What is spam?

Spam is flooding the Internet with many copies of the same message, in an attempt to force the
message on people who would not otherwise choose to receive it. Most spam is commercial
advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam
costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers
rather than by the sender.

There are two main types of spam, and they have different effects on Internet users. Cancellable
Usenet spam is a single message sent to 20 or more Usenet newsgroups. (Through long
experience, Usenet users have found that any message posted to so many newsgroups is often not
relevant to most or all of them.) Usenet spam is aimed at "lurkers", people who read newsgroups
but rarely or never post and give their address away. Usenet spam robs users of the utility of the
newsgroups by overwhelming them with a barrage of advertising or other irrelevant posts.
Furthermore, Usenet spam subverts the ability of system administrators and owners to manage
the topics they accept on their systems.

Email spam targets individual users with direct mail messages. Email spam lists are often created
by scanning Usenet postings, stealing Internet mailing lists, or searching the Web for addresses.
Email spams typically cost users money out-of-pocket to receive. Many people - anyone with
measured phone service - read or receive their mail while the meter is running, so to speak. Spam
costs them additional money. On top of that, it costs money for ISPs and online services to
transmit spam, and these costs are transmitted directly to subscribers.

One particularly nasty variant of email spam is sending spam to mailing lists (public or private
email discussion forums.) Because many mailing lists limit activity to their subscribers,
spammers will use automated tools to subscribe to as many mailing lists as possible, so that they
can grab the lists of addresses, or use the mailing list as a direct target for their attacks.

Spam (electronic)
Spam is the use of electronic messaging systems (including most broadcast media, digital
delivery systems) to send unsolicited bulk messages indiscriminately. While the most widely
recognized form of spam is e-mail spam, the term is applied to similar abuses in other media:
instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki
spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax
transmissions, social networking spam, television advertising and file sharing network spam.

Spamming remains economically viable because advertisers have no operating costs beyond the
management of their mailing lists, and it is difficult to hold senders accountable for their mass
mailings. Because the barrier to entry is so low, spammers are numerous, and the volume of
unsolicited mail has become very high. In the year 2011 the estimated figure for spam messages
are around seven trillion. The costs, such as lost productivity and fraud, are borne by the public
and by Internet service providers, which have been forced to add extra capacity to cope with the
deluge. Spamming has been the subject of legislation in many jurisdictions.[1]

People who create electronic spam are called spammers.[

In different media
[edit] E-mail

E-mail spam, known as unsolicited bulk Email (UBE), junk mail, or unsolicited commercial
email (UCE), is the practice of sending unwanted e-mail messages, frequently with commercial
content, in large quantities to an indiscriminate set of recipients. Spam in e-mail started to
become a problem when the Internet was opened up to the general public in the mid-1990s. It
grew exponentially over the following years, and today composes some 80 to 85% of all the
email in the world, by a "conservative estimate".[3] Pressure to make e-mail spam illegal has been
successful in some jurisdictions, but less so in others. Spammers take advantage of this fact, and
frequently outsource parts of their operations to countries where spamming will not get them into
legal trouble.

Increasingly, e-mail spam today is sent via "zombie networks", networks of virus- or worm-
infected personal computers in homes and offices around the globe; many modern worms install
a backdoor which allows the spammer access to the computer and use it for malicious purposes.
This complicates attempts to control the spread of spam, as in many cases the spam doesn't even
originate from the spammer. In November 2008 an ISP, McColo, which was providing service to
botnet operators, was depeered and spam dropped 50%-75% Internet-wide. At the same time, it
is becoming clear that malware authors, spammers, and phishers are learning from each other,
and possibly forming various kinds of partnerships.[citation needed]

An industry of e-mail address harvesting is dedicated to collecting email addresses and selling
compiled databases.[4] Some of these address harvesting approaches rely on users not reading the
fine print of agreements, resulting in them agreeing to send messages indiscriminately to their
contacts. This is a common approach in social networking spam such as that generated by the
social networking site Quechup.[5]

[edit] Instant Messaging

Main article: Messaging spam

Instant Messaging spam makes use of instant messaging systems. Although less ubiquitous than
its e-mail counterpart, according to a report from Ferris Research, 500 million spam IMs were
sent in 2003, twice the level of 2002. As instant messaging tends to not be blocked by firewalls,
it is an especially useful channel for spammers. This is very common on many instant messaging
system such as Skype.

