeliverable.

Sometimes, if the sent spam is "bounced" or sent back to the sender by various programs that eliminate spam, or if the recipient clicks on an unsubscribe link, that may cause that email address to be marked as "valid", which is interpreted by the spammer as "send me more". This is illegal with the passage of anti-spam legislation, however. Thus a recipient should not automatically assume the unsubscribe link is an invitation to be sent more messages. If the originating company is legitimate and the content of the message is legitimate, then individuals should unsubscribe to messages they no longer wish to receive.

===Delivering spam messages===
{{Main|Spam email delivery}}

===Obfuscating message content===
Many spam-filtering techniques work by searching for patterns in the headers or bodies of messages. For instance, a user may decide that all email they receive with the word "[[Viagra]]" in the subject line is spam, and instruct their mail program to automatically delete all such messages. To defeat such filters, the spammer may intentionally misspell commonly filtered words or insert other characters, often in a style similar to [[leetspeak]], as in the following examples: <tt>V1agra</tt>, <tt>Via'gra</tt>, <tt>Vi@graa</tt>, <tt>vi*gra</tt>, <tt>\/iagra</tt>. This also allows for many different ways to express a given word, making identifying them all more difficult for filter software.

The principle of this method is to leave the word readable to humans (who can easily recognize the intended word for such misspellings), but not likely to be recognized by a literal computer program. This is only somewhat effective, because modern filter patterns have been designed to recognize blacklisted terms in the various iterations of misspelling. Other filters target the actual obfuscation methods, such as the non-standard use of punctuation or numerals into unusual places. Similarly, HTML-based email gives the spammer more tools to obfuscate text. Inserting HTML comments between letters can foil some filters, as can including text made invisible by setting the font color to white on a white background, or shrinking the font size to the smallest fine print. Another common ploy involves presenting the text as an image, which is either sent along or loaded from a remote server. This can be foiled by not permitting an email-program to load images.

As [[Bayesian spam filtering|Bayesian filtering]] has become popular as a spam-filtering technique, spammers have started using methods to weaken it. To a rough approximation, Bayesian filters rely on word probabilities. If a message contains many words that are used only in spam, and few that are never used in spam, it is likely to be spam. To weaken Bayesian filters, some spammers, alongside the sales pitch, now include lines of irrelevant, random words, in a technique known as [[Bayesian poisoning]]. A variant on this tactic may be borrowed from the Usenet abuser known as "[[Hipcrime (Usenet)|Hipcrime]]"—to include passages from books taken from [[Project Gutenberg]], or nonsense sentences generated with "[[dissociated press]]" algorithms. Randomly generated phrases can create [[spoetry]] (spam poetry) or spam art. The perceived credibility of spam messages by users differs across cultures; for example, Korean unsolicited email frequently uses apologies, likely to be based on Koreans’ modeling behavior and a greater tendency to follow social norms.<ref>{{cite journal|last=Park|first=Hee Sun|author2=Hye Song |author3=Jeong An |title="I Am Sorry to Send You SPAM": Cross-cultural differences in use of apologies in email advertising in Korea and the U.S.|journal=Human Communication Research|year=2005|volume=31|issue=3|page=365|doi=10.1093/hcr/31.3.365}}</ref>

Another method used to masquerade spam as legitimate messages is the use of autogenerated sender names in the <tt>From:</tt> field, ranging from realistic ones such as "Jackie F. Bird" to (either by mistake or intentionally) bizarre attention-grabbing names such as "Sloppiest U. Epiglottis" or "Attentively E. Behavioral". Return addresses are also routinely auto-generated, often using unsuspecting domain owners' legitimate domain names, leading some users to blame the innocent domain owners. Blocking lists use IP addresses rather than sender domain names, as these are more accurate. A mail purporting to be from <tt>example.com</tt> can be seen to be faked by looking for the originating IP address in the email's headers; also [[Sender Policy Framework]], for example, helps by stating that a certain domain will send email only from certain IP addresses.

Spam can also be hidden inside a fake "Undelivered mail notification" which looks like the [[Email#Tracking of sent mail|failure notices]] sent by a [[mail transfer agent]] (a "[[Bounce message|MAILER-DAEMON]]") when it encounters an error.

===Spam-support services===
A number of other online activities and business practices are considered by anti-spam activists to be connected to spamming. These are sometimes termed '''spam-support services''': business services, other than the actual sending of spam itself, which permit the spammer to continue operating. Spam-support services can include processing orders for goods advertised in spam, hosting Web sites or [[Domain Name System|DNS]] records referenced in spam messages, or a number of specific services as follows:

Some Internet hosting firms advertise '''bulk-friendly''' or '''bulletproof hosting'''. This means that, unlike most ISPs, they will not terminate a customer for spamming. These hosting firms operate as clients of larger ISPs, and many have eventually been taken offline by these larger ISPs as a result of complaints regarding spam activity. Thus, while a firm may advertise bulletproof hosting, it is ultimately unable to deliver without the connivance of its upstream ISP. However, some spammers have managed to get what is called a [[pink contract]] (see below) – a contract with the ISP that allows them to spam without being disconnected.

A few companies produce '''[[spamware]]''', or software designed for spammers. Spamware varies widely, but may include the ability to import thousands of addresses, to generate random addresses, to insert fraudulent headers into messages, to use dozens or hundreds of mail servers simultaneously, and to make use of open relays. The sale of spamware is illegal in eight U.S. states.<ref name="spamsights1">{{cite web|url=http://www.spamsights.org|title=Spamware vendor list|publisher=Spam Sights|accessdate=2007-01-06|date=2005-07-08|author=Sapient Fridge}}</ref><ref name="spaumhaus3">{{cite web|url=http://www.spamhaus.org/sbl/policy.html|title=SBL Policy & Listing Criteria|accessdate=2007-01-06|date=2006-12-22|publisher=The Spamhaus Project}} ''original location was at {{citation|url=http://www.spamhaus.org/sbl/sbl-rationale.html|title=SBL rationale}}; the referenced page is an auto-redirect target from the original location''</ref><ref name="bitpipe">{{cite journal|title=Spamware – Email Address Harvesting Tools and Anonymous Bulk Emailing Software|publisher=MX Logic (abstract hosted by Bit Pipe)|date=2004-10-01|url=http://www.bitpipe.com/detail/RES/1097086148_134.html|accessdate=2007-01-06}} ''the link here is to an abstract of a white paper; registration with the authoring organization is required to obtain the full white paper''.</ref>

So-called '''millions CDs''' are commonly advertised in spam. These are [[CD-ROM]]s purportedly containing lists of email addresses, for use in sending spam to these addresses. Such lists are also sold directly online, frequently with the false claim that the owners of the listed addresses have requested (or "opted in") to be included. Such lists often contain invalid addresses. In recent years, these have fallen almost entirely out of use due to the low quality email addresses available on them, and because some email lists exceed 20GB in size. The [[CD-ROM#Capacity|amount you can fit on a CD]] is no longer substantial.

