Messaging spam
Messaging spam, sometimes called SPIM, is a type of spam where the target is instant messaging services.
The increase in messaging spam may be motivated by its rise in popularity as well as the many steps to crack down on spamming since the late 1990s.
Instant-messaging applications
Instant messaging (IM) systems, such as Yahoo! Messenger, AIM, MSN Messenger and ICQ, are popular targets for spammers. Many IM systems offer a directory of users, including demographic information such as age and sex. Advertisers can gather this information, sign on to the system, and send unsolicited messages.
Using privacy options to guard against messaging spam
To combat SPIM, many users choose to receive IMs only from people already on their contact list.
- With Yahoo Messenger, users can click Messenger -> Preferences -> Ignore List and check the box "Ignore anyone who is not on my Messenger List."
- With AOL's Instant Messenger, or AIM, users can click My AIM -> Edit Options -> Edit Preferences -> Privacy and check "Allow only users on my buddy list"
- With MSN Messenger, users can click Tools -> Options -> Privacy and check the box "Only people on my Allow List can see my status and send me messages"
- With BitWise IM, users can click Preferences -> Server / Contact List -> and check the box "Whitelist my contact list so that only users on my contact list can see me online or contact me"
- With Trillian, users can click Trillian -> Trillian Preferences -> Identities & Connections, and in all ICQ accounts click on the Miscellaneous tab and uncheck "Allow users to see my status on the web". There is also a plug-in available called Trillian Spam Challenge which asks unknown contacts from any medium to enter a phrase proving they're not a spambot, before the message is allowed through.
If you send someone you know an instant message, and they do not respond, it may be because they do not yet have you in their messenger's allow list. Ask the user to add you to their allow list first.
Using AIM 'warn' feature
The free AOL Instant Messenger (AIM) service allows users to 'warn' other users. The warning decreases the number of messages an account can send, slowing down spam, and shows the AIM address as warned to other users that it may try to message. This feature does have the potential for abuse, although such cases are minimal.
Windows messaging spam
In 2002, a number of spammers began using the Microsoft Windows Messaging service to get their message across. This isn't the same as the IM system "Windows Messenger"; rather, it is a function of Windows designed to allow servers to send alerts to administrator workstations. Windows Messaging spam appears as normal dialog boxes containing the spammer's message. Windows Messaging spam can be delivered using any NetBIOS port, so to block it at a firewall entails closing down ports 135 through 139, and 445.
Alternatively, Windows users can simply disable the messenger service entirely though the Windows services list available via Run/services.msc.
Messenger service spam, in particular, has lent itself to spammer use in a particularly circular scheme. In many cases, messenger spammers send messages to vulnerable Windows machines consisting of text like: "Annoyed by these messages? Visit this site." The link leads to a Web site where, for a fee, users are told how to disable the Windows messenger service. Though the messenger service is easily disabled for free by the user, this scam works because it creates a perceived need and then offers an immediate solution. Often, the only "annoying messages" the user is receiving through messenger are advertisements to disable messenger itself.
Subsequent Windows XP Service Packs have disabled this "feature" by default.
External links
- http://www.microsoft.com/windowsxp/using/security/learnmore/stopspam.mspx - Tutorial to disable messenger service in Windows 2000, Windows XP and Windows Server 2003
- http://www.facetime.com/ - SpIM prevention solutions
- http://www.imlogic.com/ - SpIM prevention solutions