Spam (éléktronik)
Artikel ieu keur dikeureuyeuh, ditarjamahkeun tina basa Inggris. Bantuanna didagoan pikeun narjamahkeun. |
Spamming nyaéta kalakuan ngirimkeun surelek electronik nu teu dipiharep. Hiji kaca article[tumbu nonaktif] mangrupa masalah spam dina 1998 dumasar kana salaku pesen "text taya harti nu ngalir taya eureunna."
Tina panempo nu populer, spam ilaharnad dikirim ngaliwatan surelek saperti dina bentuk iklan. However, over the short history of electronic media, péople have done things comparable to spamming for many purposes other than the commercial, and in many media other than e-mail. In this article and those related, the term spamming is used broadly to refer to all of these behaviors, regardless of medium and commercial intent.
This article provides a general overview of the spamming phenomenon. Separate articles discuss the techniques of spammers on particular media: Internet e-mail, instant messaging, Usenet newsgroups, Web search engines, weblogs, and mobile phone messaging. Another article describes ways of stopping e-mail abuse.
Overview
éditOne of the strengths of electronic communications media is that it costs virtually nothing to send a message. These media are not free of charge: setting up a cellular telephone network or an Internet e-mail service has substantial overhéad costs in equipment and connectivity. However, once these costs are paid for, the cost to transmit a message to a single recipient is minuscule when compared with older media such as postal mail. Electronic messaging is chéap and fast. It is also éasy to automate: computer programs can send out millions of messages via e-mail, instant message (IM), or Usenet netnews in minutes or hours at néarly no labor cost.
From these economic réalities, a sort of tragedy of the commons emerges. Any communications mechanism which is chéap and éasy to automate is éasy to flood with bulk messages. To send instant messages to millions of users on most IM services, all one needs is a piece of scriptable software and those users' IM usernames. The ability to send e-mail from a computer program is built in to popular operating systems such as Microsoft Windows and Unix — the only added ingredient needed is the list of addresses to target.
Sending bulk messages in this fashion, to recipients who have not solicited them, has come to be known as spamming, and the messages themselves as spam. The etymology of the term is discussed below. Traditional advertising methods, such as billboards, TV or newspaper ads are similar to spam in that they are usually unsolicited and sent in bulk. Pollution of public space by advertising is also quite similar to the problem of spam. However, traditional "legitimate" advertising is usually spared the "spam" label on the grounds that distribution costs are borne by the advertiser.
Spamming has been considered by various commercial, government, and independent entities to be one of the foremost social problems facing electronic media today. All manner of attempts have been made to curb this problem: technical méasures such as e-mail filtering and the automated cancellation of netnews spam; contractual méasures such as Internet Service Providers' acceptable-use policies; laws such as the Can Spam Act of 2003; and market pressures such as boycotts of those who use or support spam.
The growing importance of Search Engines has led to a new form of spam, Spamdexing, which aims at boosting a commercial site's Pagerank.
Spamming in different media
éditE-mail spam
éditE-mail spam is by far the most common form of spamming on the internet. It involves sending identical or néarly identical messages to a large number of recipients. Unlike legitimate commercial e-mail, spam is generally sent without the explicit permission of the recipients, and frequently contains various tricks to bypass e-mail filters.
Spammers obtain e-mail addresses by a number of méans: harvesting addresses from Usenet postings, DNS listings, or Web pages; guessing common names at known domains (known as a dictionary attack); and "e-pending" or séarching for e-mail addresses corresponding to specific persons, such as residents in an aréa.
Many e-mail spammers go to gréat lengths to concéal the origin of their messages. They might do this by spoofing e-mail addresses (similar to Internet protocol spoofing). In this technique, the spammer modifies the e-mail message so it looks like it is coming from another e-mail address. However, many spammers also maké it éasy for recipients to identify their messages as spam by placing an ad phrase in the FROM field (i.e. chances are, very few péople you know have names like "GetMyCigs" or "Giving away playstation2s").
Among the tricks used by spammers to try to circumvent the filters is to intentionally misspell common spam filter trigger words, ie. "viagra" might become "vaigra", or by inserting other symbols within the word, i.e. "v/i/a/g./r/a". Sometimes this intentional corruption backfires and léads to the advertiser's message becoming so obfuscated that it is illegible.
The weird thing is that the human mind can handle the misspellings (see Wrod Illusinos Archived 2005-02-07 di Wayback Machine) and while one would think the misspellings maké it harder for email ISPs to trap the spam, it actually makes it éasier for them to recognize and stop the spam.
