Spammers often disguise their email in an attempt to evade anti-spam software. Increasingly spam arrives via legitimate email addresses whose user credentials have been compromised, from services like Yahoo!, Hotmail and AOL. There is also a growing amount of “snowshoe spam” sent from leased static IP space (VPS), or cloud services.
Scammers are also targeting large email service providers (ESPs) with malware in an effort to compromise their mail transfer agents (MTA) in order to send spam.
Spam is often profitable. Spammers can send millions of emails in a single campaign for very little money. If even one recipient out of 10,000 makes a purchase, the spammer can turn a profit.
Does spam matter?
- Spam wastes staff time. Users without anti-spam protection have to check which email is spam and then delete it.
- Users can easily overlook or delete important email, confusing it with spam.
- Spam, like hoaxes or email viruses, uses bandwidth and fills up databases.
- Some spam offends users. Employers may be held responsible, as they are expected to provide a safe working environment.
- Spammers often use other people’s computers to send spam (see Zombie).
- Spam is frequently used to distribute malware (see Email malware).
Spammers are now also exploiting the popularity of instant messaging and social networking sites such as Facebook and Twitter to avoid spam filters and to trick users into revealing sensitive and financial information.