[edit] Newsgroup and forum

Main article: Newsgroup spam
Newsgroup spam is a type of spam where the targets are Usenet newsgroups. Spamming of
Usenet newsgroups actually pre-dates e-mail spam. Usenet convention defines spamming as
excessive multiple posting, that is, the repeated posting of a message (or substantially similar
messages). The prevalence of Usenet spam led to the development of the Breidbart Index as an
objective measure of a message's "spamminess".

Main article: Forum spam

Forum spam is the creating of messages that are advertisements or otherwise unwanted on
Internet forums. It is generally done by automated spambots. Most forum spam consists of links
to external sites, with the dual goals of increasing search engine visibility in highly competitive
areas such as weight loss, pharmaceuticals, gambling, pornography, real estate or loans, and
generating more traffic for these commercial websites. Some of these links contain code to track
the spambot's identity if a sale goes through, when the spammer behind the spambot works on
commission.

[edit] Mobile phone

Main article: Mobile phone spam

Mobile phone spam is directed at the text messaging service of a mobile phone. This can be
especially irritating to customers not only for the inconvenience but also because of the fee they
may be charged per text message received in some markets. The term "SpaSMS" was coined at
the adnews website Adland in 2000 to describe spam SMS.

[edit] Online game messaging

Many online games allow players to contact each other via player-to-player messaging, chat
rooms, or public discussion areas. What qualifies as spam varies from game to game, but usually
this term applies to all forms of message flooding, violating the terms of service contract for the
website. This is particularly common in MMORPGs where the spammers are trying to sell game-
related "items" for real-world money, chiefly among these items is in-game currency. This kind
of spamming is also called Real World Trading (RWT). In the popular MMORPG Runescape, it
is common for spammers to advertise sites that sell gold in multiple methods of spam. They send
spam via the in-game private messaging system, via using emotes to gain attention, and by
yelling publicly to everyone in the area.

[edit] Spam targeting search engines (spamdexing)

Main article: Spamdexing

Spamdexing (a portmanteau of spamming and indexing) refers to a practice on the World Wide
Web of modifying HTML pages to increase the chances of them being placed high on search
engine relevancy lists. These sites use "black hat search engine optimization (SEO) techniques"
to deliberately manipulate their rank in search engines. Many modern search engines modified
their search algorithms to try to exclude web pages utilizing spamdexing tactics. For example,
the search bots will detect repeated keywords as spamming by using a grammar analysis. If a
website owner is found to have spammed the webpage to falsely increase its page rank, the
website may be penalized by search engines.

[edit] Blog, wiki, and guestbook

Main article: Spam in blogs

Blog spam, or "blam" for short, is spamming on weblogs. In 2003, this type of spam took
advantage of the open nature of comments in the blogging software Movable Type by repeatedly
placing comments to various blog posts that provided nothing more than a link to the spammer's
commercial web site.[6] Similar attacks are often performed against wikis and guestbooks, both of
which accept user contributions.

[edit] Spam targeting video sharing sites

Video sharing sites, such as YouTube, are now being frequently targeted by spammers. The most
common technique involves people (or spambots) posting links to sites, most likely pornographic
or dealing with online dating, on the comments section of random videos or people's profiles.
Another frequently used technique is using bots to post messages on random users' profiles to a
spam account's channel page, along with enticing text and images, usually of a sexually
suggestive nature. These pages may include their own or other users' videos, again often
suggestive. The main purpose of these accounts is to draw people to their link in the home page
section of their profile. YouTube has blocked the posting of such links. In addition, YouTube has
implemented a CAPTCHA system that makes rapid posting of repeated comments much more
difficult than before, because of abuse in the past by mass-spammers who would flood people's
profiles with thousands of repetitive comments.

Yet another kind is actual video spam, giving the uploaded movie a name and description with a
popular figure or event which is likely to draw attention, or within the video has a certain image
timed to come up as the video's thumbnail image to mislead the viewer. The actual content of the
video ends up being totally unrelated, a Rickroll, sometimes offensive, or just features on-screen
text of a link to the site being promoted.[7] Others may upload videos presented in an infomercial-
like format selling their product which feature actors and paid testimonials, though the promoted
product or service is of dubious quality and would likely not pass the scrutiny of a standards and
practices department at a television station or cable network.

[edit] SPIT

SPIT (SPam over Internet Telephony) is VoIP (Voice over Internet Protocol) spam, usually using
SIP (Session Initiation Protocol).