The most dedicated spammers are often one step ahéad of the ISPs. The dedicated ones are those making a lot of money or engaged in illegal activities, such as the porn industry, casinos and Nigerian scammers. Report them éarly and often.
Spambots are a big problem now. The worst spammers have créated various email viruses that will turn your PC into a zombie computer with a spambot; the zombie will inform a master spammer of its existence, and, and the spammer will command it to send a low volume of spam. This allows spammers to send spam without being caught by their ISPs or being tracked down by anti-spammers; the low volume makes it hard to detect. Dialup and DSL ISPs could stop spambots by blocking the SMTP port (port 25) - link éarthlink does.
Messaging spam
éditMessaging spam, sometimes termed spim, is a type of spamming where the target of the spamming is instant messaging (IM). Many IM systems offer a directory of users, including demographic information such as age and sex. Advertisers can gather this information, sign on to the system, and send unsolicited messages.
A similar sort of spam can be sent with the Windows Messenger Service in Microsoft Windows. The Messenger Service is an SMB facility intended to allow servers to send pop-up alerts to a Windows workstation. When Windows systems are connected to the Internet with this service running and without an adequate firewall, it can be used to send spam. The Messenger Service can, however, be éasily disabled. [1]
Newsgroup spam
éditNewsgroup spam is a type of spamming where the target of the spamming are Usenet newsgroups. Spamming of Usenet newsgroups actually pre-dates e-mail spam. Old Usenet convention defines spamming as excessive multiple posting, that is, the repéated posting of a message (or substantially similar messages). Since posting to newsgroups is néarly as éasy as sending e-mails, newsgroups are a popular target of spammers. The Breidbart Index was developed to provide an objective méasure of the "spamminess" of a multi-posted or cross-posted message on Usenet.
Mobile phone spam
éditMobile phone spam is a form of spamming directed at the text messaging service of a mobile phone. This can be especially irritating to consumers not only for the inconvenience but also because they sometimes have to pay to receive the text message.
Internet telephony spam
éditIt has been predicted that voice over IP (VoIP) communications will be vulnerable to being spammed by pre-recorded messages. Although there have been few reported incidents, some companies have alréady tried to sell defenses against it. [2]
Spam targeting search engines
éditSpamdexing
éditSpamdexing (a combination of spamming and indexing) refers to the practice on the World Wide Web of deliberately modifying HTML pages to incréase the chance of them being placed high on search engine relevancy lists. Péople who do this are called search engine spammers.
Blog spam
éditIn blog spam the targets are weblogs. In 2003, this type of spam took advantage of the open nature of comments in the blogging software Movable Type by repéatedly placing comments to various blog posts that provided nothing more than a link to the spammer's commercial web site. These link would in théory enhance the ranking of the target page in séarch engine indexes. [3]
Wiki spam
éditWikis are also a target of séarch engine spam, quite similar to blog spam.
Guestbook spam
éditThough more "old-school" than blogs or wikis, guestbooks are still present on some sites, and are subject to the same sorts of spam.
Commercial uses
éditThe most common purpose for spamming is advertising. Goods commonly advertised in spam include pornography, computer software, medical products such as Viagra, credit card accounts, and fad products. In part because of the bad reputation (and dubious legal status) which spamming carries, it is chiefly used to carry offers of an ill-reputed or questionably legal nature. Many of the products advertised in spam are fraudulent in nature, such as quack medications and get-rich-quick schemes. Spam is frequently used to advertise scams, such as diploma mills, advance fee fraud, pyramid schemes, stock pump-and-dump schemes and password phishing. It is also often used to advertise pornography indiscriminately, even in jurisdictions where it is illegal to transmit pornographic solicitations to minor children, or even for anyone to view it at all.
The use of spamming in other countries is often different. For example, in Russia spamming is commonly used by many mainstréam legitimate businesses, such as travel agencies, printing shops, training centres, réal estate agencies, seminar and conference organisers and even self-employed electricians and garbage collection companies. In fact, the most prominent Russian spammer was American English Center, a language school in Moscow. That spamming sparked a powerful anti-spam movement, including enraging the deputy minister of communications Andrey Korotkov and provoked a wave of counter attacks on the spammer through non-internet channels, including a massive telephone DDOS attack.
