SPAM AND SPAM PREVENTION 1 WHAT IS SPAM? • Classic definition: • Any kind of unsolicited bulk messages, unwanted by the receiver • Cambridge dictionary: • Email that is sent to a lot of people, esp. email that is not wanted • To send someone an advertisement that they do not want by email 2 WHAT IS SPAM? • According to Finn Brunton: “Spamming the project of leveraging information technology to exploit existing gatherings of attention” • Other definitions: • Breakfast meat sold in tin cans • Abbreviation for Special Processed American Meat 3 MEANINGS OF SPAM • Is spam a noun, adjective or a verb? • It refers to exploitation, malfeasance, and bad behavior. • Spam terminology has branched out into specific subdomains like: “Phishing spam”, “419 spam”, splogs, linkfarms, floodbots, content farms. 4 HISTORY OF SPAM • The three epochs of spam: 1. The first from 1970s – 1995 • During this time spam in this context was loud annoying messages 2. The second phase from 1995 – 2003 • Privatization of network • Passage of CAN-SPAM Act in the United States 3. The most recent phase from 2003 – present day • Algorithms and human attention • Adoption of powerful spam filters 5 SPAM STATISTICS • Out of the emails that people receive daily, about 85% are spam That is about 122.3 billion email spam messages • The most common source: • 10.85% come from IPs based in the United States • 23.52% originated from Russia (largest source of spam unsolicited emails sent) 6 SPAM STATISTICS 2019 VS 2020 2019: 2020: • 50,37% of emails were spam (6,14 • Most common spam: Nigerian Prince spam decrease) • Americans faced a fatality of $703,000 to this • Most originated from Russia (21,27%) type of fraud. • Kaspersky solutions detected • 56,51% of emails were spam 184,435,643 malicious attachments. • Most originated from China (21,26%) • The Kaspersky Anti-Phishing component • The Anti-Phishing system triggered blocked 434,898,635 attempts at 467,188,119 times. accessing scam websites. 7 MOST COMMON SPAM CONTENT WORLDWIDE JobsOther Finance 2% 2% 3% Scams 5% Stocks Dating 0% Malware 8% 0% Health 39% Phishing 9% Extortion 10% Adult Products 10% 12% 8 WHAT KINDS OF SPAM ARE THERE? • UCE: • “Unsolicited Commercial Emails” • Commercial intention • Used as a direct marketing tool by companies to reach potential customers • Usually sent by spammers • 66% of email traffic 9 WHAT KINDS OF SPAM ARE THERE? • Non-commercial advertising • Spam can also be used for political, cultural and even religious purposes • Not commercial-oriented • Cyberthreats • Propagating prohibited content such as pornography 10 MEDIUMS OF SPAM • Email Spam • Spam forwarded through email to thousands of recipients • Could follow commercial and non-commercial intent • Examples: • 419 scam • Phising emails: • Victims are tricked into giving up personal and sensitive information • Email spoofing 11 MEDIUMS OF SPAM • Malspam • Depends on social engineering • Essentially email spam that delivers malware • May contain files with malware attachments, malicious URL or phishing messages 12 MEDIUMS OF SPAM • Negative SEO Attack • Carried out by both hackers and spammers • Sabotage search rankings of competitor sites • Spam delivered with link pointing to competitor’s site • Causes a drop in search engine rankings 13 MEDIUMS OF SPAM • Comment Spam • A form of SEO technique • Spammers or spambots post unsolicited content on forums, social networks, blogs, etc. • Suspicious email address, username or links 14 MEDIUMS OF SPAM • Trackback Spam • WordPress’ definition of trackback: • “Trackbacks are a way to notify legacy blog systems that you’ve linked to them.” • Great way to reach a wider audience • Once trackback is linked anyone (both spammers and legitimate people) can link to one’s website on their own site • Mostly done through comments on blogposts 15 SPAM PREVENTION • How Users can combat Spam Mail • How Admins can combat Spam Mail • Spam Filters • Other Ideas 16 HOW USERS CAN COMBAT SPAM MAIL • Keep Email Address secret • Recipients in BCC • Do not sign up to newsletters • Do not show them publicly • Address Munging • Address in picture • [email protected] to test(at)mail.com • Don’t click on links/open