Definition

drive-by spamming

Drive-by spamming is a variation of drive-by hacking in which the perpetrators gain access to a vulnerable wireless local area network (WLAN) and use that access to send huge volumes of spam. Using the drive-by method allows spammers to save themselves the considerable bandwidth costs required to send that many messages legitimately, and makes it very difficult for anyone to trace the spam back to its source.

A drive-by spamming incident starts with war driving: driving around seeking insecure networks, using a computer equipped with a wireless Ethernet card and some kind of an antenna. A wireless LAN's range often extends beyond the building housing it, and the network may broadcast identifying information that makes access simple. Once the attacker finds an unprotected e-mail (SMTP) port, the attacker can send e-mail as easily as someone inside the building. To the mail server, the messages appear to have come from an authorized network user.

According to a report in Geek News, 60-80% of wireless LANS are vulnerable to a drive-by attack, mostly because administrators fail to change the default settings for network access points (devices that serve as base stations in a wireless network) when configuring the network.

This was last updated in September 2005
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchMobileComputing.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

  • In-the-cloud defenses for mobile malware

    Mobile antivirus programs apply laptop best practices to PDAs and smartphones, but there are many other ways to protect corporate assets from mobile malware. Complementary "in the cloud" defenses include enterprise sync servers, network gateways and wireless services that incorporate mobile malware filtering. Learning from experience: Our decade-long fight against Win32 malware has shown that PC-resident virus/spyware scanners and spam/phishing filters are necessary but inefficient. Keeping those programs and signatures current has become an onerous, time-sensitive chore.

  • iPhone encryption is a must for the security-conscious enterprise

    Apple is advertising the iPhone 3G as something that consumers can use at work. IT managers with high security requirements beg to differ. They want full device encryption and centralized policy enforcement before they'll even let one in the building.

  • Avoiding data breaches through mobile encryption

    Compare mobile encryption alternatives and their ability to prevent stored data theft, reducing the biggest risk posed by lost or stolen devices, in this tip.

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: