This Static Spot is open for sponsor

Click Here to Sponsor MCT Eric Post in Full Page

Afrikaans Afrikaans Albanian Albanian Amharic Amharic Arabic Arabic Armenian Armenian Azerbaijani Azerbaijani Basque Basque Belarusian Belarusian Bengali Bengali Bosnian Bosnian Bulgarian Bulgarian Catalan Catalan Cebuano Cebuano Chichewa Chichewa Chinese (Simplified) Chinese (Simplified) Chinese (Traditional) Chinese (Traditional) Corsican Corsican Croatian Croatian Czech Czech Danish Danish Dutch Dutch English English Esperanto Esperanto Estonian Estonian Filipino Filipino Finnish Finnish French French Frisian Frisian Galician Galician Georgian Georgian German German Greek Greek Gujarati Gujarati Haitian Creole Haitian Creole Hausa Hausa Hawaiian Hawaiian Hebrew Hebrew Hindi Hindi Hmong Hmong Hungarian Hungarian Icelandic Icelandic Igbo Igbo Indonesian Indonesian Irish Irish Italian Italian Japanese Japanese Javanese Javanese Kannada Kannada Kazakh Kazakh Khmer Khmer Korean Korean Kurdish (Kurmanji) Kurdish (Kurmanji) Kyrgyz Kyrgyz Lao Lao Latin Latin Latvian Latvian Lithuanian Lithuanian Luxembourgish Luxembourgish Macedonian Macedonian Malagasy Malagasy Malay Malay Malayalam Malayalam Maltese Maltese Maori Maori Marathi Marathi Mongolian Mongolian Myanmar (Burmese) Myanmar (Burmese) Nepali Nepali Norwegian Norwegian Pashto Pashto Persian Persian Polish Polish Portuguese Portuguese Punjabi Punjabi Romanian Romanian Russian Russian Samoan Samoan Scottish Gaelic Scottish Gaelic Serbian Serbian Sesotho Sesotho Shona Shona Sindhi Sindhi Sinhala Sinhala Slovak Slovak Slovenian Slovenian Somali Somali Spanish Spanish Sundanese Sundanese Swahili Swahili Swedish Swedish Tajik Tajik Tamil Tamil Telugu Telugu Thai Thai Turkish Turkish Ukrainian Ukrainian Urdu Urdu Uzbek Uzbek Vietnamese Vietnamese Welsh Welsh Xhosa Xhosa Yiddish Yiddish Yoruba Yoruba Zulu Zulu

 

 

Article Navigation

Back To Main Page

 

Click Here for more articles
Google
Evict the Spammers from Your Inbox
by: Paul Judge, CTO, CipherTrust, Inc.
Block Spam and Other Email Threats From Entering Your Gateway
Spam, commonly defined as unsolicited commercial email, is a powerful advertising channel for many products and services. As a result, spamming has become a profitable business, driven by the low cost of sending email compared to other direct marketing techniques. The high return on investment for spammers has resulted in an overwhelming volume of unwanted messages in personal and business email boxes. Consider this: Conducting a direct mail campaign costs an average of $1.39 per person, meaning that a response rate of 1 in 14 is necessary just to break even on a product with a $20 gross profit. Selling the same item via unsolicited spam email costs only $0.0004 per person, meaning that a response rate of 1 in 50,000 gets the seller back to break-even; anything above that is gravy. With profit margins like these, it’s easy to see why spammers will try anything to get past anti spam technology to deliver their messages to your inbox.

Types of Spam Threats
The recent onset of fraudulent spam variants such as phishing and spoofing pose an even greater risk than the spam volume clogging email servers. Spammers use techniques such as phishing and spoofing to fool users into opening messages that, at first glance, appear innocuous.

Phishing
Phishing is a specific type of spam message that solicits personal information from the recipient. Phishers use social engineering techniques to fool end users into believing that the message originated from a trusted sender, making these attacks especially dangerous because they often con victims into divulging social security numbers, bank account information or credit card numbers. In one six-month period from November 2003 to May 2004, phishing attacks increased in frequency by 4000%, and the trend continues upward.

An example of phishing is an email that appears to come from a bank requesting that users log into their account to update or correct personal information. When the users follow a link embedded in the email, they are redirected to a site that looks and behaves like the expected bank website. However, unbeknownst to the soon-to-be identity theft victims, the site is actually controlled by the scam artists who sent the email; any and all information entered by the victim can now be used in a variety of ways, none of them good.

Spoofing
Spoofing is a deceptive form of spam that hides the domain of the spammer or the spam’s origination point. Spammers often hijack the domains of well-known businesses or government entities to make spam filters think the communication is coming from a legitimate source.

Today’s spammers are more crafty than ever before and have begun blending elements of both phishing and spoofing into their messages, further spinning their web of deception. The toxic combination of spoofing and phishing presents a major threat that can trick most anyone into providing personal information to a stranger.

