06:06 PM
Connect Directly
Repost This

FTC Study Concludes Masking, Filtering Stop Spammers

Unmasked E-mail addresses received over 6,400 spam messages, while only one spam message reached masked E-mail addresses. Masking is the practice of altering an E-mail address so that it's readable by people but not by machines.

Trickery and technology both play key roles in managing spam, according to a study released yesterday by the Federal Trade Commission.

The agency looked at three aspects of spamming and efforts to control it: the automated harvesting of E-mail addresses on public areas of the Internet; using E-mail address masking to reduce address harvesting; and the effectiveness of spam filtering by Internet Service Providers.

To conduct its five-week study, the FTC established 50 test E-mail accounts at each of three separate ISPs; two used spam filters and one didn't. It also posted 50 E-mail addresses on various Web sites, chat rooms, message boards, USENET groups, and blogs.

Sure enough, spammers harvested many of those addresses and spammed them. However, addresses posted in chat rooms, message boards, USENET groups, and blogs proved less likely to be harvested than those on general Web sites. The FTC noted that some chat room operators took active steps to prevent E-mail address harvesting from online areas under their supervision. E-mail address harvesting qualifies as an aggravated violation of the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM).

The study concluded that E-mail address masking is an effective way to reduce spam. During the course of the study, unmasked E-mail addresses received over 6,400 spam messages, while only one spam message reached masked E-mail addresses. Also known as "munging," masking is the long-standing practice of altering an E-mail address so that it's readable by people but improperly formatted for machines, such as "tclaburn at cmp dot com."

However, the effectiveness of address masking is not foolproof, particularly if a simple masking method (such as the one above) is used. The FTC observed that at least one harvesting program appeared to be able to capture masked addresses and translate them into a useable form by converting the words "at" and "dot" into their respective symbols.

While the FTC concludes address masking is an effective tactic to prevent spam, some Internet users argue the practice diminishes the Internet's functionality for the sake of personal gain.

The study also underscores the utility of ISP-based filtering. After five weeks, E-mail accounts at the ISP with no filter received 8,885 spam messages. The accounts at the ISPs that filtered received 1,208 spam messages (over 86% blocked) and 422 spam messages (over 95% blocked) respectively.

The FTC did not disclose the makers of the two spam filters used in the study. But it did note that the difference between the two ISPs' block rates is not necessarily a reflection of superior technology because the study does not address whether the filtering resulted in any false positives (legitimate messages mistaken for spam).

An FTC spokesperson was not immediately available for comment.

Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.