Spam is unsolicited or unknown sending messages, often of an advertising nature, sent in large quantities that harm the recipient.
What is Spam in Computer Security?
Very familiar to the vast majority of PC users today, this word is the trademark for a spicy ham product that does not require refrigeration, created by Hormel Foods Corporation, a company that sells pre-cooked and canned meat.
It became popular in 1937 because it became a staple food for American troops during World War II.
On the other hand, spam in the internet environment is the unsolicited mails that do not contain features related to the promotion of the basic content, are designed for malicious purposes, and sent to a large number of recipients.
The first spam message was a misleading advertisement sent to Digital Equipment Corporation’s Arpanet users on a DEC-20 computer in May 1978.
The term was used in a document criticizing what happened, due to the accidental letter being sent to a news service.
The low cost of creating and distributing spam content and its easy delivery to a large number of recipients is considered by attackers to be the most basic way.
Zombie networks and botnets created by sets of personal computers are used to execute malicious code of the trojan horse type with backdoor functionality and to perform regular actions to process commands sent remotely by the attacker.
Its History and Evolution
There is a technical competition between spammers and security software developers aiming to detect such messages or files. While some malicious users create new spam methods, a certain group of well-intentioned users will fight them.
Initially, the sender did not hide their real addresses but had to use blacklists of spam emails to create a sender’s concealment or impersonation.
One of the simplest techniques is the creation of random combinations of real names and domain names stored in databases.
Therefore, it is possible to receive spam allegedly from an employee whose email address matches the company’s domain.
These databases are created and updated with spammers’ mailing lists, mail order news services, purchases of existing databases, web pages, chain email, servers with vulnerabilities, and email addresses that users stolen or obtained from their own computers with the help of malicious people.
Some harmful content can be hidden from the view of recipients by combining ad text with other unrelated components. For example, white letters or words on a white background.
In order to prevent such attacks, images were analyzed by comparing new and old malicious content using OCR filters.
Pixel level changes can be analyzed even if they look the same visually.
In terms of antispam, more efficient algorithms developed than optical character recognition, as graphic spam has properties that distinguish it from traditional images.
The technique called fingerprinting is based on a type of spam that leaves a trace or trace that can be identified. Therefore, this method can analyze whether the messages sent in bulk have similar properties such as color distribution.
Such techniques are combined with blocking messages sent from IP addresses corresponding to machines known to belong to a zombie network, analyzing the format and structure of the messages, and other techniques previously applied.
Legal progress was made in the prevention of harmful content.
In 2004, several spammers and database vendors of email addresses were arrested. Later, the European Commission set up a system that includes a suite of measures to combat spam, aimed at banning spam first in the European Union and then internationally.
In Australia, the Spam Act was enacted to severely punish these behaviors.
A prominent attacker responsible for most of this type of mail worldwide was convicted by the Seattle court and received up to 65 years in prison for fraud, identity theft, and money laundering.
As with malware, users can implement basic measures to protect against such attacks regardless of using updated antivirus, installing the latest security patches for their systems, and using other security products.
For example, do not respond to unsolicited newsletter messages containing texts. Do not participate in the sending of mass emails or use sites suggested in the text of the message.
Use text filtering rules in the Subject and Body of the message in your mail clients. If not necessary, choose not to send to websites where the user is given the opportunity to choose or not receive promotional messages from the site itself.
In the case of receiving malicious mail, notify the service provider where the unsolicited messages received to avoid such attempts.
Although results can be achieved with filters, as with other aspects of computer security, the end user must be able to combat such malice.