HOME
TOPICS
SEARCH
ABOUT ME
MAIL
|
|
technofile
Al Fasoldt's reviews and commentaries, continuously available online since 1983
T e c h n o f i l e
Why spam is a big problem, and how to know if you're doing the right thing
June 1, 2003
By Al Fasoldt
Copyright © 2003, Al Fasoldt
Copyright © 2003, The Post-Standard
My articles on fighting the scourge of spam prompted many of you to write
with questions and comments. Here is a sampling, reworded to make the
questions and comments more general.
Q: Why do spammers send us all this junk mail?
A: Because it pays.
Spammers are mass marketers. Instead of buying ads in the newspaper or on
TV, spammers send ads to your screen. This is extremely cheap, especially
since a lot of spammers don't pay anything for mailing.
One trick they sometimes use is to plant spyware on Windows PCs that relays
mail. They can
then send a few hundred spam e-mails a day each to a few thousand "captured"
Windows computers, which relay the mail as if it came from the mail accounts
of the hijacked Windows computers.
Experts on spam usually figure that spammers make money if only one
recipient out of a thousand falls for the bait. Success isn't measured by a
sale; it's gauged by a positive response. Simply clicking on a link in a
spam e-mail is enough in most cases.
Most computer users fail to manage Web-browser cookies -- used by spammers
to find your real e-mail address, among other tricks -- and only a few block
so-called Web bugs, the invisible files that spammers use to find out what
pages you opened and when you opened them.
Armed with this kind of personal information, spammers usually don't care if
you are only lurking instead of buying. They get a confirmed e-mail address
and a confirmed computer location (the IP address) just from that single
click you made to do some "window shopping." (My advice: Don't ever click on
a link in spam.)
Q: Some spam blockers give you ways to return the mail to the sender with
your address marked as invalid. Is this a good idea?
A: Returning mail to spammers is a bad idea. We seldom know the true return
address -- it's almost always faked -- so all you're doing is picking on
someone whose Windows PC was unknowingly hijacked, if the address actually
leads anywhere, or you're taxing the mail servers by trying to send to an
address that doesn't exist.
Q: Some of the latest spam blockers ask senders to manually confirm their intentions
before their mail will be accepted. The spam blocker on the recipient's
computer blacks unverified mail until the sender asks for, and then
receives, approval from the recipient. Doesn't that make sense?
A: Yes and no. The idea is to stop all unauthorized automated mass mailings,
and the system does that very well. Spammers and others who send out
hundreds of thousands of letters an hour would never find time to respond to
the "challenge" in such a "challenge-response" system. (Imagine what would
happen to junk e-mail if every low-life who sends bulk mail was forced to
click through a separate form for every letter the spammer sent out.)
But imagine your Aunt Hazel clicking through such a form when she tries to
send you the driving directions to the July 4th picnic. Imagine your Kiwanis
newsletter, sent out by the club's overworked secretary, never arriving
because the club can't spend the time to fill out 400 forms.
Systems that rely on closed e-mail correspondence, in which the only mail
you get is from pre-approved senders, turn e-mail into private messaging. I
think that's a very bad idea.
Q: Sometimes spam letters say you can unsubscribe by filling out a form at a
Web site. That seems fair. If you don't want the spam, you can get off the
list. Right?
A: You never "subscribed," so how could you "unsubscribe"? You're simply a
victim of a spammer. When you receive broadcast spam, which is sent out
blindly, hoping for a few hits, the worst thing you can do is respond. When
you click a link in the mistaken notion that you're telling the spammer to
take you off a list you never willingly joined, you're just confirming your
e-mail address. Don't do it.
|
|