Spam

Definition

Spam describes any unsolicited communication—sent either via email or instant messenger (IM)—intended for commercial gain. The term spam encompasses a broad array of activities, many of which—such as the distribution of phishing emails, or emails that provide an entrée to a Web threat—are malicious.

Recently, image spam—spam that displays its message in an image rather than in body text—has emerged as a way for malware writers to evade detection. Spammers also randomize these images using different sizes, backgrounds, and borders to circumvent blocking via spam signatures.

How to protect your network, servers, pcs and mobile devices from spam

  • Implement a multi-layered approach that provides anti-spam security at all entry points—including the Internet gateway, messaging gateway, endpoint clients, endpoint servers, and the network. Trend Micro offers a variety of anti-spam products and solutions to suit various enterprise needs.
  • Implement both a network and a desktop firewall.
  • Keep all browser and IM security patches up to date.
  • Educate employees about the latest threats, symptoms of infection, and how to protect servers, PCs, and mobile devices:
  • Delete email with nonsensical or crude subject lines.
  • Spam often, though not always, includes these types of subject lines.
  • Subject lines for much of today’s image spam are related to the sale of pharmaceuticals and luxury goods, or to providing “hot stock tips.”
  • Open attachments only from known or expected sources.
  • Spam often arrives via unfamiliar email addresses and/or people.
  • Delete all unwanted and suspicious messages without opening.
  • Click on Web links sent only by known or expected sources, and never divulge personal confidential information such as user IDs, passwords, social security numbers, etc.—even if the requestor seems legitimate.
  • Reject any unsolicited IM communications, and consider preemptively blocking any messages from users not on your buddy list.
  • Do not disable enterprise antivirus, anti-spam, firewall, or other security protection.
  • Seek IT support if you experience any of the following:
  • Your email client suddenly becomes very busy, or slows down considerably.
  • You begin receiving high volumes of suspicious email.
  • You begin receiving “bounced” responses for emails you did not send.
  • You begin receiving notification that emails you send are infected.
 

What may happen if you don't adequately protect your technology assets from spam

  • Exposure of the network to other malware threats.
  • Loss of employee productivity due to network slowdowns, compromised machines, and diverted IT staff time to mitigate damage.
  • Loss of critical corporate and personal data, resulting in intellectual property and/or identity theft.
  • Financial costs of repairing affected equipment.
  • Damage to company image and bottom line.

Other resources

 

Quick Links