Junk mail overload

In a perverse analogy to Moore's Law, the number of spam messages is doubling roughly every 18 months. It has risen from 8% of all e-mail in 2000 to more than 40% by the end of 2002, and about 60-75%% in 2004. Conceivably, spam could soon represent 90% of all e-mail.

Common techniques used by spammers include forged sender names, false subject lines, fake server names, inaccurate and misrepresented sender addresses, or obscured transmission paths.

And there are scam-spams, like the by-now well-known Nigerian scam that has spread to all parts of the world. A senior Nigerian "official" asks your help to transfer millions of dollars. Nigerian scam operations employ thousands of people, and will gross over $2b in 2003.

Filters (in Outlook and other client email programs) are used to sift real mail from spam. But this is not a magic solution, as spammers use random words in subject headers and replaced text with pictures to go undetected.

Virus attacks

While MyDoom itself is still the current number-one on the virus infection charts, antivirus firms are warning that its second descendent, a new worm dubbed DoomJuice, has started making the rounds. The worm does not spread by e-mail, but rather seeks out machines that have been compromised by Mydoom, and infects them by itself, without any action required by the user.

Malicious code attacks are continuing to run rampant, with the problem getting ever worse. New virus versions are still emerging, trying to outsmart all the latest antivirus software.

Spam threats and network viruses will likely become more prevalent in 2004. The spam threat is increasing exponentially, becoming the basis for viruses and hacking programs trying to gain an entry into networks. Blended threats are the standard way to attack networks, where one virus file will create four to five different activities within the system.

The most worrying trend is spam e-mails combined with viruses, making spam more difficult to detect and more dangerous. Also, the virus-to-e-mail ratio is growing worse, mainly because many users and resource managers don't keep their security up to date.

Countermeasures

Until recently, there didn't seem to be a foolproof way to eliminate spam. As quickly as systems managers added filters (catching specific words), spammers come up with new ways to bypass those filters. But smarter filtering techniques are yielding good results.

Here's a summary:

• Blacklist: Identify the IP address of the spam sender's computer, then advise the service provider to block mail from that address. This method is effective, but it inevitably leads to a cat-and-mouse game between spammers and blockers.
• Distributed identification: A community of users flag spam for one another. When enough recipients object to a particular message, it's automatically transferred to everyone else's spam folders.
• Profiles: Heuristic analysis software looks for invalid message traits – as defined by an evolving set of rules – and develops a numerical score for each incoming email. If the score hits a designated limit, the email is blocked. Of course, some good messages get flagged too.
• Filtering: Bayesian filtering doesn't adhere to any particular set of rules – it learns and re-learns how to spot spam by scanning the mail that’s accepted and rejected. The filter calculates probabilities based on the most unusual characteristics of each message. With time, it “knows” what kind of email to deliver, and what to delete. This “artificial intelligence” filtering eliminates more than 99 percent of unwanted messages. This is already popular in the open source community and may soon be adopted commercially.

• Labels: More than 25 states already require senders to label spam as spam, and legislation is being proposed to fine spammers. This is similar to proposed stiff penalties for telemarketing calls to numbers on a prohibited list.
• Email fees: Because email is essentially free, spammers can literally send millions of messages at minimal cost. Levying a charge (however small) on legitimate email distribution will limit mass mailings, though it won’t stop it. Another fee-based solution would be to make senders of email pay a fee if their mail is rejected as spam.

On a personal level, my suggestion is to stick with the major anti-virus software standards: Norton or MacAfee. Get regular upgrades and automatic daily updates – including free operating-system upgrades from Microsoft – to assure that you are as well protected as possible.

And hey! Don't mess with mega-money transfers from Nigeria....

Related links:

Virus damage estimated at $55 billion in 2003

We'll End Spam in Three Years, Vows Microsoft

Business Week - Unholy Matrimony: Spam and Virus

Setting up server tools for spam- and virus-free mail