The evolution of spamming techniques

By definition, spam is junk mail sent en masse to several recipients without their consent. Sending this type of message began in the 90s. It coincides with the popularity of email, which has become an essential communication tool in both personal and professional life. It wasn’t until 1997 that spam really became a scourge for users.

In just a few years, the evolution of spam has been considerable. As security vendors improve their filtering techniques, spammers compete to find new ways around them. This constant battle between the two entities has become a vicious circle. In the beginning, spammers sent their junk mail without disguising their identity. To block spam, users simply had to blacklist the sender’s IP address. Later, the spammers decided to hide their identity when sending.

In the 90s, open relay servers were a boon for spammers. They could send their spam to any user. Faced with this situation, administrators have been gradually reconfiguring their mail servers to avoid being blocked and to reinforce user security. After this stage, only the spammers’ servers remained in open relay. After that, it was easy to blacklist them. The arrival of high-speed Internet connections on the market has benefited users and spammers alike. Thanks to this technology, they were able to send unsolicited e-mails on a massive scale and at low cost. As users’ proxy servers are unprotected, spammers can use them for their activities. For recipients, the spam received comes from the IP of the person hacked, even if this is not the case. The risk is that the latter can be quickly blacklisted.

Botnets, or zombie computers, first appeared around 2003 – 2004. Spammers have no qualms about hacking into the computers of hundreds or even thousands of users, using Trojans to control them remotely. There are several possibilities: using the bot to carry out a spam campaign, a DDoS attack, or selling the network to the highest bidder on the market,… To get around the spam filters in place, hackers rely heavily on the content of their spam. When they first appeared, the messages they sent were identical and easily recognizable. The aim of this technique was to bypass Bayesian filters based on the statistical presence of numerous spam-related words in emails. After a while, spammers decided to send personalized emails. Security editors have had to adapt to this by developing anti-spam filters capable of detecting similarities between junk mail. The last few years have seen the emergence of e-mails stuffed with invisible or random text and graphic spam. These “image spams” were very popular in 2009-2010, but didn’t last very long.

Nowadays, given that ‘coarse’ spam is easily filtered out using the methods described above, spammers have developed new ways of bypassing filters by playing on simpler content and using distinct, pseudo-random domain names for URLs. Tomorrow, IPv6 will be in full force, with spam coming from IPv6 servers that will be much harder to block, given the number of possible addresses: each spam message can be sent from a different IP address.

In short, our efforts must continue. Spam, although proportionally less present in emails, is increasingly complicated to block, and it remains essential to avoid generating false positives at all costs. The Altospam solution published by Oktey was designed from the outset with this major problem in mind, while ensuring high-performance filtering for its users!

Want to try it out? Visit https://www.altospam.com/fr/test-gratuit.php