A number of [[DNSBL|DNS blacklists]] (DNSBLs), including the MAPS RBL, Spamhaus SBL, SORBS and SPEWS, target the providers of spam-support services as well as spammers. DNSBLs blacklist IPs or ranges of IPs to persuade ISPs to terminate services with known customers who are spammers or resell to spammers.

==Related vocabulary==
;Unsolicited bulk email (UBE)
:A synonym for email spam.
;Unsolicited commercial email (UCE)
:Spam promoting a commercial service or product. This is the most common type of spam, but it excludes spams that are hoaxes (e.g. virus warnings), political advocacy, religious messages and [[chain letter]]s sent by a person to many other people. The term UCE may be most common in the USA.<ref name="caube">{{cite web|url=http://www.caube.org.au/whatis.htm|title=Definitions of Words We Use|accessdate=2007-01-06|publisher=Coalition Against Unsolicited Bulk Email, Australia}}</ref>
;Pink contract
:A [[pink contract]] is a service contract offered by an ISP which offers bulk email service to spamming clients, in violation of that ISP's publicly posted acceptable use policy.
;Spamvertising
:[[Spamvertising]] is advertising through the medium of spam.
;Opt-in, confirmed opt-in, double opt-in, opt-out
:[[opt in email|Opt-in, confirmed opt-in, double opt-in, opt-out]] refers to whether the people on a mailing list are given the option to be put in, or taken out, of the list. Confirmation (and "double", in marketing speak) refers to an email address transmitted e.g. through a web form being confirmed to actually request joining a mailing list, instead of being added to the list without verification.
;Final, Ultimate Solution for the Spam Problem (FUSSP)
:An [[irony|ironic]] reference to naïve developers who believe they have invented the perfect spam filter, which will stop all spam from reaching users' inboxes while deleting no legitimate email accidentally.<ref>{{cite web|url=http://www.rhyolite.com/anti-spam/you-might-be.html|title=Vernon Schryver: You Might Be An Anti-Spam Kook If|publisher=Rhyolite.com|accessdate=2012-12-10}}</ref><ref>[http://richi.co.uk/blog/2006/04/tips-for-your-new-anti-spam-idea.html Tips for your new anti-spam idea].</ref>
;Bacn
:Bacn is email that has been subscribed to and is therefore solicited. Bacn has been described as "email you want but not right now."<ref>{{cite web
|url = http://podcamppittsburgh.com/2007/08/podcamp-pittsburgh-2-cooks-up-bacn/
|title = PodCamp Pittsburgh 2 cooks up Bacn
|accessdate = 2010-03-15
|date = August 23, 2007
|publisher = PodCamp Pittsburgh
| archiveurl= http://web.archive.org/web/20100330094549/http://podcamppittsburgh.com/2007/08/podcamp-pittsburgh-2-cooks-up-bacn/| archivedate= 30 March 2010 <!--DASHBot-->| deadurl= no}}</ref><ref>{{cite news |title=All We Are Saying |url=http://www.nytimes.com/2007/12/23/weekinreview/23buzzwords.html?ref=weekinreview |quote=Bacn: Impersonal e-mail messages that are nearly as annoying as spam but that you have chosen to receive: alerts, newsletters, automated reminders etcetera. Popularised at the PodCamp conference in Pittsburgh in August. |work=[[New York Times]] |date= 2007-12-23|accessdate=2007-12-24 | first=Grant | last=Barrett}}</ref> Some examples of common bacn messages are news alerts, periodic messages from e-merchants from whom one has made previous purchases, messages from [[social networking]] sites, and [[wiki]] watch lists.<ref>[http://gmailblog.blogspot.com/2010/08/email-overload-try-priority-inbox.html Email overload? Try Priority Inbox] - Google Gmail Blog, 30 Aug 2010</ref> The name ''bacn'' is meant to convey the idea that such email is "better than spam, but not as good as a personal email".<ref>[http://www.npr.org/templates/story/story.php?storyId=14032271&ft=1&f=1006 NPR: Move Over, Spam: 'Bacn' Is the E-Mail Dish du Jour<!-- Bot generated title -->]</ref> It was originally coined in August 2007 at PodCamp Pittsburgh 2,<ref>{{cite web
|url = http://blog.viddler.com/brandice/pcpgh-invented-bacn/
|title = PCPGH invented BACN
|accessdate = 2011-03-23
|date = October 16, 2008
|publisher = Viddler
}}</ref> and since then has been used amongst the [[blogging]] community.

==History==
{{Main|History of email spam}}

==See also==
*[[Address munging]]
*[[Anti-spam techniques]]
*[[Bacn (electronic)|Bacn]]
*[[Botnet]]
*[[Boulder Pledge]]
*[[The Canadian Coalition Against Unsolicited Commercial Email]]
*[[CAUCE]]
*[[CAN-SPAM Act of 2003]]
*[[Chain email]]
*[[Direct Marketing Associations]]
*[[Disposable email address]]
*[[Email address harvesting]]
*[[Gordon v. Virtumundo, Inc.]]
*[[Junk fax]]
*[[List poisoning]]
*[[Make money fast]], the infamous Dave Rhodes chain letter that jumped to email.
*[[Netiquette]]
*[[news.admin.net-abuse.email]] newsgroup
*[[Advance fee fraud|Nigerian spam]]
*[[Project Honey Pot]]
*[[Pump and dump#Pump and dump spam|Pump and dump stock fraud]]
*[[Ratware]]
*[[Spamusement!]]
*[[Spambot]]
*[[SpamCop]]
*[[The Spamhaus Project|Spamhaus]]
*[[Spamtrap]]
*[[Spamware]]
*[[Spider trap]]
*[[VoIP spam|SPIT (SPam over Internet Telephony)]]

==References==
{{reflist|2}}

==Further reading==
*{{citation|last1=Dow|first1=K|last2=Serenko|first2=A|last3=Turel|first3=O|last4=Wong|first4=J|year=2006|format=PDF|url=http://www.aserenko.com/papers/JeC_Dow.pdf|contribution=Antecedents and consequences of user satisfaction with email systems|title=International Journal of e-Collaboration|volume=2|number=2|pages=46–64}}.
*Sjouwerman, Stu; Posluns, Jeffrey, [http://books.google.com/books?id=1gsUeCcA7qMC ''Inside the spam cartel: trade secrets from the dark side''], Elsevier/Syngress; 1st edition, November 27, 2004. ISBN 978-1-932266-86-3.

