HOME
| UTORprotect |
DOCUMENTATION
|
AMS/ROSI
|
SERVICES
|
CONTACT
UTORprotect
Endpoint Security Policy System
Firewalls
Malicious Code
Network Security Policy
Open-Source Firewall
Password Usage Guidelines
Phishing 
Security Incident Reporting
Spam
Spyware 
Symantec Anti-Virus
Windows Security Maintenance
Windows Incident Response
Windows Security

SPAM

Spam is the junk mail of the Internet. If you're like most e-mail or newsgroup users, you've probably received your fair share. And like the paper equivalent, it is difficult to stop. However, there are some things you can take to minimize the amount of spam you get.

Note: If you use your UTORmail email account, see the following for information on filtering spam.

How did they get my e-mail address?

Spamming has generated a whole "business" sub-culture. There are "harvesters" who scan webpages, Usenet groups or mailing lists looking for e-mail addresses. This process is automated so that a harvester doesn't actually have to read webpages to extract the information. Sometimes lists are purchased from legitimate businesses that sell customer lists or stolen by hacking into computers. These lists are then sold to anyone who wants to "sell" a product (often of dubious value), get-rich-quick schemes, quasi-legal services, medication or drugs, "instant" mortgages, or pornography. No doubt the price of a list is measured by its "quality". There are companies that sell software that will try to conceal (in the message header) the true location of the computers that are sending out spam. This makes it harder to find someone to complain to about spam you receive.

Product sellers do not usually send out their own spam (just like bricks-and-mortar companies do not own high speed printing presses or newspaper distribution systems to do advertising). The list and the "message" are often sold to a spam "mailer" who has the hardware and the network connectivity to push the messages quickly. (Mailers may reduce costs by becoming their own harvesters). Mailers often purchase the services of (or set up their own) off-shore servers to avoid legal issues in their own country.

Because the process is highly automated, sending out millions of e-mails costs very little. Since the product or service is usually of dubious quality or purpose, the number of people who respond to a spam is very small-usually less than ½ of 1%. However, if a mailer sends out a 10 million emails, and even a small number of those who respond actually "purchase" the product or service, this can generate a significant amount of money. If there wasn't any money to be made from spam, it would have stopped-or at least be greatly diminished-a long time ago.

 

Minimizing Spam

Short of disconnecting from the Internet completely, changing your e-mail address frequently, not participating in any electronic discussion groups, or not making online purchases, it's unlikely that you'll ever be able to completely stop spam from arriving in your inbox. However, there are a few things you can do to minimize you (e-mail address) exposure from e-mail harvesters. Things You Can Do-Prevention

  • If you have a UTORmail address (i.e., an address ending in @utoronto.ca), remove it from the on-line directory. Go to www.utorid.utoronto.ca and follow the "modify" link. Avoid signing webpage "guestbooks" unless you are confident that your e-mail address will not be sold or used for other than the stated policies. If you are not sure, get and use a free e-mail address from one of the services like Hotmail or Yahoo. This may not stop the spam from arriving to these free addresses but at least you could simply abandon them if they are abused. If you are making purchases online, make sure that you understand the vendor's privacy policy. Watch out for automatic "opt-in" options. For example, some sites will ask if you want to receive future promotional material (either directly from the vendor or from product "partners"). The default option might be that you get the promotional material unless you indicate that you want to opt-out.
  • Limit your (e-mail address) exposure. Where possible, set up fill-in forms for general purpose inquiries about your department or programs rather than using your own personal address for this purpose.

Things You Can Do Once the Spam Arrives

  • Use the DELETE button. More often then not, you can identify spam from the contents of the subject line. Simply delete it and continue with your work. If you do open a spam message and do read the contents, always examine carefully the products or services being offered. In most cases the adage: "If it's too good to be true, it probably is" generally applies.
  • BE SUSPICIOUS OF ANY ATTACHMENTS. Spam can also contain viruses. Hackers can hi-jack some e-mail address book and you may get an e-mail with an attachment that appears to come from a trusted source. If you are in the least bit suspicious, contact the sender to confirm that they actually did send the material. Don't propagate spam. Spam isn't always someone trying to sell you something. You may think that the world's top 100 dumb stunts is the funniest think you've ever read but that doesn't mean you have to send it to all the people in your address book. You can set up filters in Netscape Communicator and Micrsoft Outlook to redirect potential spam to a separate folder (see below for instructions on how to do this.)
  • For those using UTORwebmail (via my.utoronto.ca), you can set up "blacklist" filters to either move messages to a separate folder or delete them immediately. The filters can be based on keywords in the message header or in the message body. Spam filters are not perfect so deleting messages immediately is not always the best approach. Legitimate messages may be mistakenly identified as spam and be deleted without your knowledge. As with message filtering (see the discussion in the previous point on filters in Netscape Communicator), you still have to examine blacklisted messages to see if there are no false-positives.

Filtering Spam in MS Outlook

  • Right click on the From address and choose Create Filter from Message... from the drop-down menu. make sure that the Perform this action: in the bottom part of the Filter Rules window is set to Move to folder. Click on the down arrow of the next box. Choose Local Folders and then choose Trash.
  • Click OK to finish the filter setup.

The sender's e-mail address will be added to the filter and when messages from that e-mail address are read into your in-box they will be automatically moved to the Trash folder. You can edit your filter rules by choosing Message Filters... from the Tools menu. Filtering Spam in Netscape

  • Choose Message Filters from the drop-down menu in Tools. Click the Junk E-Mail tab. Turn on the Automatically Move Junk messages to Deleted Items option.
  • To add a message to the junk filter, right-click a message and choose Junk E-Mail from the menu.

The sender's e-mail address will be added to the filter and when messages from that e-mail address are read into your in-box they will be automatically moved to the Deleted Items folder. You can edit the addresses included in your junk e-mail filter by going to For more options click here. Filtering is not supported in Microsoft Outlook Express.

Things You Can Do-Complain About Spam

Many spam messages contain at the bottom of message something to the effect: "If you want to be removed from this list…" This rarely works (although see the discussion below). Spammers know which addresses are valid (i.e., those that don't bounce). Responding to the request to be removed from the list only confirms that your account is active (as opposed to an active but abandoned account).

You can try contacting the ISP that is processing the spam and ask them to deactivate the account of the spammer. However, tracing down the true ISP can take some effort. Spammers can forge message headers to try to hide the original source. Spammers usually have many Internet accounts so closing down one rarely has a major impact on their operations. Some spammers use "open relays"-systems that permit anyone to send messages through them. This is becoming less of an issue as many open relays are being closed down and those that are still operational are blacklisted. These lists are widely publicized and hence can be blocked. In the United States, several attempts have been made to pass federal laws that, while not preventing spam, will at least make it easier to identify the true sender of the spam. Furthermore, the laws will include provisions that require the bulk mailer to remove your e-mail address from their lists if you make the request. It is not clear how these laws will apply to someone from outside the United States receiving spam coming from inside the United States. Individual states have passed laws that address spam. See a summary list at:         http://www.spamlaws.com/state/summary.html Of course, determining which state the e-mail is originating from can also be time consuming. Some spammers are already moving to servers outside of the US to avoid these issues.

If you still wish to complain, send a copy of the spam including the full headers of the message to Computer Security Administration at security.admin@utoronto.ca. Timely reporting is essential - if you decide to report you need to do it right away as the trail can get cold very quickly

©2011 - University of Toronto Information + Technology Services. All Rights Reserved.