SPAM and the Internet

Spam, technology, and the internet are unfortunately, currently, inextricably linked. Spam evolves as quickly as the technology that powers the internet and the resulting countermeasures that attempt to stop it. This makes even its definition difficult to pin down as spam has extended to instant messaging, social networks, and even mobile devices. Spam filters that work one day will probably not work the next and the amount of spam is increasing [12]. Generally it is used to describe unsolicited messages used to sell, steal, or otherwise cause harmful or unwanted effects.

Spam takes a toll on both how people use computers and the computers themselves in a variety of ways. When you consider that around 75% or more of email traffic is spam [10] and the fact that bandwidth, physical storage on hard drives, servers, and networks all cost money its effect becomes massive. Add to that the trillions of dollars and millions of man hours lost due to time spent on dealing with spam and the issue becomes staggering. To put that into perspective, imagine if the resources that go into spam went into finding a cure for cancer instead.

There is a massive industry that has sprung up around the market for internet security and spam protection/filtering. It includes hardware to software countermeasures on everything from servers and firewalls, to e-mail clients and desktop software. Even operating systems must be kept up to date to help protect against spam and its various effects. Blacklists are made of IP addresses, servers, websites, or e-mail addresses with a known history of spam but often block legitimate use because spammers frequently hide behind legitimate servers, companies and resources. Whitelists are also created of known good sources but care must be taken as to who compiles it. IP addresses can be faked and servers are often hijacked without the knowledge of their owners. Honeypots attempt to capture spammers with fake e-mail addresses that would not normally receive e-mails. Images are used in spam e-mail because they are very difficult to scan for content compared to just text. Organizations such as Spamhaus have formed attempting to stem the flow of spam. A newer attempt to stop e-mail spam is the challenge/response systems which basically use a captcha for e-mail to confirm a real person is sending the message, unfortunately it does so at the cost of convenience.

The internet, like any powerful tool, is easily used for positive or negative and it can easily be taken advantage of. Most major online phenomenons are plagued by spam including auctions sites such as eBay, classifieds sites such as craigslist, dating sites, job sites, and even games like World of Warcraft. E-mails that pretend to be these companies steal people's account information which not only directly harms those people but takes resources away from their development to deal with the unhappy customers.

Spam can also be used to gain access to your paypal or online bank account through phishing, viruses, keyloggers and other malware. These can also lead to identity theft. E-mail can contain links to websites and software products which install programs that can track your computer usage and website surfing and use it or resell it among other things. Through an e-mail forged to look like it's a packing slip for a lost UPS package or an airline ticket purchased in your name, you are prompted to click and view the attached file which can install any of the malicious software already mentioned. Invisible images are also inserted into spam with a unique identification number so spammers know when you open your e-mail and thereby validate your e-mail address as active and a target for even more spam.

Bots and Botnets are automated systems used to send spam and can be used to send an e-mail to millions of recipients. Any computer connected to the internet can be turned into a bot. For example imagine a company with 500 employees, and 500 computers, if one gets infected it can then send an e-mail to all the rest and infect them at which point, all 500 computers are now being used to send spam. This in turn slows down all the affected computers and the networks involved in sending the e-mails. Even powerful servers can be taken over and used to send spam. Open relay servers which allow anyone to send e-mail through them were once useful and provided a free beneficial service but are now so abused that most end up on blacklists and many ISPs refuse to accept any mail from them.

Many spam scams are evolutions of old crimes such as check fraud and identity theft [10] but their harmful effects are magnified by the power of computers and their ability to reach millions of people instantly. The simple low tech spam scams still harvest millions to billions of dollars each year [10]. A lot of damage can be done with a relatively low tech computer and normal internet connection. CDs with tens of millions of illegitimately harvested e-mails can be easily purchased [12] or downloaded, or spammers can make one with programs that "scrape" the internet and pull e-mail addresses off of websites and message boards. Compare the cost of sending an e-mail to "just" 1 million recipients from a legitimate company at $500-$2000 or the physical mail cost of $250,000+[12].

A world-wide problem the technological advancement of the internet allows instant delivery of spam across borders and continents. This can bring the attempts of a criminal in an impoverished country instantly into the home of an elderly individual in any country or a hacker on the other side of the world can send viruses or phishing attempts to millions of Americans. Their remote geographic locations make their punishment highly unlikely.

Where is the line between simple marketing and causing harm? When does commerce become greed and when does greed become criminal? In addition to spam causing problems for legitimate emails and their physical delivery systems, spam threatens the freedom of the internet and provides a way in for legislation to attempt to regulate and limit the internet and its freedom. Anti-spam hardware and software measures could even be abused to block legitimate information and news. All the technology that enhances the internet and high speed of information also helps accelerate spam which subverts the legitimate flow of information. Spam, like a virus, threatens the life of its host, the internet.

-Peter Ochabski

[10] Internet Society, " Combating Spam: Policy, Technical and Industry Approaches", 11 October 2012
http://www.internetsociety.org/combating-spam-policy-technical-and-indus...
[11] David Goldman, " Low-tech Internet scams harvest billions of dollars" CNNMoneyTech July 26, 2011:
http://money.cnn.com/2011/07/26/technology/internet_scam_artists/index.htm
[12] SAUL HANSELL, " Internet Is Losing Ground in Battle Against Spam" New York Times. April 22, 2003
http://www.nytimes.com/2003/04/22/business/technology-internet-is-losing...

http://www.cerias.purdue.edu/assets/pdf/mfe_unsec_econ_pr_rpt_fnl_online...

[✓] = DONE
[X] = NOT DONE