Spam Email - PowerPoint PPT Presentation

1 / 15
About This Presentation
Title:

Spam Email

Description:

Combination of Bayes, White list, Black list, DNSBL, User filters and Signature ... http://keir.net/k9.html Freeware Bayes filter (plus White and Black list) ... – PowerPoint PPT presentation

Number of Views:280
Avg rating:3.0/5.0
Slides: 16
Provided by: rogerth2
Category:
Tags: blacklist | email | spam

less

Transcript and Presenter's Notes

Title: Spam Email


1
Spam Email
  • Roger Thornburn

2
What is Spam
  • Needs to meet 2 requirements
  • Unsolicited
  • Bulk
  • Name comes from a Monty Python skit
  • Monty Python's spam video
  • Mostly commercial
  • 25 - Products 20 - Financial
  • 19 - Adult 9 - Scams
  • 7 - Health 7 - Internet
  • Not Spam
  • Jokes from friends
  • Newsletters you signed up for

3
A Few Statistics
  • Amount of Spam
  • 90 Billion spam emails a DAY (Feb 2007)
  • Average of 50 spam emails a day per email
    address
  • 94 of all email is spam
  • Sources of Spam
  • US 23
  • China 20
  • Russia -10
  • South Korea 6
  • Surprise!
  • 28 reply to spam email
  • 8 purchase from spam email

4
Current Situation
  • IP addresses last 4 hours
  • June 2006 35M new domains, 32M not paid
  • Hi jacked mail servers listed as spammers
  • Creates problem for legitimate users
  • Use of Zombie PCs and the Botnet
  • Maybe 1 in 4 PCs infected.
  • Image spam
  • Hard for a computer to read
  • Hi growth from 0 to 25 of spam
  • Getting your email address
  • Dictionary attack Spam bots (websites)
  • Infected computers Vendors/subscriptions

5
Spam Safety tips
  • Encrypt your email address (not in a dictionary)
  • Use a fake email address where possible
  • Use bcc to send an email to many people
  • Dont open spam and set Outlook Express to Block
    images.. Avoids confirming your email
  • Dont reply to spam again it confirms youre
    real!
  • Dont post your email address on a website.
  • Uncheck all those subscribe boxes
  • Unsubscribe from reputable companies only
  • Use a spam filter

6
Spam Filtering Techniques
  • Rules based
  • Matches specific words in the To, From, Subject
    or Body of the email
  • Very specific can only make an exact match
  • Bayes filter/Fuzzy logic
  • Uses a mathematical set of probabilities,
    gathered from being told whats spam and whats
    ham
  • Needs to learn and kept up to date
  • Black list
  • Blocks specific From addresses.
  • Not very effective today new domain every 4
    hours!
  • Good for blocking family/friends or newsletters

7
Spam Filtering Techniques (cont.)
  • On-line Database (DNSBL)
  • Can work well - if accurate. Can easily stop
    legitimate emails as well.
  • Signature analysis for specific emails
  • White list
  • List of email addresses you will accept email
    from
  • Challenge/response systems
  • Needs to be kept up-to-date
  • Most effective method

Important! No spam filter is perfect. The worst
thing is putting legitimate emails in your
Spam/Junk/Bulk mail folder. Its essential to
check this folder so you can receive your good
email, as well as train the filter.
8
Reducing Spam in Real Life!
  • Different if using Web mail or POP mail
  • Web mail is when you use your internet browser
    (Internet Explorer or Firefox, etc) to read and
    send your email.
  • POP mail is when you use an email client (a
    program such as Outlook/Express, Thunderbird,
    Endura, etc.) to read and send your email.
  • With POP mail, the email messages are downloaded
    to your computer can be read and new ones
    composed, without beeing connected to the
    internet. To read or compose messages in Web
    mail, you must be connected to the internet
  • Many email accounts can be accessed by either/both

9
Web Mail
  • All your email stays on the Web mail server
  • You have little control
  • Large providers such as Yahoo, Google, Hotmail,
    etc. provide excellent spam filtering using a
    combination of all the above techniques
  • Any legitimate emails in the spam/junk box, must
    be identified now added to your white list
  • Yahoo has AddressGuard
  • Create a separate email address for each person
    or class of persons
  • Many of the smaller ISPs/email providers, arent
    as sophisticated.

10
POP 3
  • Spam filter sits between the mail server and your
    email client
  • Many ISPs or email servers have own spam filter
  • Yahoo (SBC, ATT, Pacbell, etc.) use same as Web
    mail
  • Can be harder to check spam folder may need to
    configure
  • Huge selection of programs freeware to s
    http//spamlinks.net/filter-client-win.htm
  • Use different techniques either singly or in
    combination.
  • Some are tightly integrated to the email client

11
POP3/Outlook Express Examples
  • Outlook Express Rules
  • Text matching limited
  • Good for White list can import address book
  • K-9 Freeware
  • Uses Bayesian technology so must train
  • Plus has White list and Black list
  • Regex filters for advanced users
  • Easy interface but not elegant
  • Computer Associates (30)
  • White list
  • Integrated to Outlook/Express easy to use

12
More Examples
  • MailWasherPro (30)
  • Freeware version available
  • Combination of Bayes, White list, Black list,
    DNSBL, User filters and Signature
  • Reviews email on the server
  • Spam is removed before download
  • Save time with dial up
  • Easy to use

13
Phishing
  • Scams to trick users to reveal personal
    information
  • Normally an official looking email
  • Directed to a fraudulent website
  • 2004 2006
  • Losses from phishing attacks 137 million 2.8
    billion
  • US adults who received at least one
    phishing e-mail 57 million 109 million
  • Number of victims 53 thousand 2.25 million
  • Per-victim loss 257 1,244
  • Money recovered by consumers 80 54
  • Dont click a link in an email
  • Call your bank or credit card company if
    suspicious
  • Check the website is secure (https//xxxxx)

14
Useful Links
  • http//en.wikipedia.org/wiki/Spam_e-mail
    Wikipedia Reference
  • http//spam.abuse.net/userhelp/ Links to
    resources and anti-spam filters
  • http//spamlinks.net/ More links to many anti
    spam resources
  • http//spamlinks.net/filter-client-win.htm
    (More spam filters)
  • http//spam-filter-review.toptenreviews.com/
    Review of some spam filters
  • http//keir.net/k9.html Freeware Bayes filter
    (plus White and Black list)
  • http//shop.ca.com/STContent/landingpages/Antispam
    /ASPM001/index.aspx?sc_langen-US Computer
    Associates anti spam program (Or Google ca spam).
    Paid, easy to use White list integrates to
    Outlook Express.
  • http//www.mailwasher.net/ Mail Washer free and
    paid anti-spam versions. Uses multiple methods
    for detection
  • http//www.spambutcher.com/ Spam Butcher fuzzy
    logic anti-spam

15
Summary
  • Web mail
  • Dependant on the ISP/Web mail provider
  • Larger providers often provide configurable
    options
  • Yahoo AddressGuard is a good solution
  • MUST go into JUNK/BULK/SPAM folder to mark good
    emails regularly
  • POP3 mail
  • Most effective method is White list (or safe
    senders list) but needed to be kept up-to-date.
  • Using built in Rules of Outlook Express works
    fine
  • Purchased product often more convenient.

Above all Protect Your Email Address!!
Write a Comment
User Comments (0)
About PowerShow.com