Spam & Unsolicited Email
Spam (also known as Bulk Email) and U.C.E. (Unsolicited Commercial Email), are email that flood the Internet with many copies of the same message in an attempt to force it on those who would not otherwise choose to receive it. Most spam is unsolicited, commercial advertising. It is often disguised as get-rich-quick schemes, "revolutionary" products, or other scams to take your money. Spamming is also used to spread computer viruses, so one should be very careful when opening or replying to unfamiliar messages. It has become major problem worldwide, since it costs the sender very little to produce while most of the costs are paid for by the recipient or network carriers.
Spam email can take many forms. You may not realize that messages stating "I have extra football tickets!" or "Textbook for sale!" are spam. Typically, people who send these types of messages do not consider it to be spam until they are on the receiving end, when their mailbox is flooded with numerous messages. Note: When you receive this type of spam, if you reply, make sure that your response is to the sender only, not to the entire recipient list (i.e. do not Reply-to-all). This will help reduce the amount of traffic on the network, and irritation of the recipients.
Spam affects most users; virtually everyone with an email address receives spam. Whenever you shop online, apply for a credit card...whenever you give out your email address (or even if you do not!), you can be sure your address will be sought out, and given or sold to third parties. It is always a good idea to keep your address as private as possible. Do not put it up on public websites, or otherwise give it out freely to anyone who asks. If you are required to post your email address on the web, post it as a picture file (jpg, gif), or use HTML character entities (A through Z). These can fool web-crawlers.
In the end, until stricter laws are passed, combating Spam can be difficult. There are two schools of thought on the issue of spam:
- Spam is one of life's little annoyances, and is not very different than telemarketers calling your home or people sending piles of solicitations/coupons to your residential mailbox. The only real differences are that Spam costs nothing for the sender and can often contain lewd material. Spam, however, is easier to deal with and better for the environment.
- Spam email is theft of service. Users pay for their connections and the time it takes to read/delete messages. Spam not only consumes massive amounts of disk space, but it also bogs down servers and eats up a network's bandwidth, slowing down everyone's service.
How do I keep from getting spammed?
Spammers pull (or harvest) email addresses from newsgroup posts, web pages, IRC clients, web browsers and other Internet software. If your email address is posted anywhere on the web, you can be sure that spammers will find it. It is also possible your email address was obtained from a form you filled out on the Internet, or via postal mail. The best way to prevent getting spam or being added to commercial email lists is to keep your email address private, especially from those you do not know. Give your email address out only when absolutely necessary, as you would with any personal information. For example:
- Never respond to the spam's instructions to reply with the word remove or unsubscribe in the Subject: field in order to remove yourself from their list. This is a common method spammers use to validate an email address. If you reply, your address will likely be placed on more lists, and you may receive more spam.
- Never sign up with sites that promise to remove your name from spam lists. They are only trying to validate your email address. Even though they may appear to be valid and sincere, they are primarily spam address collectors. These sites are specifically run to collect and record email addresses. When you respond, a higher value is placed on your address because you have identified it as being an address that is actually read by a person.
- Never "mail-bomb" spam sites or engage in hacking to stop spammers. This only increases the amount of wasted Internet traffic.
A common tactic to reduce the amount of spam one gets in their primary email account is to create a secondary "junk" email account which is used as a public address. This is the address that you would give out freely when it is required (i.e. when shopping online). There are plenty of free email services on the Internet.
Phishing & Identity Theft
Another form of Spam, known as Phishing or Spoofing, asks recipients to visit a web page and/or provide personal, financial information over the Internet. These types of email messages often appear to be genuine; using text and images from legitimate web sites (e.g. banks, charities, credit cards, etc.). But they are more likely an attempt to gain your personal information; anything from your Social Security Number, to your mother's maiden name. These messages are not from the institutions they claim to be from; most reputable financial institutions explicitly state that they do not send out email notifications regarding personal information.
These messages are most likely sent by someone trying to obtain your personal information for illegal use. If you are uncertain about such a request, check with the institution by calling their customer service phone number or visiting their offices directly, but never blindly respond to any solicitation for personal information over the Internet. Never reply to these email messages, never click on web links in the messages, and never open attachments in any Spam message.
Why do I keep getting these Returned Mail messages when I never sent the message?
In general, your account probably was not "hacked." This is more likely the result of a common spamming practice to forge the From: field, or header, of a message to make it look like it comes from someone else. This can be a real or fake email address, and it could be yours. If your email address was used, it (along with thousands of others) was probably chosen at random by a spammer's web-crawler. It could also be used by a virus on someone's computer, and your address was in their address book. Senders forge these email headers in an attempt to fool spam filters and/or obscure their identity.
This is why you cannot always trust email on the basis of who it appears to be from. There is an audit trail available that shows which machine relayed this message. This information is contained in the mail headers. Spammers like to forge the IP addresses of the relaying email servers, as well as email addresses, so this information cannot always be trusted.
In interpreting the random Returned Mail messages you may receive, it is usually the case that the message was not actually sent from your account; instead the From: header was simply forged as described above. You received the bounced message because if the email server cannot deliver the message (user does not exist, user over quota, etc.), it is sent back to the sender which has fraudulently been set to be you. Every day, users all over the world receive bounced messages like these. You are best served by simply hitting the Delete button.
Major Points to Consider
- Do NOT reply to the sender. This will merely return your email back to your inbox as Address unknown, or this will tell the spammer that your email address is real.
- Do NOT be fooled into replying by the text within the spam that suggests that you can get your name removed from the list when putting unsubscribe as the subject.
- Do NOT be fooled by a claim that the email is not spam. If you don't want it, and didn't explicitly ask to receive email from the sender, then it is spam. Except if you've ever done business with the sender. In that case, they may have your email address because of that relationship, and a polite request to be removed from their list will usually be successful.
- Do NOT be fooled by an official-sounding message stating that the spam is in compliance with some legislation. This is a ploy to try to convince you not to complain. Remember, the longer the spammer can keep using a particular ISP, the easier it is for the spammer to send.
Other Links
