Do you find your e-mail inboxes filling up with messages from people you do not know? Have the scores of messages had an impact on your productivity and prevented legitimate e-mails from being received? If you answered yes to these questions, you are not alone because anyone with an e-mail address will inevitably receive some sort of unsolicited e-mail message. Some may consider these messages such a waste of time and computing resources that they are deleted as they are received, whereas others may view the information contained therein with some degree of interest. Welcome to the age of connectivity!
How has SPAM, the familiar brand of canned luncheon meat product manufactured by Hormel Foods, morphed into the e-mail problem now known as SPAM? SPAM (the luncheon meat) was immortalized by Monty Python in the skit with the Vikings, sitting in a restaurant whose menu included only dishes made with SPAM, singing "SPAM, SPAM, SPAM" over and over again in increasing volume until it was impossible for others in the room to hear anything else. 1,2 This skit, coupled with the old joke that SPAM has no nutritive or aesthetic value, has evolved to signify duplicate Usenet postings having no value to readers. 2 The term was later adopted to describe mass-mailings of many copies of the same message that drown out the normal conversation on the Internet.
Although e-mail users have developed a common aversion to SPAM, they have difficulty agreeing on what constitutes SPAM. Users often erroneously lump together all annoying e-mails into the category of SPAM, such as unsolicited bulk e-mail, unsolicited commercial e-mail, chain letters, duplicate postings, pop-up ads, virus warnings, banner ads, jokes, and Internet Service Provider (ISP) information. 3 Sending an unsolicited ad or a post, no matter how objectionable the content is for the receiver, does not necessarily translate to SPAM. Rather, SPAM is measured objectively based on the "number of times" a post appears. 1
The first e-mail SPAM was reported as early as 1978 with an announcement e-mailed to ARPANET addresses on the West Coast, using the ARPANET directory, inviting recipients to receptions in California commemorating a new DEC-20 machine. 2 Spamming behavior was also observed during the 1980s on early chat systems, such as the MUD and BBS communities, and during the 1990s on Usenet postings and e-mails.
The first giant Usenet SPAM came about in January, 1994 with a student's posting of a global alert about Jesus's coming. 2,4 This was followed in April of that same year with a Usenet posting from Laurence Canter and Martha Siegel, a Phoenix-based husband-and-wife law firm, advertising their overpriced services for the US green card lottery. 4 Canter and Siegel's green card SPAM was not the first major SPAM in history, but it was certainly the largest commercial one, with their ad being posted to each and every newsgroup. The green card SPAM and the subsequent floods of negative reactions generated by the Internet community disrupted the serenity and discussion threads of the Usenet newsgroups, and the term SPAM became popular.
SPAM is a growing concern. Of the more than 5.5 million unique SPAM messages that were detected in November 2002, over 75% were solicitations for consumer products, financial services, or adult content, with the remaining 25% linked to online scams or information on health, spiritual, leisure, and related topics. 5 IDC predicted that the overall number of e-mail messages will double from 31 billion a day in 2002 to 60 billion a day by 2006, with a notable increase in SPAM.6 In addition, high levels of SPAM have been noted in the financial sector and in the legal and healthcare industries, with SPAM ranging from 9% in banking to 20% in healthcare of all e-mails received. 7
SPAM comes to you in two ways, through Usenet newsgroups or through e-mail. Usenet SPAM targets the Internet newsgroups by flooding them with advertisements or irrelevant postings. Usenet spammers compromise the system administrators' and listserve owners' abilities to manage their newsgroup's content and discussion threads effectively. E-mail SPAM, on the other hand, targets individual users by sending them direct e-mail messages. Generally speaking, the more you participate in Internet activity, the more likely your e-mail address will end up on a SPAM list.
Spammers usually obtain e-mail addresses from commercial vendors and other online services that sell the lists. In addition, some may scan Usenet postings and chat rooms, harvesting Internet mailing lists or using software to search the Web for e-mail addresses in Web sites, particularly "mailto" links. Others may turn to a Web site's guest book and individual profiles, visit the online White/Yellow Pages that list users' e-mail addresses, or they may use conventional paper forms, such as registration materials, conference attendee rosters and professional directories. Still others may use programs to identify those who connect to them, run a query to produce a list of currently logged-on users, use the web browser cache to extract the surfer's e-mail address, or use dictionary attacks to sort through possible name combinations at large ISPs or e-mail services. Many SPAM messages may even include a note on how to unsubscribe, but doing so only serves to verify and confirm to the spammer that your address is an active one and worthy of being kept on their list.
The continued growth of SPAM marks an increase in malicious SPAM, such as financial scams. The Nigerian scam is perhaps the most well known of these. This global scam involves suspicious wealth to be taken out of Nigeria, including a request for assistance for a front person to visit Nigeria and an investment of money to establish a bank account for money transfer. Money is not the only thing lost in this financial transaction. There are reports of Americans losing their lives and other foreign nationals reportedly have gone missing. Another malicious SPAM is the FriendGreeting applet, a legitimate-looking online greeting card service that tricks users into downloading an applet that mass-mails address from the user's address book and invites new victims to visit the greeting card site and to download the same applet. 8
Given the popularity of the Internet and e-mail, some old-fashioned scams are now delivered using this medium. Spammers have sent out e-mails requesting assistance with emergency relief funds and directing recipients to contribute money to charitable organizations through their Web site. Moreover, electronic versions of illegal pyramid schemes and chain letters have presented themselves in e-mail solicitations involving business and investment opportunities, get rich quick schemes, work-at-home schemes, health and diet scams, free goods, free passwords to pornography sites, free cable with cable descrambler kits, guaranteed loans and credit cards, credit repairs, and vacation prize promotions, among others. The SPAM scam sender's primary purpose is to separate you from your money, belongings, identity and/or credit information.
Sending SPAM is relatively inexpensive considering that one can use special software to send out literally hundreds of thousands of messages with a simple click of the mouse. When a spammer sends an e-mail message to millions of people, it is delivered through numerous other systems while en route to its destination, thus further shifting the cost away from the SPAM originator. Most of the costs are borne by the recipients or their ISPs, and these costs are much greater than those incurred by the sender. ISPs are passing the cost incurred to their users. Various reports estimate that $2-$3 of the monthly charge that users pay for Internet service represents SPAM costs. 9 The decentralized nature of the Internet and the availability of free, Web-based e-mail accounts further contribute to the proliferation of SPAM. Spammers may send e-mail using a fraudulent return address, or they can easily set up and dispose of multiple free e-mail accounts to hide their tracks.
In conclusion, SPAM has become a fact of life on the Internet. Its rapid growth significantly threatens the overall stability, usefulness, effectiveness, and efficiency of the Internet and e-mail as vital tools for everyday personal and work communication that simply pressing the "delete" key becomes hardly an intelligent solution to the SPAM problem. SPAM is here whether we like it or not, and its expanding online presence can no longer be ignored.
REFERENCES