Spam Wars: The Ongoing Battle Against Junk E-Mail
Jun 8, 2004 6:32 AM PT
Junk e-mail, the way most computer users see it, has become more prolific than postal junk mail. It overloads inboxes and consumes valuable hours each day. Every day, e-mail users must weed through appeals to buy everything from phony products and stock offers to drugs and body-part enhancers -- not to mention the countless free passes to porn sites.
Experts estimate that as much as 60 percent of all e-mail that enters inboxes every day is spam, unsolicited e-mail that targets e-mail addresses randomly created or culled from the Internet and mass-marketing lists. The problem grows worse with each passing month.
Spammers churn out millions of messages per hour. Efforts by U.S. legislators to shut down e-mail abusers with the much-touted CAN-SPAM Act has had very little success. That failure results in part because many of the world's busiest spammers are either overseas or use overseas mail servers to relay their spam.
"Junk e-mail has gone way beyond annoyance. It is now a part of living on the Internet," said Jeremy Poteet, author of Canning Spam: You've Got Mail (That You Don't Want), due to be released later this month. "We are starting to see spam blurring with virus writers," he said, alluding to the trend that worms and viruses are now sometimes used merely to generate spam.
Despite this dim view, solutions do exist to filter out unwanted e-mail. Some of the solutions, however, can be more annoying to use than receiving spam itself. But the bottom line is that spam is a technology problem that technology can solve.
"We believe that technology is the most powerful tool against spam. Technology is critical not only to protecting end users from unwanted e-mail, but from protecting users from other, often more devastating e-mail threats, including viruses, worms, blended threats and denial-of-service attacks," said Scott Chasin, CTO of MX Logic, whose company provides e-mail defense technologies.
Spam Could Threaten Business
E-mail scams like phishing and junk e-mail in general might cause some business executives to rethink business procedures involving corporate e-mail. The situation is getting so bad, said author and security expert Jeremy Poteet, that businesses will rethink using e-mail altogether.
"But it's not yet at that point because there are tools available to make filtering out junk mail palatable. They at least help take the edge off the spamming process," Poteet told TechNewsWorld.
Not all solution providers, however, agree with the view that spam will shut down business e-mail. According to market intelligence and advisory firm IDC, the Internet sent 5 billion e-mails per day and over 1.4 trillion e-mail messages per year in 1999. By 2000, the daily figure reached 10 billion. IDC predicts that by 2005, Internet users will send a staggering 35 billion e-mails daily.
"E-mail has become one of the most -- if not the most -- effective mediums for business communication, combining not only rapid communication but also the convenience of document transfer," said MX Logic's Chasin. "In short, e-mail offers businesses and their employees a powerful method of communication with benefits unlike any other medium available. For that reason alone, we believe it won't be dismissed quickly."
Rather than do the equivalent of throwing out the baby with the bathwater, Chasin believes that corporations have a strong incentive to use antispam technologies. A good antispam solution can return lost bandwidth, reduce overall costs on a company's messaging infrastructure, and increase employee productivity -- benefits that can positively affect the bottom line.
"At the end of the day, because e-mail has so many positive benefits and because so much has been invested in e-mail communication, enterprises are more likely to look for effective security solutions rather than throw up their hands and walk away," Chasin told TechNewsWorld.
Next-Generation E-Mail Threats
A quick glimpse of e-mail threats since last year shows a worsening problem. According to MX Logic, Netsky had 11 variants as early as March 8th, while MyDoom had eight variants as of March 3rd. A common ploy is for virus writers to use e-mail as the delivery vehicle of choice. Attached documents carry malicious code that spreads by resending copies of itself to the infected computer's e-mail contact list.
These worms can race around the world in a matter of hours via the Internet. SoBig.F infected one out of every 12 e-mails. MyDoom infected one in six e-mails. MyDoom.F infected one in 46 e-mails. Netsky-D infected one in 71 pieces of e-mail.
MX Logic's Chasin told TechNewsWorld that the most common threats to e-mail will soon be mass-mailing spam Trojans, distributed spam attacks, mass-mailing worms and WiFi spam attacks.
Next-generation worms will install spam relays on infected machines and will prey on always-on, broadband-connected PCs. They will harvest e-mail addresses from infected hosts' address books and local files. They will leverage chat and peer-to-peer networks for their remote command-and-control operations.
And one of their deadliest traits will be their metamorphic structure. They will have the ability to install and execute new instructions in stages. The result will be a delivery system of compromised computers that will send out 30 to 50 percent of all spam.
Distributed Spam Attacks
Meanwhile, next-generation mass-mailing worms will not need to exploit an operating system vulnerability, said Chasin. Instead, they will use social-engineering techniques borrowed from spammers. These superworms will be released into the network through an insecure wireless access point, and the message contents will probably advance political agendas or special interests.
WiFi market penetration is growing substantially, said Chasin. Analysts estimate 55,000 new WiFi hotspots will be installed in the next five years. By 2009, WiFi will be in 50 percent of all homes that are wired to the Internet, up from 12 percent today, according to the Farpoint Group. But most WiFi access point installations still lack basic security settings.
"It is only a matter of time before the spam truck rolls around a neighborhood with drive-by-spamming techniques," said Chasin. "Constant growth of access-point bandwidth will provide larger pipes for more spam throughput."
No Silver Bullet Solution
Internet security experts readily agree that there is no one solution that works for all users. There is no true silver-bullet method that will stop all spammers dead in their tracks.
Felix Lin, CEO and cofounder of Qurb, is sure that technology can deal with existing spam attacks and next-generation threats. His company's approach uses a form of caller ID for e-mail. "It is as effective in blocking spam as caller ID is to stopping the telemarketers," he told TechNewsWorld.
Qurb works because the vast majority of users know all their contacts. The software quarantines mail from all senders not on the whitelist. The inbox isn't stuffed with all mail, only mail from approved senders. The questionable e-mail can be viewed and acted upon at the user's discretion.
The software controls sit on the user's desktop. There is no third-party Web site that interacts with e-mail before it arrives in the inbox. There are several technologies on the market that operate at the client level like Qurb's, and perhaps even more that operate at the server level like MX Logic's. Whether these technologies will be adopted by enough users to make the business of spam a zero-sum proposition remains to be seen. In the meantime, spammers will likely use any means necessary to fight new antispam technology.
"Spammer's will always stay one step ahead of current solutions," warned Poteet. "It is the nature of the beast." He said people have to make fundamental changes in how they process their e-mail. They need to stake steps to minimize the impact of junk e-mail. "But it will never completely go away," he said.