Help stop the spread of SPAM
According to the Websense Threat Resource Center as of this morning, 84% of the email moving around the net is SPAM.
If you have excess time on your hands, or you really want a bigger penis, perhaps you don’t mind dealing with SPAM. Personally, I hate it. And I hate the fact that a lot of it is caused by well-intentioned but uninformed people. That’s what this post is all about. With a little tweak to the way you do things, you can make a difference.
SPAM is a big-money industry. If you send a million emails, some of them will generate the desired action – a sale, perhaps. Or the harvesting of credit card data. Or managing to infect your computer and turn it into a zombie that quietly sends out yet more of this rubbish and attacks other computers. But in order for it to work at all, it needs a list of email addresses. Where are these collected from? There are several sources, but any time an email address travels across the net, it’s at risk. The most common point of harvest is emails themselves, as they arrive on malware-infected computers. And this is where it gets nasty. As a tech-savvy user, YOU may well have protected YOUR computer from this sort of thing. And your old friend in Greenland has probably protected his. But what about everybody else he shared that joke with?
For example, John sends something funny, or cute, or profound, to his friends Jim, Jonas, Jane, Jeanette and Jerry. As it happens, Jerry was a little careless at some time in the past and his PC has been infected with address-harvesting malware. This malware has already sucked all the known contacts out of Jerry’s Outlook address book, and is now in a watch-and-learn mode. When John’s email arrives, the malware scans it and says “ah-ha! I’ve never seen Jonas or Jeanette before, so I’ll grab those addresses too.” – Jim, Jonas and Jame are already known to it. Once a day, the malware connects to a central server and dumps all new addresses. Now the SPAM senders have two new targets. They were harvested by malware on Jerry’s PC, all without the knowledge of the victims Jeanette and Jonas, who don’t even know Jerry.
So a big contributor is the careless user. You want to send something to ten people, but don’t want to send ten individual emails (what a pain), and should not list everybody in the TO or CC fields because as we’ve seen above, that’s almost a guarantee that all ten recipients will end up as SPAM targets. What can be done about this? Luckily there is a solution: undisclosed recipients. This lets you send that mail to all those people at once without letting them see each other’s email address. It’ll take you a few moments to set up, and a little discipline to remember to use it. But please do use it! If everybody did this, we would never have had a SPAM problem in the first place.
How you can help:
Add a Contact to your mail program, with the name of undisclosed recipients. Give it YOUR email address.
Now, when you send one of these emails, always send it TO undisclosed recipients. Ignore the CC destinations, and list the actual intended recipients as BCC destinations. BCC is “blind carbon copy”, and is a convention honoured by mailservers around the world, causing them to remove the recipient-list from the message before delivering it. If this had happened in our scenario above, Jerry’s malware would have been impotent – there would be no data for it to harvest. It’ll be very easy to see what the effect is, as you will also receive a copy of the email.
And finally:
PLEASE don’t forget to tidy up that email you’re forwarding. REMOVE all the other headers – the only people interested in seeing who it was last sent to (and who sent it to you) are spammers. It’s unnecesary, annoying and bandwidth-wasteful. Your message should be all about the content, anything else is just noise.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Leave a comment