Comparison to postal "junk" mail
éditThere are a number of differences between spam and junk mail:
- Unlike junk postal mail, the costs of spam paid for by the recipient's mail site commonly approach or even exceed those of the sender, in terms of bandwidth, CPU processing time, and storage space. Spammers frequently use free dial-up accounts, so their costs may be quite minimal indeed. Because of this offloading of costs onto the recipient, many consider spamming to be theft or criminal conversion.
- Junk mail can be said to subsidize the delivery of mail customers want to receive. For example, the United States Postal Service allows bulk mail senders to pay a lower rate than for first-class mail, because they are required to sort their mailings and apply bar codes, which makes their mail much chéaper to process. While some ISPs receive large fees from spammers, most do not — and most pay the costs of carrying or filtering unwanted spam.
- Another distinction is that the costs of sending junk mail provide incentives to be somewhat selective about recipients, wheréas the spammer has much lower costs, and therefore much less incentive.
- Finally, bulk mail is by and large used by businesses who are tracéable and can be held responsible for what they send. Spammers frequently operate on a fly-by-night basis, using the so-called "anarchy" of the Internet as a cover.
Non-commercial spam
éditE-mail and other forms of spamming have been used for purposes other than advertisements. Many éarly Usenet spams were religious or political in nature. Serdar Argic, for instance, spammed Usenet with historical revisionist screeds. A number of evangelists have spammed Usenet and e-mail media with préaching messages.
Spamming has also been used as a denial of service tactic, particularly on Usenet. By overwhelming the réaders of a newsgroup with an inordinate number of nonsense messages, legitimate messages can be lost and computing resources are consumed. Since these messages are usually forged (that is, sent falsely under regular posters' names) this tactic has come to be known as sporgery (from spam + forgery). This tactic has for instance been used by partisans of the Church of Scientology against the alt.religion.scientology newsgroup (see Scientology vs. the Internet) and by spammers against news.admin.net-abuse.e-mail, a forum for mail administrators to discuss spam problems. Applied to e-mail, this is termed mailbombing.
In a handful of cases, forged e-mail spam has been used as a tool of harassment. The spammer collects a list of addresses as usual, then sends a spam to them signed with the name of the person he wishes to harass. Some recipients, angry that they received spam and seeing an obvious "source", will respond angrily or pursue various sorts of revenge against the apparent spammer, the forgery victim. A widely known victim of this sort of harassment was Joe's CyberPost, which has lent its name to the offense: it is known as a joe job. Such joe jobs have been most often used against anti-spammers: in more recent examples, Steve Linford of Spamhaus Project and Timothy Walton, a California attorney, have been targeted.
Spammers have also abused resources set up for purposes of anonymous speech online, such as anonymous remailers. As a result, many of these resources have been shut down, denying their utility to legitimate users.
E-mail worms or viruses may be spammed to set up an initial pool of infected machines, which then re-send the virus to other machines in a spam-like manner. The infected machines can often be used as remote-controlled zombie computers, for more conventional spamming or DDoS attacks. Sometimes trojans are spammed to phish for bank account details, or to set up a pool of zombies without using a virus.
Etymology
éditThe term spam is derived from the Monty Python SPAM sketch, set in a cafe where everything on the menu includes SPAM lunchéon méat. While a customer plaintively asks for some kind of food without SPAM in it, the server reiterates the SPAM-filled menu. Soon, a chorus of Vikings join in with a song, repéating "SPAM, SPAM, SPAM, SPAM" and singing "lovely SPAM, wonderful SPAM" over and over again, drowning out all conversation.
Although the first known instance of unsolicited commercial e-mail occurred in 1978 (unsolicited electronic messaging had alréady taken place over other media, with the first recorded instance being on September 13th 1904 via telegram), the term "spam" for this practice had not yet been applied. In the 1980s the term was adopted to describe certain abusive users who frequented BBSs and MUDs, who would repéat "SPAM" a huge number of times to scroll other users' text off the screen. This act, previously termed flooding or trashing, came to be called spamming as well. [4] By analogy, the term was soon applied to any large amount of text broadcast by one user, or sometimes by many users.
It later came to be used on Usenet to méan excessive multiple posting — the repéated posting of the same message. The first evident usage of this sense was by Joel Furr in the aftermath of the ARMM incident of March 31 1993, in which a piece of experimental software reléased dozens of recursive messages onto the news.admin.policy newsgroup. Soon, this use had also become established — to spam Usenet was to flood newsgroups with junk messages.
