lo3

Misrak TVET College Training, Training, Teaching Teaching and Learning Materials Development

MISRAK TVET COLLEGE under

Ethiopian TVET-System

INFOM!TION INFOM!TION TEC"NOLO#$ %&''OT %EVICE Level I

LEARNING GUIDE # 12 &nit o( Competence) Competence ) Module Title

)

L# Code TTLM Code

) )

'rotect %o(t*are or %+stem !pplication 'rotecting %o(t*are or %+stem !pplication ICT IT% M-. L-/ 0 ICT IT% TTLM-. -1

LO /) Identi(+ and take action to stop spam Learning #uide First Edition

Date) -120-. !uthor) ICT, IT 3 Misrak TVET College

'age 1 o( 


INTRODUCTION

Learning Guide # 11

This learning guide is developed to provide +ou the necessar+ in(ormation regarding the (ollo*ing content coverage and topics 3 • •

%pam %pam Control

This guide *ill also assist +ou to attain the learning outcome stated in the cover page4 %peci(icall+, upon completion o( this Learning #uide, +ou *ill 5e a5le to 3 • • • •

De(ine and Identi(+ common t+pes o( spam Take apprpria!e a"!in in a"!in in order to protect unauthori6ed access o( spammers Con(igure and use spam (ilters eport and document spam to identi(+ the securit+ threats and 5e a5le to per(orm recommended action

Learning A"!ii!ies 4 ead the speci(ic o57ectives o( this Learning #uide4 04 ead the in(ormation *ritten in the 8In(ormation %heets 9 in pages /214 /4 !ccomplish the 8%el(2check9 in page :4 .4 I( +ou earned a satis(actor+ evaluation proceed to 8In(ormation %heet 094 "o*ever, "o*ever, i( +our rating is unsatis(actor+, see +our teacher (or (urther instructions or go 5ack to Learning !ct4 ;4 14 ead the in(ormation *ritten in the 8In(ormation %heets 09 in pages <2=4 :4 !ccomplish the 8%el(2check9 in page -4 <4 I( +ou earned ear ned a satis(actor+ evaluation proceed to 8Lap Test9 on page 4 "o*ever, i( +our +our rating is unsatis(actor+, see +our +our teacher (or (urther instructions or go 5ack to Learning !ct4 ;04 >4 Do the 8L!' test9 ?i( ? i( +ou are read+@ and sho* +our output to +our teacher4 $our teacher *ill evaluate +our output either satis(actor+ or unsatis(actor+4 I( unsatis(actor+, +our +our teacher shall advice +ou on additional *ork4 Aut i( satis(actor+ +ou can pr oceed to Learning #uide /4 •

$our teacher *ill evaluate +our output either satis(actor + or unsatis(actor+4 I( unsatis(actor+, +our teacher shall advice +ou on additional *ork4 Aut i( satis(actor + +ou can proceed to the neBt topic4

Learning #uide First Edition


'age 2 o( 


In$rma!in S%ee! 1

Spam

Spam is (lood (looding ing the Intern Internet et *ith *ith ma man+ n+ copie copies s o( the same same me mess ssage age,, in an attempt to (orce the message on people *ho *ould not other*ise choose to receive it4

Most spam is "mmer"ia& ader!ising, o(ten (or du5ious products, get2rich2uick schemes, schemes, or uasi2legal services4 services4 %pam costs the sender sender ver+ little to send 22 most most o( the costs are paid (or 5+ the recipient or the carriers rather than 5+ the sender4 There There are !' main !(pes $ spam , and the+ have di((erent e((ects on Internet users4 4 Can"e&&a)&e Usene! spam is a single message sent to 0- or more &senet ne*sgroups4 ?Through long eBperience, &senet users have (ound that an+ message posted to so man+ ne*sgroups is o(ten not relevant to most or all o( them4@ &senet spam is aimed at  &ur*ers, people *ho read ne*sgroups 5ut rarel+ or never post and give their address a*a+4 &senet spam ro5s users o( the utilit+ o( the ne*sgroups 5+ over*helming them *ith a 5arrage o( advertising or other irrelevant posts4 Furthermore, Furthermore, &senet spam su5verts the a5ilit+ o( s+stem administrators and o*ners to manage the topics the+ accept on their s+stems4 04 Emai& spam targets individual users *ith direct mail messages4 Email spam lists are o(ten created 5+ scanning &senet postings, stealing Internet mailing lists, or searching the e5 (or addresses4 Email spams t+picall+ cost users mone+ out2o(2pocket out2o(2pocket to receive4 Man+ people 2 an+one *ith measured measured phone service 2 read or receive their mail *hile the meter is running, so to speak4 %pam costs them additional mone+4 On top o( that, it costs mone+ (or I%'s and onlin online e servi services ces to trans transmit mit spam, spam, and these these cos costs ts are tran transm smitt itted ed directl+ to su5scri5ers4 su5scri5ers4 One particularl+ nas!( arian! $ emai& spam is sending spam ! mai&ing &is!s +pu)&i" r pria!e emai& dis"ussin $rums,- Aecause man+ mailing lists limit activit+ to their su5scri5ers, spammers *ill use automated tools to su5scri5e to as man+ mailing lists as possi5le, so that the+ can gra5 the lists o( addresses, or use the mailing list as a direct target (or their attacks4



