The problem of spam is growing.  It's growing in the country, on home email addresses and on our school email addresses.  The goal of this page is to help you understand what it is, where it comes from, and what you can and can't do to address the problem.  It will also address the problems of "phishing."  This page will be fairly brief, but I'll link up some key words to more lengthy explanations for those of you who would like to know more.  The links will appear as blue underlined text. 

What is spam?

Spam is defined as unsolicited commercial bulk email.  It's advertisements you didn't sign up for and didn't want.  Spammers (the advertisers) know that most people don't like their messages so they often disguise themselves and their messages by using false message headers and false return addresses. The spammers will do pretty much everything they can buy or invent to get you to open their message.  They can also hijack a computer to use as a "spam proxy" to send out their message. They can even make the message display a false recipient.  These deceptive practices fall under the category of "spoofing."

Why am I getting this spam?

Spammers send their message out to the highest number of recipients possible.  If only one in a thousand messages gets a positive response, they have to send out millions of messages to make thousands of sales.   To send out those messages, they need millions of email addresses.  These are collected in a variety of ways.

• The most common way is using web spiders. These "spiders" are a kind of program called a "bot."  A bot is a program that visits web sites and performs automated tasks, like a software robot.  A spider is a program that "crawls the web" following links from site to site.  Sometimes they're called "spider-bots."  Spammers use spider-bots to visit web sites and collect email addresses.  A single spider bot set to crawl the UEN network would collect all the school email addresses in Utah in a matter of minutes, including those on our school faculty page. 
• Spammers get addresses is by asking for them.  Many sites ask for email addresses.  If they don't have a privacy policy and if they aren't privacy certified, they may use that email information to send you spam.  Sites that let you send "greeting cards" to friends are often front operations for email address collection.
  
• Spammers also buy, sell, trade and share email information.  Once your address is on a list it's likely to be shared between spammers.  The longer an address exists, the more spammers have access to it. 
  
• Spammers rent the use of vast networks of computers from gangs of organized criminals.  These gangs use sophisticated virus type programs that hi-jack millions of computers and then use them to send thousands of millions of messages.  A recent study reported in Reuters and CNN estimates that 90% of email is now spam. http://www.cnn.com/2006/WORLD/europe/11/27/uk.spam.reut/index.html
  

How can I stop the spam?
    One might as well ask "How can I stop the rain?"  The only way to never receive spam is to never use email.  That is how pervasive the problem has become.  The more useful question then becomes, "How can I minimize the spam?"

    The first strategy involves knowing how spammers get addresses. Since publishing email addresses on a web site gives spammers access, that access can be denied by never publishing the address.  For our school, that would also limit parent access.  Keeping our k12.ut.us addresses secret is not an option.  That said, keeping the email addresses as private as possible is always a good idea.  Any time an email address is entered on a web site for any reason, the risk of receiving spam increases.  Message boards and greeting card sites are danger zones.

    The second strategy is to set the email program to automatically delete junk email.  There are junk mail controls built into most email programs.  To access the controls, open the "Tools" menu and find the junk mail controls.  These controls learn to recognize spam and automatically sort it into a separate folder.  This folder can then be set to delete messages older than a certain amount of time.  I have a two week delay on mine so that if a good message accidentally gets sorted as spam, I can go into the spam folder and bring it back out.
   
    The third strategy is to preview all message subject headers before opening the message.  The area on the email program window where the messages are initially displayed is called the "message preview pane." It is separated from the message subject pane by a separator bar. The pane can be closed by dragging the separator bar until the message header area covers the whole window.   Spam messages can then be marked as junk and deleted without ever seeing the message content. 

    The next obvious question is "How do I know if it's spam without looking at it?"  The answer is fairly simple.  If the message header isn't relative to anything you've done online it's spam.  Here are a few examples from my current inbox:. "Healthy Lungs, Stop Smoking Now" or "Personalized Christmas Ornaments" or "And Marshall the Mettlesome."  The sender is also a dead giveaway.  If it's nobody you know, and they're talking about nothing you're interested in, it's spam.  After a while, you learn how to spot it with very little effort.

    A word of warning - if you open the message, the message can call up a web address set specifically to track your receipt of the message.  Opening the message tells the spammers that you recieved and viewed the message.  That information lets them sort you into a list of better targets.  Not opening enough messages lets them know that your address is a bad target.

So what about phishing?
    Phishing is when someone tricks you into giving you personal information.  The simplest example is greeting card or similar sites that "phish" for email addresses and then sell them to spammers.  More complicated schemes involve email messages telling you that your credit card has gone over the limit, that your online account is about to expire, or that budget health insurance is available.   The message provides a link to a web site that looks genuine but isn't.  It asks you to provide your personal information to avoid whatever dire consequences the message warned against.  When you give your personal information to a phishing site, you can become the victim of identity theft. 

    The best way to guard against phishing schemes is know that reputable institutions like your bank, or Ebay, or Walmart.com will never ask you to send personal information, unless it's on their own site and through a secure server. Secure servers are certified by the same people that certify ATMs and store credit card machines. Your web browser will recognize the secure server and tell you so.  If this feature is turned off on your browser, you can turn it back on in the Tools menu.  Secure servers aren't 100% foolproof, but they come pretty close.

Now, to sum up.

• Spam is inconvenient and rude.  It's unsolicited commercial bulk email.
  
• Spammers can get your email address by reading our web site. We need to keep the addresses up on the site so that parents can send us messages.
• Spammers can also get your address if you enter it into a web page or if someone else enters it into a web page.  Greeting card sites usually collect addresses as their primary form of business.
• Spammers buy, sell, trade and share their lists.  The longer your address exists, the more spam it will receive.
• When spam is sent, the message goes out as a shotgun blast to millions and millions of addresses.  There is nothing personal about the spam you receive.
• Spam can't be stopped, but it can be minimized.
• Minimize spam by carefully choosing how you share email information.
• Minimize spam by using the junk mail controls in the tools menu of your email program to sort it before you see it.
• Minimize spam by sorting your email with the preview pane closed.  Previewing the message can let the spammers know you are a potential customer.
• Help fight the spammers by preventing them from using your machine as part of a shadow network. Your best chance with that is to make sure your anti-virus software is up to date.
  
• Phising uses spam to collect personal information.  If the message seems suspicious, treat it as a threat.
  

    I think the internet is a wonderful thing.  Jefferson is supposed to have said "It's impossible to enslave an educated populace."  The internet can be a powerful tool for education, but it's not a perfect tool and it can be misused.  If you'd like to add something to this page, or if you think I've got something wrong here, I'd really like to know. 

Good luck with the spam.

Victor

And about the other Spam, the gelatinous pork product - I think it's ok, but not very often.