Internet Defense Technologies

I have done this myself and sometimes feel like I am spamming my friends.  It isn’t that many names, but it still feels generic enough that i wonder.

The definition of spam per the Encarta dictionary is “an unsolicited, often commercial, message transmitted through the Internet as a mass mailing to a large number of recipients”.  So did all your friends opt-in to your mailings and want it?

Usually your friends have not, and some of them don’t want your bulk email, I am sure they even joke that you are spamming them.

So, what should you do?

Don’t spam them.

If you have something you want to tell your friends, send them an email, each one, one at a time.  If it is important enough for you to send them an individual email you will and they will appreciate it.

If it is too much work and not worth it to send them each an individual email, it was probably friend spam.

I used to start my days going through all my spam in the morning. It is amazing how much spam is sent over night so as to be right there waiting for you in the morning.

It sort of makes sense that they would do the mass mailings overnight as this is when most computers are taking a break from all that daytime surfing. Then they don’t overload email servers as much.

So, just in case you were wondering why you were getting so much in the morning, that would be my guess (I would love to interview a spammer and find out why they actually do things).

I have seen the question bounce around asking why a spammer would bother to send an email to someone that appears to have only one line of text. Sometimes even just one line of gibberish text.

There are two main reasons that I can think of (of course, since I am not a spammer I don’t really know):

1) They are actually also sending some sort of hidden attachment. Anything malicious has to be actually opened and run by you, clicked on or double clicked. So for the most part you aren’t in any sort of danger.

2) They are just trying to get some legitimate addresses. They are going to just take off the list anything that bounces and assume all the others made it to a legitimate address.

Now there are some email spam filtering systems that will bounce back obvious spam right away so that they think it is just bounces. This may help to keep you off these lists as well as make it so it never arrives in your email box in the first place.

Since this is my blog, I get to know offer our 30 day free trial of our spam solution as we do this.

If you get an email claiming to be a major professional of some kind (like a lawyer, doctor, judge or something) take a look at the email address.

Any lawyer, doctor, etc. worth their weight in salt does not use hotmail as their email provider.

It is pretty safe to assume that if you got an email from someone claiming to be such a type of professional and the email address is a hotmail address, it is spam or a phishing attempt and you should just delete it.

As a note for any lawyers, doctors, etc. reading this, if you are, you really need to get an email address with your own company’s domain in it.

This is most likely a spammer who has randomly selected your email address as the return path and/or from for outbound spam.

In this case you will likely be receiving non delivery reports (NDRs) generated by the outbound spam traffic.

Unfortunately since the spammer is almost certainly using network resources not under your email provider’s control (like Yahoo, Gmail, AOL, etc.), short of analyzing traffic and attempting to track it down to the source networks which will most likely lead back to a group of diverse, compromised computers, (not a recommended good use of your time), the best option is probably to define a message rule. Locate something common but unique about the NDRs so that they are automatically moved into a separate folder or simply deleted.

These NDRs are not themselves spam and thus they are unlikely to get blocked by existing spam blocking measures.

Eventually the spammer will select some other address to use.

Note: you would have more options to block this sort of thing if you had domain based email, particularly your own domain under your control, then you could contact your hosting company for assistance blocking the traffic, or use any number of domain-based antispam services such as Total Mail Defense.

Additionally, domain based email accounts are generally less likely to be subject to this sort of abuse, although it can happen to any email address.

Answer written by Founder, Chairman and CTO, Ron Edison

So with the holiday season quickly approaching many retailers and fighting for those few dollars you have to spend.

There will be a lot of email being sent, some of it from companies you trust, some from those you have never heard of before. Some of these companies know and understand the spam rules, some do not know or choose to ignore them.

Some of these companies may actually be sending you coupons and other incentives to buy through them (and some of these you may actually want).

Additionally, the spammers for all those lovely drugs and pictures and such will be using the holidays in their subject lines and other ways trying to get you to open the email.

What to do in this storm?

First, tell your email program not to view images automatically. This way you won’t accidentally download something while opening images.

Read the sender’s email address and make sure it looks for real. The email address should end in the name of the companies website.com (like sears.com, costco.com and such).

