The origin of SPAM and some tips to avoid and (try) to end this plague – WAU

With the exponential growth of the internet, especially since the 2000s, the digital medium has absorbed several practices – good and bad – and several direct communication channels between companies and consumers. If before we received letters of chain for donations, direct mailings of products (from stores that we didn’t even know) and insistent links with a marketing each […]

With the exponential growth of the internet, especially since the 2000s, the digital medium has absorbed several practices – good and bad – and several direct communication channels between companies and consumers.

If before we received letters of chain for donations, direct mailings of products (from stores that we did not even know) and insistent connections with a marketing increasingly distant from our interests, today we receive all this – in much larger volumes – through messages on the cell phone, notifications on computer screens and, of course, in our email boxes.

These messages, also known as SPAM, infest the internet and our lives.

They undermine the functioning of systems, take time, productivity and, as if it were not enough, they can infect machines and open doors for attackers and even worse practices, such as data theft and fraud.

But does not stop there!

In this post we will understand a little more about what is SPAM email and what we can do to reduce a plague that, unfortunately, can never end.

What is SPAM?

In practical terms, SPAM is any message sent to several recipients, who receive it unwantedly.

That is, you did not ask for the information and it reaches you without prior permission, or any expression of desire or interest.

There is no official version or source for the term or practice.

The most widely used and accepted is that the term SPAM was originally taken from a product – an American canned ham. And this would be an abbreviation for spiced ham (translation: spicy ham), like this: SPiced hAM.

spam mail

Its association with sending unwanted messages comes from a group of English humorist group Monty Python.

In the scene, a lady’s requests, when reading a menu from a supposed snack bar, are always with SPAM ham, and everyone keeps insisting that any dish ordered has SPAM, even though she clearly said she didn’t want or like him.

The first record of SPAM practice may have been in 1978, when a computer company employee, DEC, thought that all Arpanet users would be interested in receiving information about the company’s launch – the DEC 20.

Using a mass shooting system, he sent the advertisement to everyone. Of course, it was not well received.

And why is it so harmful?

The practice can be considered a modern plague. It pollutes the digital environment in such a way that it harms from the productivity of company employees, to the structure of computers.

As we receive hundreds of unwanted messages every day, we waste our time evaluating and deleting each one.

They often contain offensive content, which can lead to embarrassment, or – even worse – ways to confuse the recipient and force him to access malicious items, such as links or files. And, consequently, contaminate your machines with viruses and other forms of invaders.

This type of invasion is now the main form of spreading malicious code, but also the spamming (act of practicing SPAM).

Infected machines act as “zombies”, which trigger the same emails they received for their address records. This makes the multiplication of pests exponential, very fast, and totally out of the control of users or protection systems.

But how did email servers, the main tool for direct communication between people on the internet, let this happen?

How is SPAM practiced by email?

The practice of SPAM by email is associated with mass shooting, through specialized platforms, and for mailing lists without sending permission – almost always not segmented.

But it can also be related to computers infected by malicious code – which take over their addresses and trigger infected messages to these bases.

With the exception of attacks, what usually happens are companies wanting to disseminate messages, mostly commercial (advertisements), to as many recipients as possible.

They acquire (buy) email lists – an act considered illegal – bases without any parameterization and, of course, without prior authorization for this sending – and trigger the same message for the entire list.

And even when the lists are segmented, the fact of mass shooting to addresses that did not authorize this sending configures the practice of SPAM.

How does my email service filter SPAM?

Some email systems, like the big free providers of this service – Gmail, Google, Outlook, Microsoft and Yahoo! Mail – have anti-spam filters that act directly on the communication between servers.

That is, they evaluate who is sending, even before knowing the content of that message.

In order for emails to be fired in bulk, specific applications are required for this. These applications need to comply with protocols, so that messages reach their destinations over the internet.

The email sending protocol is called SMTP (simple Mail Transfer Protocol). It acts as a bridge between the user and the server that contains the destination address of the message.

