Thursday, October 05, 2006

Secure your email from SPAMmers

For a long time now, many of us always face lots of problems in the email communication from Virus attacks and SPAM. We have questions in many angle to identify those spammers, sometimes technical some time its manual. However we always spend our time in thinking who are responsible for the SPAM issue? Normally our mind thinks in the below angle, at least for my knowledge I have seen many people asking me the questions like below:
  • Is it the spammer who is solely responsible for SPAM problem?
  • Is it a problem of system administrator of the mail server?
  • Is it because the companies who provide the mail service is not properly setup their infrastructure to fight against spam?
But unfortunately even the sum of the above three people are actually having less percentage stake in the SPAM issue. Yes, this may sound non-practical answer but this is the truth. The actual reason for SPAM is ‘we’ who think spam is a problem created by somebody else.Let me try justifying my answer, first and foremost thing I wanted mention here is about the ignorance of many of us. Some times the ignorance of one person may severely affect the neighboring or the society of people around him. This is accepted theory of many eras. But what is the relation between this theory and our Spam problem? Here come the answers in bulleted points knocking the targets.

1. Email publications – A majority of spammers collect email ids from HTML pages of websites and newsgroups. Hence publishing the emails in a public area we make the 1st mistake. But sometimes its necessary to publish hence you can use non-conventional method of writing email ids in such places, this will avoid the bots which collects emails from WebPages wouldn’t be able recognize the email address

2. Email submissions – How many of us use online greeting sites, online free music sites and online address book services which are free of cost? I know none of you will say I don’t use, that clears is doubt you are indirectly allowing a third party to harvest your email address which he may sell it to millions of spmmers. Result your email id gets spam from every corner of the world. Some times we don’t even look at the free service providers terms and condition while registering with their service. Try reading it its clearly written.

3. Email Ad-campaigns – Oh, many of us would have participated online games or some kind of lottery or an Ad-campaign of some company. There were few genuine and many frauds in this kind of campaigns. The genuine campaigns will announce the result of winner but the fraudulent companies will sell your emails registered for the campaigns. This creates a chain linked spam process.

4. Un-subscription – Is the unsubscribe button or text displayed in some spam mails are really does it? Well, I’m negative once again. These email spam which carry a unsubscribe link in the bottom basically use it to confirm the existence of your email address. In many cases the spammers identify a active domain name from the “whois” database and try guessing email addresses. Many of the email servers will accept mails for delivery if the domain part of any email address is configured with the server. Hence the spammer to find email addresses inside the server, he start sending some spam mails with unsubscribe link. The movement you click it, he records your address as genuine and start selling it for spammers.

5. Personal Address books – Another important fact for spam mails inside an organization or a user community is the personal Address books stored in a M*c**S*f* OutL@@K. What do I mean is your question? Yes, when you people store the email addresses of your friends, relatives, colleagues and other know persons into your email clients address book which is based on famous Windows platform, happen to be easy for a spammer to harvest or directly send spam from your own computer. How is that possible? Let me explain you this way, When we store the email ids in our address book and if there be a Malicious code which harvest emails from your computer can easily send all your address book entries for spammers. Secondly when there is a program or spyware written to send mails directly from a compromised system can send no. of spam to the addresses stored.

Opps… I can see many of you while reading curse me saying enough you only point mistakes which everybody does, don’t you have a solution or advise to me? Yes I do, Please look at below information

1. Never submit your email address to any web publication, also if your corporate website requires a contact us link to your email id, please find a developer to create a dynamic form which processes the message and internally send to an email addresses hiding your email address to the world.

2. Try to avoid online greeting and music sites as much as possible as they are the main source of email addresses for spammers.

3. Keep yourself clean don’t look at the pornography sites, as they install many malicious code into your computer which can send thousands of emails using your own computer. They also read your local files/address book and take the necessary user information for spam purposes. I advise if you really need those please do it with your pal in the real world. Strictly say a big no no to the virtual sex.

4. Never use a free address book service from any online service provider, actually you think its free but the service provider think they get a free MIS operator who key in the email ids for spam.

5. If you get an email id which is not actually subscribed by you and having a unsubscribe link, Beware it’s a harvesting bomb, don’t even think of going near to the link, you better black list the email id in your webmail interface or write a rule in your email client to deliver that address to Trash directly.

6. We should never attracted by the freebies offered by websites, keep yourself fit and move away from their websites. Don’t ever enter your email address for a lucky draw as it always works out to be a lucky draw to the spammer.

7. Finally personal address books are mandatory for many of us, also I have already denied the use of free online address book service also, then where you we save the email addresses and how do we communicate. So storing the email ids in the mail client turns to be necessity but for prevention please don’t forget to add a dummy name and email address like this ‘!00000‘ Actually it becomes the first entry of your address book and has no validity of email address, hence the harvesting programs or mailer spy programs may not be able to complete sending 1st email address of your address book. So you are stopping the activity by stopping them with one dummy address.

Last but not least, Anti-SPAM is not a software, is not an administrators effort, is not a company infrastructure issue and Anti-SPAM is not a solution It is a practice. I hope this article provides substantial information on who and how of SPAM.

Visit me at: http://www.camera-friendly.com

No comments: