SPAM

What is Spam?

Spam is the use of electronic messaging systems to send unsolicited and repetitive messages. The most common version of spam comes in the form of email sent via mass mailing and it is important that a business is protected from such threats.

Spam also comes in the form of telephony, SMS messages, and instant messaging.

How does SPAM occur?

A common first step for spammers is to gain as many email addresses as possible from an organization. One way to achieve this is to use bots (application programmed to do automatic tasks) to “crawl” the internet to find email addresses in web pages. Spammers can also use the dark web (anonymous part of web that can only be accessed via special software) to buy a compromised database of a company.

Over time, more sophisticated methods of gaining email lists have emerged. Such as editing the code within the messages sent to the mail servers of an organization to bypass spam filters. The purposes of spam can range from the advertisement of a product for profit to more destructive effects such as gaining remote access to employee

Regardless of the intention of the spam, it is important for a business to use defensive measures to prevent spam from entering its network in the first place.

Data collection

The spammer first gathers a list of recipients to send their spam to in a variety of ways. Advertisers can generate email ads to a group for a certain price. Attackers can also use software programs called harvesters which can gather names/emails from websites, news groups, and other services to use for spamming. Spidering is a similar technique where attackers code “spam bots” that are designed to automatically search the web for email addresses that they can then use for spamming.

Paid Services

There are plenty of companies in the world that are able to send many spam e-mail messages everyday (sometimes even billions!). It’s important that companies have the proper network defenses to protect against this (ex. Spam filters which have blacklists of known spam IP addresses to block).

Zombie Machines

If spammers have previously taken control of machines (ex. Via a virus), they can then use such controlled machines to send spam. Your network security controls designed to block spam may not recognize these “zombie” computers and allow spam into your network.

Enticing Messages

Often times, spam will contain content designed to lure as many customers as possible and will take advantage of current events or something that might appeal to their target audience (ex. finance or education). An example could be using an upcoming election to persuade users into clicking their link.

How is spam harmful to businesses?

On a network, spam normally causes a decrease in the network's resources such as bandwidth by taking up precious disk space. For individual employees, spam can cause the spread of malicious content via an attached or embedded file, link or picture. Once malware infects a single user’s computer, it is able to spread throughout the internal network of a business and affect various devices such as printers, firewalls, and database servers.

Because of the numerous adverse effects of spam, organizations must have measures in place to stop it as soon as possible as well as adapt to the various ways spam tries to reach an organization’s internal network.

Spam Statistics

Over

50%

of all global email in 2017 was spamam.

  • The most common type of malicious attachment in spam emails are trojans (malware disguised as software)
  • Current events such as political elections and natural disasters are popular methods used by attackers to entice the intended victims to interact with malicious and infected spam.

  • 2017, the most popular way to disguise malicious emails was to dress the spam as if came from Facebook, Microsoft and Yahoo.

How can Cyber Insurance protect against spam?

Even if you have security controls like employee cybersecurity awareness training, e-mail filtering and endpoint controls in place, it is still highly important that your business is protected with proper insurance in the very likely chance that interaction with malicious spam causes a cyber breach and with it bring losses and lawsuits against your business.

Get coverage

Running a business is challenging enough without having to worry about cyber liabilities and lawsuits. You are one click away from getting the vital coverage your business needs.