==External links==
{{Commons category|SPAM email}}
'''Spam info'''
*[http://www.spamhelp.org SpamHelp.org]
*[http://spamlinks.net/ Spam Links]
*{{citation|work=The Economist|url=http://www.economist.com/displayStory.cfm?story_id=13851721|title=Can the Spam: How Spam is Bad for the Environment|date=June 15, 2009}}.

'''Spam reports'''
*{{citation|publisher=Barracuda Central|url=http://www.barracudacentral.com/index.cgi?p=spam|title=Worldwide Email Threat Activity}}.

'''Government reports and industry white papers'''
*{{citation|format=PDF|url=http://www.ftc.gov/opa/2005/11/spamharvest.pdf|title=Email Address Harvesting and the Effectiveness of Anti-SPAM Filters|location=[[USA]]|publisher=FTC|accessdate=13 Oct 2007}}.
*[http://www.eff.org/spam/ The Electronic Frontier Foundation's spam page] which contains legislation, analysis and litigation histories
*[http://www.spamhelp.org/articles/030319spamreport.pdf ''Why Am I Getting All This Spam? Unsolicited Commercial Email Research Six Month Report''] by Center for Democracy & Technology from the author of [[Pegasus Mail]] & [[Mercury Mail Transport System]] – [[David Harris (software developer)|David Harris]]
*{{citation|format=PDF|url=http://www.pegasusmail.tk/upload/SPAM_white_paper.pdf|title=Spam White Paper – Drowning in Sewage|publisher=Pegasus Mail}}.

{{Spamming}}

{{DEFAULTSORT:E-Mail Spam}}
[[Category:Email]]
[[Category:Spamming]]

Revision as of 11:11, 26 June 2015

An email box folder filled with spam messages.

Email spam, also known as junk email or unsolicited bulk email (UBE), is a subset of electronic spam involving nearly identical messages sent to numerous recipients by email. Clicking on links in spam email may send users to phishing web sites or sites that are hosting malware. Spam email may also include malware as scripts or other executable file attachments. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk.[1][2][3][4][5] One subset of UBE is UCE (unsolicited commercial email). The opposite of "spam", email which one wants, is called "ham"[citation needed], usually when referring to a message's automated analysis (such as Bayesian filtering).[6] Like other forms of unwanted bulk messaging, it is named for Spam luncheon meat by way of a Monty Python sketch in which Spam is depicted as ubiquitous and unavoidable.[7]

Email spam has steadily grown since the early 1990s. Botnets, networks of virus-infected computers, are used to send about 80% of spam. Since the expense of the spam is borne mostly by the recipient,[8] it is effectively postage due advertising.

The legal status of spam varies from one jurisdiction to another. In the United States, spam was declared to be legal by the CAN-SPAM Act of 2003 provided the message adheres to certain specifications. ISPs have attempted to recover the cost of spam through lawsuits against spammers, although they have been mostly unsuccessful in collecting damages despite winning in court.[9][10]

Spammers collect email addresses from chatrooms, websites, customer lists, newsgroups, and viruses which harvest users' address books, and are sold to other spammers. They also use a practice known as "email appending" or "epending" in which they use known information about their target (such as a postal address) to search for the target's email address. Much of spam is sent to invalid email addresses. According to the Message Anti-Abuse Working Group, the amount of spam email was between 88–92% of email messages sent in the first half of 2010.[11]

Overview

From the beginning of the Internet (the ARPANET), sending of junk email has been prohibited. Gary Thuerk sent the first email spam message in 1978 to 600 people. He was reprimanded and told not to do it again. [12] The ban on spam is enforced by the Terms of Service/Acceptable Use Policy (ToS/AUP) of internet service providers (ISPs) and peer pressure. Even with a thousand users junk email for advertising is not tenable, and with a million users it is not only impractical,[13] but also expensive.[14] It was estimated that spam cost businesses on the order of $100 billion in 2007.[15] As the scale of the spam problem has grown, ISPs and the public have turned to government for relief from spam, which has failed to materialize.[16]

Types

Mutt in action

Spam has several definitions varying by source.

  • Unsolicited bulk email (UBE)—unsolicited email, sent in large quantities.
  • Unsolicited commercial email (UCE)—this more restrictive definition is used by regulators whose mandate is to regulate commerce, such as the U.S. Federal Trade Commission.

Spamvertised sites

Many spam emails contain URLs to a website or websites. According to a Commtouch report in the first quarter of 2010, there are "...183 billion spam messages" sent every day. The most popular spam topic is "pharmacy ads" which make up 81% of email spam messages.[17]

Most common products advertised

According to information compiled by Commtouch Software Ltd., email spam for the first quarter of 2010 can be broken down as follows.[17]

EMail Spam by Topic
Pharmacy 81%
Replica 5.40%
Enhancers 2.30%
Phishing 2.30%
Degrees[17] 1.30%
Casino 1%
Weight Loss 0.40%
Other 6.30%

419 scams

Advance fee fraud spam such as the Nigerian "419" scam may be sent by a single individual from a cybercafé in a developing country. Organized "spam gangs" operate from sites set up by the Russian mafia, with turf battles and revenge killings sometimes resulting.[18]

Phishing

Spam is also a medium for fraudsters to scam users into entering personal information on fake Web sites using emails forged to look like they are from banks or other organizations, such as PayPal. This is known as phishing. Targeted phishing, where known information about the recipient is used to create forged emails, is known as spear-phishing.[19]

Spam techniques

Appending

If a marketer has one database containing names, addresses, and telephone numbers of customers, they can pay to have their database matched against an external database containing email addresses. The company then has the means to send email to people who have not requested email, which may include people who have deliberately withheld their email address.[20]

Image spam

Image spam, or image-based spam,[21][22] is an obfuscating method in which the text of the message is stored as a GIF or JPEG image and displayed in the email. This prevents text-based spam filters from detecting and blocking spam messages. Image spam was reportedly used in the mid-2000s to advertise "pump and dump" stocks.[23][failed verification]

Often, image spam contains nonsensical, computer-generated text which simply annoys the reader. However, new technology in some programs tries to read the images by attempting to find text in these images. These programs are not very accurate, and sometimes filter out innocent images of products, such as a box that has words on it.

A newer technique, however, is to use an animated GIF image that does not contain clear text in its initial frame, or to contort the shapes of letters in the image (as in CAPTCHA) to avoid detection by optical character recognition tools.

