Spam - what it is, what it can be and whether it is useful

Ruslan Rakhmetov, Security Vision

Each of you has probably received an advertising call on your phone, an unsolicited flyer in your mailbox, or a strange email several times in your life. Mass mailing of unwanted messages is the subject of our today's review. Spam is not just annoying rubbish, but also a security threat, so we'll look not only at its varieties and associated risks, but also at ways to protect yourself.

Unwanted messages were spread long before the term spam was coined, the history of the term will be explained at the very end of this article, but for now let's focus on modern perceptions and classification.

Spam today affects mainly email, messengers, social media, SMS and phone calls, although it used to be more in the form of street adverts and paper flyers in boxes. It can be different, and not always its purpose is just advertising, as on television. Therefore, we suggest categorising it by purpose:

SEO spam is mass comments or posts to promote websites (especially in blogs, forums and social networks for promotion by algorithms). You may have come across posts that are already being raided by commenting robots within seconds of being published. This "helps" the social network to understand the importance of the post and show it to more people or is used by propaganda to display the results of social surveys. SEO spam can still be imagined as if in every book you open, on every page someone has inserted an advertisement of the same online shop, or when you watch a movie in the cinema you would be shown an advertisement every 15 minutes by another bookmaker's office.

Advertising spam is like someone dropping leaflets into your letterbox every day offering you a hoover, even though you didn't ask for one. In general terms, unwanted commercial offers such as promotions, discounts, loans. It usually looks like messages like "buy goods at 90% discount!", "best investment offers!" and "build up social media followers!". These messages are sent out by legal and illegal marketers, companies, and sometimes scammers, but they are still mostly safe most of the time.

A more dangerous type of spam is fraudulent spam, when such messages are not sent by marketers. They use another method of influence: promises of quick earnings or winning a lottery. Such spam masquerades as advertising, but is unlikely to bring the recipient money. The formula of such messages is usually easy to read: as if you received a letter from an unknown person with the text: "I am a rich prince, I have 10 million dollars, but I need you to help me transfer money, send $100, and I will reward you generously.

Phishing spam - more precise messages aimed at deception and data theft (logins, passwords, bank cards). This type is most often disguised as official emails from banks, government agencies, online services and well-known companies and may resemble messages like "your account is blocked, restore access immediately!", "we have noticed a suspicious login, confirm your identity" and "your tax refund is ready, enter your details to receive it". The purpose of this type of spam is to make the victim hand over personal data, passwords, bank details, and fraudsters have already stopped relying on entering bank card details in response to messages about a 90% discount.

Another type is malware spam (malicious files, infected links, or documents with macros that install viruses on the victim's device). We've already talked about the different types of malware and what the attackers are aiming at, so we suggest just focusing on recognising such messages. To spread malware, you need to either send it as a file or provoke the user to download it or run it on their computer/smartphone. You can recognise such a mailing by its web address or attachment, for example: "your invoice is attached" (invoice.pdf.exe file), "you have received your order, please check the details" (order.docm file), "price list for goods" (link to an infected website), or "new payment received" (attachment containing a Trojan).

Spam on the Internet is the same intrusive and unnecessary offers, but in digital form. To avoid it, it is important not to leave your contacts anywhere, not to click on suspicious links and not to trust "too good" offers. There are seven basic rules you can follow:

   1) do not include e-mail and phone number in public sources;

   2) use disposable (alias) email's to register on sites;

   3) Do not click on suspicious links from emails;

   4) check the sender (is the domain real?);

   5) use anti-spam filters (Yandex, Gmail, Outlook, ProtonMail filter spam automatically);

   6) do not reply to spam (this confirms that the e-mail is active);

   7) Use two-factor authentication (so you don't lose your accounts if your password is leaked).

At the company level, spam is dealt with in a more serious way, for example by using:

   - blacklists (DNSBL, SURBL and other databases of known spam addresses and IPs);

   - filtering by keywords (for example, "buy bitcoins" can be marked as a phrase for spam emails);

   - Behavioural analysis (e.g. a sharp increase in sending emails from one IP is suspicious);

   - reputation analysis (if an address is often marked as spam, it is less trusted);

   - email authentication (DKIM, SPF, DMARC and other technologies);

Even at the level of countries and state unions, spam is trying to be restricted at the legislative level:

  - FZ-152 prohibits sending advertisements without the recipient's consent in Russia;

   - GDPR requires explicit consent for mailings for recipients located within the EU;

   - CAN-SPAM implements fines for mass spamming in the US.

Of course, spammers circumvent laws, use fake IP addresses, bots, darknet, etc., and spam itself does not always have negative consequences. For example, advertising of really useful goods and services (sometimes something worthwhile can be found in the stream of unnecessary offers), fraud detection (by analysing spam, cybersecurity experts find new fraud schemes and help protect users) and protection against data leaks (if you suddenly start receiving spam on a certain e-mail, it may be a sign that your data has leaked into the network and it's time to change your passwords). Otherwise, unwanted emails have negative consequences. We will also divide them into groups:

   a)   Financial risks in the form of direct fraud or hidden subscriptions to paid services that deduct money without explicit consent;

Of course, spam is also an additional strain on your nerves and a waste of your time: important emails get lost among spam, psychological pressure and threatening messages ("your account is blocked", "urgently pay your debt") that can cause stress. Spam does more harm than good, so it is important to use anti-spam filters, do not leave contacts on suspicious sites and do not interact with dubious emails.

With digital transformation and the rise of cyber threats, spam is becoming not just an annoyance, but a serious threat to corporate security. Junk mail, phishing attacks and mass mailings create risks of data breaches, financial losses and compromised systems. To effectively protect your business, you need a comprehensive solution that includes technological measures, security policies and employee training.

At the beginning of this review, we also promised to tell you about the history of the term "spam," which goes back to the years after World War II. Hormel Foods prepared increased quantities of tinned meat during the war, but after the end of hostilities, the public's need for tinned meat decreased, and warehouses were idle and overflowing. So they decided to sell "spiced SPiced hAMham" () quite aggressively, especially in the USA: advertisements were on shop signs, on posters in public transport, in mailboxes, and on the radio every 30 minutes there was a commercial glorifying the product. Of course, this abundance of unwanted advertising messages affected society and gave birth to a new meme - the word spam, the hero of our today's review.