Jeanyone who uses an e-mail account today knows the term - one is bombarded with it every day. Spam (also called junk mail) causes huge economic damage worldwide.
There are several ways an email address can get into the hands of a spammer:
Most sweepstakes these days require you to provide an email address
Address data is lawfully purchased and resold to other companies, including for promotional purposes
A large part of the e-mail addresses is guessed, since there are e-mail addresses that are present in almost every domain, such as postmaster@desired name.de or info@desired name.de
These are small programs that search websites specifically for e-mail addresses, e.g. from guest book entries or the imprint of websites
Spammers usually send their message to several million recipients via purchased botnets or misconfigured mail servers, knowing full well that only a very small percentage of recipients read/open the emails and thus fall into the trap.
Therefore, sending is relatively cheap for the spammer; the majority of the transmission costs are borne by the provider and recipient. Every byte of spam that is transmitted costs the companies and Internet providers hard cash, since they are not charged for the time but for the volume of data.
If there is a high volume of junk mail received, corporate servers may even fail completely. Additionally, the junk mail creates additional energy and time/effort for companies to maintain their spam filters to keep them up-to-date. It is estimated that over 90 percent of all e-mail messages worldwide are spam e-mails.
Spam over Internet Telephony (SPIT for short) are unwanted and automatically recorded calls via VoIP.
It's rare, but unfortunately it still happens. You always notice this when you let your answering machine accept all missed calls.
Telephone connections are set up automatically. The moment you accept the call, the audio data is imported via the RTP protocol. These are mostly recorded advertising messages, but also requests to take part in dubious competitions with the lure of high prizes under a fee-based telephone number.
Banner ads on websites are also spam. With one click you can trigger an avalanche of pop-ups as well as catch malware.
And then there is spamming in forums or on social networks. Since there is a large audience here, the spammer uses automated bots that post advertisements and links to websites in the comments. However, such comments are usually recognized quickly and deleted again.
At every point where spam is generated or transported, measures can be taken to at least reduce the amount of spam.
Today, basically every e-mail program already has an integrated spam filter that recognizes advertising e-mails in advance and sorts them out directly, i.e. moves them to the spam folder in your inbox. Spam filters directly at the e-mail provider have the advantage that the recognized spam e-mails are sorted out before they are delivered. This saves bandwidth and your own mailbox.
Configuring spam filters in such a way that they are tailored to the user/user group has high success rates (false positives can usually be completely excluded and false negatives can be reduced to 1% to 10%), but the one-off effort is very high and you need it expertise. In addition, the filter must be constantly adapted to the new methods and types of spam.
Heuristic spam filters learn to recognize and sort out spam based on various characteristic features. You will learn the difference between "HAM" (desirable mail) and "spam" (unsolicited mail). Here, too, the user must always keep a watchful eye on the "sorted out" messages - sometimes "clean" e-mails are wrongly filtered due to one or the other feature.
A combination of local and network spam filters is effective protection.
The third perspective of threat modeling focuses on a company's assets, critical information, data, and machines and their whereabouts. Then you work out the profile of a possible attacker. You ask yourself what his motivation could be, how valuable these assets would be for him and how much effort he would have to put in to get these assets.
It is appropriate for companies not to choose just one threat modeling approach alone, but at best all three in order to get the most comprehensive picture of the situation possible. Because in reality, the more difficult it is for an attacker to reach his target, the more likely he will look for other and easier targets.
But not only is it important to withstand an attack when it comes, but also how to detect attacks in the first place. No matter how resilient an IT infrastructure may appear, there is never a complete guarantee that there is no possibility of compromise and it is always better to find IoAs (Indicator of Attacks) than IoCs (Indicator of Compromise).