Archive

Archive for the ‘Email’ Category

Evict the Spammers from Your Inbox

January 5, 2011 Leave a comment

Spam, commonly defined as unsolicited commercial email, is a powerful advertising channel for many products and services. As a result, spamming has become a profitable business, driven by the low cost of sending email compared to other direct marketing techniques. The high return on investment for spammers has resulted in an overwhelming volume of unwanted messages in personal and business email boxes. Consider this: Conducting a direct mail campaign costs an average of $1.39 per person, meaning that a response rate of 1 in 14 is necessary just to break even on a product with a $20 gross profit. Selling the same item via unsolicited spam email costs only $0.0004 per person, meaning that a response rate of 1 in 50,000 gets the seller back to break-even; anything above that is gravy. With profit margins like these, it’s easy to see why spammers will try anything to get past anti spam technology to deliver their messages to your inbox.

Types of Spam Threats

The recent onset of fraudulent spam variants such as phishing and spoofing pose an even greater risk than the spam volume clogging email servers. Spammers use techniques such as phishing and spoofing to fool users into divulging sensitive information to sites that, at first glance, appear innocuous.

Phishing
Phishing is a specific type of spam message that solicits personal information from the recipient. Phishers use social engineering techniques to fool end users into believing that the message originated from a trusted sender, making these attacks especially dangerous because they often con victims into divulging social security numbers, bank account information or credit card numbers. In one six-month period, phishing attacks increased in frequency by 4000%, and the trend continues upward.

An example of phishing is an email that appears to come from a bank requesting that users log into their account to update or correct personal information. When the users follow a link embedded in the email, they are redirected to a site that looks and behaves like the expected bank website. However, unbeknownst to the soon-to-be identity theft victims, the site is actually controlled by the scam artists who sent the email, and all information entered by the victim can now be used in a variety of ways, none of which are good.

Spoofing
Spoofing is a deceptive form of spam that hides the domain of the spammer or the spam’s origination point. Spammers often hijack the domains of well-known businesses or government entities to make spam filters think the communication is coming from a legitimate source.

Today’s spammers are more crafty than ever before and have begun blending elements of both phishing and spoofing into their messages, further spinning their web of deception. The toxic combination of spoofing and phishing presents a major threat that can trick most anyone into providing personal information to a stranger.

Toothless Legislation

On January 1, 2004, President Bush signed into law the “Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003,” or “CAN-SPAM” Act. While well intentioned, CAN-SPAM has done little or nothing to curb the flow of unwanted email. While CAN-SPAM was designed to decrease the overall volume of spam, the exact opposite has happened: spam accounts for more than 75% of all email traffic, and phishing attacks continue to increase exponentially.

Anti Spam Software for the Desktop

The dramatic increase in spam volume has prompted a corresponding surge in stand-alone anti spam software solutions for the desktop, all with varying levels of effectiveness. Some anti spam software uses text filtering to screen incoming messages for known characteristics of spam, while other solutions rely solely on reputation systems that monitor and categorize email senders by IP address according to their sending behavior. Still other anti spam software uses “challenge/response filters” to block unapproved mail until the sender responds (manually) to a challenge email sent to their email account to verify his or her identity.

With so many different methods of filtering spam, no single software-based desktop anti spam solution is capable of effectively stopping spam before it reaches the inbox. The only way to successfully fight spam is to create an anti spam “cocktail” including reputation services, text filters, constant updates and a host of other best-of-breed spam blocking methods. Just as importantly, an effective anti spam solution should reside at the email gateway, not at the desktop.

Take a Consolidated Approach to Anti Spam

Although it takes a person only a moment to process a message and identify it as spam, it is difficult to automate that human process because no single message characteristic consistently identifies spam. In fact, there are hundreds of different message characteristics that may indicate an email is spam, and an effective anti spam solution must be capable of employing multiple spam detection techniques.

In addition to effectively identifying spam, businesses must be assured that legitimate mail is not blocked in error. Even one false positive, or incorrectly blocked email, can have a significant impact on businesses today. Accurate spam blocking requires a combination of tools to examine various message criteria combined with real-time research and intelligence data.

By aggregating multiple spam detection technologies like text filtering, reputation services, traffic analysis and other best-of-breed techniques, and placing the solution at the email gateway in a hardened appliance, enterprises can retake control of the inbox.

SkilTech’s new email platform employs many of these techniques, resulting in a nearly spam-free inbox.  If you’re interested in upgrading to this new email technology, call (410-996-0040) or email us (info@skiltech.com) for more information.

Advertisements
Categories: Email, Spam