'age . o( 


/%( is spam )ad0 h+ do *e get so upset *hen *e receive E2mail *hich *as not reuested There are several reasons)

4 T%e $ree ride, E2mail spam spam is uniue uniue in that the receiver pa+s so pa+s so much more (or it than the sender does4 For eBample, !OL has said that the+ *ere receiving 4> million spams (rom C+5er 'romotions per da+ until the+ got a court in7unction to stop it4 !ssuming that it takes the t+pical !OL user onl+ - seconds to identi(+ and discard a message, thatGs still 1,--- hours per da+ o( connect time per da+ spent discarding their spam, 7ust on !OL4 A+ contrast, the spammer pro5a5l+ has a T line line that that cost costs s him him a5ou a5outt H-H--d da+ a+44 No othe otherr kind kind o( adve advert rtis isin ing g cost costs s the the advertiser so little, and the recipient so much4 The closest analog+ I can think o( *ould 5e auto2dialing 7unk phone calls to cellular users ?in the &%, cell phone users pa+ to receive as *ell as originate calls@J +ou can imagine ho* (avora5l+ (avora5l+ that might 5e received4 "eans s $ spam spam pr)&e pr)&em, m, Man+ 04 T%e "ean Man+ spam messag messages es sa+ 8pleas 8please e send send a EMOVE message to get o(( our list4GG Even disregarding the uestion o( *h+ +ou should have to do an+thing to get o(( a list +ou never asked to 7oin, this 5ecomes completel+ impossi5le i( the volume gro*s4 !t the moment, most o( us onl+ get a (e* spams per da+4 Aut imagine i( onl+ - o(  K o( the users on the Internet decided to send out spam at a moderate rate o( --,--- per da+, a rate easil+ achieva5le *ith a dial2up account and a 'C4 Then ever+one *ould 5e receiving -spams ever+ da+4 I( K o( users *ere spamming at that rate, *eGd all 5e getting ,--- spams per da+4 Is it reasona5le to ask people to send out -- 8removeGG messages per da+ "ardl+4 I$ spam gr's3 i! 'i&& "r'd ur mai&)4es ! !%e pin! !%a! !%e(re n! use$u& $r rea& mai& 4 &sers on !OL, *hich has a lot o( trou5le *ith internal spammers, report that the+Gre alread+ nearing this point4 /4 T%e !%e$! $ resur"es, !n increasing increasing num5er num5er o( spammers, spammers, such as 5uan!um Cmmuni"a!ins, send send mo most st or all all o( thei theirr ma mail il via via inno innoce cent nt inte interm rmed edia iate te s+stem s+stems, s, to avoi avoid d 5locks 5locks that that ma man+ n+ s+stem s+stems s have have place placed d agains againstt ma mail il com coming ing directl+ (rom the spammersG s+stems4 ?Due to a historical uirk, most mail s+stems on the Internet *ill deliver mail to an+one, not 7ust their o*n users4@ This (ills the intermediate s+stemsG net*orks and disks *ith un*anted un*anted spam messages, messages, takes up their their ma manag nagers ersGG time time dealin dealing g *ith *ith all the undeli undelive vera ra5le 5le spam spam me mess ssage ages, s, and and su57 su57ec ects ts them them to comp compla lain ints ts (rom (rom reci recipi pien ents ts *ho *ho conc conclu lude de that that sinc since e the the intermediate s+stem delivered the mail, the+ must 5e in league *ith the spammers4 Man+ other spammers use %i! and run spamming in *hich the+ ge! a !ria& dia&6 up a""un! a! an In!erne! prider $r a $e' da(s3 send !ens $ !%usands $ messages messages33 !%en !%en a)and a)andn n !%e a""un! a""un! ?unless ?unless the provider provider notices notices *hat the+Gre doing and cancels it (irst@, leaving the unsuspecting provider to clean up the mess me ss44 Man+ Man+ spam spamme mers rs have have done done this this tens tens or do6e do6ens ns o( time times, s, (orc (orcin ing g the the providers to *aste sta(( time 5oth on the cleanup and on monitoring their trial accounts (or a5use4 Learning #uide First Edition


