Spam is regularly in the tech news these days and no wonder when it is estimated that 3 out of every 4 e-mails is spam related rather than genuine messages. There’s a lot of literature online on this and I’ve included a few links at the end of this post if you want to read more, but here’s a few ‘knowledge essentials’ if you just want the highlights…
So why are the spam levels increasing?
there’s a few reasons for this, the main two being;
- Image spam – by using pictures instead of words in their messages, spammers are able to evade filters designed to detect traditional text-based ads.
- The ‘bot’ networks – Spammers are now cultivating and using new computer viruses such as the particularly prolific Trojan horse program called “SpamThru” that turns home computers into spam-churning ‘bots’. These ‘bot’ networks can run into millions of computers, and because of their decentralised nature are very difficult to stop.
What can I do about this?
Unfortunately most people are not particularly bothered about securing their own home PC’s, they don’t like to receive spam but are unaware that their home computer could be part of a vast network that is responsible for churning it out! 😉 Although steps need to be taken when you receive spam you also need to make sure you are not one of ones responsible for it (and unless you monitor your computer closely you could be completely unaware).
The main thing is to make sure your computer is secure and cannot be compromised easily, the overwhelming vast majority of these viruses/trojans are aimed at Microsoft Windows, so you could swap to a linux based system or to Mac OSX if you are considering buying a new computer at any point (which I’d recommend, but then I’m biased 🙂 ). Or if you are using a PC you can follow a few simple steps;
- Keep everything updated to the latest versions – this should reduce the risk of trojans/viruses exploiting any security loopholes.
- Run Anti-Spyware/Malware software regularly. When I still used a PC I used Ad-aware for this which I found pretty effective (and free!).
- Keep Anti Virus up to date and regularly scan. Another good free example is AVG anti virus.
- You may want to upgrade your firewall to one which will alert you when anything tries to access the net from your PC (or send mail etc.), then you can see what is trying to access the net and set your own rules manually. I used the excellent Zone Alarm for this – again available in a free version.
You also need to ensure that your e-mail address cannot be ‘harvested’ from the web, there are various services you can use for temporary e-mail addresses if you need to sign-up for something online and supply this, or you can simply create several e-mail addresses and keep one for sign-up purposes (personally if I think I could receive spam I use junk@my domain rather than using the e-mail address I give to my friends). You can find a couple of good examples of temporary e-mail creators at mailexpire and mailinator.
If you need to publish your e-mail address on your website there are a multitude of scripts that will send you an e-mail without the e-mail address appearing to be harvested (as a form), or you can try and confuse the ‘spiders’ that trawl the web looking for valid e-mails by splitting your domain into words e.g. sales at mydomain dot com will not be normally recognised as an e-mail address by them.
What should I do if I recieve spam e-mails?
There are a few ‘do’s and don’ts’ that should ensure that you reduce the amount of spam you could recieve;
Don’t – Reply to the e-mail or click on the ‘unsubscribe here’ link – All this is doing is confirming to the spammer that this is in fact a real addess and more importantly you are prepared to open and read their spam, which will mean they are likely to send you much, much more.
Don’t – Open any attachments or images, or click on any links in the e-mail – This is the most common method how the bot trojans/viruses spread. Part of the programming is to reproduce itself and replicate by sending to all e-mail addresses contained on the PC.
Do – Delete the spam e-mail
Do – Employ some sort of Spam Filtering – This is included in most good mail programs such as Outlook/thunderbird but is usually very basic, most ISP’s normally also have this available where you can change the ‘level’ of what you class as spam to be stricter, and there are also external companies or programs that you can use if necessary (it’s not normally this bad though unless you absolutely have to publish your e-mail on the web in my experience).
Is UK2 doing anything about Spam?
This has been in our minds recently as we have been upgrading our e-mail platform and there are a few measures we are taking (or have taken already).
- We’ve introduced an extra level of spam filtering on our own mail servers and actively monitor our shared services for any of our users attempting to ‘spam’ (intentionally or not).
- We are introducing free POP boxes on our domains and disabling the ‘Catch All Forwarding’ that we gave as standard back in the days when spam was not so much of a problem. This will have a massive, positive impact because dictionary (or brute force) attacks by spammers on domains will not work anymore (where a spammer sends multiple spam e-mails to random addresses on a domain trying to find one that works/replies).
- We have a new dedicated Abuse team to deal with any abuse complaints (including spamming) that we receive.
- a) Less spam being delivered to our customers (especially multiple copies).
- b) We don’t get our mail servers blocked for forwarding spam to other ISP’s (even though it didn’t originate with us)
- c) A faster, more efficient e-mail service.
OK so that’s the highlights as I see them but as this is such a massive subject here’s a couple of links where you can read more about the murky world of spammers, and what you can do.
here’s also a sneaky one to trap the web spiders trawling for e-mail addresses if you have a web site 😉 http://www.spampoison.com/