Toothless Legislation
On January 1, 2004, President Bush signed into law the “Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003,” or “CAN-SPAM” Act. While well intentioned, CAN-SPAM has done little or nothing to curb the flow of unwanted email. In fact, an estimated 97% of all spam email sent in 2004 violated the Act, and the United States still dwarfs other nations in terms of the origin of spam, with CipherTrust research revealing that an astonishing 56.77% of all spam comes from U.S.-based IP addresses. While CAN-SPAM was designed to decrease the overall volume of spam, the exact opposite has happened: in 2004, spam accounted for approximately 77% of all email traffic, and phishing attacks continue to increase exponentially, with studies showing an increase of 4000% from November 2003 to May 2004.

Anti Spam Software for the Desktop
The dramatic increase in spam volume has prompted a corresponding surge in stand-alone anti spam software solutions for the desktop, all with varying levels of effectiveness. Some anti spam software uses text filtering to screen incoming messages for known characteristics of spam, while other solutions rely solely on reputation systems that monitor and categorize email senders by IP address according to their sending behavior. Still other anti spam software uses “challenge/response filters” to block unapproved mail until the sender responds (manually) to a challenge email sent to their email account to verify his or her identity.

With so many different methods of filtering spam, no single software-based desktop anti spam solution is capable of effectively stopping spam before it reaches the inbox. The only way to successfully fight spam is to create an anti spam “cocktail” including reputation services, text filters, constant updates and a host of other best-of-breed spam blocking methods. Just as importantly, an effective anti spam solution should reside at the email gateway, not at the desktop. Without protection at the gateway, mail servers waste massive amounts of bandwidth and storage space processing every message, wanted or not, and end users face the unenviable task of deciding what to do with the countless spam messages that successfully reach them.

Take a Consolidated Approach to Anti Spam
Although it takes a person only a moment to process a message and identify it as spam, it is difficult to automate that human process because no single message characteristic consistently identifies spam. In fact, there are hundreds of different message characteristics that may indicate an email is spam, and an effective anti spam solution must be capable of employing multiple spam detection techniques.

In addition to effectively identifying spam, businesses must be assured that legitimate mail is not blocked in error. Even one false positive, or incorrectly blocked email, can have a significant impact on businesses today. Accurate spam blocking requires a combination of tools to examine various message criteria combined with real-time research and intelligence data.

By aggregating multiple spam detection technologies like text filtering, reputation services, traffic analysis and other best-of-breed techniques, and placing the solution at the email gateway in a hardened appliance, enterprises can retake control of the inbox.


About the author:

Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security. The company’s flagship product, IronMail provides a best of breed enterprise anti spam solution designed to stop spam, phishing attacks and other email-based threats. Learn more by visiting www.ciphertrust.com/products/spam_and_fraud_protection today.

Circulated by Article Emporium

 


©2005 - All Rights Reserved

This Static Spot is open for sponsor

Spam Blocking Information

Read Articles:

11 Proven Methods For Maximizing Your...
What Is Spyware - An Overview Of Spy ...
The 10 Most Important Questions To As...
9 Steps to Protect your MS Windows Sy...
The Top Twelve Threats No Computer Us...
Tops in toolbars?
Does Your PC Have Worms?
So, Is It Possible To Earn Free Money...
How to protect yourself from online a...
The email blues
Tiscali Broadband
Anatomy Of A Reciprocal Linking Campaign
Do I Need an RSS Feed?
Banned By Google And Back Again.
My Top 10 Favorite Internet Tools
5 Good Reasons For Using Yahoogroups ...
What’s with all this fraud and theft ...
Predicting The Future Online
Amazing Explosive Ways To Turbo-Boost...
Are You A Spam Zombie?
What are the best strategies or ideas...
5 Linking Strategies that Work
The Money Keyword List - Superchrage ...
Honesty and the Internet
Simple Identity Theft Prevention
Niche Software Steals Microsoft's Thu...
Web Summary Authoring
The End of Spyware?
7 Great Tips on Driving Targeted Traf...
Your computer is infected with Spywar...
Increase in Customer Sales = Increase...
How to Avoid Problems and Errors of S...
Why offline advertising is so importa...
Keeping your pc healthy at little or ...
Finding An Internet Access Provider T...
5 Ways To Drive Visitors Away From Yo...
Internet ISP's
Spyware: What It Is and How to Combat...
Top 10 Tips for WinXP Users
How to Choose a Web Hosting Company?
Take back control of your inbox. Elim...
Malware: Computing's Dirty Dozen
Money Doubler Madness
M-Commerce Twice the Cash Value of E-...
Understanding the power of viral mark...
How To Use Spyware Elimination Software
Are Surf For Money Ventures For You?
BT Internet Broadband
Search Engine Placement - Most Overlo...
Simple Search Engine Optimization
Adware And The Case Against Bundled S...
An quick guide in Payment Processing ...
What is the Robot Text File?
Search Engine Optimization History
Reclaim Your PC from the Internet Spies
SEO And The Outsourcing Of Inbound Li...
Top Paying Keywords: How to Increase ...
Creating Online Communities
Professional Traffic Building Tips
Internet Scams 101 -- Attacking You T...
Uncle Sam Cracks Down Online!
What are doorway pages?
IT Support Services in London
5 Tips For An Unbreakable Password
Building Links To Your Site
Spyware Protection - The Only Way To ...
Registry Cleaner: Protection for Your PC
Shocking Facts about Updating Your PC...
Buying a laptop that you can use as a...
What To Look For In A Web Host

More Article Pages 1 - 2 - 3

Winning the War On Spam

For years I didn't worry much about spam.

