14 June 2005
83% of spam contains hidden tracking codes
Eight out of ten spam e-mails contain covert tracking codes which allow the senders to record and log recipients’ e-mail addresses as soon as they open the message. These are among the findings revealed this week by OUT-LAW.COM, the IT and e-commerce legal service from international law firm Masons. The research was carried out for OUT-LAW.COM by network security experts iomart.
Much of this unwanted spam is illegal under various regulations but Shelagh Gaskill, a partner at Masons, said: “The people sending it could not care less about the law.”
Iomart set up separate accounts to receive spam, or unsolicited commercial e-mail, and the team of investigators played dumb and opened up all spam that came into these accounts.
They found that 83% were HTML e-mails with hidden tracking codes that notified the spammers as soon the messages were opened. After a two-week period, the volume of spam received on these accounts virtually doubled. Hundreds of worthless e-mails became thousands in almost no time at all.
Next, the team ‘sterilized’ the spam flowing into these accounts, removing the hidden tracking codes. During the next few weeks there was a slight but steady decline in the mountain of spam being received.
Their conclusion was simple and stark: that spam e-mailers respond to the hidden tracking codes by sending more e-mail to identified accounts.
For a third trial period, spam e-mail was ‘bounced’ by means of an automatic e-mail being sent to the spam sender, stating that the e-mail could not be delivered, but not giving a specific reason why.
Predictably, based on their earlier findings, there was a marked drop in the number of spam e-mails being received. The decrease in spam e-mails started almost immediately, and after about two weeks the volume being received had decreased by about 40%.
“The rule is simple: do not open spam if you want to minimise it,” says Iain Richardson, a software developer with iomart. “A lot of spam is evident from the subject header and sender’s name. If you suspect it’s spam, the easiest thing to do is to delete it – otherwise you’re letting the senders know that you exist and you will receive more.”
Richardson offers a few tips on reading e-mail, and explains how people get caught out. “Popular software, such as Microsoft Outlook or Express, lets the user read a section of the e-mail in the preview window before opening the full e-mail. Be warned that viewing a preview pane will activate the hidden tracker code – so don’t use it if you want to minimise spam.”
Another option is to apply spam filters. The problem with filters is that no system is perfect: there is likely to be an occasional loss of legitimate business communications, unless someone examines all filtered e-mail.
Iomart has developed a product, part of its NetIntelligence suite, which businesses can install in their system to give the option of filtering or sterilising only the hidden tracker mechanism in spam.
There were a couple of points of note in the results of the tests conducted by iomart: most notably that the decrease recorded after spam was bounced was less pronounced than the increase noted when the accounts were newly set up and no action was taken to remove tracking codes or bounce e-mails.
So far, so good. Cutting down spam requires little more than ignoring the obviously tacky. Unfortunately, the iomart study suggests that the spammers have thought of that and are involved in a subtle form of electronic warfare to circumvent those who take the simple precautions outlined above.
When the team began bouncing e-mails there appeared to be an increase in the amount of spam coming from different domain names. They concluded that this is likely to be an attempt by the spam senders to circumvent blocking mechanisms based on domain names.
There are laws that are relevant to spam. Depending on how the e-mail addresses were obtained and the manner in which spam is sent, there may be a breach of the Data Protection Act. Do not trust those unsolicited offers of “128 million e-mail addresses on a CD for $200.”
There may also be a breach of the contract that the sender has with its internet service provider – since many ISPs forbid the sending of spam.
Also relevant is the E-mail Preference Service, a list to which people can add their e-mail addresses to say that they do not want to receive e-mail marketing – although it lacks any legal weight.
Most recently, under the UK’s E-commerce Regulations, all unsolicited commercial e-mail must be clearly and unambiguously identifiable as such as soon as it is received. Such e-mail must also, among other things, clearly identify the person on whose behalf it is being sent.
The UK has to implement a European Directive on the protection of privacy in the electronic communications sector before November 2003 that goes further than the current UK position on spam.
