|
| |
Originally published April 2004
People have become accustomed to the ability to communicate nearly instantly with people in another city, state or even country via e-mail. Unfortunately, as with most technologies, some people have taken advantage of e-mail's capabilities and made it much less pleasant for everyone else. Spam, also called Unsolicited Commercial E-mail, or UCE, is the e-mail equivalent of the telephone call from a salesperson with whom you don't really want to talk. We'd really rather not deal with it, but somehow we must. Hopefully, this article and the next will give you some background information about how and why spammers do their business, and some helpful advice about how to deal with it a bit more easily and effectively.
Once question I get asked fairly often is why people send out spam in the first place. "Don't they know that no one ever buys anything from those e-mails?" Unfortunately, that statement is not completely true. Very few people do actually buy from an e-mail, but there are some. And that is what makes spam so hard to deal with. Compared to postal mailings or telephone calls, it is extremely cheap for someone to set up an e-mail account and send out a few hundred thousand e-mails. It is so cheap, in fact, that if the spammer gets only one sale in twenty to thirty thousand e-mails, they have generally made their money back.
Also, because it is so cheap to set up an e-mail account, there is not much legal risk to the person sending the spam. Most spam is sent out by "mom-and-pop" operations, even though they may change the address to look like they are sending out from a big company that is familiar to more people. Because of this "bedroom industry" and the low cost of creating an e-mail account, a spammer can easily shut down his operation and set it back up again quickly and inexpensively. Most major spammers will turn off their operation and move it as soon as they get the slightest suspicion that they might be facing legal action. As a result, there are many cases of someone who sets up a computer at an apartment, sends out a few hundred thousand to a few million e-mails (which may only take a day or two), and moves on to another apartment with their computer.
Finally, people ask me how someone got their e-mail address in the first place. Most people never deliberately send their e-mail address to someone they don't know, and hopefully none of their friends are selling their e-mail addresses to spammers. So, how does someone get on one of those lists? Viruses and robots. Viruses are not usually used deliberately by spammers, but some of their nasty side effects can help get your address on spam lists. When they are activated, most modern computer viruses harvest as many e-mail addresses they can find on your computer and send themselves out to those addresses in order to spread. If you have received spam and not deleted it, or even if it is still sitting in your Deleted Items folder in your e-mail program, a virus can pick out the e-mail addresses from those messages and send itself to them. Another problem with viruses is that many of them change the "From:" address in the e-mail. So even if you keep your antivirus protection up to date, one of your friends or family might not be so lucky. Here is a common hypothetical scenario:
I communicate back and forth with my mom via e-mail. She has my address in her address book. She also gets a little bit of spam, which she deletes, but leaves in her Deleted Items folder. One day, she gets a virus which harvests the e-mail addresses from her computer, picks one of those addresses at random to put in the From field and sends itself out to every other address it can find. I get unlucky, and it happens to pick my e-mail address to put in the From field. Now, because she has that spam in her Deleted Items folder, the virus has harvested those addresses and sent my name to them. The e-mail may not have any other connection to me, but the spammer's computer now has received an e-mail that says it is from me, so they think my address is live. And now I start getting more spam. Also, keep in mind that many viruses run every time the computer is restarted, so there is more of a chance for my e-mail address to be sent to a spammer.
The more common way many spammers get your address is by using robots. A robot, in computer terms, is an program that performs a repetitive task automatically on a computer. Most spam-harvesting robots look at chat rooms, web logs, instant messaging programs, and newsgroups. If you belong to a mailing list such as a YahooGroups list, or if you join any online chat rooms, your e-mail address can be harvested very easily. Many mailing lists archive their content for a long period of time. I was recently looking for some information about a musical artist and stumbled across an e-mail I made to a mailing list almost six years ago. I haven't even subscribed to that particular list for about three years, but the post is still there. And if I can find it by typing an artist name into Google, anyone else with a computer could also find it, and send spam to that e-mail address if they wanted. Many robots lurk in chat rooms on AOL and similar places. They simply look for the "@" sign in an e-mail and pick up that bit of data as a possible e-mail address. If they send out an e-mail and it doesn't go anywhere, it really doesn't matter to the spammers because it didn't cost them very much to begin with.
One of the easiest ways to get a whole lot more spam is to reply to it. Spammers almost always put some kind of a link on their e-mail that says something about "Click here to unsubscribe." Very often, when you click there it will actually unsubscribe you... from that list. When you click on that unsubscribe, though, it tells the spammer that there actually is a human being on the other end of that e-mail address. Spammers are not always the most honest people in the world, and they often sell their address lists to each other. It is especially valuable to them to be able to sell a list of "known-good" addresses, because it allows other spammers to know that their marketing efforts are being seen by an actual human being, rather than just getting deleted by a server. So, do not reply to spam that you receive. It will not help you at all, and it will probably cause more problems for you in the long run.
In my next article, I will discuss some ways to alleviate your spam problems. Until then, keep your antivirus signatures up to date and don't open any e-mails from strangers.
Created on ... April 8, 2004
Last Updated March 2, 2006