'age 7 o( 


.4 I!s a&& gar)age, The spam messages IGve seen have almost *ithout eBception advertis advertised ed stu(( stu(( thatGs thatGs 'r!%&ess, deceptive, and partl+ or entirel+ (raudulent4 ?I include the man+ MLMs in here, even though the MLM2ers rarel+ understand *h+ thereGs no such thing as a good MLM4@ ItGs spam so(t*are, (unk+ miracle cures, o((2 5rand computer parts, vaguel+ descri5ed get rich uick schemes, dial2a2porn, and so on do*nhill (rom there4 ItGs all stu(( thatGs too crudd+ to 5e *orth advertising in an+ medium *here the+Gd actuall+ have to pa+ the cost o( the ads4 !lso, since the cost o( spamming is so lo*, thereGs no point in targeting +our ads, *hen (or the same lo* price +ou can send the ads to ever+one, increasing the noise level the rest o( us have to deal *ith4 T%e(re "r*s, "r*s, %pam 14 T%e(re %pam so(t* so(t*are are invaria invaria5l+ 5l+ comes comes *ith *ith a list list o( names names (alse (alsel+ l+ clai claime med d to 5e o( peop people le *hoG *hoGve ve said said the+ the+ *ant *ant to rece receiv ive e ads, ads, 5ut 5ut actu actual all+ l+ consisting o( un'i&&ing i"!ims "u&&ed a! randm $rm usene! r mai&ing &is!s 4 %pam so(t*are o(ten promises to run on a providerGs s+stem in a *a+ designed to 5e hard (or the provider to detect so the+ canGt tell *hat the spammer is doing4 %pams invaria5l+ sa+ the+Gll remove names on reuest, 5ut the+ almost never do4 Indeed, people report that *hen the+ send a test 8removeGG reuest (rom a ne*l+ created account, the+ usuall+ start to receive spam at that address4 %pammers kno* that pep&e dn! 'an! ! %ear $rm !%em3 and generall+ pu! $a*e re!urn addresses on their messages so that the+ donGt have to 5ear the cost o( receiving responses (rom people to *hom the+Gve send messages4 henever possi5le, possi5le, the+ use the dispsa)&e !ria& IS8 a""un!s mentioned a5ove so the I%' 5ears the cost cost o( cleaning cleaning up a(ter them4 them4 ItGs hard to think think o( an!%er &ine o( 5usiness *here the genera& e!%i"a& &ee& is s &' 4 :4 I! mig%! )e i&&ega&, %om %ome e kinds o( spam are illegal illegal in some countries countries on the Internet4 Internet4 Especiall+ Especiall+ *ith prngrap%(, mere possession o( such material can 5e enough to put the recipient in 7ail4 In the &nited %tates, child pornograph+ is highl+ illegal and *eGve alread+ seen spammed child porn o((ers4



'age 9 o( 


Se&$6C%e"* 1 Name Name) )             

/ri!!en Tes! Date Da te) )        

Ins!ru"!in: Ins!ru"!in: !ns*er all the uestions listed 5elo*, i( +ou have some di((icult+ doing this sel(2 check, (eel (ree to ask +our teacher (or c lari(ications4 4 04 /4 .4

It (loods (loods the Intern Internet et *ith man+ copies o( o( the same same message4 message4 It is a t+pe o( spam that that targets individ individual ual users users *ith direct direct mail messages4 messages4 It is a t+pe o( spam that that send a single single message message to 0- or more more &senet &senet ne*sgroups4 ne*sgroups4 &senet spam spam is aimed to this this people *ho read read ne*sgroups ne*sgroups 5ut rarel+ rarel+ or never never post and give give their address a*a+4

14 Matc Matchi hing ng t+pe t+pe  4 The (ree ride  04 The 8Oceans o( %pam9 pro5lem  /4 The the(t o( resources  .4 Its all gar5age  14 The+re crooks  :4 It might 5e illegal

a4 the receiver pa+s more than the sender 54 sending ads to un*illing victims culled c4 receiving man+ spam d4 %i! and run spamming run spamming e4 *orthless spam (4 'ornograph+

$ou must a5le to get >points to 5e competent other*ise +oull take another test Learning #uide First Edition


