February 01, 2003 — CSO — E-mail is the Internet's killer app. Yet the future of e-mail is in serious jeopardy by the ever-increasing torrent of unwanted e-mail that fills our inboxes and clogs our mail servers.
The statistics are frightening. According to Brightmail, an antispam company, 40 percent of all e-mail is now spam, and nearly 15 percent of all spam is pornographic, up from 5 percent last year. Pornographic spam is an affront to many Internet users, creating a hostile workplace and opening employers to the threat of litigation.
Brightmail operates a "probe network" built from old e-mail addresses at some of the world's largest (and smallest) ISPs. Whenever lots of mailboxes receive messages that are similar, the messages are sent to Brightmail's operations center, where human beings look at the messages and determine if they are spam. In November 2002, Brightmail's experts uncovered 5.5 million spam "attacks," each consisting of between several thousand and several million messages.
Many ISPs have strict policies against spamming. If spam is sent out from your computer, your Internet connection can be terminated without notice or other warnings. Imagine my astonishment in late November when I discovered that more than 100,000 spam messages had been sent to Hotmail from the network connection in my own basement. Here's what happened.
When a friend of mine lost his Web-hosting facility, I agreed to let him put a Windows 2000 e-commerce site in my basement, using one of my unused IP addresses. One day, he removed his computer's host-based firewall because it was making the SQL Server crash. That night, a piece of software on his computer opened up a connection to Hotmail, created a new account, and started using it to spam Yahoo and AOL subscribers with advertisements for penis enlargement. The attack continued for precisely one hour, then shut off. It repeated with a new Hotmail account five hours later.
My friend has antivirus software running on his Windows system, but neither he nor it found the hostile code. In the end, his only recourse was to reinstall the host-based firewall and deal with the occasional crashes.
ISPs feel compelled to take such drastic actions with spammers because legal approaches have largely failed, and spammers are hurting ISPs where it counts
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
Safeguarding the New Currency of Business
Watch this webcast to learn how your organization can leverage PricewaterhouseCoopers' Global Information Security Survey 2008, the world's largest survey on privacy and infosec practices.
- View Gartner Video: Best Practices on Web Application Security
- Safeguarding the New Currency of Business
- The Evolution of Application Security - Reducing Risk in Your Organization
- Data Protection: Challenges for the Traveling User
- Revolutionizing Endpoint Security with a Single Agent
- Make Compliance Regulations an Ally Not an Enemy
- Optimizing Infrastructure Control
- IT Service Management: Metrics That Matter
- Effective Security with a Continuous Approach to ISO 27001
- File Integrity Monitoring: Secure Your Virtual and Physical IT Environments
- Configuration Assessment: Choosing the Right Solution
- Understanding Data Location is Imperative for Data Loss Prevention
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partner
CSO Executive Seminar on Application Security
-
January 29, 2009New York, New YorkRegister now »
-
February 25, 2009San Francisco, CaliforniaRegister now »
(ISC)2 members can earn up to 6 CPE Credits
Reference priority code ONLINE and attend this program as our guest — that's a $295 savings!
