The cycle of spam

Ever wonder where those spam email messages you receive come from, and how they got your email address? Spammers use a combination of technology, persistence and trickery to obtain email addresses and avoid detection.

The best ways to protect yourself from spammers and the scams they often promote is to be selective with the websites on which you post your email address and to ignore messages from companies that you've never heard of or seem suspicious.


“Spiders" – Also known as robots or scrapers, these software programs crawl the Web and online discussion groups, grabbing email addresses and domain names. Online directories and popular sites, such as AOL and eBay, are favorite targets.

"Dictionary attacks" – Spammers launch attacks with software that creates millions of possible emails from combinations of letters and numbers, such as bob@yourisp or mary@bigcorporation.

Deceptive websites – Spammers induce Web users to enter contests or receive free products in exchange for accepting marketing email. But they rarely disclose that your the email address likely will be resold multiple times, resulting in a deluge of unsolicited offers.

Unsubscribe lists – Despite posting "remove" mechanisms in their messages, spammers often ignore requests to drop email addresses. Sometimes those requesting removal are used to send more spam.

List reselling – Once harvested, spammers buy and resell millions of addresses for a few cents a name.


Bulk emailing – Software can turn an ordinary personal computer into a powerful mail server, sending up to 250,000 emails per hour. Spammers sometimes specialize, targeting users of news groups, instant messaging or wireless devices.

"Cloaking and spoofing" – Spammers survive by evading detection. Typical tricks include stripping off sender information that might identify them, forging "to" and "from" fields so messages appear to come from legitimate companies or work colleagues, and randomly altering subject lines to sneak past anti-spam filters.

Finding a friendly host – Spammers set up accounts with Internet Service Providers and Web hosting companies known for slow or no response to spamming complaints. Once caught, they change their identities and move to the next ISP or host.

Hijacking – Using scanning software, spammers search globally for unprotected computer networks whose systems can be taken over and used to send spam. About 70 percent of spam sent to U.S. addresses comes via overseas connections.


Affiliate marketing programs – Businesses offer cash to website operators and legitimate email marketers who deliver paying customers. Such incentives also encourage spammers to send unsolicited emails in bulk to boost commissions.

Revenue sharing – Sweetening the pot, operators of pornography and gambling sites typically offer the highest payouts, up to $50 for a new customer as well as a cut of ongoing revenues from the customer.

Spamware sales – Veteran spammers sell "spamware" to amateurs, ranging from email addresses to internet connectivity. They sell their wares on websites and in bulk emailer chatrooms.

Scams - Some spam is illegal fraud, notably pyramid-scheme chain letters. The so-called Nigerian Letter, a spam in which an alleged Nigerian official seeks help moving money between banks, accounts for 15 percent of online fraud complaints to the FBI.

Read More on Business & Finance
Volume 2, Issue 10, Posted 10:22 AM, 04.16.2010