Service providers should be well-armed against spam
The spam wars have escalated, with both sides taking the battle to the next level as they fight to either protect or attack the user. The latest battle is...
Special to The Seattle Times
The spam wars have escalated, with both sides taking the battle to the next level as they fight to either protect or attack the user.
The latest battle is over "image" spam. Instead of words, the message embeds its pitch into an image file. Along with a graphic, a link and a phone number, the mailing advertises many of the same products we have heard about before: Prescriptions. Presidential pitches. Porn.
As there are no characters, anti-spam programs cannot flag these specific words. So the message lands in your inbox.
This is part of the continuing battle between the spammers who assault us and the preventive software that would protect our castle. While the weaponry and scale have changed, the philosophy is the same.
A spammer can send out 100 million messages. If just a few people respond, the spammer will earn back costs (which are practically nothing) and pull in a considerable profit.
Smart people, in this case, can recognize spam by its first line and will send the message to the spam folder as a reflex. It's not a leap to say the responders ruin it for everyone. For a real-world example, there would be no cockroaches if people stopped leaving their food on the table.
Internet-service providers must then add tools that detect image spam to their protection arsenal. Matt Smith is president of LiveOffice Corp. in Torrance, Calif., a company that makes such tools. Smith said that each message is slightly different, fooling software intended to detect millions of the same message sent from the same address. Spam protection, he said, will screen out image spam as a matter of course.
A certain amount of protection is now the user's responsibility, but Smith piles on another layer. He counsels users to make sure their internet-service provider (ISP) protects against image spam, as well as provides software that calculates the reputation of the sender and disallows obvious spammers.
Also necessary is anti-virus protection that updates itself on the fly, eradicating the danger before the user knows the virus exists. You would think that Smith would say such things. His company sells this software.
At the same time, it makes sense to hold ISPs to the highest standards, forcing them to do everything possible to keep spam levels down. Any worthwhile ISP should willingly provide these services.
If it does not, pull out the same speech as when an airline screws up your reservation too many times: "I don't have to fly with you."