Circulation and Spam

According to Rao and Reily, “spammers first developed technology to automate the sending of bulk email in the mid 1990s” by using “relay servers” and “floating a deluge of spam from phony domains” (89). This coincides with the coining of the term “spam,” as well, marking the rise of awareness of wide-spread circulation of email spam. With this rise, the creation of email anti-spam programs came about to halt their circulation. As email filtering programs became more advanced, so did spamming techniques.

One of the factors that keeps spam so prevalent is the ingenuity of spammers to circulate their messages beyond the filters. This pops up in several ways.

"Yahoo! Mail (notice@yahoogroups.com)" or "Mr. Micheal Miller" or "Mr. George Rowland" want you to know you are rich for the New Year.

Setting up a redirect to a popular server (Yahoo) and obscuring the name of the emailer in the "from" line, this spammer is attempting to get past filters by selecting a server that would otherwise be trusted. If users were to attempt to reply back to this email, it would be posted on the yahoogroups page and thus reach a wider circulation, as well. We can see the intent of this with the inclusion of the email the user is meant to respond to in the body of the text. The scammer is hoping for any response at all in order to have another user post this message to the Yahoo! board it is attached to, but the scammer is also seeking a response from individuals.

Notice that this email has an attachment, as well. Here, the scammer may be pressing a little too hard for this email to make it through filters as it is also a phishing attempt as well as a "419" scam. The attachment probably contains a virus that will scan the unsuspecting user's computer for information to send back to the spammer.

Also notice the subject line. This spammer wants the user to be fooled into thinking this is already part of an established circulation between these two.

"Ka Tee Chan (kayee.chan@jjay.cuny.edu)" wants to respond to your original hello, honest.

Using the same tactic to establish a false element of established circulation, this scammer has also included a "re:" line in the subject. "Ka Yee Chan" wants this simple message to clear filters by keeping it very short. If the user responds, then the email server may pick this up as an established circulation and keep pushing "Ka Yee Chan's" future messages forward, as well.

This email was sent to another .edu account, so the email address is purposefully made in order to fool the user into thinking this may be an academic connection they are engaging with. A quick glance would make this seem like a real user of the City University of New York system with the only giveaway being the "jjay" that preceeds it. This is an easy item to miss, and it is done so the user engages in the exchange.

For such a brief email, this artifact does some surprisingly complex moves to establish circulation.

"DAVID AND SUSAN NELSON (jayana.venture@unipe.br)" ARE EXCITED YOU WON SOME MONEY.

Important Note: please tell your spam filter this isn't spam so it will circulate to other users on your network.

This has another burried response email, which probably indicates that the spammer used a random email generator to send this one out. The real email address they use isn't present in the "from" line because they want to avoid having it picked up by filters. This is done so they switch to that one once the user responds.

Also note the "important note." If the spammer can convience the user to mark this as a meaningful email, then the filter may be less likely to tag it as spam again allowing for more circulation of this message.