attachments – Report Spam Mail! 17 HOW USERS CAN COMBAT SPAM MAIL • Use Email Filters • Antivirus Software with Mail-Antivirus • Deactivate HTML Emails • Does not avoid spam • Use disposable Email Addresses 18 HOW ADMINS CAN COMBAT SPAM MAIL • Black- and Whitelisting • Greylisting • First email from a new sender is rejected • Accepted at the next try • Authentication • Identify if a user is legitimate • SPF, DKIM, DMARC – make spoofing addresses harder 19 HOW ADMINS CAN COMBAT SPAM MAIL • Challenge-Response Authentication • CAPTCHA, Mutual Authentication, … • Simple to do once – harder in large numbers • If the action was performed the user is whitelisted • Spam Trapping • Email Address in source HTML (not displayed on web page) • If Email is sent it’s most likely a spammer 20 SPAM FILTERS • Checksum-based Filtering • Spam sent out in large numbers is almost identical • Varying parts are removed • Message is reduced to a checksum • Checksum is looked up in database • Spammers use Hash Busters • Randomly adds characters • Changes hashsum 21 SPAM FILTERS • Country-based Filtering • Blocks Emails from certain countries • Determined by the sender’s IP Address • URL Filtering • Spam/Phishing mails generally contain links • URLs are extracted and looked up in databases 22 SPAM FILTERS • Rule-based Filtering • List of words or expressions • Checking the Header • RFC 5322 Standard has to be met (how the header has to be formed) 23 SPAM FILTERS • Statistical / Bayes Filtering • Probability of message being spam is calculated (Bayes’ Theorem) • If a certain threshold is exceeded, it’s marked as spam • Users mark spam mails – Software learns from decisions 24 SPAM FILTERS • Egress Spam Filtering • Incoming and outgoing mails are checked • Protects the reputation • Hybrid Filtering • Several filters are used • Numerical score for each test and scores are added up • If the total exceeds a fixed value, it’s marked as spam 25 OTHER IDEAS • Cost-based System • Electronic stamps • Sending a large number of Emails is expensive • Stricter legal measures • Criminalized in many countries • Rules for legitimate bulk email 26 PROJECT • Testing Spam Filters under equal conditions • Creating several email addresses • Signing up to newsletters • Creating spam mail • Spam words • Attachment (.exe) • Compare the providers and rank them 27 PROVIDERS • Gmail • Gmail with MailWasher Most popular email • Outlook providers in the world • Yahoo • Protonmail Encrypted email • Yandex Russian provider 28 CREATING SPAM EMAILS • Main idea: use as many spam words as possible to trigger the spam filters • For example: • Kostenlos, 100% unentgeltlich, gratis testen, spezialangebot, bankkarte, sie würden augewählt, diät, Xanax, streamen… 29 30 CREATING SPAM EMAILS • Check for: 1. Does the filter even work? 2. Subject vs content 3. Does language play a role? 31 CREATING SPAM EMAILS • To test this our spam emails consisted of: 1. Create email with just spam words 2. Subject vs content • Subject→ Create email with spam word as subject with normal email content • Content→ Create email with spam words in the content and not in the subject 3. Create the same spam email but in different languages 32 RESULTS • Our ranking: 1. Yandex Mail 2. Protonmail 3. Outlook 4. Gmail (with and without MailWasher) 5. Yahoo 33 RESULTS • Yandex Mail • Marked all the mails we created as spam • Sender address blacklisted • Account suspended • Protonmail • Second best in marking mail as spam • Removes potentially dangerous attachments 34 RESULTS • Outlook • Marked German mail as spam (but not the English and Korean versions) • Dangerous attachments can‘t be downloaded/opened • Gmail • MailWasher (Free Version) didn‘t make a difference • Does not receive emails with dangerous attachments 35 RESULTS • Yahoo • No mails marked as spam • Only provider that lets us download a potentially dangerous attachment • Marked newsletter mails as spam 36 SOURCES • https://securelist.com/spam-and-phishing-in-2020/100512/ • https://blog.hubspot.de/marketing/e-mail-spam-woerter • https://de.wikipedia.org/wiki/Bayesscher_Spamfilter 37.
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages37 Page
-
File Size-