Statistics say that over 80% of all email is spam. For email addresses I use, that number is about 10%, and I use very little filtering. Why is that number so high for everyone else and not me? It is because I don’t just delete the email and be done. I fight back and hit the spammers where it hurts, in their pocketbooks.
Each reader can do the same thing with a little bit of time and effort. The good part is that each person, regardless of technical expertise, can take part in shutting spammers down or making it much more difficult and expensive to ply their trade. At the end of this article, links to various free services used to fight spammers are provided. Reporting spammers get them and their clients shut down by their providers, blacklisted, exposed, and most importantly, prosecuted. It also allows providers to notify users when their computers are infected with malicious software so that they can be disinfected.
Spam comes from many sources, and many of these sources are not knowingly sending spam. Others are willingly sending it or they are Internet Service Providers who refuse to to remove spammers or spam advertised websites from their networks. Other people involved in the spam industry may not send spam directly, but they make money by harvesting email addresses in various ways. You can negatively impact these people too. All these people and their tools have vulnerabilities which can be used to negatively impact their trade. Just about every type of spam has some type of contact information or website advertised. This point of contact is the vulnerability that can be used to stop the spammer.
Email addresses advertised in Nigerian scam type emails can be reported to their providers. Sales websites advertised in spam messages can be reported to their providers as well as many consumer report websites, Internet Service Providers, and regulatory agencies. All of these have the power to expose and curtail spammers operations.
In order to send spam, spammers must have a list of email addresses to which they send the spam. Many use various ways of harvesting email addresses to spam. Methods of harvesting email addresses include collecting email addresses from sent emails, using malicious software to collect email addresses from computers, scraping web pages for email addresses, and purchasing email list from others. Each of these have their own specific vulnerabilities which can be used to fight spammers.
Every device which is used to send or receive email should, if possible, have a list of honeypot email addresses that will indicate malicious software. In order to use this tactic, a person must sign up for an email address with a service that provides very little filtering or offers a white list which can be configured to allow all email from certain addresses. Whatever email address is used with one of these services should be something fairly random such as firstname.lastname@example.org. The purpose of having such a random inbox is to prevent programs which automatically generate email addresses from being able to cause spam to be sent to the address. After signing up for such a random email address with one of these services, a separate email list that is never used and contains this email address should be set up. Now, if email is received at that address, the device that sent it will be likely infected with some sort of malicious software. In other words, if email is received at that address, it is likely caused by malicious software, and the device that sent it should be scanned for malicious software.
Each person who has a website or even a web page can also set up what is called a honeypot script or a link to a honeypot service. A honeypot is used for the detection of malicious activity as well as collecting information about the people involved. One site that provides free spam honeypot services is called Project Honeypot. Its services are used to feed spam harvesting programs fake email addresses. The honeypot scripts and links are designed to be invisible and unclickable by human users yet easy to visit by email address harvesting programs. The honeypot records the ip address of the device that accesses it and generates unique fake email addresses just for that visitor. If one of these generated email addresses receives spam in the future, Project Honeypot knows when the address was harvested as well as what device did the harvesting. This information is used to prosecute spammers and to provide information that can be used to more effectively block spammers and filter spam.
Spam messages can be reported to a spam reporting service such as Spam Cop. This service automatically scans the spam message in order to determine where to send complaints. Complaint messages are then automatically generated and are then sent to the proper people. Another service is available as a Mozilla Thunderbird extension called Abusix Spam Reporter. This extension allows a spam recipient to report a spam by simply clicking a button.
For Internet Service providers who refuse to remove spammers from their networks, one can check the provider’s website for toll free numbers that can be called to make a complaint. Calling these toll free numbers cost that spam supporting I.S.P.’s money. If the call is placed from a pay phone (yes, these still do exist), it will cost the spam supporting I.S.P. a minimum of fifty cents for each call.
Another way of dealing with spammers is by getting big companies to join in the fight against individual spammers. This is easy to do especially when spammers misuse their trademarks or counterfeit their products. Many companies will aggressively pursue others who counterfeit their products or violate their patents, trademarks, hurt their reputations, or in any way cost them money.
For spam messages that contain suspected executable content, or a direct link to executable content, there are several things that can be done. If the executable arrives as an attachment, it should be scanned by antivirus software. If the antivirus software reports no malware, then a sample should be submitted to your antivirus vendor for examination. Just search the Internet for “submit malware sample” and include the name of the vendor. It should also be submitted to other vendors as well.
Below is a list of websites and services involved in the fight against spam:
http://www.projecthoneypot.org is a spam harvester reporting and blacklisting.
http://blackhole.mx is a spam reporting and block list service that allows the reporting of spam using a single click in Mozilla Thunderbird.
http://www.spamcop.net is general spam reporting service.
http://www.legitscript.com is a site where rogue Internet pharmacies can be reported. Received spam that advertised a rogue pharmacy? Report it here so that it can be exposed and shut down.
www.google.com/safebrowsing/report_phish/ is used to report sites that steal login or account information. Sites that are verifies as being used to steal information are automatically blocked by many web browsers.
http://www.google.com/safebrowsing/report_badware/ is used to report sites that try to install malicious or bad software on peoples’ computers or phones.
https://www.verisign.com/support/contact/seal-abuse/index.html is where sites that use fake security seals can be reported.
http://www.419scam.org/report.htm is used to report scam lottery as well as other Nigerian type email scam messages.
email@example.com is an email address that can be used to report spam advertising penny stocks and other pump and dump schemes.
Compliance@mcafee.com is where fake McAfee security seals on spam advertised sites can be reported.
http://www.plaza1.net/spammerslammer.cgi generates real looking but fake information that can be used to pollute the databases of spammers and identity thieves costing them money and time contacting nonexistent people.
Each of us can do our part in eliminating spam and make the Internet a better place for all.