Report this Article

Evict the Spammers from Your Inbox

  • Posted April 19, 2006
  • by
  • in category Spam

  • Comments 0
  • Views 0

Block Spam and Other Email Threats From Entering Your Gateway
Spam, commonly defined as unsolicited commercial email, is a
powerful advertising channel for many products and services. As
a result, spamming has become a profitable business, driven by
the low cost of sending email compared to other direct marketing
techniques. The high return on investment for spammers has
resulted in an overwhelming volume of unwanted messages in
personal and business email boxes. Consider this: Conducting a
direct mail campaign costs an average of $1.39 per person,
meaning that a response rate of 1 in 14 is necessary just to
break even on a product with a $20 gross profit. Selling the
same item via unsolicited spam email costs only $0.0004 per
person, meaning that a response rate of 1 in 50,000 gets the
seller back to break-even; anything above that is gravy. With
profit margins like these, it’s easy to see why spammers will
try anything to get past anti spam technology to deliver their
messages to your inbox.

Types of Spam Threats The recent onset of fraudulent spam
variants such as phishing and spoofing pose an even greater risk
than the spam volume clogging email servers. Spammers use
techniques such as phishing and spoofing to fool users into
opening messages that, at first glance, appear innocuous.

Phishing Phishing is a specific type of spam message that
solicits personal information from the recipient. Phishers use
social engineering techniques to fool end users into believing
that the message originated from a trusted sender, making these
attacks especially dangerous because they often con victims into
divulging social security numbers, bank account information or
credit card numbers. In one six-month period from November 2003
to May 2004, phishing attacks increased in frequency by 4000%,
and the trend continues upward.

An example of phishing is an email that appears to come from a
bank requesting that users log into their account to update or
correct personal information. When the users follow a link
embedded in the email, they are redirected to a site that looks
and behaves like the expected bank website. However, unbeknownst
to the soon-to-be identity theft victims, the site is actually
controlled by the scam artists who sent the email; any and all
information entered by the victim can now be used in a variety
of ways, none of them good.

Spoofing Spoofing is a deceptive form of spam that hides the
domain of the spammer or the spam’s origination point. Spammers
often hijack the domains of well-known businesses or government
entities to make spam filters think the communication is coming
from a legitimate source.

Today’s spammers are more crafty than ever before and have begun
blending elements of both phishing and spoofing into their
messages, further spinning their web of deception. The toxic
combination of spoofing and phishing presents a major threat
that can trick most anyone into providing personal information
to a stranger.

Toothless Legislation On January 1, 2004, President Bush signed
into law the “Controlling the Assault of Non-Solicited
Pornography and Marketing Act of 2003,” or “CAN-SPAM” Act. While
well intentioned, CAN-SPAM has done little or nothing to curb
the flow of unwanted email. In fact, an estimated 97% of all
spam email sent in 2004 violated the Act, and the United States
still dwarfs other nations in terms of the origin of spam, with
CipherTrust research revealing that an astonishing 56.77% of all
spam comes from U.S.-based IP addresses. While CAN-SPAM was
designed to decrease the overall volume of spam, the exact
opposite has happened: in 2004, spam accounted for approximately
77% of all email traffic, and phishing attacks continue to
increase exponentially, with studies showing an increase of
4000% from November 2003 to May 2004.

Anti Spam Software for the Desktop The dramatic increase in spam
volume has prompted a corresponding surge in stand-alone anti
spam software solutions for the desktop, all with varying levels
of effectiveness. Some anti spam software uses text filtering to
screen incoming messages for known characteristics of spam,
while other solutions rely solely on reputation systems that
monitor and categorize email senders by IP address according to
their sending behavior. Still other anti spam software uses
“challenge/response filters” to block unapproved mail until the
sender responds (manually) to a challenge email sent to their
email account to verify his or her identity.

With so many different methods of filtering spam, no single
software-based desktop anti spam solution is capable of
effectively stopping spam before it reaches the inbox. The only
way to successfully fight spam is to create an anti spam
“cocktail” including reputation services, text filters, constant
updates and a host of other best-of-breed spam blocking methods.
Just as importantly, an effective anti spam solution should
reside at the email gateway, not at the desktop. Without
protection at the gateway, mail servers waste massive amounts of
bandwidth and storage space processing every message, wanted or
not, and end users face the unenviable task of deciding what to
do with the countless spam messages that successfully reach
them.

Take a Consolidated Approach to Anti Spam Although it takes a
person only a moment to process a message and identify it as
spam, it is difficult to automate that human process because no
single message characteristic consistently identifies spam. In
fact, there are hundreds of different message characteristics
that may indicate an email is spam, and an effective anti spam
solution must be capable of employing multiple spam detection
techniques.

In addition to effectively identifying spam, businesses must be
assured that legitimate mail is not blocked in error. Even one
false positive, or incorrectly blocked email, can have a
significant impact on businesses today. Accurate spam blocking
requires a combination of tools to examine various message
criteria combined with real-time research and intelligence data.

By aggregating multiple spam detection technologies like text
filtering, reputation services, traffic analysis and other
best-of-breed techniques, and placing the solution at the email
gateway in a hardened appliance, enterprises can retake control
of the inbox.

Share

admin Article's Source: http://articles.org/81185_evict_the_spammers_from_your_inbox/
Author:


  • Posted On April 19, 2006
  • Published articles 283513

Post Comment