E-mail spam is by far the most common form of spamming on the internet. It involves sending identical or nearly identical unsolicited messages to a large number of recipients. Unlike legitimate commercial e-mail, spam is generally sent without the explicit permission of the recipients, and frequently contains various tricks to bypass e-mail filters. Modern computers generally come with some ability to send spam. The only necessary added ingredient is the list of addresses to target.
Spammers obtain e-mail addresses by a number of means: harvesting addresses from Usenet postings, DNS listings, or Web pages; guessing common names at known domains (known as a dictionary attack); and “e-pending” or searching for e-mail addresses corresponding to specific persons, such as residents in an area. Many spammers utilize programs called web spiders to find e-mail addresses on web pages, although it is possible to fool the web spider by substituting the “@” symbol with another symbol, for example “#”, while posting an e-mail address.
Many e-mail spammers go to great lengths to conceal the origin of their messages. They might do this by spoofing e-mail addresses (similar to Internet protocol spoofing). In this technique, the spammer modifies the e-mail message so it looks like it is coming from another e-mail address. However, many spammers also make it easy for recipients to identify their messages as spam by placing an ad phrase in the From field—very few people have names like “GetMyCigs” or “Giving away playstation3s”!
Among the tricks used by spammers to try to circumvent the filters is to intentionally misspell common spam filter trigger words. For example, “viagra” might become “vaigra”, or other symbols may be inserted into the word as in “v/i/a/g./r/a”. The human mind can handle a surprising degree of corruption, but sometimes this tactic can backfire, rendering a message illegible. ISPs have begun to use the misspellings themselves as a filtering test.
The most dedicated spammers—often those making a great deal of money or engaged in illegal activities, such as the pornography, casinos and Nigerian scammers—are often one step ahead of the ISPs. Reporting them to your ISP may help block less sophisticated spammers in the future.
So-called “spambots” are a major producer of e-mail spam. The worst spammers create e-mail viruses that will render an unprotected PC a “zombie computer”; the zombie will inform a central unit of its existence, and the central unit will command the “zombie” to send a low volume of spam. This allows spammers to send high volumes of e-mail without being caught by their ISPs or being tracked down by antispammers; a low volume of spam is instead sent from many locations simultaneously. Many consumer-level ISPs (Earthlink, for example) stop spambots by blocking the SMTP port (port 25), although there are some users who make legitimate use of it.
Video: The Nigerian Email Spam Scam