The most common type of spam is unsolicited commercial email. We've all seen those advertisements touting cheap online pharmacies, the latest hot stock picks, and diplomas from "prestigious unaccredited universities". Not to mention the pornography and the ads for enlarging various portions of our anatomy. Other types of spam include chain letters, frauds, and hoaxes.
There once was a Monty Python skit in which started out with a normal conversation in a restaurant, but was slowly drowned out by a chorus of people singing "Spam, spam, spam spam spam!" over and over again, louder and louder until nothing else could be heard. To many people who were online when junk mail started becoming widespread, this seemed an apt comparison, and the name stuck.
Compared to actual paper mail, email is very cheap. And unlike paper mail where the sender pays for postage, with email the cost is borne by those who have to maintain the servers that email passes through; in other words, mostly by the recipients and the people in the middle. The sender only has to buy the email list and, if they don't want to get caught, buy an account on a "bulk-friendly" ISP. With the vast number of emails sent out, only a very low percentage of people have to respond in order for the spammer to make money. In short, people send spam because it works, and they don't care about the problems they are causing.
The majority of spam is sent by a few companies, but there are many smaller operations who contribute to the spam volume, as well as some individuals. Some of the latter have simply been fooled by promises (which, ironically, often arrive in spam emails) that bulk emailing is a good way to market a business on the Internet. They buy a mailing list and some specialized software and begin sending out spam, often in ignorance of the harm they are causing.
Aside from the annoyance to email recipients, spam also causes problems for the servers it passes through, and the sysadmins who have to maintain them. We have to make sure our servers are powerful enough to handle the increased message traffic without dropping any legitimate email, and we have to spend time answering user questions and fielding complaints. (Not that I mind hearing from you; it's part of my job. :-} )
The email capabilities of the Internet were designed in a much more trusting age, and it is easy for people to fool them. Spammers almost always forge the "From:" and "Reply-to:" addresses on the emails they send out, and also hijack poorly secured email servers and relay massive amounts of mail through them to hide its true source. Some recent viruses may have been started by spammers, because they leave infected computers open to remote control from outside; thus a completely innocent person may have a barrage of spam sent from their computer without knowing it. All these tactics disguise the origin of spam messages so they are, in most cases, untraceable.
There are several possible reasons for getting high volumes of spam. Perhaps you clicked on a banner ad in a web page and entered your email address when asked to. Maybe you included your email address in a message on a public newsgroup, email list, or web page. Maybe your address got used as a From address by an email-spoofing virus, and one of the messages ended up on a spammer's computer. Even if you haven't done any of these things, some spammers generate email lists by simply guessing common name combinations like "jsmith" or "sjones", and sending out email to them under the assumption that at least some of them will be valid addresses. There are all sorts of ways to wind up on one of these mailing lists, and once your address is on one, it is almost impossible to get it off. Even worse, spammers sell mailing lists to each other, so once it starts, it is usually only a matter of time before more and more spam begins to arrive at your address.
Many spammers use programs called "spiders" or "harvesters" to automatically scan web pages and save anything that looks like an email address into a list. Mostly these are used on high-traffic areas of the Web, so a personal website (or even the WOU website) is relatively safe; however, there are no guarantees. Many spiders are programed to follow links wherever they lead, so it is quite possible for even an obscure website to get "crawled" or "harvested" occasionally.
Since it only costs a few more cents to send to their whole list, most spammers presumably don't bother to take the time and effort to determine which addresses in their lists belong to men and which belong to women. Likewise, pornographic spammers don't seem to care whether any addresses on their lists belong to children. In any case, since a list might have been bought, sold, and copied many times, there's often no way for anyone to know where an address originally came from or what the owner is like.
If you are already getting spam at an email address, the best thing to do is to get a spam filter. The problem with spam filters is that they sometimes mark legitimate email as spam, though they are getting better as time goes by and more companies see a market for quality anti-spam products. If you aren't getting much spam at your email address, protect that address! It is a good idea to get a second address at one of the free email companies like yahoo or hotmail, and use it whenever you have to give out an email address to someone you don't know and trust. Use your main address only for personal communications. Unfortunately, it is not always possible to protect an address; faculty and staff often need to post contact addresses on the web, for instance. You should consider maintaining a separate address for personal use, and guarding it more carefully than your WOU address.
Don't post your personal email address in any public place. Never reply to spam messages or click on links in them, not even if they promise to remove you from their mailing list. In fact, don't click on a link in any email message unless you are absolutely sure it came from someone you trust. Remember that email addresses can be faked, so don't trust a message just based on the "From:" address.
Stay tuned for part 2, where we'll talk about spammer tactics, where to complain about spam, common types of email fraud and hoaxes, and the new federal anti-spam law.
University Computing Services 503-838-8154 | or e-mail: firstname.lastname@example.org
Open the original version of this page.