Blank spam

Blank spam is spam lacking a payload advertisement. Often the message body is missing altogether, as well as the subject line. Still, it fits the definition of spam because of its nature as bulk and unsolicited email.

Blank spam may be originated in different ways, either intentional or unintentionally:

  1. Blank spam can have been sent in a directory harvest attack, a form of dictionary attack for gathering valid addresses from an email service provider. Since the goal in such an attack is to use the bounces to separate invalid addresses from the valid ones, spammers may dispense with most elements of the header and the entire message body, and still accomplish their goals.
  2. Blank spam may also occur when a spammer forgets or otherwise fails to add the payload when he or she sets up the spam run.
  3. Often blank spam headers appear truncated, suggesting that computer glitches may have contributed to this problem—from poorly written spam software to malfunctioning relay servers, or any problems that may truncate header lines from the message body.
  4. Some spam may appear to be blank when in fact it is not. An example of this is the VBS.Davinia.B email worm[24] which propagates through messages that have no subject line and appears blank, when in fact it uses HTML code to download other files.

Backscatter spam

Backscatter is a side-effect of email spam, viruses and worms, where email servers receiving spam and other mail send bounce messages to an innocent party. This occurs because the original message's envelope sender is forged to contain the email address of the victim. A very large proportion of such email is sent with a forged From: header, matching the envelope sender.

Since these messages were not solicited by the recipients, are substantially similar to each other, and are delivered in bulk quantities, they qualify as unsolicited bulk email or spam. As such, systems that generate email backscatter can end up being listed on various DNSBLs and be in violation of internet service providers' Terms of Service.

Legality

Sending spam violates the acceptable use policy (AUP) of almost all Internet service providers. Providers vary in their willingness or ability to enforce their AUPs. Some actively enforce their terms and terminate spammers' accounts without warning. Some ISPs lack adequate personnel or technical skills for enforcement, while others may be reluctant to enforce restrictive terms against profitable customers.

As the recipient directly bears the cost of delivery, storage, and processing, one could regard spam as the electronic equivalent of "postage-due" junk mail.[8][25] Due to the low cost of sending unsolicited email and the potential profit entailed, some believe that only strict legal enforcement can stop junk email. The Coalition Against Unsolicited Commercial Email (CAUCE) argues "Today, much of the spam volume is sent by career criminals and malicious hackers who won't stop until they're all rounded up and put in jail."[26]

European Union

All the countries of the European Union have passed laws that specifically target spam.

Article 13 of the European Union Directive on Privacy and Electronic Communications (2002/58/EC) provides that the EU member states shall take appropriate measures to ensure that unsolicited communications for the purposes of direct marketing are not allowed either without the consent of the subscribers concerned or in respect of subscribers who do not wish to receive these communications, the choice between these options to be determined by national legislation.

In the United Kingdom, for example, unsolicited emails cannot be sent to an individual subscriber unless prior permission has been obtained or unless there is a previous relationship between the parties.[27] The regulations can be enforced against an offending company or individual anywhere in the European Union. The Information Commissioner's Office has responsibility for the enforcement of unsolicited emails and considers complaints about breaches. A breach of an enforcement notice is a criminal offence subject to a fine of up to £500,000.[28]

Canada

The Government of Canada has passed anti-spam legislation called the Fighting Internet and Wireless Spam Act[29] to fight spam.[30]

Australia

In Australia, the relevant legislation is the Spam Act 2003, which covers some types of email and phone spam and took effect on 11 April 2004. The Spam Act provides that "Unsolicited commercial electronic messages must not be sent." Whether an email is unsolicited depends on whether the sender has consent. Consent can be express or inferred. Express consent is when someone directly instructs a sender to send them emails, e.g. by opting in. Consent can also be inferred from the business relationship between the sender and recipient or if the recipient conspicuously publishes their email address in a public place (such as on a website).[31] Penalties are up to 10,000 penalty units, or 2,000 penalty units for a person other than a body corporate.

United States

In the United States, most states enacted anti-spam laws during the late 1990s and early 2000s. Many of these have since been pre-empted by the less restrictive CAN-SPAM Act of 2003 ("CAN-SPAM").[32]

Spam is legally permissible according to CAN-SPAM, provided it meets certain criteria: a "truthful" subject line, no forged information in the technical headers or sender address, and other minor requirements. If the spam fails to comply with any of these requirements it is illegal. Aggravated or accelerated penalties apply if the spammer harvested the email addresses using methods described earlier.

A review of the effectiveness of CAN-SPAM in 2005 by the Federal Trade Commission (the agency charged with CAN-SPAM enforcement) stated that the amount of sexually explicit spam had significantly decreased since 2003 and the total volume had begun to level off.[33] Senator Conrad Burns, a principal sponsor, noted that "Enforcement is key regarding the CAN-SPAM legislation." In 2004, less than one percent of spam complied with CAN-SPAM.[34] In contrast to the FTC evaluation, many observers view CAN-SPAM as having failed in its purpose of reducing spam.[35][36]

Other laws

Accessing privately owned computer resources without the owner's permission is illegal under computer crime statutes in most nations. Deliberate spreading of computer viruses is also illegal in the United States and elsewhere. Thus, some common behaviors of spammers are criminal regardless of the legality of spamming per se. Even before the advent of laws specifically banning or regulating spamming, spammers were successfully prosecuted under computer fraud and abuse laws for wrongfully using others' computers.

The use of botnets can be perceived as theft. The spammer consumes a zombie owner's bandwidth and resources without any cost. In addition, spam is perceived as theft of services. The receiving SMTP servers consume significant amounts of system resources dealing with this unwanted traffic. As a result, service providers have to spend large amounts of money to make their systems capable of handling these amounts of email. Such costs are inevitably passed on to the service providers' customers.[37]

Other laws, not only those related to spam, have been used to prosecute alleged spammers. For example, Alan Ralsky was indicted on stock fraud charges in January 2008, and Robert Soloway pled guilty in March 2008 to charges of mail fraud, fraud in connection with email, and failing to file a tax return.[38]

Deception and fraud

Spammers may engage in deliberate fraud to send out their messages. Spammers often use false names, addresses, phone numbers, and other contact information to set up "disposable" accounts at various Internet service providers. They also often use falsified or stolen credit card numbers to pay for these accounts. This allows them to move quickly from one account to the next as the host ISPs discover and shut down each one.

Senders may go to great lengths to conceal the origin of their messages. Large companies may hire another firm to send their messages so that complaints or blocking of email falls on a third party. Others engage in spoofing of email addresses (much easier than IP address spoofing). The email protocol (SMTP) has no authentication by default, so the spammer can pretend to originate a message apparently from any email address. To prevent this, some ISPs and domains require the use of SMTP-AUTH, allowing positive identification of the specific account from which an email originates.