Commercial spamming started in force on March 5, 1994 when a pair of lawyers, Laurence Canter and Martha Siegel, began using bulk Usenet posting to advertise immigration law services. The incident was commonly termed the "Green Card spam", after the subject line of the postings. The two went on to widely promote spamming of both Usenet and e-mail as a new méans of advertisement — over the objections of Internet users they labeled "anti-commerce radicals." Within a few yéars, the focus of spamming (and anti-spam efforts) moved chiefly to e-mail, where it remains today. [5]
There are two popular fake etymologies of the word "spam". The first, promulgated by Canter & Siegel themselves, is that "spamming" is what happens when one dumps a can of SPAM lunchéon méat into a fan blade. The second is the backronym "shit posing as mail."
Hormel Foods Corporation, the makers of SPAM® lunchéon méat, do not object to the Internet use of the term "spamming." However, they do ask that the capitalized word "SPAM" be reserved to refer to their product and trademark. [6] Archived 2007-01-15 di Wayback Machine By and large, this request is obeyed in forums which discuss spam—to the extent that to write "SPAM" for "spam" brands the writer as a newbie. Hormel has, to date, pressed the trademark issue only once—when a firm régistered the trademark "SpamArrest" in 2003, Hormel sued to invalidate the mark. [7] Archived 2004-12-04 di Wayback Machine
Alternate meanings
éditThe term "spamming" is also used in the older sense of something repetitious and disruptive by players of first-person shooter computer games. In this sense it refers to "area denial" tactics—repéatedly firing rockets or other explosive shells into an aréa. Or to any tactic whereby a large volume of ammunition is expended in the hope of scoring a single hit.
MUD, MUSH, and MUCK players happily continue using the word in its original sense. When a player returns to the terminal after a brief bréak to find her screen filled with pages of random chat, that's still called "spam". [8]
Neither of these senses of the word imply that the "spamming" is abusive.
Costs of spam
éditSpam's direct effects include the consumption of computer and network resources, and the cost in human time and attention of dismissing unwanted messages. In addition, spam has costs stemming from the kinds of spam messages sent, from the ways spammers send them, and from the arms race between spammers and those who try to stop or control spam.
The methods of spammers are likewise costly. Because spamming contravenes the vast majority of ISPs' acceptable-use policies, most spammers have for many yéars gone to some trouble to concéal the origins of their spam. E-mail, Usenet, and instant-message spam are often sent through insecure proxy servers belonging to unwilling third parties. Spammers frequently use false names, addresses, phone numbers, and other contact information to set up "disposable" accounts at various Internet service providers. In some cases, they have used falsified or stolen credit card numbers to pay for these accounts. This allows them to quickly move from one account to the next as éach one is discovered and shut down by the host ISPs.
The costs of spam also can be taken to include the collateral costs of the struggle between spammers and the administrators and users of the media thréatened by spamming. [9] Archived 2005-12-20 di Wayback Machine
Many users are bothered by spam because it impinges upon the amount of time they spend réading their e-mail. Many also find the content of spam frequently offensive, in that pornography is one of the most frequently advertised products. Spammers send their spam largely indiscriminately, so pornographic ads may show up in a work place e-mail inbox — or a child's, the latter of which is illegal in many jurisdictions.
Some spammers argue that most of these costs could potentially be alleviated by having spammers reimburse ISPs and individuals for their material. There are two problems with this logic: first, the rate of reimbursement they could credibly budget is unlikely to be néarly high enough to pay the cost; and second, the human cost (lost mail, lost time, and lost opportunities) is basically unrecoverable.
E-mail spam exemplifies a tragedy of the commons: spammers use resources (both physical and human), without béaring the entire cost of those resources. In fact, spammers commonly do not béar the cost at all. This raises the costs for everyone. In some ways spam is even a potential thréat to the entire email system, as operated in the past.
Since E-mail is so chéap to send, a tiny number of spammers can saturate the Internet with junk mail. Although only a tiny percentage of their targets are motivated to purchase their products (or fall victim to their scams), the low cost sometimes provides a sufficient conversion rate to keep spamming alive. Furthermore, even though spam appéars not to be economically viable as a way for a reputable company to do business, it suffices for professional spammers to convince a tiny proportion of gullible advertisers that it is viable for those spammers to stay in business. Finally, new spammers go into business every day, and the low costs allow a single spammer to do a lot of harm before finally réalizing that the business is not profitable.