[edit] Noncommercial forms

E-mail and other forms of spamming have been used for purposes other than advertisements.
Many early Usenet spams were religious or political. Serdar Argic, for instance, spammed
Usenet with historical revisionist screeds. A number of evangelists have spammed Usenet and e-
mail media with preaching messages. A growing number of criminals are also using spam to
perpetrate various sorts of fraud,[8] and in some cases have used it to lure people to locations
where they have been kidnapped, held for ransom, and even murdered.

History
In the late 19th Century Western Union allowed telegraphic messages on its network to be sent to
multiple destinations. The first recorded instance of a mass unsolicited commercial telegram is from
May 1864.[11] Up until the Great Depression wealthy North American residents would be deluged with
nebulous investment offers. This problem never fully emerged in Europe to the degree that it did in the
Americas, because telegraphy was regulated by national post offices in the European region.

E-mail spam
E-mail spam, also known as junk e-mail or unsolicited bulk e-mail (UBE), is a subset of spam
that involves nearly identical messages sent to numerous recipients by e-mail. Definitions of
spam usually include the aspects that e-mail is unsolicited and sent in bulk.[1][2][3][4][5] One subset
of UBE is UCE (unsolicited commercial e-mail).

E-mail spam has steadily grown since the early 1990s. Botnets, networks of virus-infected
computers, are used to send about 80% of spam. Since the cost of the spam is borne mostly by
the recipient,[6] it is effectively postage due advertising.

The legal status of spam varies from one jurisdiction to another. In the United States, spam was
declared to be legal by the CAN-SPAM Act of 2003 provided the message adheres to certain
specifications. ISPs have attempted to recover the cost of spam through lawsuits against
spammers, although they have been mostly unsuccessful in collecting damages despite winning
in court.[7][8]

Spammers collect e-mail addresses from chatrooms, websites, customer lists, newsgroups, and
viruses which harvest users' address books, and are sold to other spammers. They also use a
practice known as "e-mail appending" or "epending" in which they use known information about
their target (such as a postal address) to search for the target's e-mail address. Much of spam is
sent to invalid e-mail addresses. Spam averages 78% of all e-mail sent.[9] According to the
Message Anti-Abuse Working Group, the amount of spam email was between 88-92% of email
messages sent in the first half of 2010

Spam techniques
Appending
Main article: E-mail appending

If a marketer has one database containing names, addresses, and telephone numbers of
prospective customers, they can pay to have their database matched against an external database
containing e-mail addresses. The company then has the means to send e-mail to persons who
have not requested e-mail, which may include persons who have deliberately withheld their e-
mail address.[19]

[edit] Image spam

Main article: Image spam

Image spam is an obfuscating method in which the text of the message is stored as a GIF or
JPEG image and displayed in the e-mail. This prevents text based spam filters from detecting and
blocking spam messages. Image spam was reportedly used in the mid 2000s to advertise "pump
and dump" stocks.[20][not in citation given]

Often, image spam contains nonsensical, computer-generated text which simply annoys the
reader. However, new technology in some programs try to read the images by attempting to find
text in these images. They are not very accurate, and sometimes filter out innocent images of
products like a box that has words on it.

A newer technique, however, is to use an animated GIF image that does not contain clear text in
its initial frame, or to contort the shapes of letters in the image (as in CAPTCHA) to avoid
detection by OCR tools.

[edit] Blank spam

Blank spam is spam lacking a payload advertisement. Often the message body is missing
altogether, as well as the subject line. Still, it fits the definition of spam because of its nature as
bulk and unsolicited e-mail.

Blank spam may be originated in different ways, either intentional or unintentionally:

1. Blank spam can have been sent in a directory harvest attack, a form of dictionary attack for
gathering valid addresses from an e-mail service provider. Since the goal in such an attack is to
use the bounces to separate invalid addresses from the valid ones, spammers may dispense
with most elements of the header and the entire message body, and still accomplish their goals.
2. Blank spam may also occur when a spammer forgets or otherwise fails to add the payload when
he or she sets up the spam run.
3. Often blank spam headers appear truncated, suggesting that computer glitches may have
contributed to this problem—from poorly-written spam software to shoddy relay servers, or any
problems that may truncate header lines from the message body.
4. Some spam may appear to be blank when in fact it is not. An example of this is the
VBS.Davinia.B e-mail worm which propagates through messages that have no subject line and
appears blank, when in fact it uses HTML code to download other files.

