The following article resulted from my experience in
dealing with spammers, hackers, and other web thieves; during my tenure
as webmaster of InfoHQ.com for the last 10 years.
When I first started InfoHQ.com in 1998, the Internet was a safer,
kinder place. There were very few email viruses and most people never
heard of the word "firewall" unless they were running a
server. Most Internet users had only one email address and they were
not afraid to share it with others.
Five years later, the Internet is a completely different environment.
Not a day goes by that I don't receive 4 or more email viruses, 10-20
email spams, and hacker attacks on my DSL firewall. What happened??
I'm not a psychologist/sociologist so I can't tell you why the Internet
changed. I'm not a lawyer so I can't discuss all the legal aspects
of "unsolicited commercial email" (UCE) (which is the more
polite way of saying "spam"). I'm not a philosopher or a
politician so I can't discuss First Amendment Rights or freedom of
speech as it relates to spam. However, I am a webmaster, I have been
running a web site for 5 years, and I can explain how you can fight
back against unwanted spam and hackers.
However, before I discuss possible spam and hacking remedies, it
is important to understand the nature of spam and hackers.
Spamming and Hacking Defined
|
Oh what a tangled web we weave,
When first we practice to deceive!
-- Sir Walter Scott |
What is Spam?
Spam in a general sense is any email you don't want to receive.
There are many types of email that you may not want e.g. advertisements,
newsletters, or questionnaires, however these emails are not what
the computer community refers to as spam. What the computer community
is most concerned with is illegal email spam.
My definition of illegal email spam is -- attempts to deceive by falsification
of seller identity or email address, and use of other trickery (defrauding),
in the hope of gaining monetary advantage (stealing) from the email
recipient and other parties.
The Federal Trade Commission's definition of spam, "Not all
UCE is fraudulent, but fraud operators - often among the first to
exploit any technological innovation - have seized on the Internet's
capacity to reach literally millions of consumers quickly and at a
low cost through UCE. In fact, UCE has become the fraud artist's calling
card on the Internet. Much of the spam in the Commission's database
contains false information about the sender, misleading subject lines,
and extravagant earnings or performance claims about goods and services.
These types of claims are the stock in trade of fraudulent schemes."
From Prepared
Statement Of The Federal Trade Commission On "Unsolicited Commercial
email", November 3, 1999.
How does a spammer get your email address?
There are many ways a spammer can obtain your email address.
a. You can disclose it yourself by posting your email address on
auctions, bulletin boards, advertising, or email locators.
b. Businesses might sell your email address or other personal information
to a spammer.
c. Spammers can use software programs to collect email addresses
from web sites or they can use random number generators to send spam
out randomly.
What is a hacker?
A hacker is an individual that attempts to take control over someone
else's computer by using viruses, worms, and other types of Internet
attacks. One of their favorite "tricks", is to use hacked
computers to bring down a large web site by overloading the targeted
site with millions of transmissions in a "denial of service"
(DOS) attack.
While hackers were glorified in the early days of the Internet as
people standing up for their rights against big corporations and the
Government, hacking is now the hobby of criminals and thieves. Hackers
prey on all citizens of the Internet and they are extremely dangerous
to individuals, corporations, and governments.
How does a hacker find your computer?
Most hack attempts against personal computers result from viruses
and worms running from an infected PC. It is not very difficult for
the creator of the hacking program to predetermine the Internet addresses
that his program will attack.
There are also amateur hackers, that use software programs, to randomly
check for online computers to attack.
What makes Spamming or Hacking Illegal?
The U.S. Congress outlawed certain types of spam with the CAN-SPAM Act of 2003. The law, which became effective January 1, 2004, covers email whose primary purpose is advertising or promoting a commercial product or service, including content on a Web site. However a "transactional or relationship message" – email that facilitates an agreed-upon transaction or updates a customer in an existing business relationship – may not contain false or misleading routing information, but otherwise is exempt from most provisions of the CAN-SPAM Act.
The Federal Trade Commission (FTC), the nation's consumer protection agency, is authorized to enforce the CAN-SPAM Act. CAN-SPAM also gives the Department of Justice (DOJ) the authority to enforce its criminal sanctions. Other federal and state agencies can enforce the law against organizations under their jurisdiction, and companies that provide Internet access may sue violators, as well.
However, 38
states have also passed anti-spam laws that have various penalties
for illegal spammers and hackers. If you don't live in a state with
an anti-spam law, you are still protected from fraudulent schemes,
illegal pornography, and other illegal acts by various state and federal
laws.
In addition, if a spammer or hacker causes harm to a Government computer
they are subject to the penalties of USC Title 18, Part I, Chapter
47, Sec. 1030. - Fraud
and related activity in connection with computers.
Now that we have a definition of illegal spam and hacking, let's
move on to the practical matter of defending your computer against
spammers and hackers.
Next - Defending your computer
against spammers and hackers >
