Wednesday, April 11, 2007

Getta Lotta Spam? Some tips for you, next time.

6.7 million cans of SPAM are sold each year in Hawaii, which equals 5.5 cans per year per Hawaiian. Those Hawaiians like a lot of SPAM. Interesting, but I think I got the wrong spam.

The "other" spam, the electronic variety, the kind that most Hawaiians don’t like. Now, I got it.

Some folks are calling 2007 "The Year of Spam", and maybe it will be. After all, IDC predicts 40 billion (that's 40,000,000,000) spam email messages will be sent worldwide this year. Couple this volume with the fact that spammers (those who are responsible for sending spam) are ever changing their filter-evading techniques means more spam reaches inboxes of people like you and me. Spammers are sneaky &#^$@*es.

Understanding the Spammer
Have you ever asked yourself why spammers spam? The answer is simple, money. Spammers make millions of dollars sending spam. It’s business to them, plain and simple. There are many ways that spam equals money for the spammer, from people actually buying goods advertised in spam emails to pay-per-click scamming. Spammers will do whatever it takes to get their email into your mailbox.

What spammers are doing is illegal, right? True, but spammers don’t care. The way they operate makes it very difficult if not impossible to catch and prosecute them. Spammers often use “bot” networks to send their emails through hundreds or thousands of unsuspecting hosts. Bot networks allow the spammer to hide his/her true origin. To complicate things more, the spammer may be physically located in another country.

Although there is no tool or technique that will guarantee you and I won't get spam email, there are things we can do to reduce our chances and/or the amount of spam email we receive.

‘Nuff of that, Now some Tips

Tip #1 - The obvious? Use anti-spam software and/or appliances. There are some useful programs on the market for personal computers and some good appliances for corporate environments. My favorite for personal home computers is SPAMfighter, and my favorite appliance is Tumbleweed. Your mileage may vary so check out what is a best fit for you.

Tip #2 - Use care in disclosing your email address. When posting in public forums (newsgroups, web sites, blogs, etc.) do not use your real email address. You can obfuscate your email address and still let people contact you, i.e. change into “ee em ay eye el at trustedtoolkit dot see oh em” or something else. You get the picture.

Spammers use various techniques for obtaining email address to send spam to. One of the easiest is to scan the Internet for patterns matching email addresses.

Tip #3 - Do not click links in spam emails. If a spam email gets through to your inbox, don’t click any links. If you click a link, chances are very good that the spammer now knows that you are a “live” person and the email address they have is good.

Tip #4 - Do not load images in emails automatically. The same premise in the tip above applies. Image spam is a very popular filter-evading technique these days. If you load images automatically in a spam email, chances are good that it contains a link that the spammer can track. Most email clients enable you to control how/if you load images in emails. Check your program for its capabilities. If you can live with “Text-only” (no HTML) email, then all the better.

Tip #5 - Do not “unsubscribe” to spam email. Spammers won’t take you off their mailing list; they will instead add you to the “active” or “confirmed” email list. The same premise in tip #3 applies. The unsubscribe link in the email lends some tiny semblance of implied legitimacy to the email in some people’s minds. No spam should be considered legitimate email.

Tip #6 - Read privacy policies. I understand that reading privacy policies is a pain in the rear for most people. Some privacy policies are a pain in the rear for me to read, and I read almost every one I encounter! Before I type my email address into an online form (encrypted, mind you), I check to see if the company or site has a privacy policy. If they do not, I will make a serious judgment call as to whether or not I want to share ANY of my information. If they do, I check the mention of how they will use and share my information, including my email address.

Tip #7 - If buying something online, read all the checkboxes during checkout. On many checkout pages there are checkboxes that state something like “share my information with partner companies” or “subscribe to company xyz news”. Don’t just skim over these checkboxes and continue on with your order. Read what they say and be sure that you have checked or unchecked the appropriate boxe(es).

Tip #8 - If you have a spam infested mailbox, consider a new email address. If your email address is “out there” meaning that it has been publicly posted on web sites, forums, newsgroups, etc. and you are getting an ample amount of spam, it may be time to consider a new email address. There are no methods I know of for cleaning your email address off the Internet, and spammers already have you in their lists. Might be time to “cut and run”.

Of course you could always choose not to use email.

I did not cover IM spam, Cell-phone spam, or any of the up and coming spam techniques being employed actively today. Maybe I will later.

No comments: