Spam blights many networks, but it can be managed and blocked
Despite the introduction of laws, and a seemingly never-ending list
of arrests, the problem of spam is greater than ever.
The reason for this is simple - it works. As long as people are
interested in buying little blue pills, or increasing the size of
their anatomy, then spammers will continue to hawk their wares as
long as it is cost-effective.
That is where anti-spam software comes in. It aims to stop spam
from reaching end-users.
Over the past couple of years we have seen spammers get ever more
sophisticated in the tricks they use to sneak past anti-spam
technology. Some hide their messages in obfuscated HTML, embedding
paragraphs of legitimate text to try to tip the balance in the
anti-spam engine from "spam" to legitimate "ham".
Others pretend to be genuine communications, disguising them-
selves by using e-mail addresses of personal contacts or domain
names of recognisable firms.
As spammers become ever more desperate, they increasingly make use
of the masses of insecure US broadband-enabled home computers that
can be compromised and used to send spam.
If everyone kept their computers protected with the latest
Microsoft security patches, up-to-date anti-virus and anti-spam
software, as well as a decent firewall, it would be much harder for
spammers to rally a zombie network to send out their
messages.
When Sophos polled nearly 4,000 businesses earlier this year it
found that 80% believed the flood of spam made them less
productive. However, only 28% had an anti-spam product in place. It
is clear that those running networks suffering from a barrage of
spam need to take steps to avoid the onslaught.
First, IT managers need to ensure that network managers have
implemented a top quality anti-spam product at the e-mail gateway
which can filter even the latest spam tricks. Ideally, this will
automatically update itself with information about new spam
techniques to keep one step ahead of the latest attacks.
Not all anti-spam is created equal. Many companies have had bad
experiences with inferior anti-spam software that either missed
spam or blocked legitimate messages, so IT managers must choose
carefully.
IT and HR departments must work closely to ensure that employees
follow basic rules to block spam. Users should also be careful
about how widely they distribute their e-mail addresses online -
particularly on internet message boards and websites.
As the battle against spam becomes more intense, a sensible
multi-layered defence can help ensure you are exposed to as little
junk mail as possible.
Graham Cluley is a senior technology consultant at anti-virus
group Sophos