What are effective ways to stop instant messaging (IM) spam?

BROWSE BY TAG Application Security,   Application and Platform Security,   IM Security Issues, Risks and Tools,   Email Protection,   Email and Messaging Threats (spam, phishing, instant messaging),   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Application Security Do Facebook URL security concerns justify blocking social networks? Is there a way to block iPhone widgets that bypass Web filters? Should enterprises be concerned with Twitter in the workplace? Are there still Google Desktop security problems? Can an IP spoofing tool be used to spam SPF servers? Will an application usage policy best control network bandwidth? How can URL-shortening services be manipulated? Is my security program ready for Web application firewall deployment? How to ensure the security of a shopping cart application When to use the service features of the Metasploit hacking tool IM Security Issues, Risks and Tools Secure messaging complications result in limited protection Is it possible to ban chat programs on an enterprise LAN? How to lock down instant messaging in the enterprise AOL closes AIM attack vector, but risks remain Researcher says AIM still vulnerable, AOL insists it's fixed Serious security flaw in AOL Instant Messenger Security flaws found in AOL, Yahoo IM programs Flaw found in MSN Messenger AOL, Yahoo, Trillian IM applications under threat Security vendor Postini acquired by Google Email and Messaging Threats (spam, phishing, instant messaging) Messaging security risks have upper hand on solutions Web-based attacks skyrocket, pirating sites surge, security firms say Pushdo botnet uses Facebook to spread malicious email attachment Scareware report highlights successful business model How to prevent phishing attacks with social engineering tests Phishing protection begins with training, antiphishing evangelist Phishing attacks to remain a major problem, say security experts Barracuda acquires Purewire expanding Web security reach FBI raids phishing crime ring, nearly 100 arrested Massive phishing scheme affects Microsoft Hotmail accounts Email and Messaging Threats (spam, phishing, instant messaging) Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary greynet  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

Like text messaging using mobile phones, instant messaging (IM) has become extremely popular and its use widespread. The Radicati Group Inc., an independent technology market research group, estimated the number of IM users worldwide in 2007 to be 461 million, and that it will surpass 700 million by 2011. With such a large user base, instant messaging systems are popular targets for spammers. So just as you receive unwanted email or spam, you can also receive unwanted instant messages called "spim." These instant messages can be from complete strangers or from people you know but don't want to communicate with.

Most IM programs, such as Windows Messenger and AOL Instant Messenger (AIM), allow you to build a contact list, or "buddy list," which is similar to the address book in your email program. The best part about this list is that you can choose to block incoming messages from everyone except the people in it. Trillian also has the ability to completely block all incoming messages from unknown users. My recommendation would be to adjust these privacy settings to reduce the amount of spim you receive. AIM also allows you to warn other users about an account that is sending you unwanted instant messages. The warning decreases the number of spim the account can send and shows the AIM address as warned to other users that it may try to message.

If you are using IM at a workplace with no in-house antispam services and you need to accept messages from unknown sources, I would take a look at a Trillian plugin called Trillian Spam Challenge. It attempts to stop spam by confirming that strangers who send you a message are in fact human -- instead of spam-generating robots -- using blacklists, wildcard entries, per-account activation and other methods. Although it is freeware, it does require Trillian Pro.

Unfortunately, it does sound as though it may be too late to save your current accounts, so it may be an idea to start again and create new ones. Be careful when creating a new screen name. Your screen name should not provide or allude to any personal information about you. Most importantly do not list your screen name in public areas, such as large Internet directories or online community profiles. If you have to give out your screen name for business reasons, then try and provide it as an image instead of text as this will make it harder for bots to add it to their databases. Finally, make sure you're using the latest version of your IM software as new antispim features are being introduced in most programs.

More information: