From the moment users log into their email system, they are faced with a flood of spam emails flowing into their mailboxes at all hours of the day and night. The billions of unwanted email messages circulating over the Internet disrupt email delivery, clog computer systems, reduce productivity, waste time, increase the cost of Internet access fees, irritate users, and they erode your confidence in using email. Many spam messages also contain offensive or fraudulent material,
and spam is sometimes used to spread computer viruses.

Spam presents three main threats:

• Overwhelming volume of messages. Spam depletes employee productivity as workers waste time reading, deleting, or even replying to spam emails. Additionally, the sexually explicit nature of many spam messages poses a potential liability for organizations.
• Identity fraud. Phishing is a specific type of spam message that requests personal information from the recipient, such as social security numbers, credit cards, and bank accounts.
• Spoofing. Phishing is a deceptive form of spam that hides the domain of the spammer or the point of origin of the spam. Spammers often hijack the domains of well-known companies or government entities to improve the validity of their commercial message or scam. An example of spoofing is an email that appears to come from a known email address requesting a credit card number to confirm the product order.

So what can companies do to help reduce
unwanted mail?

Implementing these basic policies and strategies can help reduce spam:

• Get a spam filter. Your ISP may offer a filtering service. If not, you may want to purchase filtering software. There are a wide variety of antispam software that offer a free trial period. Remember it One size does not fit all And obviously the best product for a desktop user or a small business would not be appropriate or adequate to meet the needs of a large business.
• Establish written guidelines on how employees should use corporate email addresses and the web browser.
• Educate users never to reply to an email when the sender is unknown, even to remove themselves from a mailing list.
• Be careful when revealing your email address. Follow these tips whenever you can: Set up an email address dedicated exclusively to web transactions. Share your primary email address only with people you know. Avoid listing your email address in large Internet directories. Don’t even post it on your own website. Disguise (or “munge”) your email address. Use a modified address every time you post it to a newsgroup, chat room, or bulletin board. For example, you could give your email address as “[email protected]” using “0” (zero) instead of “o”. A person can interpret your address, but the automated programs spammers use cannot. Another example is me@(nospam)isp.com.au, where it prompts users to remove the (nospam) element from the address. Be careful with the ticked boxes. When you buy things online, companies sometimes add a checkbox (pre-checked!) To indicate that it is okay to sell or give your email address to responsible parties. Click the check box to clear it.
• Encode corporate email addresses posted on company websites in Javascript or HTML to hinder a spider’s ability to recognize them. (The email address looks normal and is acting normal [to Web site visitors], but from the backend you only see the code).
• Even if you are using anti-spam software, encourage users to report spam that infiltrates a corporate email address for further analysis.
• Decide how much control your company wants over email that has been deemed spam and whether it should be managed by end users or the network administrator.
• Educate your end users to identify and report any incoming spam and alert them to email fraud. One clue to spam is if the sender’s email address differs from the company name in the message.
• Limit web browsing on company PCs; An easy way for spammers to find active email addresses is by pulling them from sites where visitors have entered their address.
• Adjust Internet Explorer security settings to help prevent unwanted intrusions when browsing the Internet. See Working with Internet Explorer 6 security settings for detailed instructions.
• Review the privacy policies of the websites. When you subscribe to web-based services, such as online banking, shopping, or newsletters, please review the privacy policy carefully before revealing your email address. If a website does not have a published privacy statement, be careful and consider contacting the site owners before sharing confidential information.
• Do not open emails that appear to be from a questionable source. It is not advisable to open any email message that appears to be from a questionable source. However, if you’ve already opened the message, don’t click on any links, including the unsubscribe feature. Often times, spammers just include fake unsubscribe installations to confirm that your email address is a real one. If you click “unsubscribe,” you can open yourself up to a flood of spam, both from that spammer and others to whom they sell your email address. Please note that for legitimate commercial electronic messages (those that have been sent with your consent), the unsubscribe function must work and the function must be safe to use.
• Do not reply to the email requesting personal information. Most legitimate companies will not request personal information via email. If a company you trust (for example, your credit card company) writes to request personal information, call “do not write” and report it. Be sure to use a number that you have found, whether it’s through the yellow pages, a bank statement, an invoice, or another source. (Do not use a phone number provided in the email.) If it’s a legitimate request, the phone operator should be able to help you.
• Beware of counterfeit mail. “Spoofing” refers to the duplication of a legitimate email, such as a company newsletter. These spoofed emails can be used to trick you into downloading a virus or submitting personal information, such as a credit card number. If in doubt, contact the company that you think sent the email.
• Don’t buy anything from spam. Some spammers make a living from people’s purchases of your offers. So resist the urge to buy their products if you don’t want to risk getting into more lists of spam email addresses.
• Be careful when downloading Adware, Freeware and Shareware. The download process for such software often requires you to provide your email address which can be used to send you advertisements, viruses, more spam, or even download secret files on your computer that can compromise the security of your PC.
• Never, ever contribute spam to a charity. Unfortunately, some spammers take advantage of your goodwill. If you receive an appeal from a charity, treat it as spam. If it’s a charity you’d like to support, give them a call and find out how you can make a contribution. However, never send your information by email.
• Never respond to pop-ups by clicking on the links.
• Think twice before opening attachments, even if you know the sender. If you cannot confirm with the sender that a message is valid and that an attachment is safe, delete the message immediately and run updated antivirus software to check your computer for viruses.
• Do not forward chain emails. Chainmail can be hoaxes or even a virus delivery system. Also, you lose control over who sees your email address. Additionally, there are reports that spammers use chain letters to collect email addresses. To verify the legitimacy of a chain letter or a possible hoax, go to Hoaxbusters [http://hoaxbusters.ciac.org].

conclusion

The best defense against spam is to be proactive and make sure you use common sense when using email and the Internet.