Electronic spamming is the use of electronic messaging systems to send unsolicited messages (spam), especially advertising, as well as sending messages repeatedly on the same site. While the most widely recognized form of spam isemail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social spam, television advertising and file sharing spam. It is named after Spam, a luncheon meat, by way of a Monty Python sketch in which Spam is included in every dish.[1] The food is stereotypically disliked/unwanted, so the word came to be transferred by analogy.
Spamming remains economically viable because advertisers have no operating costs beyond the management of their mailing lists, and it is difficult to hold senders accountable for their mass mailings. Because the barrier to entry is so low, spammers are numerous, and the volume of unsolicited mail has become very high. In the year 2011, the estimated figure for spam messages is around seven trillion. The costs, such as lost productivity and fraud, are borne by the public and byInternet service providers, which have been forced to add extra capacity to cope with the deluge. Spamming has been the subject of legislation in many jurisdictions.[2]
A person who creates electronic spam is called a spammer.[3]
In different media[edit]
Email[edit]
Main article: Email spam
Email spam, also known as unsolicited bulk email (UBE), junk mail, or unsolicited commercial email (UCE), is the practice of sending unwanted email messages, frequently with commercial content, in large quantities to an indiscriminate set of recipients. Spam in email started to become a problem when the Internet was opened up to the general public in the mid-1990s. It grew exponentially over the following years, and today composes some 80 to 85 percent of all the e-mail in the World, by a "conservative estimate".[4] Pressure to make email spam illegal has been successful in some jurisdictions, but less so in others. The efforts taken by governing bodies, security systems and email service providers seem to be helping to reduce the onslaught of email spam. According to "2014 Internet Security Threat Report, Volume 19" published bySymantec Corporation, spam volume dropped to 66% of all email traffic.[5] Spammers take advantage of this fact,[clarification needed] and frequently outsource parts of their operations to countries where spamming will not get them into legal trouble.
Increasingly, e-mail spam today is sent via "zombie networks", networks of virus- or worm-infected personal computers in homes and offices around the globe. Many modern worms install a backdoor that allows the spammer to access the computer and use it for malicious purposes. This complicates attempts to control the spread of spam, as in many cases the spam does not obviously originate from the spammer. In November 2008 an ISP, McColo, which was providing service tobotnet operators, was depeered and spam dropped 50 to 75 percent Internet-wide. At the same time, it is becoming clear that malware authors, spammers, and phishers are learning from each other, and possibly forming various kinds of partnerships.
An industry of email address harvesting is dedicated to collecting email addresses and selling compiled databases.[6] Some of these address-harvesting approaches rely on users not reading the fine print of agreements, resulting in their agreeing to send messages indiscriminately to their contacts. This is a common approach in social networking spam such as that generated by the social networking site Quechup.[7]
Instant messaging[edit]
Main article: Messaging spam
Instant messaging spam makes use of instant messaging systems. Although less ubiquitous than its e-mail counterpart, according to a report from Ferris Research, 500 million spam IMs were sent in 2003, twice the level of 2002. As instant messaging tends to not be blocked by firewalls, it is an especially useful channel for spammers. This is very common on many instant messaging systems such as Skype.
Newsgroup and forum[edit]
Main article: Newsgroup spam
Newsgroup spam is a type of spam where the targets are Usenet newsgroups. Spamming of Usenet newsgroups actually pre-dates e-mail spam. Usenet convention defines spamming as excessive multiple posting, that is, the repeated posting of a message (or substantially similar messages). The prevalence of Usenet spam led to the development of the Breidbart Index as an objective measure of a message's "spamminess".
Main article: Forum spam
Forum spam is the creation of advertising messages on Internet forums. It is generally done by automated spambots. Most forum spam consists of links to external sites, with the dual goals of increasing search engine visibility in highly competitive areas such as weight loss, pharmaceuticals, gambling, pornography, real estate or loans, and generating more traffic for these commercial websites. Some of these links contain code to track the spambot's identity; if a sale goes through, the spammer behind the spambot works on commission.
Mobile phone[edit]
Main article: Mobile phone spam
Mobile phone spam is directed at the text messaging service of a mobile phone. This can be especially irritating to customers not only for the inconvenience, but also because of the fee they may be charged per text message received in some markets. The term "SpaSMS" was coined at the adnews website Adland in 2000 to describe spam SMS. To comply with CAN-SPAM regulations in the US, SMS messages now must provide options of HELP and STOP, the latter to end communication with the advertiser via SMS altogether.
Despite the high number of phone users, there has not been so much phone spam, because there is a charge for sending SMS, and installing trojans into other's phones that send spam (common for e-mail spam) is hard because applicationsnormally must be downloaded from a central database.
Social networking spam[edit]
Main article: Social networking spam
Facebook and Twitter are not immune to messages containing spam links. Most insidiously, spammers hack into accounts and send false links under the guise of a user's trusted contacts such as friends and family.[8] As for Twitter, spammers gain credibility by following verified accounts such as that of Lady Gaga; when that account owner follows the spammer back, it legitimizes the spammer and allows him or her to proliferate.[9] Twitter has studied what interest structures allow their users to receive interesting tweets and avoid spam, despite the site using the broadcast model, in which all tweets from a user are broadcast to all followers of the user.[10]
Social spam[edit]
Spreading beyond the centrally managed social networking platforms, user-generated content increasingly appears on business, government, and nonprofit websites worldwide. Fake accounts and comments planted by computers programmed to issue social spam can infiltrate these websites.[11] Well-meaning and malicious human users can break websites' policies by submitting profanity,[12] insults,[13] hate speech, and violent messages.
