What is spam?
Spam may not have a universal definition but generally people recognize it when they see it. Often known as Unsolicited Commercial Email (UCE) or Unsolicited Bulk Email (UBE), spam is email that is both unsolicited by the recipients and sent indiscriminately to a large number of recipients. pamming is economically viable because the costs for sending huge quantities of email are low, and therefore even a very small response rate can be profitable. Also, it is problematic to track down spammers and even more difficult to hold them accountable, since they can be located anywhere in the world and there are many different and often contradictory laws regarding email in many different jurisdictions. As a result, the job of curtailing spam has fallen to technology solutions rather than to legislative ones.
What is a phishing email?
A phishing email masquerades as a communication from a trustworthy person or business in an attempt to fraudulently acquire sensitive information, such as passwords, credit card details, or banking login information. Phishing attempts typically target large, well-known banks and online payment services, as well as other potentially trusted organizations such as government institutions or tax agencies. While many phishing emails are sent indiscriminately regardless of the financial institution used by a given recipient, sometimes these fraudulent messages can be highly targeted.
Most methods of phishing use some form of technical deception designed to make a link in an email (and the faked or "spoofed" website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers, such as http://www.yourbank.com.example.com/. Another common trick is to make the text for a link appear to be a valid URL when the link actually goes to the phishers' site.
What is email spoofing?
Email spoofing is a technique commonly used for spam email and phishing to hide the origin of a malicious message. By changing certain properties of the email, such as the From, Return-Path and Reply-To fields (which can be found in the message header and which can be easily forged by a spammer), hackers can make the email appear to be from someone other than the actual sender. Spammers frequently use randomly generated sender addresses ("From [email protected]"), regardless of whether that address actually exists, or they may attempt to make a message appeared to have come from a trusted source such as the recipient's own domain. Unfortunately, there is no way to prevent a spammer from using any given "From" address for their mailings, although there are some techniques (such as use of SPF) that can help to determine whether a message is actually from the purported sender.
What are zombie computers?
A zombie is a computer that has been compromised by a hacker, a computer virus, or a trojan horse for use as an unwitting accomplice to nefarious purposes such as sending out spam or phishing email messages. Spammers generally control a large number of zombie computers so that they can send out large volumes of spam from a large number of source locations. These networks of zombie computers are often referred to as "botnets," so called since they are networks of individual software robots. Infected zombie computers -- predominantly Windows PCs -- are now the primary delivery method of spam and phishing messages. Most owners of zombie computers are unaware that their systems are being used in this way.
What is a worm?
A computer worm is a self-replicating computer program that sends copies of itself to other computers, typically via the Internet and usually without any user intervention. Unlike a traditional virus, a worm does not need to attach itself to an existing program. Worms can impact an organization's or an Internet service provider's network (if only by consuming bandwidth), whereas viruses always infect or corrupt files on a targeted computer.
Typically the worm will arrive as email, where the message body or attachment contains the worm code, but it may also link to code on an external website. Most email systems require the user to explicitly open an attachment to activate the worm. Once activated, the worm will attempt to replicate itself by harvesting destination email addresses from the infected computer's address book or files. The worm may or may not use the infected computer's "From" address when sending out those messages.
What is a Trojan horse?
A Trojan horse is a malicious, security-breaking program that is disguised as something benign, such as a game, video, or even (in one notorious case) a program supposedly designed to find and destroy viruses. A Trojan horse appears to do one thing, such as install a screen saver or show a photograph, when in fact it does something nefarious in the background such as allowing access to passwords and other data on that computer.