Beginners Guide

Lesson 3, Security threats and Cyber attacks

Lesson 3, Security threats and Cyber attacks

Most of the time when talking about email, email marketing, deliverability or i’m explaining my work to my family, the first thing that is mentioned is the word ‘Spam’.

Why is this and how does the phrase come about?

You’d think that Spam is a fake meat per se, this would be a great term to coin for those annoying acquisition based emails you receive, well it’s not directly because of this. The actual term dates back to 1970, whereby there is a famous sketch by Monty Python’s Flying Circus. In this sketch, based in a restaurant; some customers float in, and then you have vikings singing in the corner, the waitress comes over and then it all descends into mayhem, everything on the menu is with spam, and everyone in the room is singing ‘Spam’ drowning out the the other conversations.

You can watch the scene here.

The first reported case of spamming was….

On May the 3rd 1978 it is noted that the first example of a spam email came along. The source? His name, Gary Thuerk. Thuerk who was a marketing manager at Digital Equipment Corp sent his first mass e-mailing to 400 customers over ARPANET. The ‘blasting’ was to 400 of the 2600 people on ARPANET. He was trying to increase sales for the computers he was selling, and which open houses and information about where people could buy his hardware. Gary made a lot of sales but also received a lot of complaints and thus henceforth spam was born.

Notice Gary was not to know how big a business this was to become and he saw it merely as marketing, e-mail marketing. At the time of this post now more than 70% of all email sent over the internet is spam, this is now not just an innocent marketing push.

What does all this spam mean, and are the problems?

I found a nice summary here.
Which includes the biggest issues faced when spam is sent, they are:

– Unwanted email irritating Internet consumers (complaints)
– Critical email messages are missed and/or delayed. (delay)
– Consumers change ISP’s all the time looking for consistent email delivery. (delivery challenges)
– Loss of Internet performance and bandwidth.
– Millions of compromised computers.
– Billions of money lost worldwide. (lost revenue for businesses)
– Identity Theft. (phishing)
– Increase in Worms and Trojan Horses. (Viruses)
– Spam can crash mail servers and fill up hard drives.

How is spam produced?

One of the major producers of spam mentioned above is due to what is called a botnet.
A ‘bot’ is a type of malware that allows an attacker to take control over an affected computer. Bots are typically apart of a network of computers, also known as a botnet, the botnet operates on the internet and can affect machines from a range of locations.
Once a computer has been taken control by the bot, they are now referred to as ‘Zombies’ and the cyber criminals that control these are called botmasters.

A botnet can consist of a few computers to millions of computers, once the botmasters have control they can do one of many things such as:
– Sending out of mass emails, albeit spam, viruses or spyware
– Using these to steal peoples personal information such as their banking details and other sensitive information
– Creating other types of sophisticated attacks such as DOS (Denial of service) attacks to gain control then hold a network for ransom
– One type of this is click fraud, so bots can click on click Ads automatically generating the botnet revenue.

Please note, that all of the threats mentioned above are not related to email. However it is important to have this knowledge when dealing with deliverability issues, it could well be that you are troubleshooting a related issue.

One type of ways a botnet can be used to exploit the personal details received, the botnets can then send a ‘phishing’ campaign. Typically they are used to steal information, but they can also pretend to be from an authoritative source, thus gaining trust from the recipients. To learn more about phishing via email a good source can be found here.

what does this mean for email marketing? what processes are in place to counteract these measures?

Now we’ve heard about potential threats via email/spam its then natural to see what processes have been put into place to protect the email community from becoming victims of such attacks and to ensure the rules of the highway (RFC) are respected. Please go to Lesson 4, Authentication and prevention

By Anthony Mitchell

Anthony Mitchell is a Deliverability Consultant with ten years of experience in all areas of E-Mail Deliverability & Abuse Management.
A Blogger & Youtuber, discussing all things email

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.