An approach to preventing spam using Access Codes with a combination of anti-spam mechanisms

Spam is becoming a more and more severe problem for individuals, networks, organisations and businesses. The losses caused by spam are billions of dollars every year. Research shows that spam contributes more than 80% of e-mails with an increased in its growth rate every year. Spam is not limited to emails; it has started affecting other technologies like VoIP, cellular and traditional telephony, and instant messaging services. None of the approaches (including legislative, collaborative, social awareness and technological) separately or in combination with other approaches, can prevent sufficient of the spam to be deemed a solution to the spam problem. The severity of the spam problem and the limitations of the state-of-the-Art solutions create a strong need for an efficient anti-spam mechanism that can prevent significant volumes of spam without showing any false positives. This can be achieved by an efficient anti-spam mechanism such as the proposed anti-spam mechanism known as "Spam Prevention using Access Codes", SPAC. SPAC targets spam from two angles i.e. to prevent/block spam and to discourage spammers by making the infrastructure environment very unpleasant for them. In addition to the idea of Access Codes, SPAC combines the ideas behind some of the key current technological anti-spam measures to increase effectiveness. The difference in this work is that SPAC uses those ideas effectively and combines them in a unique way which enables SPAC to acquire the good features of a number of technological anti-spam approaches without showing any of the drawbacks of these approaches. Sybil attacks, Dictionary attacks and address spoofing have no impact on the performance of SPAC. In fact SPAC functions in a similar way (i.e. as for unknown persons) for these sorts of attacks. An application known as the "SPAC application" has been developed to test the performance of the SPAC mechanism. The results obtained from various tests on the SPAC application show that SPAC has a clear edge over the existing anti-spam technological approaches

Unsolicited commercial e-mail (spam): integrated policy and practice

The internet offers a cost-effective medium to build better relationships with customers than has been possible with traditional marketing media. Internet technologies, such as electronic mail, web sites and digital media, offer companies the ability to expand their customer reach, to target specific communities, and to communicate and interact with customers in a highly customised manner. In the last few years, electronic mail has emerged as an important marketing tool to build and maintain closer relationships both with customers and with prospects. E-mail marketing has become a popular choice for companies as it greatly reduces the costs associated with previously conventional methods such as direct mailing, cataloguing (i.e. sending product catalogues to potential customers) and telecommunication marketing. As small consumers obtain e-mail addresses, the efficiency of using e-mail as a marketing tool will grow. While e-mail may be a boon for advertisers, it is a problem for consumers, corporations and internet service providers since it is used for sending 'spam' (junk-mail). Unsolicited commercial e-mail (UCE), which is commonly called spam, impinges on the privacy of individual internet users. It can also cost users in terms of the time spent reading and deleting the messages, as well as in a direct financial sense where users pay time-based connection fees. Spam, which most frequently takes the form of mass mailing advertisements, is a violation of internet etiquette (EEMA, 2002). This thesis shows that spam is an increasing problem for information society citizens. For the senders of spam, getting the message to millions of people is easy and cost-effective, but for the receivers the cost of receiving spam is financial, time-consuming, resource-consuming, possibly offensive or even illegal, and also dangerous for information systems. The problem is recognised by governments who have attempted legislative measures, but these have had little impact because of the combined difficulties of crossing territorial boundaries and of continuously evasive originating addresses. Software developers are attempting to use technology to tackle the problem, but spammers keep one step ahead, for example by adapting subject headings to avoid filters. Filters have difficulty differentiating between legitimate e-mail and unwanted e-mail, so that while we may reduce our junk we may also reduce our wanted messages. Putting filter control into the hands of individual users results in an unfair burden, in that there is a cost of time and expertise from the user. Where filter control is outsourced to expert third parties, solving the time and expertise problems, the cost becomes financial. Given the inadequacy of legislation, and the unreliability of technical applications to resolve the problem, there is an unfair burden on information society citizens. This research has resulted in the conclusion that cooperation between legislation and technology is the most effective way to handle and manage spam, and that therefore a defence in depth should be based on a combination of those two strategies. The thesis reviews and critiques attempts at legislation, self-regulation and technical solutions. It presents a case for an integrated and user-oriented approach, and provides recommendations

The regulation of unsolicited electronic communications (SPAM) in South Africa : a comparative study

