You know from looking at your e-mail lately that it's possible to be debt-free, have perfect skin and be a babe magnet—with a little help from your new friends.
But at least employees at Stamford, Conn.-based Xerox Corp. are shielded from such revolutionary offers—though the process hasn't been easy. Last summer, Xerox's firewall team was blocking 150,000 spam e-mails a month. By early fall, it was 60,000 messages a day, seven days a week, says Linda Stutsman, manager of corporate information security and risk management.
In the past year, spam has moved beyond personal e-mail accounts, invading business systems and graduating from societal pest to corporate enemy. Companies are stockpiling their arsenals—lists of legitimate senders and known spammers, tools that pick up on spamlike content or behavior, digital fingerprints and decoy e-mail addresses—to fight this invasion. On the other side, however, new and resourceful recruits lured by spam's promise of big financial returns are constantly devising counterattacks.
"There's 10 times as much [corporate] spam this year as there was last year," says Joyce Graff, an analyst at Stamford, Conn.-based Gartner Inc. "It's mind-blowing. And the economics are on the spammers' side."
And, says Jason Catlett, president of Junkbusters Corp., a Green Brook, N.J.-based antispam organization, the problem is getting worse. "Spam is growing at a slightly faster rate than e-mail traffic," he says.
Weapons of War
The spam weapons that Graff finds most difficult to defend against are harvesting tools. For $39.95, marketers can buy a "spambot" that searches message boards and lists, culling up to 100,000 e-mail addresses in an hour. Spambots also get into the relay game with organizations' message transfer agents (MTA) by sending messages to, for example, georgebrown@whitehouse.gov, georgebuckley@whitehouse.gov and so on, until they find matches.
To combat these spambots, Graff says, organizations need to set up their MTAs so they automatically disconnect as soon as they detect harvesting attacks.
But, says Steve, a Washington-based spammer who asked to be identified by only his first name, spammers are continually finding—and sharing—new ways to hide their identities. For instance, he's created a filter-evading script that randomizes subject lines and source addresses so they're not easily identified as bulk mail. Big-time spammers buy servers that can randomize entire domains, says Steve.
Spammers scan the Internet for open relays in foreign countries so their messages will be hard to trace. Or they set up free e-mail accounts and dump them before they're caught. Spammers can blast out hundreds of thousands of messages, each with customized content and source addresses, and then quickly log out, says Mark Bruno, enterprise product manager at Brightmail Inc., a San Francisco-based vendor that got its start filtering e-mail for service providers but has since shifted its focus to corporations.
Spammers also write programs that load in multiple accounts so when one account is terminated, another automatically kicks in, says Dan Clements, CEO of CardCops.com, a Malibu, Calif.-based online credit card and advertising fraud watchdog group.
It typically takes about two or three months from the time companies install antispam software until they can effectively pick up on patterns. But once they do so, some systems can weed out 90% of spam with a less than 1% false-positive rate, says Joe Fisher, senior product manager at
• Content-analysis tools that look for keywords.
So at the end of last year, Norfolk Southern installed IronMail from CipherTrust Inc. in Alpharetta, Ga. The tool sits on Norfolk Southern's gateway and uses an array of filtering strategies. Even with the filter, though, spam has managed to get into Norfolk Southern's system, so employees have been building a local deny list by sending addresses to be blocked to the information security department.
The biggest challenge has been avoiding false positives, says Samms. "We don't want to block good e-mail, so we have to be careful," he says. For instance, one employee's last name is Rape, so the company can't add that to its list of words to be filtered out.
Samms says the 25% spam rate has been reduced to about 1% or 2%.
Santa Clara, Calif.-based Macrovision Inc. has opted for a voluntary spam-fighting program, letting end users decide whether they want to use the PerlMx filters from Vancouver, British Columbia-based ActiveState Corp., which the company installed last spring. Then they customize their filter settings, so the sales representatives can keep getting newsletters peppered with terms like invest and bargain, for example, and the mailroom clerks can keep solicitations to a minimum, according to Macrovision system administrator Mike Stevens.
Stevens hasn't calculated the return on the $10,000 investment, but he says productivity has jumped. "You get your return on investment back in a relatively short time," he says.
Solomon is a freelance writer in New York. Contact her at melissasolomon7@hotmail.com.
 |
|||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||