Unfortunately this isn’t always the case and some legitimate email comes from other addresses. So, if you look at the sender’s email address and it looks funny, but you ARE expecting the email from that company (you signed up for them), go ahead and look at the email (with the images off).

If you aren’t expecting the email and the address looks funny, delete it.

If you have gotten far enough along to open the email now read through it and see where it links out. Before clicking the link put the mouse cursor over it and then look at the bottom of your email program where an address should be written out.

Only click on the link it is going to the actual website. DO NOT click on it if it goes via another website or look similar but is in fact a trick (like sears.cr.com or something). If the address looks funny, go straight to the website yourself without clicking on the link.

With many people’s pocket books getting thinner this year we need to be careful with where we buy stuff from and make sure we don’t get caught by spammers.

Most people who send emails don’t really understand all the pieces and ways you can send an email.

You can send an email “To:” someone or “CC:” someone or even “BCC:” them.

CC is a hold over of terminology from the good old days when you had to use a piece of carbon copy to make a duplicate of something (before copiers were widespread).

So when you CC someone you are making a copy for them to read.

BCC means a blind carbon copy, you know when you gave some data to a co-worker but sent a copy of the communication to your boss so he would know where that person got it from.

When sending an email you should utilize all of these different fields.

The biggest mistake I have seen done on this is when someone tries to forward an email to a large number of their address book and they put everyone in the “To:” or “CC:” fields.

I have spoken of this before most recently in my post Forwarding Warning or Alarming Emails, but the fact holds true even when sending one of those cute emails to your friends to make them laugh.

When you put everyone in the “To:” or the “CC:” then everyone gets to see everyone’s email address. Now maybe you feel your friends wouldn’t abuse the messages, but if they ever get hacked and someone else looks for all the addresses they know, you have just exposed all your friends.

So be sure to use your email fields correctly, to protect your friends.

Over the weekend I got forwarded an email from a friend about a “BIG VIRUS COMING” and tried to use another website to prove that the virus was real (http://www.snopes.com/ which is a Urban Legends Reference Site to validate things or not).

My friend did two things wrong when forwarding this email.

1) She forwarded it to almost her entire address book, and put all these email address in the “To” line. Which means I can see all of these people and their email address and these other people see it to. Anyone can now email all these people.

I don’t know who these people are and don’t know that I want all of them to have my email address, but the choice has been taken away from me (if just one of these people is a spammer, I have just been signed up for another piece).

If you are going to forward an email to your address book, put all the names in the “BCC” field. BCC stands for Blind Cabon Copy, which means everyone is blind to the address it is sent to. People will still get the email, but they won’t be able to see any of the email addresses.

2) My friend claims she read the Snopes page to verify this, but she obviously only scanned it, because she missed at the bottom where it says:

“Readers should take particular care not to confuse the real postcard/greeting card virus with a number of virus-related hoaxes that have been circulating for several years. A variety of messages forwarded by well-intended people to warn others about the Postcard virus contribute to this confusion by including within them links to our article about the “Virtual Card for You” hoax”.

If you are going to forward an alarming email (or any news for the matter) make sure you have 100% verified it is real, don’t scan and do half a job on this. Some people don’t take alarming news well and they get upset, especially if they don’t know what to do about it.

It seems that whenever you buy something on the Internet this leads to more email spam in your mailbox.

However, a lot of legitimate companies are starting to recognize that selling your email address to someone or even spamming them themselves without your consent gets them in trouble.

However instead of being very overt and forthcoming about getting your consent they are being subtle and many people miss the opportunity to say no because it is so hidden.

Whenever you buy something on-line read the entirety of all the pages of the checkout process. Especially look for a little title checkbox that is you either have to check to not be on their mailing list or uncheck. Sometimes there is more than one:

I get asked this a lot too and did a an early post called How Many People Actually Buy Something from Spam? which covers this subject.

Basically this is a conversion problem.

Say the spammers send out ten thousands (not uncommon number, sometimes more) spam messages and out of that say two people click through and they make money off of them. That is 0.0002% and they made money off of it.

Simple math and a little scary that it doesn’t take that much unfortunately.

That is why we at IDT feel it is so important to push education out. That way the spammers stop making money and stop spamming (hopefully).