The practice of spamming (sending unsolicited electronic communications) has been dubbed “the scourge of the 21st century” affecting different stakeholders. This practice is also credited for not only disrupting electronic communications but also, it overloads electronic systems and creates unnecessary costs for those affected than the ones responsible for sending such communications. In trying to address this issue nations have implemented anti-spam laws to combat the scourge. South Africa not lagging behind, has put in place anti-spam provisions to deal with the scourge. The anti-spam provisions are scattered in pieces of legislation dealing with diverse issues including: consumer protection; direct marketing; credit laws; and electronic transactions and communications. In addition to these provisions, an Amendment Bill to one of these laws and two Bills covering cybercrimes and cyber-security issues have been published. In this thesis, a question is asked on whether the current fragmented anti-spam provisions are adequate in protecting consumers. Whether the overlaps between these pieces of legislation are competent to deal with the ever increasing threats on electronic communications at large. Finally, the question as to whether a multi-faceted approach, which includes a Model Law on spam would be a suitable starting point setting out requirements for the sending of unsolicited electronic communications can be sufficient in protecting consumers. And as spam is not only a national but also a global problem, South Africa needs to look at the option of entering into mutual agreements with other countries and organisations in order to combat spam at a global level.Mercantile LawLL. D

Canning the Spam and Cutting the Cookies: Consumer Privacy On-Line and EU Regulation

The chapter deals with the regulation of "spam" (unsolicited junk emails), and "cookies", which typically store personal data about a user's transactions. Specifically, the author focusses on the European and UK laws to deal with spam and cookies and what the implications are of this for online privacy. Privacy invading technologies are discussed, together with the possible economic impact of unsolicited mail to discuss what the outcome for the consumer, internet service provider, and e-commerce traders, might be

The Benefits and Costs of Online Privacy Legislation

Many people are concerned that information about their private life is more readily available and more easily captured on the Internet as compared to offline technologies. Specific concerns include unwanted email, credit card fraud, identity theft, and harassment. This paper analyzes key issues surrounding the protection of online privacy. It makes three important contributions: First, it provides the most comprehensive assessment to date of the estimated benefits and costs of regulating online privacy. Second, it provides the most comprehensive evaluation of legislation and legislative proposals in the U.S. aimed at protecting online privacy. Finally, it offers some policy prescriptions for the regulation of online privacy and suggests areas for future research. After analyzing the current debate on online privacy and assessing the potential costs and benefits of proposed regulations, our specific recommendations concerning the government's involvement in protecting online privacy include the following: The government should fund research that evaluates the effectiveness of existing privacy legislation before considering new regulations. The government should not generally regulate matters of privacy differently based on whether an issue arises online or offline. The government should not require a Web site to provide notification of its privacy policy because the vast majority of commercial U.S.-based Web sites already do so. The government should distinguish between how it regulates the use and dissemination of highly sensitive information, such as certain health records or Social Security numbers, versus more general information, such as consumer name and purchasing habits. The government should not require companies to provide consumers broad access to the personal information that is collected online for marketing purposes because the benefits do not appear to be significant and the costs could be quite high. The government should make it easier for the public to obtain information on online privacy and the tools available for consumers to protect their own privacy. The message of this paper is not that online privacy should be unregulated, but rather that policy makers should think through their options carefully, weighing the likely costs and benefits of each proposal.

Genres of Spam

Spam is currently the dominant form of communications on the internet, accounting for most e-mail traffic. Spam is a marketing device, it is also an expensive and time-consuming nuisance for industrires as well as a major vehicle for serious internet crimes. While considerable research has focused on the technical aspects of spam, how it works and how it can be blocked, our research aims to better understand why it works. We explore how genre theory can contribute to our understanding of ‘spam’. Our study consists of two parts. The first examined the content, form and specific features and considered the manifest relationship to existing genres of communication. The second part of the study focused on a detailed analysis of 111 Nigerian letters, a particularly noxious form of spam. Genre is generally considered useful because it makes communications more recognizable and understandable to recipients, helping readers process information. Our study suggests that spam is not a single genre but adaptations of many recognizable print genres. With spam, genre operates at several levels and is often used to mask rather than reveal intent. The paper concludes that spam exploits genre by conforming to known forms while at the same time breaching those norms