But lately it's got out of control. Over half of my email is now spam, and it was growing by the week - until I took action.

This article shows you some strategies for winning the war on spam.

------------------------------------------------

How Do They Get Your Address?

------------------------------------------------

In the old days, spammers got their addresses mainly from Newsgroups - if you didn't post to Newsgroups, you were reasonably safe. But they're now using a much more efficient method to build their lists - email harvesters.

Email harvesters are robots that roam the Internet collecting email addresses from web pages. Examples are EmailSiphon, Cherry Picker, Web Weasel, Web Bandit and Email Wolf, to name just a few.

How can you protect yourself from email harvesters?

By 'munging' (mung = 'mash until no good') or cloaking your email address.

There are many ways of munging your address - the easiest technique is to use ASCII code for the punctuation in your email address (instead of symbols).

For the colon after mailto use : and for the @ symbol use @ and for the period use . . With this method, your email address would become:

mailto:yourname@yourdomain.com

but it will display as:

mailto:yourname@yourdomain.com

Your email address will appear exactly as it did before, and it will still be 'clickable', but email harvesters will ignore it and move on.

There are also JavaScript's that you can insert into your web page that will make your email address visible to humans but invisible to harvesting programs. Here's one that works very well: http://pointlessprocess.com/JavaScripts/anti-spam.htm

-----------------------------

How To Fight Spam

-----------------------------

The most important thing is never, ever, reply to spam.

Most spam contains an innocent-looking 'remove me' email address. Do not use it. Here's why:

Spammers typically buy a CD containing a million or so email addresses, but they have no idea how many of those addresses are active. So before beginning their marketing campaign in earnest, they send out a 'test message' to the entire list.

The test message contains an email address for removing yourself. When you reply to that address, it confirms to the spammer that your address is active and therefore worth spamming.

Worse still, the spammer may be distilling from that CD a list of confirmed active addresses that he will then sell to another spammer.

The key to dealing with spam is to report it to a 3rd party: (1) the affiliate program that the spammer is advertising, (2) the spammer's web host, or (3) the ISP the spammer used to connect to the Internet.

When you report spam to a 3rd party, remember to be polite - they didn't send the spam and they're probably just as anti-spam as you are.

(1) Reporting to Affiliate Programs

Many spammers are affiliates advertising someone else's products or services. So look for a website address that contains an affiliate link, something like this: www.affiliateprogramdomain/841526

Then just send an email to the affiliate program (abuse@affiliateprogramdomain.com), informing them that you are receiving spam from one of their affiliates.

Most affiliate programs have zero tolerance for spamming and will remove an affiliate spammer without warning.

Now, affiliate spammers don't want you to see their affiliate link, so many of them send their email as HTML. All you see in the message are the words 'Click Here and Order Now'.

But in your browser just click on 'View Source Code' and search for the letters 'http'. That will take you to the spammer's affiliate link.

(2) Reporting to Web Hosts

If the spam doesn't contain an affiliate link, it's likely that it is coming from the owner of the domain name. In that case you'll have to report it to the spammer's web host or their ISP.

To make a report to the spammer's web host just go to Whois, the directory of registered domain names: http://www.netsol.com/cgi-bin/whois/whois

Type in the spammer's domain (the website address that appears in the spam) together with the extension (.com, .org, .net etc).

The host for that domain will usually be listed as the Technical Contact in the Whois record and there will be an email address for contacting them.

(3) Reporting to ISPs

To report a spammer to his Internet Service Provider, you'll have to look at the spam's 'extended headers'.

Extended headers show the servers that the message passed through in order to get to you. The instructions for viewing extended headers will vary depending on what email client you are using.

=> In Pegasus Mail, open the offending message and then

right-click and choose 'Show raw message data'.

=> In Eudora Light, click on 'Tools' in the top menu

bar, and then 'Options', and then select the

checkbox option that says 'Show all headers (even

the ugly ones)' and click OK.

=> In Outlook Express, open the offending message,

select 'Properties' from the File menu and then

click the 'Details' tab.

Reading and understanding extended headers is quite a detailed subject. Here's an excellent free tutorial on how to decipher extended headers: http://www.doughnut.demon.co.uk/SpamTracking101.html

As an alternative to these reporting techniques, you could use a web-based spam reporting service such as SpamCop (www.spamcop.net). SpamCop deciphers the spam's message headers and traces the mail back to its source.

Wishing you every success in the fight against spam!

------------------------------------------------------------
Michael Southon has been writing for the Internet for over 3
years. He has shown hundreds of webmasters how to use this
simple technique to build a successful online business. Click
here to find out more: http://ezine-writer.com/
------------------------------------------------------------


 

©2005 - All Rights Reserved

JV Blogs Visit free hit counter