Identifying Spam Emails

What can be done to prevent spam filling your inbox and clogging up the information superhighway?

In the olden days, it was very easy to identify spam emails. Even if they didn’t arrive with the word ***SPAM*** in the title courtesy of vigilant ISPs, a typical spam message was usually the work of someone who considered punctuation to be an optional extra and Microsoft Word’s Clipart to be the height of visual flair.

As we approach the mid-point of the decade, spam has evolved into a rather more sophisticated beast. In tandem with phishing emails that attempt to acquire sensitive personal or financial information, spam has ceased to be a mere annoyance and become a downright menace. Symantec Corporation report that two thirds of all emails sent worldwide during 2013 were spam, costing tens of billions of pounds in lost productivity and anti-spam activities.

It’s generally agreed that the definition of spam involves sending numerous copies or variants of an email to people who didn’t request it. As well as advertising anything from Viagra to fake watches, spam is commonly used to spread viruses or install malware onto recipient devices. Almost a quarter of the world’s spam comes from China, with 18 per cent originating in the USA. The UK generates less than Hong Kong or Romania. The Canadian Government recently introduced legislation that can fine individuals and corporations up to $1 million and $10 million respectively for sending spam emails, although this is now facing the inevitable freedom of speech backlash.

Because of its overseas origins, English language spam is often identifiable by shoddy spelling and grammar, while other giveaways include randomly generated email addresses or a generic phrase like ‘Undisclosed recipients’ in the ‘To’ field. Receiving a spam email from what appears to be your own email address is rare but not unheard of. Pornographic spam is in decline, but phishing attacks are on the rise. These encourage recipients to supply their login credentials or account information under false pretences, thus providing the spammers with the ability to defraud or steal money.

Because spam is effectively free beyond the basic costs of internet connectivity, it represents a very cost-effective way of targeting large numbers of people at once. Unfortunately, attempts to crack down on mass mailings often backfire on innocent people. Users of conventional email packages like Microsoft Outlook will occasionally send a message that attracts the attention of a major anti-spam organisation like Spamhaus. This can result in an IP address wrongly being added to a blacklist and all future messages being blocked. The process of finding out that your IP address or email account has been blocked is hardly transparent, and it can take hours or days to reverse a blacklisting – potentially damaging a small business or sole trader’s productivity.

Issues like these underpin an entire industry dedicated to fighting unsolicited electronic mail, with open-source utilities like Spam Assassin helping Apache users and WP-SpamShield doing likewise for WordPress users. Google’s Gmail filter is widely admired for its ability to sift the wheat from the chaff, despite the irony that Gmail accounts are commonly used by spammers. Empty messages usually trigger modern spam filters, as do spoofed email addresses and known phishing scams. It’s increasingly difficult to identify duplicate content, however – spammers are now burying meaningless HTML text in their messages. These unique strings of alphanumeric gibberish are enough to differentiate one email from another when they’re being mass-scanned.

One drawback spammers face nowadays is the diversity of modern platforms. Once upon a time, Windows dominated the market and spam/malware/phishing attacks could be tailored quite precisely. Today, there are four smartphone platforms and open source operating systems like Linux alongside a growing roster of active Windows platforms. It’s unrealistic to dream of a spam-free future, but its significance should decline during the second half of this decade.