Unsolicited emails are on the rise. Several billion spam emails are sent every day. Unlike viruses, their content is not directly harmful. At the very least, the number of unsolicited emails is an annoyance. Users can spend more time sorting out their email to extract the ones that are legitimate than actually reading or writing email.
Unsolicited email is often referred to as spam, but can be separated into four categories:
These are advertising emails. The sender is trying to sell you something. The goal of the spammer is to make you read this email. The subject is often attractive ("You won a prize!") or very vague ("Some news") to attract the reader. The email content is usually very short, since the spammers are sending millions of these every day.
Phishing is a method of getting information from the user (e.g., login, passwords, or credit card numbers). The email appears to have been sent from a bank or a well-known web site, and usually informs the user that his account was suspended. The user is then invited to click on a link and log in to the site. Both the emails and the web site look legitimate. However, they are in fact forgeries of the original web site. The user gives away his credentials to a fake web site. Another common phishing technique consists of sending a receipt in the email for something that was never purchased, and includes a phone number to call if the reader wants to cancel the order. The phone number can be an overtaxed number, or the person on the other side is trying to steal your credit card information.
You have certainly received emails that announced you won millions of dollars at a lottery you never played, or emails from the son of the Nigerian president who needs your help to take money out of the country. Such scams seem to offer a lot of money with not much effort on your side. But the goal is to gain your confidence. The author of the scam gradually asks for more participation (meaning more money) from the recipient in order to finalize the transaction. Eventually, the scammer will get all the money and the recipient nothing.
Most hoaxes are harmless. They contain false information and ask the recipients to forward it to their friends. Here are examples of common hoaxes: a company is paying for every email sent with a special subject, check your computer if the (legitimate) file exists because it is a virus, etc. In some rare cases, hoaxes provide a phone number to call or a web site to visit. The goal is to have thousands of people call the number to surcharge the service and make it unavailable.
Spammers use tricks to try to find out what emails are valid. The emails often contain a link to unsubscribe. If you use it, you just receive more emails. The latest trick is to send an email with HTML containing images. The images are loaded from an external web site. Each URL to the image contains a string that identifies the email address. Most email clients used to load images automatically, and the receiver would be identified. New email clients do not load images by default. The From field is forged, of course. About 80 percent of spam mail is sent by zombies—PCs that are infected and controlled by spammers.
There are a number of tools to filter this unsolicited email before it reaches the user's mailbox, all of which are discussed in Spam Filtering with Bayesian Filters through SpamAssassin with Procmail.