By Carl Weiss
 |
| The Holy Hand Grenade of Antioch, originated from Monty Python and the Holy Grail. (Photo credit: Wikipedia) |
Everyone remembers the 2005
musical comedy Spamalot along with its irreverent send up of the Arthurian
legend. Directed by Mike Nichols, the
Broadway production garnered three Tony awards and grossed more than 175
million dollars. Flash forward nearly
ten years and the term can be applied anew, only this time without coconut
shells substituting for horses or the Holy Hand Grenade of Antioch. What I am referring to is online spam.
What Constitutes Spam?
(And I’m not talking about the
kind that comes in a can.)
Ever
since the Internet was begun there have been a number of individuals who
weren’t willing to play nice with all the other children. Spammers have been the bane of many people’s
existence online, especially in terms of using the worldwide web as a kind of
email assault weapon,. How big of a
problem is spam mail?
According to securelist.com as of August 2013:
· The percentage of spam in email traffic in
August was down 3.6 percentage points and averaged 67.6%.
· The level of phishing increased tenfold
compared with July, and averaged 0.013%.
· Malicious attachments were found in 5.6% of
all emails, an increase of 3.4 percentage points compared to the previous
month.
Add to this the fact that not
only have malicious emails increased during the past year, but spammers have become
much craftier, using everything from “Back to School” themes during August and
September, to other lures relating to everything from popular holidays, sports,
lifestyle, age and gender slants.
Recent spam trends have
included fake airline ticket offers, cruise ship deals and other inducements
targeted toward people looking to take a vacation. A number of these emails were even made to
look as though they had been sent by legitimate companies such as Delta
Airlines, Royal Caribbean Cruise Line or shipping companies such as FedEx, UPS
and DHL.
“Fake notifications often utilize the names of popular
international delivery services such as FedEx, UPS and DHL. They tell
recipients that a courier failed to deliver their parcel due to an incorrect
delivery address. To get the parcel, the recipient should print out the
attached document and call the company's office or confirm specified data,
including the delivery address. Malicious files can also hide in fake documents
supposedly containing detailed information about the parcel, which does not in
fact exist. Spammers try to make their fake notifications look legitimate and
typically use not only an apparently real sender's address but provide non-existent
order information, genuine contact details from official websites and a copy of
a privacy notification letter.”
There Ought to Be a Law
While there are indeed a
number of laws on the books in the US, the problem begins with trying to
determine where the spam originated. In
fact the preponderance of spam originates from foreign shores. A number of spammers also use proxy servers,
slave drives and other forms of subterfuge to cover their trail. There are a number of state, national and
international laws in effect to prosecute these crimes. However, this type of
subterfuge not only makes it difficult to prosecute the offenders, it makes it
nearly impossible for the average citizen to seek any sort of redress should
their system be compromised by malware.
An Ounce of Prevention is Worth a Pound of Cure
The first line of defense in
the fight against spam is to never open an email from an email address with
which you are unfamiliar. This doesn’t
guarantee success either, since email addresses can be pilfered and/or
spoofed. So if your best friend sends
you an email that goes something like, “Check out this blog/offer/link,” don’t
go there since your friend’s address has in all likelihood been
compromised. The quickest way to infect
your system with malware is to get you to accept a link.
Also look for odd word
choices or misspelling since people to whom English is a second language
frequently have a hard time getting a fluent grasp on our native tongue. If the message tells you that you have either
won some contest that you never entered, or are about to be penalized due to an
implied negligence, don’t fall for this trick. (Note: The IRS does not notify
you by email.) When in doubt, call the
company from which the notice was purportedly sent or talk to an expert such as
your business partner, accountant, or attorney if you need to check out any
offer’s validity. Never click on a link
due to any emotional response.
Do not fall for an
unsubscribe that requires you to enter your email address. This is just a ruse designed for you to verify
that your address is active. There are
dozens of ways for a spammer to get your email.
They can purchase a list or they can use a bot to trawl your site
looking for contact information. Don’t
make spammers lives easier by signing up to win a free iPad. Guess what, the only winner is going to be
the spammer.
Need to leave your contact
info on your website? No problem. If you use Gmail, you can create a number of
subsidiary email addresses that you can use and eventually change once the
spammers get hold of them. Here’s a tip
from WikiHow:
Have one main
account, and then make a separate account for different purposes (one for
friends, one for entertainment sites, one for your financial websites, etc.).
·
In gmail, you can add a
"+" button to your email address. For example, you can signup for
newsletters like JohnDoe+Newsletters@gmail.com if your email address is
JohnDoe@gmail.com
·
Set all those addresses to forward the mail to your main
account so
that you do not have to check multiple accounts.
·
If you start receiving spam
through one of your alternates, you can trace it to one of your disposable
addresses and simply delete that account.
You Need More than One Line of Defense
While most email systems come
with a spam filter, this is not nearly enough to protect your system from
malware. I recommend you not only invest
in a first rate virus and malware protection system, but you should also invest
in a secondary adware/malware system such as Malwarebytes or Advanced System
Care. Today one level of defense is
insufficient to protect your system and your data. Better to pay a few dollars now than many
thousands of dollars should your security be compromised.
If you haven’t realized it
already, spam is not going to go away.
If anything, it is becoming ever more prominent, effective and
insidious. While laws will continue to
be created, these will have little or no effect slowing much less stopping
those who wish to spam a lot. Unlike the
Knights of the Round Table, the call to arms when it comes to spam is not ‘One
for all and all for one.” It’s more
like, “Every man for himself.” That
being said, it is up to every individual to defend themselves against this ilk since
the courts are for the most part stymied by the international nature of this techno
crime. Where’s the Holy Hand Grenade
when you really need it?
When Carl Weiss isn’t tilting against technological
windmills, he helps clients learn how to start working the web to win. He is also co-host of the weekly online radio
show of the same name that airs live every Tuesday at 4 pm Eastern.
No comments:
Post a Comment