Senders cannot completely spoof email delivery chains (the 'Received' header), since the receiving mailserver records the actual connection from the last mailserver's IP address. To counter this, some spammers forge additional delivery headers to make it appear as if the email had previously traversed many legitimate servers.

Spoofing can have serious consequences for legitimate email users. Not only can their email inboxes get clogged up with "undeliverable" emails in addition to volumes of spam, they can mistakenly be identified as a spammer. Not only may they receive irate email from spam victims, but (if spam victims report the email address owner to the ISP, for example) a naive ISP may terminate their service for spamming.

Theft of service

Spammers frequently seek out and make use of vulnerable third-party systems such as open mail relays and open proxy servers. SMTP forwards mail from one server to another—mail servers that ISPs run commonly require some form of authentication to ensure that the user is a customer of that ISP. Open relays, however, do not properly check who is using the mail server and pass all mail to the destination address, making it harder to track down spammers.

Increasingly, spammers use networks of malware-infected PCs (zombies) to send their spam. Zombie networks are also known as botnets (such zombifying malware is known as a bot, short for robot). In June 2006, an estimated 80 percent of email spam was sent by zombie PCs, an increase of 30 percentfrom the prior year. An estimated 55 billion email spam were sent each day in June 2006, an increase of 25 billion per day from June 2005.[39]

For the first quarter of 2010, an estimated 305,000 newly activated zombie PCs were brought online each day for malicious activity. This number is slightly lower than the 312,000 of the fourth quarter of 2009.[17]

Brazil produced the most zombies in the first quarter of 2010. Brazil was the source of 20 percent of all zombies, which is down from 14 percent from the fourth quarter of 2009. India had 10 percent, with Vietnam at 8 percent, and the Russian Federation at 7 percent.[17]

Side effects

To combat the problems posed by botnets, open relays, and proxy servers, many email server administrators pre-emptively block dynamic IP ranges and impose stringent requirements on other servers wishing to deliver mail. Forward-confirmed reverse DNS must be correctly set for the outgoing mail server and large swaths of IP addresses are blocked, sometimes pre-emptively, to prevent spam. These measures can pose problems for those wanting to run a small email server off an inexpensive domestic connection. Blacklisting of IP ranges due to spam emanating from them also causes problems for legitimate email servers in the same IP range.

Statistics and estimates

The total volume of email spam has been consistently growing, but in 2011 the trend seems to have reversed.[40][41] The amount of spam users see in their mailboxes is only a portion of total spam sent, since spammers' lists often contain a large percentage of invalid addresses and many spam filters simply delete or reject "obvious spam."

The first known spam email, advertising a DEC product presentation, was sent in 1978 by Gary Thuerk to 600 addresses, which was all the users of ARPANET at the time, though software limitations meant only slightly more than half of the intended recipients actually received it.[42] As of August 2010, the amount of spam was estimated to be around 200 billion spam messages sent per day.[43] More than 97% of all emails sent over the Internet are unwanted, according to a Microsoft security report.[44] MAAWG estimates that 85% of incoming mail is "abusive email", as of the second half of 2007. The sample size for the MAAWG's study was over 100 million mailboxes.[45][46][47]

A 2010 survey of US and European email users showed that 46% of the respondents had opened spam messages, although only 11% had clicked on a link.[48]

Highest amount of spam received

According to Steve Ballmer, Microsoft founder Bill Gates receives four million emails per year, most of them spam.[49] This was originally incorrectly reported as "per day".[50]

At the same time Jef Poskanzer, owner of the domain name acme.com, was receiving over one million spam emails per day.[51]

Cost of spam

A 2004 survey estimated that lost productivity costs Internet users in the United States $21.58 billion annually, while another reported the cost at $17 billion, up from $11 billion in 2003. In 2004, the worldwide productivity cost of spam has been estimated to be $50 billion in 2005.[52] An estimate of the percentage cost borne by the sender of marketing junk mail (snail mail) is 88 percent, whereas in 2001 one spam was estimated to cost $0.10 for the receiver and $0.00001 (0.01% of the cost) for the sender.[8]

Origin of spam

Email spam relayed by country in Q2/2007.

Origin or source of spam refers to the geographical location of the computer from which the spam is sent; it is not the country where the spammer resides, nor the country that hosts the spamvertised site. Because of the international nature of spam, the spammer, the hijacked spam-sending computer, the spamvertised server, and the user target of the spam are all often located in different countries. As much as 80% of spam received by Internet users in North America and Europe can be traced to fewer than 200 spammers.[53]

In terms of volume of spam: According to Sophos, the major sources of spam in the fourth quarter of 2008 (October to December) were:[unreliable source?][19][54][55][56][57][58][59][60][61][62]

  • The United States (the origin of 19.8% of spam messages, up from 18.9% in Q3)
  • China (9.9%, up from 5.4%)
  • Russia (6.4%, down from 8.3%)
  • Brazil (6.3%, up from 4.5%)
  • Turkey (4.4%, down from 8.2%)

When grouped by continents, spam comes mostly from:

  • Asia (37.8%, down from 39.8%)
  • North America (23.6%, up from 21.8%)
  • Europe (23.4%, down from 23.9%)
  • South America (12.9%, down from 13.2%)

In terms of number of IP addresses: the Spamhaus Project (which measures spam sources in terms of number of IP addresses used for spamming, rather than volume of spam sent) ranks the top three as the United States, China, and Russia,[63] followed by Japan, Canada, and South Korea.

In terms of networks: As of 5 June 2007, the three networks hosting the most spammers are Verizon, AT&T, and VSNL International.[63] Verizon inherited many of these spam sources from its acquisition of MCI, specifically through the UUNet subsidiary of MCI, which Verizon subsequently renamed Verizon Business.

Anti-spam techniques

The U.S. Department of Energy Computer Incident Advisory Capability (CIAC) has provided specific countermeasures against email spamming.[64]

Some popular methods for filtering and refusing spam include email filtering based on the content of the email, DNS-based blackhole lists (DNSBL), greylisting, spamtraps, enforcing technical requirements of email (SMTP), checksumming systems to detect bulk email, and by putting some sort of cost on the sender via a proof-of-work system or a micropayment. Each method has strengths and weaknesses and each is controversial because of its weaknesses. For example, one company's offer to "[remove] some spamtrap and honeypot addresses" from email lists defeats the ability for those methods to identify spammers.

Outbound spam protection combines many of the techniques to scan messages exiting out of a service provider's network, identify spam, and take action such as blocking the message or shutting off the source of the message.

