Download ppt - Gold Country Computer Learning Center March 2007 Spam Email Roger Thornburn

Gold Country Computer Learning CenterMarch 2007

Spam EmailSpam Email

Roger Thornburn

March 2007 Gold Country Computer Learning Center

Email spam

Roger Thornburn

2

What is SpamWhat is SpamNeeds to meet 2 requirements

Unsolicited Bulk

Name comes from a Monty Python skit Monty Python's spam video

Mostly commercial25% - Products 20% - Financial

19% - Adult 9% - Scams

7% - Health 7% - Internet

Not Spam: Jokes from friends Newsletters you signed up for


Email spam

Roger Thornburn

3

A Few StatisticsA Few Statistics

Amount of Spam 90 Billion spam emails a DAY (Feb 2007) Average of 50 spam emails a day – per email address 94% of all email is spam

Sources of Spam US – 23% China – 20% Russia -10% South Korea – 6%

Surprise! 28% reply to spam email 8% purchase from spam email


Email spam

Roger Thornburn

4

Current SituationCurrent Situation

IP addresses last 4 hours June 2006 – 35M new domains, 32M not paid Hi jacked mail servers – listed as spammers

Creates problem for legitimate users

Use of “Zombie” PC’s and the BotnetMaybe 1 in 4 PC’s infected.

Image spam Hard for a computer to read Hi growth from 0 to 25% of spam

Getting your email addressDictionary attack Spam bots (websites)

Infected computers Vendors/subscriptions


Email spam

Roger Thornburn

5

Spam Safety tipsSpam Safety tips

Encrypt your email address (not in a dictionary) Use a fake email address where possible Use bcc to send an email to many people Don’t open spam and set Outlook Express to “Block

images…..” Avoids confirming your email Don’t reply to spam – again it confirms you’re real! Don’t post your email address on a website. Uncheck all those “subscribe” boxes Unsubscribe from reputable companies only Use a spam filter


Email spam

Roger Thornburn

6

Spam Filtering TechniquesSpam Filtering Techniques

Rules based Matches specific words in the To, From, Subject or

Body of the email Very specific – can only make an exact match

Bayes filter/Fuzzy logic Uses a mathematical set of probabilities, gathered

from being told what’s “spam” and what’s “ham” Needs to “learn” and kept up to date

Black list Blocks specific “From” addresses.

Not very effective today – new domain every 4 hours!

Good for blocking family/friends or newsletters


Email spam

Roger Thornburn

7

Spam Filtering Techniques (cont.)Spam Filtering Techniques (cont.)

On-line Database (DNSBL) Can work well - if accurate. Can easily stop

legitimate emails as well. Signature analysis for specific emails

White list List of email addresses you will accept email from Challenge/response systems Needs to be kept up-to-date Most effective method

Important!:

No spam filter is perfect. The worst thing is putting legitimate emails in your Spam/Junk/Bulk mail folder. It’s essential to check this folder so you can receive your good email, as well as train the filter.


Email spam

Roger Thornburn

8

Reducing Spam in Real Life!Reducing Spam in Real Life!

Different if using Web mail or POP mail Web mail is when you use your internet browser

(Internet Explorer or Firefox, etc) to read and send your email.

POP mail is when you use an email client (a program such as Outlook/Express, Thunderbird, Endura, etc.) to read and send your email.

With POP mail, the email messages are downloaded to your computer – can be read and new ones composed, without beeing connected to the internet. To read or compose messages in Web mail, you must be connected to the internet

Many email accounts can be accessed by either/both


Email spam

Roger Thornburn

9

Web MailWeb Mail

All your email stays on the Web mail server You have little control Large providers such as Yahoo, Google, Hotmail,

etc. provide excellent spam filtering – using a combination of all the above techniques

Any legitimate emails in the spam/junk box, must be identified – now added to your white list

Yahoo has AddressGuardCreate a separate email address for each person or

class of persons

Many of the smaller ISP’s/email providers, aren’t as sophisticated.


Email spam

Roger Thornburn

10

POP 3POP 3

Spam filter sits between the mail server and your email client Many ISP’s or email servers have own spam filter

Yahoo (SBC, AT&T, Pacbell, etc.) use same as Web mailCan be harder to check spam folder – may need to

configure Huge selection of programs – freeware to $$’s

http://spamlinks.net/filter-client-win.htm

Use different techniques – either singly or in combination.

Some are tightly integrated to the email client


Email spam

Roger Thornburn

11

POP3/Outlook Express ExamplesPOP3/Outlook Express Examples

Outlook Express –Rules Text matching – limited Good for White list – can import address book

K-9 Freeware Uses Bayesian technology – so must train Plus has White list and Black list Regex filters for advanced users Easy interface – but not elegant

Computer Associates ($30) White list Integrated to Outlook/Express – easy to use


Email spam

Roger Thornburn

12

More ExamplesMore Examples

MailWasherPro ($30) Freeware version available Combination of Bayes, White list, Black list,

DNSBL, User filters and Signature Reviews email on the server

Spam is removed before downloadSave time with dial up

Easy to use


Email spam

Roger Thornburn

13

PhishingPhishing

Scams to trick users to reveal personal information Normally an official looking email Directed to a fraudulent website 2004 2006

Losses from phishing attacks: $137 million $2.8 billion

# US adults who received at least one phishing e-mail: 57 million 109 million

Number of victims: 53 thousand 2.25 million

Per-victim loss: $257 $1,244

Money recovered by consumers: 80% 54% Don’t click a link in an email Call your bank or credit card company if suspicious Check the website is secure (https://xxxxx)


Email spam

Roger Thornburn

14

Useful LinksUseful Links

http://en.wikipedia.org/wiki/Spam_e-mail Wikipedia Reference

http://spam.abuse.net/userhelp/ Links to resources and anti-spam filters

http://spamlinks.net/ More links to many anti spam resources

http://spamlinks.net/filter-client-win.htm (More spam filters)

http://spam-filter-review.toptenreviews.com/ Review of some spam filters

http://keir.net/k9.html Freeware Bayes filter (plus White and Black list)

http://shop.ca.com/STContent/landingpages/Antispam/ASPM001/index.aspx?sc_lang=en-US Computer Associates anti spam program (Or Google ca spam). Paid, easy to use White list – integrates to Outlook Express.

http://www.mailwasher.net/ Mail Washer free and paid anti-spam versions. Uses multiple methods for detection

http://www.spambutcher.com/ Spam Butcher – fuzzy logic anti-spam


Email spam

Roger Thornburn

15

SummarySummary

Web mail Dependant on the ISP/Web mail provider Larger providers often provide configurable options Yahoo AddressGuard is a good solution MUST go into JUNK/BULK/SPAM folder to mark good

emails – regularly

POP3 mail Most effective method is White list (or safe senders

list) – but needed to be kept up-to-date. Using built in Rules of Outlook Express works fine Purchased product – often more convenient.

Above all – Protect Your Email Address!!