[edit] Backscatter spam

Main article: Backscatter (e-mail)
Backscatter is a side-effect of e-mail spam, viruses and worms, where e-mail servers receiving
spam and other mail send bounce messages to an innocent party. This occurs because the original
message's envelope sender is forged to contain the e-mail address of the victim. A very large
proportion of such e-mail is sent with a forged From: header, matching the envelope sender.

Since these messages were not solicited by the recipients, are substantially similar to each other,
and are delivered in bulk quantities, they qualify as unsolicited bulk e-mail or spam. As such,
systems that generate e-mail backscatter can end up being listed on various DNSBLs and be in
violation of internet service providers' Terms of Service.

Spam
From Wikipedia, the free encyclopedia
Look up SPAM, Spam, spam, or spammy in Wiktionary, the free dictionary.
For spam on Wikipedia, see Wikipedia:Spam and Wikipedia:WikiProject Spam

Spam may refer to:

 Spam (food), a canned meat product

 Spam (electronic), unsolicited or undesired electronic messages

 E-mail spam, unsolicited or undesired email messages

 "Spam" (Monty Python), a comedy sketch

 Spam (gaming), the repetition of an in-game action
 Street spam or flyposting, illegal blanket advertising in public places
 "Spam", a song by "Weird Al" Yankovic on the album UHF – Original Motion Picture
Soundtrack and Other Stuff
 "Spam", a track on It Means Everything, 1997 ska album by Save Ferris
 Smooth-particle applied mechanics, the use of smoothed-particle hydrodynamics
computation to study impact fractures in solids
 Spatial Production Allocation Model, global rainfed and irrigated crop production and
distribution spatially disaggregated at 10 km grid cells, developed by the International
Food Policy Research Institute and HarvestChoice.

Highest amount of spam received

According to Steve Ballmer, Microsoft founder Bill Gates receives four million e-mails per year,
most of them spam.[45] (This was originally incorrectly reported as "per day".)[46]

At the same time Jef Poskanzer, owner of the domain name acme.com, was receiving over one
million spam e-mails per day.[47]
[edit] Cost of spam

A 2004 survey estimated that lost productivity costs Internet users in the United States $21.58
billion annually, while another reported the cost at $17 billion, up from $11 billion in 2003. In
2004, the worldwide productivity cost of spam has been estimated to be $50 billion in 2005.[48]
An estimate of the percentage cost borne by the sender of marketing junk mail (snail mail) is
88%, whereas in 2001 one spam was estimated to cost $0.10 for the receiver and $0.00001
(0.01% of the cost) for the sender.[6]

[edit] Origin of spam

E-mail spam relayed by country in Q2/2007.

Origin or source of spam refers to the geographical location of the computer from which the
spam is sent; it is not the country where the spammer resides, nor the country that hosts the
spamvertised site. Because of the international nature of spam, the spammer, the hijacked spam-
sending computer, the spamvertised server, and the user target of the spam are all often located
in different countries. As much as 80% of spam received by Internet users in North America and
Europe can be traced to fewer than 200 spammers.[49]

In terms of volume of spam: According to Sophos, the major sources of spam in the fourth
quarter of 2008 (October to December) were:[unreliable source?][18][50][51][52][53][54][55][56][57][58]

 The United States (the origin of 19.8% of spam messages, up from 18.9% in Q3)
 China (9.9%, up from 5.4%)
 Russia (6.4%, down from 8.3%)
 Brazil (6.3%, up from 4.5%)
 Turkey (4.4%, down from 8.2%)

When grouped by continents, spam comes mostly from:

 Asia (37.8%, down from 39.8%)

  North America (23.6%, up from 21.8%)
 Europe (23.4%, down from 23.9%)
 South America (12.9%, down from 13.2%)

In terms of number of IP addresses: The Spamhaus Project (which measures spam sources in
terms of number of IP addresses used for spamming, rather than volume of spam sent) ranks the
top three as the United States, China, and Russia,[59] followed by Japan, Canada, and South
Korea.

In terms of networks: As of 5 June 2007, the three networks hosting the most spammers are
Verizon, AT&T, and VSNL International.[59] Verizon inherited many of these spam sources from
its acquisition of MCI, specifically through the UUNet subsidiary of MCI, which Verizon
subsequently renamed Verizon Business.

[edit] Spam in culture

The often rambling and incomprehensible nature of spam has led to an under