What do you think of when you hear the word “spam”? Do you think email? Several types of spam exist that crowd millions of mailboxes every day. Spam can come in the form of unwanted political emails, education, health care, personal finance, computers, automotive, adult content, and more. The following examines some of the most common types of spam, why they exist, and what they are used for.
Dangers of Spam
Spam poses dangers to both website owners and casual email users.
While some spam is harmless and can be deleted or sent straight to your trash bin without worry, other spam can be malicious. It is possible for spammers to spoof a domain and make a message appear to come from different senders by hijacking a business domain name. Have you ever received an email from someone claiming they are willing to pay you millions of dollars in a locked account they need you to access? Have you noticed the “from” domain appears to be from a Gmail or Yahoo account? Just by replying to this type of message leaves you vulnerable for hijacking from spammers so delete and block those messages immediately to protect yourself.
A critical danger to website owners is that a hijacker can target a server or machine with a permanent connection to the internet and send spam. This means any cloud services used by that website are alerted and cloud service can be terminated for that website since nearly every internet service provider has a strict acceptable use policy.
Who does spam target?
Spam targets everyone in general, however, spam can target certain audiences with goods and services. Some of the targets receive spam because of web browser settings, email usage, cookie settings, and other vulnerabilities on web browsers and email. Most of the proposed goods in spam emails are grey or black market since spam is typically illegal both in the way they are advertised and in the products themselves.
There are different types of spam
Spam comes in a variety of categories or “flavors”. Spammers are constantly expanding the variety of their offer and inventing new ways to attract victims. Nearly half of all spam is categorized as health, computers, personal finance, education, training, and adult content.
Health, medicine, and healthcare spam
This category of spam involves advertisements sent to attract people to new skin care products, health products, weight loss treatments, dietary products, and more. The FTC currently has a CAN-SPAM lawsuit against this category of the advertisement and sale of weight loss products.
Example of health and medicine spam:
Subject: Summer is coming: Get ready for your beach body
Body: “Hello, do you want to slim down and tone up but need that extra boost to get you started? Natural weightloss is the key to living a long healthy life and can be obtained through a new natural supplement. Sign up now for your free seven-day trial of Fat Cell Attack today!”
IT and Computers
The IT and Computers category involves special offers of bargain priced hardware or software and services for website owners to include hosting, domain registration, website optimization, etc. Ironically, this type of spam may also falsely advertise how to eliminate computer threats and report spam. The unsuspecting victim clicks on a false link to remove their email from the spam list only to find their mailbox filled with even more spam the next day. Fraud.org offers further insight on fraudulent online offers.
Personal Finance spam are offers of debt consolidation service, low interest loans, insurance, etc. Spammers target people desperate for money who need a loan or to get out of debt fast and easy. These emails also target those who wish to lower their mortgage rate or have their student loans forgiven. This is a dangerous category as it can lead people to give up their personal financial information and open themselves up for victim of identity theft. College students are targets of IRS impostors according to the Detroit Free Press.
Education and training
College students or professionals searching for online universities, training, webinars, and more may find their inbox flooded with offers from fake online universities or training sites. These emails often include phone numbers to find out more about a degree and may also include a false number to call to opt out of future correspondence. This category, like all others, also attempts to scam victims into giving out personal information. This type of spam can lead victims to a fake degree or education fraud.
This is possibly the largest category of spam worldwide. This category includes offers of supplements designed to increase men’s sexual health, pornographic sites, and other adult products. Regardless if someone has ever searched for porn, these emails will still show up in a mailbox.
While the amount of adult related spam has decreased in the US, it has increased in Russia and other parts of the world. This type of spam almost always includes offers from dating sites and pornographic sites. Links to spam websites may contain viruses and other malicious content.
Political spam is a new trend in spam which involves political threats or terrorist threats. These messages are more of a nuisance than anything, however; law enforcement needs to be involved when you receive this type of spam. Any threat to your national security should be taken seriously even if it is received in the form of spam. Earlier this year, Donald Trump’s political campaign fundraising attempts appeared as spam and was filtered out.
Spam that advertises antispam campaigns to take advantage of the negativity spam itself generates is another new type of spam. Victims who click on the links of an antispam spam message could find themselves following a site with a Trojan that automatically downloads upon visiting it. This Trojan may lock itself to the machine the site was visited from and send out more spam through contact lists and emails. These antispam campaigns are a form of spoofing for which Window Security has an excellent in-depth explanation.
The following presents some information about spam statistics over the past five years you may not be aware of.
- SecureList has already determined in the first quarter of 2016, unsolicited emails containing malicious attachments increased four-fold from the same period in 2015.
- Symantec reported over half a billion personal information records were lost or stolen last year with that number continuing to grow by the end of this year.
- Time Magazine reported over 61,000 cyber security breaches against the federal US government in 2015.
In part 2 of our series on spam, we’ll discuss tools and methods you can use to protect yourself from threats posed by spam and social engineering.