What is Spam?
Email spam is unsolicited messages sent by email. Sending spam is the cheapest way of marketing. It is a type of electronic spam that is famously known as junk email.
Even though it can be used for legitimate advertising, it is being predominantly used for illegitimate activities such as fraud mail, identity theft, phishing campaigns, sending executable file attachments – trojans and other malware, disguised links to phishing websites, and disguised links to malicious websites.
Spammers and Botnets
Spammers are the people/organizations who send out spam mails through botnets. A botnet is a network of Internet-connected devices, and each device could run multiple bots. These botnets could include even millions of devices. Botnets are remotely controlled by botmasters. Poorly-secured IoT devices such as security cameras and digital video recorders are enslaved as part of bot networks.
The Negativities of Spam
Spam is repetitive, unavoidable and ubiquitous. It fills up mail-boxes and consumes the server space allocated for messages. It slows down servers, hogs the network, and leads to wasted bandwidth.
Spam is irritating, time-consuming, dangerous and affects productivity. Accessing spam mails, downloading any attachments, or clicking on any links could infect device with malware. Spam poses a considerable danger as around 90% of email messages sent over the internet is spam email.
How do Spammers Acquire Email Addresses?
Email addresses are valuable entities. Email addresses are harvested, collected and sold. Valid, live addresses have higher value. Spammers collect email addresses from various sources such as customer lists, social media, chatrooms, newsgroups, websites, malware that harvest the contact list and address books. Every email address would have faced some sort of spam.
Preventive Measures Against Spam
Considering that spam is useless and wastes bandwidth, many entities, and products filter spam. Most email service providers have a filter to prevent spam from reaching the Inbox. Spam filters block messages based on sender reputation, user reports, content, types of files and other rules. Some email service providers scan the emails and attachments for malware. Executables, scripts, and malicious attachments are not allowed.
Spam Mail vs. Corporates
A huge volume of spam against corporate email ids severely affects the bandwidth, mail performance, server performance and productivity of the employees. Email service providers block spam based on traditional blacklisting methods. This is effective up to a certain limit. However, these filtration and protection measures are ineffective against unknown files. All employees (users) are warned not to open attachments or links in emails from unknown sources. However, cyber criminals have been able to send emails that appear to come from higher-ups in the corporate ladder. These emails are highly realistic and have fooled many users.
Mitigation Measures Against Spam
Corporates utilize anti-spam gateways to block spam before they reach user's mail-boxes. These techniques are not fool-proof and there have many cases of false positives and legitimate mail has been blocked leading to loss of business and critical information. The disadvantage of this method is due to rules-based or definition-based detection methods.
Tackling Unknown Files in Emails
Being proactively protective and NOT opening attachments in emails affects business. It could be an important email. The Comodo Antispam Gateway (ASG) provides total freedom. It allows users to open all attachments without any fear of the user or device getting infected. The Comodo ASG utilizes a cloud-based Valkyrie system to score incoming email attachments as good, bad, or unknown. Unknown files are placed in containment for further analysis. Users can safely access, open, and execute unknown email-borne files and applications even when the analysis is being performed without any fear of getting infected during ongoing analysis.