SAN FRANCISCO (12/15/2003) - Tip of the week
Blocking porn. If laws can't do it and your spam filter won't, you can use Outlook Express to keep your in-box smut free. Here's how: Reconfigure your Outlook Express in-box to display all messages as plain text by going to Tools, Options, selecting the Read Tab, and checking the box labeled "Read all messages in plain text." By selecting this option you'll block offensive images, and as a bonus you'll also block Web beacons and hostile scripts from being activated. (Thanks to Cliff H. for this tip -- and keep them coming.)
Send gripes, questions, and tips for the spam wars to firstname.lastname@example.org. Return to the SpamWatch page for more articles.
Seven billion commercial e-mail messages crossed the Internet daily in 2003, easily breaking all previous spam records. And despite new laws, and ISP suits against spammers, the amount of junk e-mail transmitted daily is forecast to hit 9 billion in 2004, according to antispam software maker Brightmail. Today about half of all e-mail is spam, the firm reports.
For those of you keeping score in the spam wars, let's take a look back at the spam-busting year of 2003 and hand out a few Spam Slayer awards.
The Sobig e-mail worm that clogged in-boxes in August was the most prolific virus of 2003, according to a top ten list of viruses published by antivirus software vendor Sophos PLC. The U.K.-based firm says the Sobig worm accounted for almost 20 percent of the virus reports it got this year. Coming in second was the Blaster worm, with 15 percent.
Sobig was not only the most prolific, but spam-busting firm Postini says it was also the most nimble worm of 2003. On one dark day, Postini tracked the Sobig worm as infecting 4.5 percent of all e-mail that the service had filtered. That was a 2000 percent up-tick from Postini's routine e-mail infection rate of 0.3 percent.
Most common pitches
The junk e-mail equivalent to death and taxes are pitches for pharmaceutical supplements, male body part enlargement, Viagra, sexually explicit porn, scams, and mortgages. According to Postini Inc. these categories are the most common spam subjects.
Most annoying spam
Perhaps it's a no-brainer, but for posterity, the winners are: spam related to pharmaceutical supplements, male body part enlargement, Viagra, sexually explicit porn, scams, and mortgages.
Energizer Bunny award
The 2003 spam message that most resembles the energetic rabbit was an Iraqi variation of the familiar Nigerian Scam 419. That e-mail hoax, which has been making the rounds for years, involves an alleged plea for assistance getting cash out of a country under siege -- for a generous cut.
In the updated version, Eng Farouk Al-Bashar, allegedly the oldest son of an oil-rich Iraqi family, pleads for help. The e-mail asks for assistance in transporting US$12.5 million in cash from a Baghdad vault. For your trouble you get 10 percent, or a negotiated amount. Yeah, right!
Best spam scam newcomer
The Mimail e-mail worm easily wins this title. Mimail variants infect PCs with a payload containing instructions to launch distributed denial of service attacks against a number of antispam and e-commerce Web sites.
Antispam firms say this devilishly ingenious way to thwart their efforts will likely grow in 2004.
Three leading antispam sites that hosted spammer blacklists were shut down in August after becoming victims of distributed denial of service attacks. It's believed spammers launched the attacks using the Sobig worm.
The targeted sites were Osirusoft, Spam Prevention Early Warning System, and the Spam Open Relay and Blocking System. All were intermittently inaccessible; and, according to some online discussion forums, Osirusoft has shut down permanently.
February 15 was the busiest day of 2003 for spam, according to spam-filterer Postini. That day, 82.4 percent of all the e-mail it filtered for its customers was spam, Postini representatives say. Overall, however, October was the spamiest month, the company reports.
Lawyers to love
In August, EarthLink Inc. filed lawsuits against two unsolicited commercial e-mail rings with operations in the United States and Canada, accusing them of sending spam that has cost the ISP millions. The ISP wants to recover an estimated $5 million in lost employee productivity and Internet bandwidth. That was the cost of managing more than 250 million e-mail messages sent from e-mail addresses on its network, according to EarthLink.
Shortest-lived spam law
California took a stand against spam e-mail in September, approving some of the toughest antispam legislation in the nation. The new law would prohibit anyone from sending unsolicited commercial e-mail advertisements to a California e-mail address.
The new law is to take effect in January. Meanwhile, Congress has taken a stand that supplants California's measure. The federal Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act was approved in December. It is expected to get President George W. Bush's signature any day now, and will take effect in the summer.
The federal legislation requires unsolicited e-mail messages to include a mechanism that allows recipients to indicate they do not want future mailings. It also orders the Federal Trade Commission to offer within six months a plan to establish a national do-not-spam list, similar to the national do-not-call telemarketing list now in effect.
What took you so long?
The FTC aired concerns in November over exploitation of a Microsoft Windows service. The Windows Messenger Service is intended for network administrators to send notices to users, but it's being usurped by third parties to send pop-up spam.
In October, Microsoft said it will disable the Messenger Service on Windows XP machines with the release of Windows XP Service Pack 2, expected to ship in the first half of 2004.
Crowning the spam king
Scott Richter is the Internet's poster boy for spam. Richter is chief executive of OptInRealBig.com LLC, an $18-million-a-year business that sends out zillions of e-mail messages every day hawking adult porn, Viagra, and mortgages.
Richter says he sends out 80 million e-mail advertisements daily. He endorses curbing spam and creating an industry code of ethics. He is president of the E-Mail Marketing Association, a group that says it wants to work with the FTC to help stop spam and build consumer trust. According to the EMA Web site, the code of ethics has been "coming soon" since I first checked in September.
People's choice: Best free spam filter
You spoke and I heard you. I've gotten many glowing reviews of the spam filter SpamBayes. Indeed, I like it too -- and you can't beat the price.
What makes the program unique is that SpamBayes doesn't use predetermined spam definitions. Rather, it constantly evolves by scanning your in-box to build custom definitions.
Q. I've tried spam filters in tandem with my company's server-level junk e-mail filter. Some personal messages are still getting blocked. Do you have a suggestion?
A. First, it's not wise to mix personal e-mail with business e-mail. Your professional e-mail address will likely be more public and susceptible to spam. Keep a separate personal e-mail address and treat it like you would your telephone number: Don't share it with strangers or post it to public Web sites.
Second, I've got some bad news for you: No spam filter is perfect. Not even the best filters claim to block spam 100 percent of the time; and they don't promise never to block friendly e-mail.
If you have a group of friendly e-mail addresses, you can create what is called a white list. This is a list of e-mail addresses your spam filter will always permit. Your company should be able to customize its server-level spam filters to accommodate your white list. But keep in mind that some companies might frown on personal e-mail correspondence on the job.
Q. Forging invalid return addresses is clearly fraud. I wish the government would set up an address that I could forward fraudulent e-mail to. It would be great if some agency would track down the real culprits.
-- Steve R.
A. Report e-mail fraud to the FTC.
The commission encourages people to report and forward spam to its e-mail address. However, the FTC says it lacks the resources to resolve individual complaints; it instead uses the complaints it gets to spot new spam trends and tricks. Messages about illegal spam are forwarded to law enforcement officials, who will pursue the worst offenders.