Spam refers to unsolicited or unwanted messages that are typically sent via email, text messages, calls, or other electronic communication channels. These messages are often sent in bulk to a large number of recipients, and they may contain advertisements, phishing attempts, or other types of scams.
Spam is a prevalent security concern for organizations. Cybercriminals use spam to steal important information from victims. Excessive spam can slow down mail servers and even cause the servers to crash.
The term “spam” has its origins in a Monty Python sketch from 1970, in which a group of Vikings repeatedly sing a song about Spam, a canned meat product, to the point of annoyance. This sketch was later used by internet users to describe the flood of unwanted messages that began to appear on early online forums.
The first known instance of unsolicited commercial email, or spam, was sent in 1978 by a marketer named Gary Thuerk, who used ARPANET (the precursor to the internet) to send a message promoting a new line of computers to several hundred recipients. This message was widely criticized, and Thuerk’s employer, Digital Equipment Corporation, received a flood of complaints.
One of the largest spam call scams was based out of India where 700+ employees in a call center in India were arrested or detained for impersonating the United States Internal Revenue Service (IRS). This criminal organization targeted Americans with phone calls claiming that the victim owed back taxes to the IRS and must pay hundreds or even thousands of dollars immediately to avoid arrest. The criminal organization stole up to $150,000 USD per day using this extortion scam.
Common types of spam
There are several common types of spam, and new ones are being developed by cybercriminals daily.
Unsolicited commercial email (UCE)
These are unwanted messages that promote products or services. They may come from legitimate businesses, but they can also be sent by scammers and spammers.
These are messages that are designed to trick recipients into revealing personal information, such as passwords or credit card numbers. Phishing emails often appear to come from reputable sources, such as banks or online retailers. One famous phishing racket is the royalty scam that asks victims to help a member of a royal family to move a large amount of money. The story includes an excuse for why the royal person cannot do this for themselves and needs the victim’s assistance. The cybercriminal requests the victim’s bank account information for the purpose of wire-transferring the fictional royal money to the victim’s account. However, the cybercriminal drains all of the money from the victim’s bank account instead.
This is a type of phishing where emails appear to be from reputable companies, like banks, well-known brand names, government agencies, charities, etc. The “From” address of spoofed emails is forged to look like it came from the reputable company. Additionally, spoofed emails often use stolen company logos, verbiage, and formatting to appear authentic. A couple of common email spoofing scams include Tech support scams, Fake job opportunities, Fake credit card charges.
These are messages that ask recipients to forward the message to others. They often contain false information, urban legends, or hoaxes. In this method, you may receive an email claiming that Microsoft will donate money to a charity for every person who forwards the message. However, these types of emails are often hoaxes and should be ignored.
These are messages that contain malware, such as viruses or spyware. Malware spam may be designed to steal information from a recipient’s computer or to take control of the computer. This might include an email with an attachment that appears to be a harmless document, but when you open it, it infects your computer with malware.
These are unwanted comments that are posted on websites or social media platforms. Comment spam may contain links to malware or may be designed to promote products or services.
Adult content spam
Adult content spam is a type of spam email that contains explicit or adult content, often in the form of images or links to websites that contain pornographic material. This type of spam is often sent by individuals or companies promoting adult websites, dating services, or other products and services related to sexual content. This type of spam can be particularly concerning as it may be received by individuals who are not interested in such content or who are underage. In some cases, the email may contain viruses or malware that can harm the recipient’s device or compromise their personal information.
These are unwanted text messages that may contain advertisements, phishing attempts, or other types of scams. For example, you might receive a text message that appears to be from a delivery company, asking you to click a link to track your package. However, the link may lead to a fake website designed to steal your personal information.
Call spam or robocalls
Call spam mimic telemarketing-type calls to collect personal information, bank or credit card numbers, and other criminally useful data from victims. Robocalls are also used to test databases of phone numbers to determine which are legitimate numbers. The phone numbers that are answered by a live human are sold to telemarketers as customer leads or on the black market to cybercriminals, who use the numbers as lists of potential victims.
Social media spam
These are unwanted messages or posts that appear on social media platforms. They may be designed to promote products or services, to spread false information, or to trick users into revealing personal information. For example, you might receive a message on Facebook promoting a weight loss supplement or see posts on Twitter that contain false information about a political candidate.
Today, spam remains a major problem for internet users, with some estimates suggesting that up to 90% of all email traffic is spam. However, advances in anti-spam technology and increased awareness among users have helped to reduce the impact of spam in recent years. It is important to be cautious when dealing with any type of spam and to avoid clicking on links or downloading attachments from unknown sources.