The first step to defeating your enemy is to know them. Read more about what spam is, how it works, and how it’s done.
How Spam Works
Your email address is worth 1 cent. If it’s known that a living being is behind the address, it’s worth more. And if it’s advertising likes and dislikes are known, it’s worth around 20 cents. Of course, one email address is not going to do a spammer much good. Instead, they buy, sell, and harvest millions of email addresses at a time.
Unsubscribing to a legitimate email should be just that, but unsubscribing from a spam mail only means that there is a human who reads spam at that address. Men are 50% more likely to buy things from spam than women, which explains why so much of it are products for males. It’s also worth noting that it’s easier for a spammer to continue sending emails to non-existant, dead, or blocking addresses rather than to detect this and cease sending them.
Phising Spam Sample
With modern day aggressive spam detection that can automatically direct spam into the trashcan without the user ever seeing it or even prevent it from reaching an email address at all, spammers have also stepped up their game. They no longer use words easily detectible by bayesian (self-learning) spam filters such as male and female anatomical parts, and instead use ones that convey the same idea – ‘member’, for example. Other techniques involve using pictures, not including hyperlinks, adding books or quote text, or even including random garbage in the email to all try to avoid the recipient’s spambin. It doesn’t matter if the resulting email has misspellings, grammar errors, or makes no sense, because users are likely to read curious looking emails. What makes spam so easy is that it can all be done from a program that automates sending different email messages from a template to a plethora of unfortunate email addresses with a single click of a button.
Phising is also a common technique. It’s all too easy to fake sender email addresses, url links, and content, especially since so few people know to examine email headers for validity.
A botnet is a group of large compromised computers (usually in the thousands) used for spam mail sending and other malicious purposes. Botnets are either rented from other hackers or simply stollen. Botnets have made past headlines for sending massive amounts of spam ( Rustock Botnet Responsible for 39% of All Spam)
From The Spammer’s Perspective
It’s all too easy (watch a video of xrumer in action) to get started into the spam business, which is centered around our modern culture of instant gratification. $1,000 will buy 1 million email addresses, and referral sites will usually offer a portion of the sales (25%-50%). From there, a mass-mailer can be aquired for little cost, and mass-mailed in a matter of minutes. Of course, if the employment source decides not to pay up, there’s little a spammer can do. To avoid authorities and taxes, spammers employ money laundering techniques.
||Profit for 0.0001% of Sales to 1 Million Email Addresses
|Male Parts Enhancer
Forum and Blog Spam
Forum and blog spam works much the same way that email spam does, only with different guardians: spam blockers like Askimet and services like Captcha. Spammers obtain lists of sites by buying them, crawling for popular software, or simply by human inclusion. Forums simply employ captchas and other human validation techniques like logic puzzles, pictures, honey pots, and timing the form submission time to prevent spambot signups and posting. Since most forums and blogs use the same names for fields, automatic form fillers can easily generate random names and emails, and even register and validate spam email accounts.
Captchas and Other Validation
Some spambots can solve logic puzzles while most others have employed optical recognition (OCR) to crack traditional captchas and picture-puzzles. But that’s not all – spammers also have a black market for outsourcing to better captcha breaking services, or even to human solvers for as low as $1 per thousand captchas. With human crackers, a screenscraper is employed to send a copy of the image to the cracker’s screen who then types in the answer and sends it back.
Stack Overflow's Re-Captcha