Spam is created by attackers who send unsolicited commercial or bulk email. Spammers continuously attempt to find new ways around the increased legislation and policies governing unsolicited emails. Attackers often send massive email broadcasts with a hidden or misleading incoming IP address and a hidden or misleading email address. If the spammers were to gain access to a company’s email and IP address, the impact on the company’s business could be devastating. The company’s Internet connection would be terminated by its Internet Service Provider (ISP) if its email and IP address are added to the blacklist of known spamming addresses. Effectively, this would shut down the company’s online business because none of the emails would reach their destination.
A virus incorporates email as a means of transportation. This type of virus is often called a worm – the Sobig virus is an example. This virus creates a spamming framework by taking over unwilling participants’ PCs. This is a major threat to email security because the spam will continue to spread, triggering dangerous viruses with malicious intent.
Phishing is a type of cyber attack that involves emails that appear to be from legitimate businesses that the user may be associated with. As these phishing emails are scams they are designed to look as though they come from the claimed entity. These messages ask for verification of personal information, such as an account number, a password, or a date of birth. Twenty percent of unsuspecting victims respond, which may result in stolen accounts, financial loss, or even identity theft. It is best not to respond to unsolicited emails as they may be attacks of this kind. If one deems it necessary to respond to an unsolicited email, they should be sure to check it for misspellings or odd phrasings as these can be a giveaway of illicit activity. It is also not a good idea to open email attachments from senders one does not trust.