Spam is unsolicited email that has become a major problem for all Internet users. Email Inboxes full of spam are costing companies money and driving employees and IT staffs crazy. No company is immune to spam.
IDC suggests that the volume of spam has doubled in the last year to over 60 billion emails per day. Nucleus Research Inc., an IT advisory service, reports that U.S. companies are losing $71 billion annually to lost productivity caused by spam, or about $712 per employee per year. The Radicati Group, a technology market research firm, reports that spam makes up more than 75 percent of all email messages, which are projected to reach 196 billion a day worldwide by the end of 2007 and 374 billion by the end of 2011.
From the sender's point-of-view, spam is an electronic form of bulk mail. Spam mailing lists may be created by companies that specialize in creating email distribution lists. Or they may be created by programs (called "spambots") designed to collect email addresses from the Internet. To the receiver, spam usually seems like junk email. People who send spam typically transmit a piece of email to a distribution list with thousands or even millions of recipients, expecting that only a tiny number of readers responding to their offer in order to make it worthwhile.
If spam were only unsolicited junk mail, it would be bad enough. But spam can also harbor viruses, worms, Trojan horses, and other malicious code designed to damage computer systems, disrupt business and/or steal personal information. To combat spam, IT departments have deployed various anti-spam software packages. How effective are they? Some spam will get through spam filters because it is virtually impossible to trap it all without shutting down a business, but less than 2% of the spam received winds up in a user's Inbox in a well-tuned anti-spam environment.
While text messages have been the norm for spam, sophisticated spammers are deploying other schemes. Image spam, which embeds an email's message as a picture, is particularly troublesome. Because image spam contains no web links or text, it's difficult to detect and stop. It is often combined with meaningless English text to further confuse spam filters. Anti-spam software provider--and recent Cisco acquisition--IronPort estimates image spam accounts for 3% of worldwide spam and growing. And in what's being called one of the ten worst global email spam outbreaks so far this year, some five billion spam messages were sent to recipients on June 13th using a first-ever, professionally-looking PDF file that advertised a pump-and-dump scam for a German stock.
Every AITP member can help in the effort to eliminate spam by adhering to some simple PC and email usage guidelines. The most important thing you can do to reduce unwanted email is to not give out your email address to organizations or websites that are not reputable or serve a clear business function. A best practice is to never use your business email address for any personal use, social networking sites or address books on the Internet.
Another step you can take is never leave your PC (at home or at work) idle for more than 30 minutes and connected to the Internet. Some spambots roam the Internet looking for idle PCs to gain access to access to Microsoft Outlook contact lists. Company firewalls can stop them, but do you have firewall protection at home? Or on the road?
Finally, spotting spam before you open it is a plus. Sometimes spam messages contain code that report back to the sender as soon as a message is opened, teaching the spammer that your email address is valid. More spam is sure to follow.
Very often, spam looks like legitimate email when it is really a phishing expedition. Such spam attempts to entice recipients into downloading malware that can collect personal information from unwary users. The Better Business Bureau (BBB), Internal Revenue Service (IRS) and Federal Trade Commission (FTC) are at the center of such phishing campaigns. Yes--the FTC which is charged with enforcing Federal anti-spam laws!
Many AITP members have received spoofed emails claiming to be about complaints made to the BBB by unhappy customers or that the IRS has begun a tax investigation. The spam email, which appears to be legitimate, has a Microsoft Word attachment that supposedly contains additional information for the recipient. The attachment is actually a Trojan horse that installs a key-logger on the recipient's PC. This key-logger can steal personal information as well as all interactive data sent to every site the recipient visits, and it then sends the data to an IP address in Asia. If you receive such an email at work or at home, DO NOT OPEN THE ATTACHMENT.
Protecting yourself against spam is quite simple. If you suspect an email message is spam ... it probably is. Report it to your employer or ISP, but never respond to it.