'age ; o( 


In$rma!in S%ee! 2

Spam Control

Spam is (looding (looding the Internet Internet *ith man+ copies copies o( the same same message, message, in a %pam no* constitutes an over*helming ma7orit+ o( emai& !ra$$i"4 T%e e$$e"!s $ Spam

The never2ending onslaught o( 7unk messages) strains net*orks erodes user productivit+ propagates dangerous mal*are and mal*are and costs 5usiness millions o( dollars4

• • •

T(pes $ Spam

Though all 7unk email might look the same, spam continues to arrive in a seemingl+ endless num5er o( con(igurations, ranging (rom the innocuous to the lethal4 The ma7or spam t+pes include) •

•

•

•

•

Ader!ising ) %pam is used to promote an entire spectrum o( products and services, (rom so(t*are so(t*are to real estate to uestiona5le medical and nutritional o((erings4 Ma&'are De&ier( ) %pam is one o( the main distri5ution channels (or delivering viruses and viruses and other t+pes o( mal*are4 Targeted individuals, 5elieving the+ have received an important document or media (ile, are o(ten tricked into opening a mal*are attachment4 S"ams ) 'osing as Nigerian Nigerian princes, %*iss %*iss 5ankers, 5ankers, tragicall+ ill children and and other stock t+pes, scammers pre+ on recipientsG s+mpath+ and greed4 8%is%ing ) "iding 5ehind the names o( respected retailers, (inancial institutions, 5usinesses, charities and government 5odies4 'hishers attempt 'hishers attempt to lure unsuspecting recipients to 5ogus e5 sites *here the+ steal personal (inancial or identit+ in(ormation4 Nnsense ) ! signi(icant chunk o( 7unk2mail teBt is pure gi55erish4 %ome o( this material is generated in an e((ort to trick spam2(iltering technologies technologies into passing an attached message onto recipients4 Man+ nonsensical messages seem to eBist (or no purpose at all4



'age < o( 


Spam Media

%pam is over*helmingl+ an email pro5lem4 email pro5lem4 $et as Internet technolog+ advances, 7unk content content is rapidl+ spilling spilling over to man+ other other t+pes o( o( I' media, including) including) •

•

•

•

•

•

IM +ins!an! messaging- ) %pam is a gro*ing pro5lem on IM net*orks, IM net*orks, *here the threats closel+ parallel those o( email spam4 VI8 Voice over I') %'IT ?%pam %'IT ?%pam over Internet Telephon+@ is a rare 5ut potentiall+ dangerous (orm o( spam that threatens to anno+ users and 7am voice2mail in5oBes4 voice2mail in5oBes4 Sear"% Engines ) &sing techniues such as hidden teBt, door*a+ pages and mirror sites, a search2engine spammer attempts to 5oost a e5 siteGs ranking 5+ redirecting tra((ic to the site4 This practice is also kno*n as spamdeBing4 /e) Message =ards ) %pammers like to use e5 message 5oards and &senet4comgroups &senet4com groups to promote products and services that are usuall+ unrelated to the siteGs content (ocus4 =&gs ) unk advertising is inserted into a 5logGs reader2comment 5logGs reader2comment area4 On&ine Vide ) $ouTu5e LLC and LLC and other video2sharing sites are plagued 5+ video spam, *hich consists o( thinl+ disguised commercials (or products and services o( du5ious value4

Cm)a!ing Spam

It sometimes seems as i( an!i6spam !e"%n&gies and methodologies are proli(erating proli(erati ng as rapidl+ rapidl+ as spam itsel(4 These are the main tools that can keep keep spam under control) Spam >i&!ers ) ! gro*ing num5er o( technolog+ vendors are targeting spam *ith products that are designed to 5lock and uarantine suspected spam4 These o((erings use sophisticated algorithms to scan each incoming message (or signs that it ma+ contain spam4 •

•

•

>ire'a&&s ) Spam $ire'a&&s o((load message (iltering (rom the email server, (reeing up net*ork resources and 5and*idth4 %pam2(ire*all appliances usuall+ come precon(igured and can 5e set up in minutes4 Maintenance is usuall+ minimal4 An!i6Ma&'are Te"%n&gies ) "ard*are2 and so(t*are25ased anti2mal*are products can products can 5lock dangerous attachments (rom reaching emplo+eesG in5oBes4



'age ? o( 

Misrak TVET College Training, Training, Teaching Teaching and Learning Materials Development •

