EFX internet News
|FAQ - Fighting Spam - Update
5/1/2004 (Source: EFX internet)
"Help! My Inbox is being overrun with spam! How do spammers get my address?"
Common Spammer Tactics
Some of the most common questions we receive from our users are about spam. People feel it is getting worse, and they want to know why. Spammers are employing more advanced tactics and getting more aggressive in their spamming techniques. To understand how to stop spam, you should learn some of the tricks that spammers use to gain access to your Inbox.
The spammer takes a "dictionary" of common words and names, combines them, and sends email addressed to all different variations such as firstname.lastname@example.org, email@example.com, firstname.lastname@example.org. Spammers typically do this at leading email providers that have a large base of users like Hotmail, Yahoo, or MSN.
The spammer trick of choice these days, email spoofing, uses a faked email header that makes an email message look like the message came from someone or somewhere other than the spammer. It's fairly easy to make an email appear that it's sent from your own address or a seemingly credible source. Spammers use spoofing to get you to open and respond to their mail. Remember, you should never respond to unsolicited email.
This ploy tricks users into opening the spam by pretending to know the person or trying to lure the person with a "personal" subject line. Typical subject lines include "Hey how are you?," "Urgent and Confidential," "We need to meet," "I have money for you," or "It snowed again." Avoid this trick by never responding to unsolicited email.
Mining message boards and chat rooms:
Do not post your email address in public places -- treat it like you would your phone number. If your email address appears on a message board, in a chat room, or any public place, spammers can use automated robots, or "bots," to search the Internet and grab your email address.
Open proxy, third-party servers:
Open proxies are third-party servers that allow spammers to send mail while hiding their true identities and Internet locations (IP addresses). Many spammers use these open proxy servers to help maintain anonymity. EFX internet's mail server uses RBLs (Realtime Blackhole Lists) to proactively protect you from this technique.
An email may contain an image that is invisible to the recipient -- this is sometimes called an "invisible GIF" or "web beacon." Once the email is opened, the spammer is alerted that your address is "live." We advises that you don't open email messages if they appear to be spam.
Additionally, Outlook 2002 has an Image Blocking feature that prevents HTML graphics from loading until you determine the message is from a trusted sender. Outlook Express does not have this feature.
Inserting random strings of text and characters:
To try and get through spam-control filters, spammers will insert random strings of text throughout the email to make the spam appear unique from other email. Sometimes they do this with email headers by adding spaces and characters like this: V_I_A_G_R_A. You can help fight this type of spam by not opening or responding to it.
Many of us receive chain letters that invite you to forward the message on to your friends. Sometimes it will say you will get five cents for every email or bad luck if you send to less than five people. These are hoaxes created to promote spam. Never forward these emails thinking you will receive money for each recipient of their email.
Tips to Prevent More Spam:
Here are some other spam-fighting tips:
Try Norton Antispam 2004 for Outlook Express (linked below) or upgrade to Microsoft Outlook 2003 with excellent built-in antispam features.
- Protect your email address - treat it like your phone number.
- Never send your password, credit card numbers, or other personal information in an email.
- Don't post your email address in public places (e.g., newsgroups, message boards, chat rooms) where spammers mine for email addresses.
- Don't post your email address on your website. Use a web form that hides the email address in a script or if you must post your address cloak it using Hiveware's Enkoder. The Enkoder will mask the address from automated web spiders trying to collect your address for SPAM and still allow web surfers to click the link and email you.
- Use a Disposable Email Address (e.g., Hotmail, Yahoo, MSN) when posting online.
- Never respond to unsolicited email - this can alert the sender that your email address is valid.
- Never click on a URL or web site listed in spam - this will also alert the sender that your email address is valid.
- Never forward spam chain letters.
Print Article | Back