It requires that unsolicited commercial communications such as e-mail, text messages, faxes or telephone calls from automated calling systems, are only lawful if consumers have already indicated that they are willing to receive such communications.
Much of this unwanted spam is illegal under various regulations but Shelagh Gaskill, a partner at Masons, said: “The people sending it could not care less about the law.”
Iomart set up separate accounts to receive spam, or unsolicited commercial e-mail, and the team of investigators played dumb and opened up all spam that came into these accounts.
They found that 83% were HTML e-mails with hidden tracking codes that notified the spammers as soon the messages were opened. After a two-week period, the volume of spam received on these accounts virtually doubled. Hundreds of worthless e-mails became thousands in almost no time at all.
Next, the team ‘sterilized’ the spam flowing into these accounts, removing the hidden tracking codes. During the next few weeks there was a slight but steady decline in the mountain of spam being received.
Their conclusion was simple and stark: that spam e-mailers respond to the hidden tracking codes by sending more e-mail to identified accounts.
For a third trial period, spam e-mail was ‘bounced’ by means of an automatic e-mail being sent to the spam sender, stating that the e-mail could not be delivered, but not giving a specific reason why.
Predictably, based on their earlier findings, there was a marked drop in the number of spam e-mails being received. The decrease in spam e-mails started almost immediately, and after about two weeks the volume being received had decreased by about 40%.
“The rule is simple: do not open spam if you want to minimise it,” says Iain Richardson, a software developer with iomart. “A lot of spam is evident from the subject header and sender’s name. If you suspect it’s spam, the easiest thing to do is to delete it – otherwise you’re letting the senders know that you exist and you will receive more.”
Richardson offers a few tips on reading e-mail, and explains how people get caught out. “Popular software, such as Microsoft Outlook or Express, lets the user read a section of the e-mail in the preview window before opening the full e-mail. Be warned that viewing a preview pane will activate the hidden tracker code – so don’t use it if you want to minimise spam.”
Another option is to apply spam filters. The problem with filters is that no system is perfect: there is likely to be an occasional loss of legitimate business communications, unless someone examines all filtered e-mail.
Iomart has developed a product, part of its NetIntelligence suite, which businesses can install in their system to give the option of filtering or sterilising only the hidden tracker mechanism in spam.
There were a couple of points of note in the results of the tests conducted by iomart: most notably that the decrease recorded after spam was bounced was less pronounced than the increase noted when the accounts were newly set up and no action was taken to remove tracking codes or bounce e-mails.
So far, so good. Cutting down spam requires little more than ignoring the obviously tacky. Unfortunately, the iomart study suggests that the spammers have thought of that and are involved in a subtle form of electronic warfare to circumvent those who take the simple precautions outlined above.
When the team began bouncing e-mails there appeared to be an increase in the amount of spam coming from different domain names. They concluded that this is likely to be an attempt by the spam senders to circumvent blocking mechanisms based on domain names.
There are laws that are relevant to spam. Depending on how the e-mail addresses were obtained and the manner in which spam is sent, there may be a breach of the Data Protection Act. Do not trust those unsolicited offers of “128 million e-mail addresses on a CD for $200.”
There may also be a breach of the contract that the sender has with its internet service provider – since many ISPs forbid the sending of spam.
Also relevant is the E-mail Preference Service, a list to which people can add their e-mail addresses to say that they do not want to receive e-mail marketing – although it lacks any legal weight.
Most recently, under the UK’s E-commerce Regulations, all unsolicited commercial e-mail must be clearly and unambiguously identifiable as such as soon as it is received. Such e-mail must also, among other things, clearly identify the person on whose behalf it is being sent.
The UK has to implement a European Directive on the protection of privacy in the electronic communications sector before November 2003 that goes further than the current UK position on spam.
It requires that unsolicited commercial communications such as e-mail, text messages, faxes or telephone calls from automated calling systems, are only lawful if consumers have already indicated that they are willing to receive such communications.
# posted by vdodon @ 04:53 
