Spam
| This content on this page is either partially or entirely copied from Wikipedia. According to Wikipedia's content license, text from Wikipedia can be shared and remixed provided that it is attributed and distributed under the same license. However, content on GCPEDIA is not licensed the same as Wikipedia content and cannot be shared under the Creative Commons Attribution-ShareAlike license. GCPEDIA:Terms and conditions of use, which all GCPEDIA users must accept to use the wiki, states that with regard to copyright, "It is imperative that you respect and comply with the rights of others, in particular our rights, the rights of our licensors, and any rights of individuals". In addition Section 6.5 of Guideline to Acceptable Use of Internal Wikis and Blogs Within the Government of Canada, Section 28 of Communications Policy of the Government of Canada, and the Copyright Act provide additional guidance on copyright issues. |
Spam is the abuse of electronic messaging systems (including most broadcast media, digital delivery systems) to send unsolicited bulk messages indiscriminately. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social networking spam, television advertising and file sharing network spam.
Spamming remains economically viable because advertisers have no operating costs beyond the management of their mailing lists, and it is difficult to hold senders accountable for their mass mailings. Because the barrier to entry is so low, spammers are numerous, and the volume of unsolicited mail has become very high. The costs, such as lost productivity and fraud, are borne by the public and by Internet service providers, which have been forced to add extra capacity to cope with the deluge. Spamming is universally reviled, and has been the subject of legislation in many jurisdictions.
People who create electronic spam are called spammers.
E-mail spam, known as unsolicited bulk Email (UBE), junk mail, or unsolicited commercial email (UCE), is the practice of sending unwanted e-mail messages, frequently with commercial content, in large quantities to an indiscriminate set of recipients.
Instant Messaging
Instant Messaging spam, known also as spim (a portmanteau of spam and IM, short for instant messaging), makes use of instant messaging systems. Although less ubiquitous than its e-mail counterpart, spam is reaching more users all the time. According to a report from Ferris Research, 500 million spim IMs were sent in 2003, twice the level of 2002. As instant messaging tends to not be blocked by firewalls it is an especially useful channel for spammers.
Blog, wiki, and guestbook spam
Blog spam, or "blam" for short, is spamming on weblogs. In 2003, this type of spam took advantage of the open nature of comments in the blogging software Movable Type by repeatedly placing comments to various blog posts that provided nothing more than a link to the spammer's commercial web site. Similar attacks are often performed against wikis and guestbooks, both of which accept user contributions.
Search engine optimization
Some website owners engage in Search Engine Optimization spamming. The proper, appropriate way to obtain better search engine ranking for a website is to improve the content, update the blog more frequently, and so on. Some website owners try to get a shortcut to a higher Google "page rank" by spamming their website with search keywords. For example, an Ottawa-based think tank that wanted to obtain a higher Google page rank for its website might repeatedly state the keyword phrase "Ottawa think tank...Ottawa think tank...Ottawa think tank" in the embedded HTML code. Although this tactic might give the website a higher ranking on the short term, if Google finds out that there is spamming, the website might lose its page rank or face other consequences.
Guidance for Federal Government Employees
Communications Security Establishment
- Spotting Malicious E-mail Messages - Guidance for the Government of Canada (HTML // PDF), and other guidance on Cyber Threats and Mitigations
- 2016 spam guidance from SSC on spam handling have mentioned that clients may create trouble tickets for spam handling. Other guidance has suggested forwarding spam emails to spam@access.ironport.com to influence the ETI spam engine.
- Tips for IT Security: Email and Spam - mention some brief techniques
- Use Outlook Web Access to send suspicious emails to ironport.com to influence the classification process in the future. Outlook Web App
- Log into https://email-courriel.canada.ca/my.policy and open your mailbox in Outlook Web App.
- Select the message that you want to submit
- Click "New mail" at the top left and drag over the message you are submitting as an attachment of the new message and send to one of the addresses below:
- spam@access.ironport.com - Subject is prepended with [SUSPECTED SPAM] and is actual spam. Forwarding this will assist the product efficacy team confirm the content and possibly score it lower.
- ham@access.ironport.com - Subject is prepended with [SUSPECTED SPAM], but it is not spam, or Subject is prepended with [SUSPICIOUS], and may also contain other tags.
- ads@access.ironport.com - Untagged subject, but you consider it to be or contain marketing content.
- not_ads@access.ironport.com - Subject is prepended with [MARKETING], but you do not consider it marketing.
- phish@access.ironport.com - Untagged subject, but it appears to be a phishing (designed to acquire usernames, passwords, credit card info, or other personally identifiable information), or contains malware attachments
Environment and Climate Change Canada (ECCC)
- Spam received on @Canada.ca accounts should follow the SSC and ETI guidance.
- Spam received on old @ec.gc.ca accounts (forwarded to @Canada.ca accounts) may be minimized by logging onto antispam.ec.gc.ca with your network login and manually configuring spam rules. Your personal rules also influence spam handling rules for everyone receiving emails via @ec.gc.ca. Thank you for helping the ECCC community.
- The @Canada.ca and @ec.gc.ca server-based spam filters do filter most spam. You can check the volume of spam blocked on antispam.ec.gc.ca. Emails that do pass through network email filters can be further filtered in your desktop mail client (MS Outlook or other).
- Note: to find the source account that spam was received on, open the email from Outlook, then select File\Info\Properties to view the Internet headers. If you see antispam.ec.gc.ca in the log then this email was relayed to you via an @ec.gc.ca address.
External links
- GetCyberSafe.gc.ca has the mission to "keep Canadians safe online". See their guidance on common threats, including spam and phishing, as well as short and descriptive animations and videos.
- Spamtrackers SpamWiki: a peer-reviewed spam information and analysis resource.
- Federal Trade Commission page advising people to forward spam e-mail to them
- Slamming Spamming Resource on Spam
- Why am I getting all this spam? CDT
- Cybertelecom:: Federal SPAM law and policy
- Reaction to the DEC Spam of 1978 Overview and text of the first known internet email spam.
- Malware City - The Spam Omelette BitDefender’s weekly report on spam trends and techniques.
