Spam and Unsolicited Email

Spam and Unsolicited Email:

We routinely receive questions from users about spam emails. The most common questions are:
“How did this get through the filter?”
“How did they get my address?”

Before we answer those questions, here’s a basic definition of terms:
Spam is junk or unsolicited commercial email that is bulk-mailed to people who have not requested it, differentiating it from email that you get because you subscribed to some mailing list or receive as approved district correspondence. The messages may contain commercial information, wishes for luck, notices of philanthropic opportunities, humor, etc. Some of them are simply chain letters that ask you to redistribute the message to others. Spam is generally considered to be e-mail advertising for some product.
If you are annoyed by unsolicited e-mails, you are not alone. We wish there were a magical way to stop it, but the reality is that in a public institution there are no easy answers. This week alone, the WHPS IT Department blocked over 33,400 spam and virus-laden messages before they ever arrived at the WHPS addresses they targeted.
Nearly 40% of incoming WHPS email is spam or virus messages. Current statistics show that over 60% of all Internet email is now considered spam and will rise to over 70% in the coming year. If there were a quick and total fix for this problem, we (and everyone else) would have it implemented already.
We utilize a Symantec spam filter, which is excellent, but it has the same limitations as all tools - if you restrict the mail you receive too tightly, you'll also block legitimate mail you want to get. So, understanding how many spam emails are actually caught each week, here’s the answer to the first question:
“How did this get through the filter?”
Spammers get rich because even a minimal response rate on millions of emails means big bucks to them. One study estimated that only 200 individuals were responsible for 90% of all spam. With a fortune at stake, spammers change tactics as often as they change their email addresses. One recent trend was to send a graphic in the body of the email, which actually contained an image of the words that comprised their solicitation. But because it wasn’t actual text, the filter couldn’t catch it. Also, if every word a filter is set up to catch is deliberately misspelled, the email may slip by the filter if other characteristics in the header don’t catch it. Most spammers also work out of foreign countries (Russia is a favorite) and do not have to abide by all the anti-spam legislation passed by states and the federal government. To get an idea of the power of these spammers, see this article:
http://news.zdnet.com/2100-1009_22-6073625.html?tag=nl.e589
“How did they get my address?”
Most likely, you gave it to them, either directly or indirectly. Email spam lists are often created by scanning bulletin board postings, stealing Internet mailing lists, or by searching the Web for addresses. The more Internet activity you participate in, the more likely you are to end up on a spam list. If your email address on a group list (your school list, or any other) was ever forwarded by a member of the group to an outside email address, then the entire school list may have been captured by a spam harvester. Have you ever received a joke email and forwarded it to a list of WHPS and non-WHPS email addresses? Seems harmless, but you just gave the spammers another chance to grab those addresses. Our email addresses also get on lists when we subscribe to legitimate offers via the Internet, when we unsubscribe to unsolicited lists (that way they know we're active email accounts) as well as professional organizations that sell their lists to clearinghouses with our addresses included. Here’s a good FAQ site on how spammers harvest email addresses:
http://www.private.org.il/harvest.html

I hope this information has been useful. If you do receive any of the small percentage of spam that does get through, simply DELETE the message. Think of it as throwing away the junk mail you receive at home.
DO NOT forward the spam to us. We get them too, so we know they’re already there.
DO NOT reply to the spam message. You'll either get a bounced (rejected) message or be targeted for more junk mail.
DO NOT respond to "instructions to remove me from your mailing list". Most often, this will result in a rejected mail message to you. It may also serve as a confirmation that your account is active and the mail is being read.
Finally, remember not to generate “internal” spam either. Do not use WHPS group emails for personal solicitations or announcements; do not use “Reply to All” in a group email unless your intention is to email a reply to the entire group.
Check out the WHPS IT website for more information on spam and other computer issues: http://www.whps.org/it/profdevelopment/InternetSecurity/main.htm
And if you’ve read this far, here’s information on Spam that may be of further interest:
http://www.spam.com/

Thanks,
James R. Benn
Coordinator of Information Technology
West Hartford Public Schools