But he is unable to authenticate all sending users, thus identifying them and making sure that they are the actual sender addresses of the messages. Thus, spammers take advantage of this to falsify shipping addresses.

The practice of SPAM forced, over time, other ways to assess the credibility of the sender, without having to change the SMTP constantly.

Often new protocols emerge to combat spamming, and one of the main ones today is the SPF (Server Policy Framework). It prevents a given address, with a domain, from sending emails through another domain (that is, if I want to send emails like [email protected], my firing system has to be in mydomain.com, that is, in my server).

Each server has a number that locates it on the large network – an IP (internet protocol) – and such IPs can be listed in lists of good or bad practices in sending emails.

Lists of bad IPs – also called Black Lists – allow large service providers to refuse messages originated by them – the servers referring to those IPs – by recognizing them by their domains (which comes after the “@” in email addresses).

This domain recognition is only possible thanks to an IP / server naming system called DNS (domain name system). Therefore, messages originating from certain domains can be refused, as they are sent by servers that practice or practiced SPAM.

It is important to note that this identification is made by the users themselves. When clicking on the “mark as SPAM” (or similar) buttons of the email services, the server tracks the delivery path of that message and identifies the IP / domain, considering it as such.

Other practices related to the format of the email and its content contribute to this classification, which is a scoring system. Upon reaching a certain level, the server will be considered as spammer and will be included in the respective list.

This causes all messages sent by him to be considered SPAM, being able to acquire different behaviors in each service (it falls into the SPAM box, junk mail, or others).

But that is not enough to block spammers.

Infected machines, mainly by bots (programs that exploit vulnerabilities on that computer and use it to propagate infections, without revealing the identity of the attacker) manage to circumvent the rules and maintain the anonymity of the issuers and, consequently, the blocks dedicated to servers.

This keeps SPAM a constant plague, leaving users with measures to reduce these messages and the infections that keep them alive and growing.

So, what can be done about all of this?

Is it possible to end SPAM? What should I do?

Within the current scenario it is unlikely to be extinct. Digital security companies and major service providers, like Google, are investing more and more figures to try to control and create ways to combat this type of threat.

But the viral characteristics of this type of practice, among other factors, make its elimination or even reduction less possible every day.

One of the main reasons is the behavior of email users. Most of the invasions happen with the help of the owner of the computer (or a person who uses it).

This is because the invasion occurs after one or more user actions, executing files that contain malicious code, downloaded through links sent by … SPAM!

Now that we know how it happens, let’s go to some good practices that can reduce the volume of this type of emails and protect against the threats that they can carry:

  • If you use email services from major providers, such as Gmail, Outlook and Yahoo !, always classify unwanted messages as “SPAM”;
  • At the same time, add addresses of trusted senders, to ensure that they are not diverted from your inbox;
  • Do not open messages from unknown senders or that you consider suspicious;
  • Do not believe in miraculous solutions, very valuable offers at very low prices, great revelations or situations that are often “personal” (that photo we took, your wife / husband is cheating on you, etc.);
  • Be wary of your friends or relatives! Their machines may have been infected. Always evaluate the title (if there are no errors, confusing messages, incomplete or strange translations) and the text of the content. When in doubt, confirm with the sender whether he actually sent that email (by phone or other means of communication).

We know that spamming it can also be unwanted advertising. So, even if the email is from a well-known brand or company, has promotional content, offers or more, and has reached your inbox without your permission, it is also considered SPAM.

If you did not authorize the submission, it is SPAM. And period.

Although the extinction of this harmful practice is still far away, the reduction or control may be even in the hands of users.

Tired of daily cleaning up their inboxes or wasting hours setting up rules and paths that, in the end, are “bored” by new ways to circumvent systems, account owners need to do their part.

And expect that, in the meantime, the big Internet corporations will continue to fight, with their high investment capacity (and risk of big losses), the speed with which new wrong practices arise and disrupt the daily lives of thousands of people.

So, did you like the text? Do you know other ways to fight SPAM? Tell us! Leave your opinion in the comments and share the text on your social networks!