Online game messaging[edit]
Many online games allow players to contact each other via player-to-player messaging, chat rooms, or public discussion areas. What qualifies as spam varies from game to game, but usually this term applies to all forms of message flooding, violating the terms of service contract for the website. This is particularly common in MMORPGs where the spammers are trying to sell game-related "items" for real-world money, chiefly among them being in-game currency. In gameplay terms, spamming also refers to the repetitive use of the same combat skills as a cheap tactic (e.g. "to defeat the blue dragon, just spam fireballs").
Spam targeting search engines (spamdexing)[edit]
Main article: Spamdexing
Spamdexing (a portmanteau of spamming and indexing) refers to a practice on the World Wide Web of modifying HTMLpages to increase their chances of high placement on search engine relevancy lists. These sites use "black-hat" search engine optimization techniques to deliberately manipulate their rank in search engines. Many modern search engines modified their search algorithms to try to exclude web pages utilizing spamdexing tactics. For example, the search bots will detect repeated keywords as spamming by using a grammar analysis. If a website owner is found to have spammed the webpage to falsely increase its page rank, the website may be penalized by search engines.
Blog, wiki, and guestbook[edit]
Main article: Spam in blogs
Blog spam, or "blam" for short, is spamming on weblogs. In 2003, this type of spam took advantage of the open nature of comments in the blogging software Movable Type by repeatedly placing comments to various blog posts that provided nothing more than a link to the spammer's commercial web site.[14] Similar attacks are often performed against wikis andguestbooks, both of which accept user contributions. Another possible form of spam in blogs is the spamming of a certain tag on websites such as Tumblr.
Spam targeting video sharing sites
Video sharing sites, such as YouTube, are now frequently targeted by spammers. The most common technique involves spammers (or spambots) posting links to sites, most likely pornographic or dealing with online dating, on the comments section of random videos or user profiles. With the addition of a "thumbs up/thumbs down" feature, groups of spambots may constantly "thumbs up" a comment, getting it into the top comments section and making the message more visible. Another frequently used technique is using bots to post messages on random users' profiles to a spam account's channel page, along with enticing text and images, usually of a sexually suggestive nature. These pages may include their own or other users' videos, again often suggestive. The main purpose of these accounts is to draw people to the link in the home page section of their profile. YouTube has blocked the posting of such links. In addition, YouTube has implemented a CAPTCHA system that makes rapid posting of repeated comments much more difficult than before, because of abuse in the past by mass spammers who would flood individuals' profiles with thousands of repetitive comments.
Yet another kind is actual video spam, giving the uploaded movie a name and description with a popular figure or event that is likely to draw attention, or within the video has a certain image timed to come up as the video's thumbnail image to mislead the viewer, such as a still image from a feature film, purporting to be a part-by-part piece of a movie being pirated, e.g. Big Buck Bunny Full Movie Online - Part 1/10 HD, a link to a supposedkeygen, trainer, ISO file for a video game, or something similar. The actual content of the video ends up being totally unrelated, a Rickroll, offensive, or simply on-screen text of a link to the site being promoted.[15] In some cases, the link in question may lead to an online survey site, a password-protected archive file with instructions leading to the aforementioned survey (though the survey, and the archive file itself, is worthless and doesn't contain the file in question at all), or in extreme cases, malware.[16] Others may upload videos presented in an infomercial-like format selling their product which feature actors and paid testimonials, though the promoted product or service is of dubious quality and would likely not pass the scrutiny of a standards and practices department at a television station or cable network.
SPIT[edit]
SPIT (SPam over Internet Telephony) is VoIP (Voice over Internet Protocol) spam, usually using SIP (Session Initiation Protocol). This is nearly identical to telemarketing calls over traditional phone lines. When the user chooses to receive the spam call, a pre-recorded spam message or advertisement is usually played back. This is generally easier for the spammer as VoIP services are cheap and easy to anonymize over the Internet, and there are many options for sending mass amounts of calls from a single location. Accounts or IP addresses being used for VoIP spam can usually be identified by a large number of outgoing calls, low call completion and short call length.
Academic search[edit]
Academic search engines enable researchers to find academic literature and are used to obtain citation data for calculating performance metrics such as the H-index and impact factor. Researchers from the University of California, Berkeley andOvGU demonstrated that most (web-based) academic search engines, especially Google Scholar, are not capable of identifying spam attacks.[17] The researchers manipulated the citation counts of articles, and managed to make Google Scholar index complete fake articles, some containing advertising.[17]
Noncommercial forms[edit]
E-mail and other forms of spamming have been used for purposes other than advertisements. Many early Usenet spams were religious or political. Serdar Argic, for instance, spammed Usenet with historical revisionist screeds. A number ofevangelists have spammed Usenet and e-mail media with preaching messages. A growing number of criminals are also using spam to perpetrate various sorts of fraud.[18]