In one study, 95 percent of revenues (in the study) cleared through just three banks.[65]

How spammers operate

Gathering of addresses

In order to send spam, spammers need to obtain the email addresses of the intended recipients. To this end, both spammers themselves and list merchants gather huge lists of potential email addresses. Since spam is, by definition, unsolicited, this address harvesting is done without the consent (and sometimes against the expressed will) of the address owners. As a consequence, spammers' address lists are inaccurate. A single spam run may target tens of millions of possible addresses – many of which are invalid, malformed, or undeliverable.

Sometimes, if the sent spam is "bounced" or sent back to the sender by various programs that eliminate spam, or if the recipient clicks on an unsubscribe link, that may cause that email address to be marked as "valid", which is interpreted by the spammer as "send me more". This is illegal with the passage of anti-spam legislation, however. Thus a recipient should not automatically assume the unsubscribe link is an invitation to be sent more messages. If the originating company is legitimate and the content of the message is legitimate, then individuals should unsubscribe to messages they no longer wish to receive.

Delivering spam messages

Obfuscating message content

Many spam-filtering techniques work by searching for patterns in the headers or bodies of messages. For instance, a user may decide that all email they receive with the word "Viagra" in the subject line is spam, and instruct their mail program to automatically delete all such messages. To defeat such filters, the spammer may intentionally misspell commonly filtered words or insert other characters, often in a style similar to leetspeak, as in the following examples: V1agra, Via'gra, Vi@graa, vi*gra, \/iagra. This also allows for many different ways to express a given word, making identifying them all more difficult for filter software.

The principle of this method is to leave the word readable to humans (who can easily recognize the intended word for such misspellings), but not likely to be recognized by a literal computer program. This is only somewhat effective, because modern filter patterns have been designed to recognize blacklisted terms in the various iterations of misspelling. Other filters target the actual obfuscation methods, such as the non-standard use of punctuation or numerals into unusual places. Similarly, HTML-based email gives the spammer more tools to obfuscate text. Inserting HTML comments between letters can foil some filters, as can including text made invisible by setting the font color to white on a white background, or shrinking the font size to the smallest fine print. Another common ploy involves presenting the text as an image, which is either sent along or loaded from a remote server. This can be foiled by not permitting an email-program to load images.

As Bayesian filtering has become popular as a spam-filtering technique, spammers have started using methods to weaken it. To a rough approximation, Bayesian filters rely on word probabilities. If a message contains many words that are used only in spam, and few that are never used in spam, it is likely to be spam. To weaken Bayesian filters, some spammers, alongside the sales pitch, now include lines of irrelevant, random words, in a technique known as Bayesian poisoning. A variant on this tactic may be borrowed from the Usenet abuser known as "Hipcrime"—to include passages from books taken from Project Gutenberg, or nonsense sentences generated with "dissociated press" algorithms. Randomly generated phrases can create spoetry (spam poetry) or spam art. The perceived credibility of spam messages by users differs across cultures; for example, Korean unsolicited email frequently uses apologies, likely to be based on Koreans’ modeling behavior and a greater tendency to follow social norms.[66]

Another method used to masquerade spam as legitimate messages is the use of autogenerated sender names in the From: field, ranging from realistic ones such as "Jackie F. Bird" to (either by mistake or intentionally) bizarre attention-grabbing names such as "Sloppiest U. Epiglottis" or "Attentively E. Behavioral". Return addresses are also routinely auto-generated, often using unsuspecting domain owners' legitimate domain names, leading some users to blame the innocent domain owners. Blocking lists use IP addresses rather than sender domain names, as these are more accurate. A mail purporting to be from example.com can be seen to be faked by looking for the originating IP address in the email's headers; also Sender Policy Framework, for example, helps by stating that a certain domain will send email only from certain IP addresses.

Spam can also be hidden inside a fake "Undelivered mail notification" which looks like the failure notices sent by a mail transfer agent (a "MAILER-DAEMON") when it encounters an error.

Spam-support services

A number of other online activities and business practices are considered by anti-spam activists to be connected to spamming. These are sometimes termed spam-support services: business services, other than the actual sending of spam itself, which permit the spammer to continue operating. Spam-support services can include processing orders for goods advertised in spam, hosting Web sites or DNS records referenced in spam messages, or a number of specific services as follows:

Some Internet hosting firms advertise bulk-friendly or bulletproof hosting. This means that, unlike most ISPs, they will not terminate a customer for spamming. These hosting firms operate as clients of larger ISPs, and many have eventually been taken offline by these larger ISPs as a result of complaints regarding spam activity. Thus, while a firm may advertise bulletproof hosting, it is ultimately unable to deliver without the connivance of its upstream ISP. However, some spammers have managed to get what is called a pink contract (see below) – a contract with the ISP that allows them to spam without being disconnected.

A few companies produce spamware, or software designed for spammers. Spamware varies widely, but may include the ability to import thousands of addresses, to generate random addresses, to insert fraudulent headers into messages, to use dozens or hundreds of mail servers simultaneously, and to make use of open relays. The sale of spamware is illegal in eight U.S. states.[67][68][69]

So-called millions CDs are commonly advertised in spam. These are CD-ROMs purportedly containing lists of email addresses, for use in sending spam to these addresses. Such lists are also sold directly online, frequently with the false claim that the owners of the listed addresses have requested (or "opted in") to be included. Such lists often contain invalid addresses. In recent years, these have fallen almost entirely out of use due to the low quality email addresses available on them, and because some email lists exceed 20GB in size. The amount you can fit on a CD is no longer substantial.

A number of DNS blacklists (DNSBLs), including the MAPS RBL, Spamhaus SBL, SORBS and SPEWS, target the providers of spam-support services as well as spammers. DNSBLs blacklist IPs or ranges of IPs to persuade ISPs to terminate services with known customers who are spammers or resell to spammers.