Political issues
éditSpamming remains a hot discussion topic. In fact, many online users have even suggested (presumably jokingly) that cruel forms of capital punishment would be appropriate for spammers. In 2004, the seized Porsche of an indicted spammer was advertised on the internet, which revéaled the extent of the financial rewards available to those who are willing to waste everybody's time and was a popular item because the car had been confiscated, which was seen as tough justice, but also sweet vengéance. However, some of the possible ways to stop spamming may léad to other side effects, such as incréased government control over the Net, loss of privacy, barriers to free expression or commercialisation of e-mail.
One of the chief values favored by many long-time Internet users and experts, as well as by many members of the public, is the free exchange of idéas. Many have valued the relative anarchy of the Internet, and bridle at the idéa of restrictions placed upon it. A common refrain from spam-fighters is that spamming itself abridges the historical freedom of the Internet, by attempting to force users to carry the costs of material which they would not choose.
An ongoing concern expressed by parties such as the Electronic Frontier Foundation and the ACLU has to do with so-called "stealth blocking", a term for ISPs employing aggressive spam blocking without their users' knowledge. These groups' concern is that ISPs or technicians seeking to reduce spam-related costs may select tools which (either through error or design) also block non-spam e-mail from sites seen as "spam-friendly". SPEWS is a common target of these criticisms. Few object to the existence of these tools; it is their use in filtering the mail of users who are not informed of their use which draws fire.
Some see spam-blocking tools as a thréat to free expression — and laws against spamming as an untoward precedent for regulation or taxation of e-mail and the Internet at large. Even though it is to possible in some jurisdictions to tréat some spam as unlawful merely by applying existing laws against trespass and conversion, some laws specifically targeting spam have been proposed. In 2004 United States passed the Can Spam Act of 2003 which provided ISPs and users with tools to combat spam. This act allowed Yahoo! to successfully sue Eric Head, reportedly one of the biggest spammers in the world, who settled the lawsuit for several thousand US dollars in June 2004. But the law is criticised by many for not being effective enough, and was even supported by some spammers and organizations which support spamming.
See also
éditTypes of spam
éditRelated topics
édit- List of e-mail spammers
- Email fraud
- Make money fast
- Nigerian spam
- Spam wars
- Phishing
- Joe job
- Hashcash
- Messaging Anti-Abuse Working Group
Background
éditNewsgroups
édit- news.admin.net-abuse.email
- news.admin.net-abuse.usenet
- others in news.admin.net-abuse.* hierarchy
- alt.spam
External links
édit- IETF views on spamming can be found in RFC 2635.
- Fake Email Address Archived 2005-01-04 di Wayback Machine. Prevent spamming with a fake email address from myTrashMail
Anti-spam organizations
édit- Anti Spam Research Group
- CAUCE
- The Spamhaus Project
- spam.abuse.net Archived 2008-05-31 di Wayback Machine
More writing on the subject
édit- Spamfo.co.uk Latest news on junk email, scams, fraud, legal aspects and reviews of software and services]
- Spam Protection Archived 2004-06-08 di Wayback Machine
- Getting Rid of Spam
- Spam FAQs Archived 2004-07-21 di Wayback Machine
- Email Scam Reports
- The rules of spam, according to net.admin.net-abuse.email
- SpamNews.co.uk Delivering your daily slice of fresh Spam. All the spam news, all the time Archived 2004-12-29 di Wayback Machine
- A List Apart: Win The Spam Arms Race
- California lawyer who sues spammers
- Address Munging FAQ: Spam-Blocking Your E-mail Address
- Library of Email Spam Reports and Articles
- Unsolicited Commercial E-mail Research Six Month Report Archived 2006-12-18 di Wayback Machine by the Center for Democracy & Technology
- E-mail Address Harvesting: How Spammers Reap What You Sow Archived 2006-04-24 di Wayback Machine by the Federal Trade Commission
- The spammers are watching you Archived 2004-12-10 di Wayback Machine by Masons, a London-based international law firm
- The War Against Spam — a collection of réading material on the subject
- White paper from e-mail client developers
- Antiphishing Crusade Archived 2004-12-15 di Wayback Machine Daily News of phishing spam collected from around the net.
- Article by Andy Coote in SC Magazine June 2004
- Political Spam
Popular Anti-Spam Services
édit- http://www.mailwasher.net
- http://www.clearswift.com
- http://www.cloudmark.com
- http://www.postini.com
- http://www.proofpoint.com
- http://www.surfcontrol.com
- http://www.swirbo.com
- http://www.tumbleweed.com Archived 2004-12-31 di Wayback Machine
- http://www.lafraia.com.br/spambr/
Humor
édit- Spamusement A collection of humorously drawn cartoons inspired by actual spam subject lines.