All County, All the Time Since 2010 MAKE THIS YOUR PRINCE EDWARD COUNTY HOME...PAGE!  Thursday, March 28th, 2024

Web gone WILD – Massive Spam Assault

Earlier this month, one of our client websites was flooded by a massive volume of spam email (also called a Denial of Service attack). Within a few days, the equivalent of 20 DVDs of spam email had been directed at this site – using up a large chunk of resources on the web server. This resulted in delays and short interruptions to web and email service. The regular spam-filtering tools couldn’t keep up with the volume. Without aggressive intervention, this situation would have disabled the website and email.

What is spam email?
E-mail spam, also known as junk e-mail, is unsolicited bulk e-mail. Spam is currently reported to comprise 91.89 percent of all messages!
http://www.symantec.com/content/en/us/enterprise/other_resources/b-state_of_spam_and_phishing_report_08-2010.en-us.pdf

Have other sites been affected by spam attacks?
Unfortunately yes, here are just a few examples:

How can such a large volume of email suddenly be directed at one site?
The emails were being sent by thousands of “zombie” computers which unknowingly had been infected by a virus. The virus takes over control of the computers, giving the virus programmers access to a large virtual network of computers.

How does a denial of service attack work?
A denial of service attack essentially chokes off the systems, which can result in a website being unavailable and delays in email delivery. An attack of this scale uses up the bandwidth quota allocated for the site (bandwidth is the data transfer that connects servers and the Internet.) Filtering and processing the requests uses up processing power. And lastly, it uses up hard drive space. Imagine downloading 20 DVDs onto your computer! Your computer would not likely be able to perform many other tasks while this was happening.

Why couldn’t these emails be blocked?
The huge volume of emails contained different messages and were coming from thousands of different computers, it was not possible to efficiently block or filter them.

How was the issue resolved?
In our experience, spam attacks usually last only a few days and when they can’t disable your site they go away and pick on someone else. This instance was the most concentrated and intense assault we have experienced over the course of 14 years. Usually small-medium business sites are not targeted to this extent.

In the beginning, we took the usual steps. SpamAssassin was filtering the emails. We increased the bandwidth and hard drive space allocations to keep the website online. When we realized that the assault was not going to subside, we had to take more aggressive measures. The email service was placed on an external (paid) service that specifically deals with this type of email volume. The transition was seamless to the client, and they can login to “whitelist” or deliver any legitimate emails which may have been caught up in the complex system of filters.

IMHO: It’s such a shame that resources are wasted on these situations. We spent 20+ hours dealing with the issue, and the client suffered stress due to potential loss of business. There are thousands of virus-infected computers out there continuing to blast spam, consuming valuable bandwidth and web server resources. According to a 2007 study by Nucleus Research Inc., spam management costs U.S. businesses more than $71 billion annually in lost productivity — $712 per employee.
http://www.usatoday.com/tech/news/2010-09-27-socialnetspam27_ST_N.htm

How can you protect yourself?
• Here is an article with tips to protect your email from spam. http://www.emailaddresses.com/email_nospam.htm
• If your website is assaulted by a spam attack, be sure your website host is readily available and equipped to deal with it.
• And lastly, don’t contribute unknowingly to the spam problem. Protect your computer from being infected by a virus by using a virus-protection software which automatically updates at least once a day.


Located in Prince Edward County, InfoLink Website Development has served small and medium sized  business clients in Eastern Ontario since 1996, offering affordable full-service website development, e-commerce, web hosting and integrated web marketing solutions, on budget and on time.  Visit our website at www.infolinkweb.ca

Filed Under: Uncategorized

About the Author: Anne is the owner of InfoLink Web Site Development in Picton. In her former life, she taught at Prince Edward Collegiate in the areas of computers, information processing, marketing, and communications. The satisfaction of seeing others learn and succeed is an underlying facet of her business endeavours.

RSSComments (2)

Leave a Reply | Trackback URL

  1. Phil Norton says:

    Great article Anne, and frightening. I’d like to know more about why they attack and the legal implications if they are caught. Which cops are on that beat? I wonder if is all part of corporate or political battle and the attackers are hired hit men by competitors? Imagine, if everyone was a Mac user none of this would be happening LOL!

  2. Lori says:

    Good Info – perhaps an article on the use of the BCC field and removing forwarded emails’ addresses to protect privacy and cut down on getting “spammed”.

OPP reports
lottery winners
FIRE
SCHOOL
Elizabeth Crombie Janice-Lewandoski
Home Hardware Picton Sharon Armitage

HOME     LOCAL     MARKETPLACE     COMMUNITY     CONTACT US
© Copyright Prince Edward County News countylive.ca 2024 • All rights reserved.