Unsolicited bulk email (UBE)
A synonym for email spam.
Unsolicited commercial email (UCE)
Spam promoting a commercial service or product. This is the most common type of spam, but it excludes spams that are hoaxes (e.g. virus warnings), political advocacy, religious messages and chain letters sent by a person to many other people. The term UCE may be most common in the USA.[70]
Pink contract
A pink contract is a service contract offered by an ISP which offers bulk email service to spamming clients, in violation of that ISP's publicly posted acceptable use policy.
Spamvertising
Spamvertising is advertising through the medium of spam.
Opt-in, confirmed opt-in, double opt-in, opt-out
Opt-in, confirmed opt-in, double opt-in, opt-out refers to whether the people on a mailing list are given the option to be put in, or taken out, of the list. Confirmation (and "double", in marketing speak) refers to an email address transmitted e.g. through a web form being confirmed to actually request joining a mailing list, instead of being added to the list without verification.
Final, Ultimate Solution for the Spam Problem (FUSSP)
An ironic reference to naïve developers who believe they have invented the perfect spam filter, which will stop all spam from reaching users' inboxes while deleting no legitimate email accidentally.[71][72]
Bacn
Bacn is email that has been subscribed to and is therefore solicited. Bacn has been described as "email you want but not right now."[73][74] Some examples of common bacn messages are news alerts, periodic messages from e-merchants from whom one has made previous purchases, messages from social networking sites, and wiki watch lists.[75] The name bacn is meant to convey the idea that such email is "better than spam, but not as good as a personal email".[76] It was originally coined in August 2007 at PodCamp Pittsburgh 2,[77] and since then has been used amongst the blogging community.

