Messaging spam
Encyclopedia
Messaging spam, sometimes called SPIM,
is a type of spam
targeting users of instant messaging
(IM) services.
, AIM
, Windows Live Messenger
, Tencent QQ
, ICQ
, XMPP
and Myspace chat rooms, are all targets for spammers. Many IM systems offer a directory of users, including demographic information such as age and sex. Advertisers can gather this information, sign on to the system, and send unsolicited messages, which could include commercial scam-ware, viruses, and links to paid links for the purpose of click fraud
. Microsoft has announced that the upcoming Windows Live Messenger 9.0 would support specialized features to combat messaging spam. In most systems users can already block the vast majority of spam through the use of a whitelist.
In 2002, a number of spammers began abusing the Messenger Service
, a function of Windows designed to allow administrators to send alerts to users' workstations (not to be confused with Windows Messenger
or Windows Live Messenger
, a free instant messaging
application) in Microsoft
's Windows NT
-based operating systems. Messenger Service spam appears as normal dialog box
es containing the spammer's message. These messages are easily blocked by firewalls configured to block packets to the NetBIOS
ports 135-139 and 445 as well as unsolicited UDP
packets to ports above 1024. Additionally, Windows XP Service Pack 2 disables the Messenger Service by default.
Messenger Service spammers frequently send messages to vulnerable Windows machines with a URL. The message promises the user to eradicate spam messages sent via the Messenger Service. The URL leads to a Web site where, for a fee, users are told how to disable the Messenger service. Though the Messenger is easily disabled for free by the user, this works because it creates a perceived need and then offers an immediate solution.
is a type of spam
Spam (electronic)
Spam is the use of electronic messaging systems to send unsolicited bulk messages indiscriminately...
targeting users of instant messaging
Instant messaging
Instant Messaging is a form of real-time direct text-based chatting communication in push mode between two or more people using personal computers or other devices, along with shared clients. The user's text is conveyed over a network, such as the Internet...
(IM) services.
Instant messaging applications
Instant messaging systems, such as Yahoo! MessengerYahoo! Messenger
Yahoo! Messenger is an advertisement-supported instant messaging client and associated protocol provided by Yahoo!...
, AIM
AOL Instant Messenger
AOL Instant Messenger is an instant messaging and presence computer program which uses the proprietary OSCAR instant messaging protocol and the TOC protocol to allow registered users to communicate in real time. It was released by AOL in May 1997...
, Windows Live Messenger
Windows Live Messenger
Windows Live Messenger is an instant messaging client created by Microsoft that is currently designed to work with Windows XP , Windows Vista, Windows 7, Windows Mobile, Windows CE, Xbox 360, Blackberry OS, iOS, Java ME, S60 on Symbian OS 9.x and Zune HD...
, Tencent QQ
Tencent QQ
Tencent QQ, generally referred to as QQ, is the most popular free instant messaging computer program in mainland China. As of July 11, 2011, the active QQ users accounts for QQ IM totaled 812.3 million, possibly making it the world's second largest online community. The number of simultaneous...
, ICQ
ICQ
ICQ is an instant messaging computer program, which was first developed and popularized by the Israeli company Mirabilis, then bought by America Online, and since April 2010 owned by Mail.ru Group. The name ICQ is a homophone for the phrase "I seek you"...
, XMPP
Extensible Messaging and Presence Protocol
Extensible Messaging and Presence Protocol is an open-standard communications protocol for message-oriented middleware based on XML . The protocol was originally named Jabber, and was developed by the Jabber open-source community in 1999 for near-real-time, extensible instant messaging , presence...
and Myspace chat rooms, are all targets for spammers. Many IM systems offer a directory of users, including demographic information such as age and sex. Advertisers can gather this information, sign on to the system, and send unsolicited messages, which could include commercial scam-ware, viruses, and links to paid links for the purpose of click fraud
Click fraud
Click fraud is a type of Internet crime that occurs in pay per click online advertising when a person, automated script or computer program imitates a legitimate user of a web browser clicking on an ad, for the purpose of generating a charge per click without having actual interest in the target...
. Microsoft has announced that the upcoming Windows Live Messenger 9.0 would support specialized features to combat messaging spam. In most systems users can already block the vast majority of spam through the use of a whitelist.
Countermeasures
- Many users choose to receive IMs only from people already on their contact list.
- In corporate settings, spam over IM is blocked by IM spam blockersInstant messaging managerCompanies that provide instant messaging management products and services include Akonix, Barracuda Networks, CSC, Global Relay, FaceTime Communications, Presensoft, ScanSafe, Smarsh, SurfControl and Symantec....
like those from FaceTime Communications, Akonix, ScanSafe, SymantecSymantecSymantec Corporation is the largest maker of security software for computers. The company is headquartered in Mountain View, California, and is a Fortune 500 company and a member of the S&P 500 stock market index.-History:...
, and CSC.
Messenger Service spam on Windows NT-based systems
Messenger Service
Messenger Service is a network-based system notification service included in some versions of Microsoft Windows. This service, although it has a similar name, is not related in any way to the .NET Messenger Service or the Windows Messenger and MSN Messenger/Windows Live Messenger instant messaging...
, a function of Windows designed to allow administrators to send alerts to users' workstations (not to be confused with Windows Messenger
Windows Messenger
Windows Messenger is a client by Microsoft that is included in the Windows XP operating system. Designed for use by corporate users as well as home users, it was originally created as a streamlined and integrated version of MSN Messenger...
or Windows Live Messenger
Windows Live Messenger
Windows Live Messenger is an instant messaging client created by Microsoft that is currently designed to work with Windows XP , Windows Vista, Windows 7, Windows Mobile, Windows CE, Xbox 360, Blackberry OS, iOS, Java ME, S60 on Symbian OS 9.x and Zune HD...
, a free instant messaging
Instant messaging
Instant Messaging is a form of real-time direct text-based chatting communication in push mode between two or more people using personal computers or other devices, along with shared clients. The user's text is conveyed over a network, such as the Internet...
application) in Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
's Windows NT
Windows NT
Windows NT is a family of operating systems produced by Microsoft, the first version of which was released in July 1993. It was a powerful high-level-language-based, processor-independent, multiprocessing, multiuser operating system with features comparable to Unix. It was intended to complement...
-based operating systems. Messenger Service spam appears as normal dialog box
Dialog box
In a graphical user interface of computers, a dialog box is a type of window used to enable reciprocal communication or "dialog" between a computer and its user. It may communicate information to the user, prompt the user for a response, or both...
es containing the spammer's message. These messages are easily blocked by firewalls configured to block packets to the NetBIOS
NetBIOS
NetBIOS is an acronym for Network Basic Input/Output System. It provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network. As strictly an API, NetBIOS is not a networking protocol...
ports 135-139 and 445 as well as unsolicited UDP
User Datagram Protocol
The User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
packets to ports above 1024. Additionally, Windows XP Service Pack 2 disables the Messenger Service by default.
Messenger Service spammers frequently send messages to vulnerable Windows machines with a URL. The message promises the user to eradicate spam messages sent via the Messenger Service. The URL leads to a Web site where, for a fee, users are told how to disable the Messenger service. Though the Messenger is easily disabled for free by the user, this works because it creates a perceived need and then offers an immediate solution.