•

•

•

•

•

C&ien! Cn!r& ) Leading email clients, such as Microso(t Microso(t Outlook and Outlook and Outlook EBpress, as *ell as Mo6illa FoundationGs FoundationGs Thunder5ird , Thunder5ird , o((er 5uilt2in controls that are designed to minimi6e in5oB spam4

/%i!e Lis!s@=&a"* Lis!s ) This (eature is (ound in man+ spam (ilters and client controls4 hite lists o( trusted email addresses allo* messages to proceed to the userGs in5oB unimpeded unimpeded 5+ an+ (ilter or client settings4 Alack lists *ork in the opposite *a+, routinel+ 5locking incoming email (rom kno*n o((enders4 Dispsa)&e Emai& Addresses ) Man+ 5usinesses and individuals routinel+ distri5ute di((erent email addresses to ever+ eBternal contact, then (unnel all incoming messages into a single account4 This *a+, i( one address 5egins spamming, it can 5e sa(el+ eradicated *ithout a((ecting the (lo* o( messages originating (rom other contacts4 Lega& A"!in ) hile itGs rare (or an individual 5usiness to sue a 7unk2mail sender, a gro*ing num5er o( la*2en(orcement 5odies are targeting spammers, particularl+ organi6ed crime rings that use the technolog+ (or (inancial and identit+ the(t4 8&i"ies ) !ll 5usinesses need a comprehensive anti2spam polic+4 Aesides mandating the use o( (iltering and other good spam2(ighting technologies, the polic+ should cover routine *orkplace practices4 =usiness /e) si!es3 $r e4amp&e3 s%u&d neer pu)&is% isi)&e emai& addresses !%a! "an )e %ares!ed )( spammer s$!'are, Emplo+ees should also 5e encouraged not to post 5usiness email addresses on message 5oards, social2net*ork sites and personal e5 pages4 Edu"a!in ) The simple task o( teaching emplo+ees to 5e *ar+ o( phishing messages, and not to open unkno*n attachments, can help an+ 5usiness minimi6e spamGs impact4



'age B o( 


Se&$6C%e"* 2 Name Name) )             

/ri!!en Tes! Date Da te) )        

Ins!ru"!in: Ins!ru"!in: !ns*er all the uestions listed 5elo*, i( +ou have some di((icult+ doing this sel(2 check, (eel (ree to ask +our teacher (or c lari(ications4 4

%pam no* constitutes an over*helming ma7orit+ o( *hat

04 hat are the the e((ects e((ects o( spams spams /4 This This t+pe t+pe o( spam spam "ide "ides s 5ehi 5ehind nd the the name names s o( resp respec ecte ted d reta retail ilers ers,, (ina (inanc ncial ial inst instit itut utio ions ns,, 5usinesses, charities and government 5odies4 .4 This This t+pe t+pe o( spam spam is used to promote an entire spectrum o( products and services, (rom so(t*are to real estate to uestiona5le medical and nutritional o((erings4 14 This t+pe o( spam is one o( the main distri5uti distri5ution on channels channels (or delivering delivering viruses viruses and and other t+pes o( mal*are4 :4 This t+pe o( spam is a signi(icant chunk o( 7unk2mail 7unk2mail teBt4 <4 This t+pe o( spam posing posing as Nigerian princes, %*iss 5ankers, 5ankers, tragicall+ ill children and other >4 This t+pe t+pe o( spam spam delivers delivers viruses viruses and and other t+pes o( mal*are4 =4 hat are the the siB ?:@ t+pes t+pes o( I' Media Media -4 These o((erings o((erings use sophisticate sophisticated d algorithms algorithms to scan each incoming incoming message message (or signs that it ma+ contain spam4 4This o((loa o((loads ds message message (ilteri (iltering ng (rom the email email server server,, (reein (reeing g up net*or net*ork k resour resources ces and 5and*idth4 04 #ive at least (ive ?1@ main tools that can keep spam under control



'age 1 o( 1 o( 


$ou must a5le to get >points to 5e competent other*ise +oull take another test

Lap Tes!

8ra"!i"a& Demns!ra!in

Name)    Time started)   

Date) Time (inished)

     

Ins!ru"!ins: $ou are reuired to per(orm the (ollo*ing individuall+ *ith the presence o( +our teacher4

•



#ive at least (ive ?1@ main tools that can keep spam under control and eBplain each4

$our teacher *ill evaluate +our output either satis(actor+ or unsatis(actor+4 I( unsatis(actor+, +our teacher shall advice +ou on additional *ork4 Aut i( satis(actor+,



'age 11 o( 11 o( 

lo3

Recommend Documents