History

See also

References

  1. ^ Farmer, James John (2003-12-27). "3.4 Specific Types of Spam". An FAQ for news.admin.net-abuse.email; Part 3: Understanding NANAE. Spam FAQ. Archived from the original (FAQ) on 2004-02-12. Retrieved 2008-08-19.
  2. ^ "You Might Be An Anti-Spam Kook If..." Rhyolite Software. 2006-11-25. Retrieved 2007-01-05.
  3. ^ "On what type of email should I (not) use SpamCop?" (FAQ). SpamCop FAQ. IronPort Systems. Retrieved 2007-01-05.
  4. ^ Scott Hazen Mueller. "What is spam?". Information about spam. Abuse.net. Retrieved 2007-01-05.
  5. ^ "Spam Defined". Infinite Monkeys & Co. 2002-12-22. Retrieved 2007-01-05.
  6. ^ Bradley, David (2009-05-13). "Spam or Ham?". Sciencetext. Retrieved 2011-09-28.
  7. ^ "Merriam Webster Dictionary". Merriam-Webster.
  8. ^ a b c Rebecca Lieb (July 26, 2002). "Make Spammers Pay Before You Do". The ClickZ Network. Archived from the original on 2007-08-07. Retrieved 2010-09-23.
  9. ^ Clinton Internet provider wins $11B suit against spammer, QC Times
  10. ^ AOL gives up treasure hunt, Boston Herald
  11. ^ Email metrics report, MAAWG, Nov 2010
  12. ^ Opening Pandora's In-Box. [dead link]
  13. ^ "alt.spam FAQ". Gandalf.home.digital.net. Retrieved 2012-12-10.
  14. ^ "Why is spam bad?". Spam.abuse.net. Retrieved 2012-12-10.
  15. ^ Ferris Research: Cost of Spam
  16. ^ Spam's Cost To Business Escalates
  17. ^ a b c d e "Q1 2010 Internet Threats Trend Report" (PDF) (Press release). Commtouch Software Ltd. Retrieved 2010-09-23.
  18. ^ Brett Forrest (August 2006). "The Sleazy Life and Nasty Death of Russia's Spam King". Issue 14.08. Wired Magazine. Retrieved 2007-01-05.
  19. ^ a b "Only one in 28 emails legitimate, Sophos report reveals rising tide of spam in April–June 2008" (Press release). Sophos. 2008-07-15. Retrieved 2008-10-12.
  20. ^ Bob West (January 19, 2008). "Getting it Wrong: Corporate America Spams the Afterlife". Clueless Mailers. Retrieved 2010-09-23.
  21. ^ Giorgio Fumera, Ignazio Pillai, Fabio Roli,"Spam filtering based on the analysis of text information embedded into images". Journal of Machine Learning Research (special issue on Machine Learning in Computer Security), vol. 7, pp. 2699-2720, 12/2006.
  22. ^ Battista Biggio, Giorgio Fumera, Ignazio Pillai, Fabio Roli,"A survey and experimental evaluation of image spam filtering techniques, Pattern Recognition Letters". Volume 32, Issue 10, 15 July 2011, Pages 1436-1446, ISSN 0167-8655.
  23. ^ Eric B. Parizo (2006-07-26). "Image spam paints a troubling picture". Search Security. Retrieved 2007-01-06.
  24. ^ "symantec.com". symantec.com. Retrieved 2012-12-10.
  25. ^ The Carbon Footprint of Email Spam Report (PDF), McAfee/ICF, Over 95% of the energy consumed by spam is on the receiver
  26. ^ CAUCE accessed July 13, 2007 November 2014
  27. ^ Privacy and Electronic Communications (EC Directive) Regulations 2003
  28. ^ Enforcement, ICO
  29. ^ Fighting Internet and Wireless Spam Act, CA: GC
  30. ^ Canada's Anti-spam Bill C-28 is the Law of the Land, Circle ID, 2010-12-15
  31. ^ "Commonwealth Consolidated Acts: Spam Act 2003 – Schedule 2". Sydney, AU: AustLII, Faculty of Law, University of Technology. Retrieved 2010-09-23.
  32. ^ But see, e.g., Hypertouch v. ValueClick, Inc. et al., Cal.App.4th (Google Scholar: January 18, 2011).
  33. ^ Effectiveness and Enforcement of the CAN-SPAM Act (PDF), USA: FTC [dead link]
  34. ^ Is the CAN-SPAM Law Working?, PC World
  35. ^ Ken Fisher (December 2005), US FTC says CAN-SPAM works, Ars Technica
  36. ^ Six years later, Can Spam act leaves spam problem unresolved, USA: SC Magazine
  37. ^ You've Got Spam, Find Law
  38. ^ Carter, Mike (2008-03-15), "Spam king" pleads guilty to felony fraud, Seattle Times
  39. ^ "Spammers Continue Innovation: IronPort Study Shows Image-based Spam, Hit & Run, and Increased Volumes Latest Threat to Your Inbox" (Press release). IronPort Systems. 2006-06-28. Retrieved 2007-01-05.
  40. ^ Charlie White (2011-07-04). "Spam Decreased 82.22% Over The Past Year". Mashable.com. Retrieved 2012-12-10.
  41. ^ "Spam" (in Dutch). Symantec.cloud. Retrieved 2012-12-10.
  42. ^ Brad Templeton (8 March 2005). "Reaction to the DEC Spam of 1978". Brad Templeton. Retrieved 2007-01-21.
  43. ^ Josh Halliday (10 January 2011). "Email spam level bounces back after record low". guardian.co.uk. Retrieved 2011-01-11.
  44. ^ Waters, Darren (2009-04-08). "Spam overwhelms email messages". BBC News. Retrieved 2012-12-10.
  45. ^ "Email Metrics Program: The Network Operators' Perspective" (PDF). Report No. 7 – Third and Fourth quarters 2007. Messaging Anti-Abuse Working Group. April 2008. Retrieved 2008-05-08. {{cite journal}}: Cite journal requires |journal= (help)
  46. ^ "Email Metrics Program: The Network Operators' Perspective" (PDF). Report No. 1 – 4th quarter 2005 Report. Messaging Anti-Abuse Working Group. March 2006. Archived from the original (PDF) on December 8, 2006. Retrieved 2007-01-06. {{cite journal}}: Cite journal requires |journal= (help)
  47. ^ "Email Metrics Program: The Network Operators' Perspective" (PDF). Report No. 2 – 1st quarter 2006. Messaging Anti-Abuse Working Group. June 2006. Archived from the original (PDF) on 2006-09-24. Retrieved 2007-01-06. {{cite journal}}: Cite journal requires |journal= (help)
  48. ^ "2010 MAAWG Email Security Awareness and Usage Report, Messing Anti-Abuse Working Group/Ipsos Public Affairs" (PDF). Retrieved 2012-12-10.
  49. ^ Staff (18 November 2004). "Bill Gates 'most spammed person'". BBC News. Retrieved 2010-09-23.
  50. ^ Mike Wendland (December 2, 2004). "Ballmer checks out my spam problem". ACME Laboratories republication of article appearing in Detroit Free Press. Retrieved 2010-09-23. the date provided is for the original article; the date of revision for the republication is 8 June 2005; verification that content of the republication is the same as the original article is pending.
  51. ^ Jef Poskanzer (2006-05-15). "Mail Filtering". ACME Laboratories. Retrieved 2010-09-23.
  52. ^ Spam Costs Billions
  53. ^ Register of Known Spam Operations (ROKSO).
  54. ^ "Sophos reveals 'Dirty Dozen' spam producing countries, August 2004" (Press release). Sophos. 2004-08-24. Retrieved 2007-01-06.
  55. ^ "Sophos reveals 'dirty dozen' spam relaying countries" (Press release). Sophos. 2006-07-24. Retrieved 2007-01-06.
  56. ^ "Sophos research reveals dirty dozen spam-relaying nations" (Press release). Sophos. 2007-04-11. Retrieved 2007-06-15.
  57. ^ "Sophos reveals 'Dirty Dozen' spam producing countries, July 2007" (Press release). Sophos. 2007-07-18. Retrieved 2007-07-24.
  58. ^ "Sophos reveals 'Dirty Dozen' spam producing countries for Q3 2007" (Press release). Sophos. 2007-10-24. Retrieved 2007-11-09.
  59. ^ "Sophos details dirty dozen spam-relaying countries for Q4 2007" (Press release). Sophos. 2008-02-11. Retrieved 2008-02-12.
  60. ^ "Sophos details dirty dozen spam-relaying countries for Q1 2008" (Press release). Sophos. 2008-04-14. Retrieved 2008-06-07.
  61. ^ "Eight times more malicious email attachments spammed out in Q3 2008" (Press release). Sophos. 2008-10-27. Retrieved 2008-11-02.
  62. ^ "Spammers defy Bill Gates's death-of-spam prophecy" (Press release). Sophos. 2009-01-22. Retrieved 2009-01-22.
  63. ^ a b "Spamhaus Statistics: The Top 10". Spamhaus Blocklist (SBL) database. The Spamhaus Project Ltd. dynamic report. Retrieved 2007-01-06. {{cite web}}: Check date values in: |date= (help)
  64. ^ Shawn Hernan; James R. Cutler; David Harris (1997-11-25). "I-005c: E-Mail Spamming countermeasures: Detection and prevention of E-Mail spamming". Computer Incident Advisory Capability Information Bulletins. United States Department of Energy. Retrieved 2007-01-06.
  65. ^ Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Márk Félegyházi, Chris Grier, Tristan Halvorson, Chris Kanich, Christian Kreibich, He Liu, Damon McCoy, Nicholas Weaver, Vern Paxson, Geoffrey M. Voelker, and Stefan Savage (May 2011), Click Trajectories: End-to-End Analysis of the Spam Value Chain (PDF), Oakland, CA: Proceedings of the IEEE Symposium and Security and Privacy{{citation}}: CS1 maint: multiple names: authors list (link)
  66. ^ Park, Hee Sun; Hye Song; Jeong An (2005). ""I Am Sorry to Send You SPAM": Cross-cultural differences in use of apologies in email advertising in Korea and the U.S.". Human Communication Research. 31 (3): 365. doi:10.1093/hcr/31.3.365.
  67. ^ Sapient Fridge (2005-07-08). "Spamware vendor list". Spam Sights. Retrieved 2007-01-06.
  68. ^ "SBL Policy & Listing Criteria". The Spamhaus Project. 2006-12-22. Retrieved 2007-01-06. original location was at SBL rationale; the referenced page is an auto-redirect target from the original location
  69. ^ "Spamware – Email Address Harvesting Tools and Anonymous Bulk Emailing Software". MX Logic (abstract hosted by Bit Pipe). 2004-10-01. Retrieved 2007-01-06. {{cite journal}}: Cite journal requires |journal= (help) the link here is to an abstract of a white paper; registration with the authoring organization is required to obtain the full white paper.
  70. ^ "Definitions of Words We Use". Coalition Against Unsolicited Bulk Email, Australia. Retrieved 2007-01-06.
  71. ^ "Vernon Schryver: You Might Be An Anti-Spam Kook If". Rhyolite.com. Retrieved 2012-12-10.
  72. ^ Tips for your new anti-spam idea.
  73. ^ "PodCamp Pittsburgh 2 cooks up Bacn". PodCamp Pittsburgh. August 23, 2007. Archived from the original on 30 March 2010. Retrieved 2010-03-15. {{cite web}}: Unknown parameter |deadurl= ignored (|url-status= suggested) (help)
  74. ^ Barrett, Grant (2007-12-23). "All We Are Saying". New York Times. Retrieved 2007-12-24. Bacn: Impersonal e-mail messages that are nearly as annoying as spam but that you have chosen to receive: alerts, newsletters, automated reminders etcetera. Popularised at the PodCamp conference in Pittsburgh in August.
  75. ^ Email overload? Try Priority Inbox - Google Gmail Blog, 30 Aug 2010
  76. ^ NPR: Move Over, Spam: 'Bacn' Is the E-Mail Dish du Jour
  77. ^ "PCPGH invented BACN". Viddler. October 16, 2008. Retrieved 2011-03-23.

Further reading

Spam info

Spam reports

Government reports and industry white papers