Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS
listings, and Web pages. He then sends a large number of unsolicited commercial e-mail (UCE)
messages to these addresses. Which of the following e-mail crimes is Peter committing?

A.
E-mail spam

B.
E-mail storm

C.
E-mail bombing

D.
E-mail spoofing

Explanation:

Peter is performing spamming activity. Spam is a term that refers to the unsolicited e-mails sent to
a large number of e-mail users. The number of such e-mails is increasing day by day, as most
companies now prefer to use e-mails for promoting their products. Because of these unsolicited emails, legitimate e-mails take a much longer time to deliver to their destination. The attachments
sent through spam may also contain viruses. However, spam can be stopped by implementing
spam filters on servers and e-mail clients.
Answer option C is incorrect. Mail bombing is an attack that is used to overwhelm mail servers and

clients by sending a large number of unwanted e-mails. The aim of this type of attack is to
completely fill the recipient’s hard disk with immense, useless files, causing at best irritation, and
at worst total computer failure. E-mail filtering and properly configuring email relay functionality on
mail servers can be helpful for protection against this type of attack.
Answer option B is incorrect. An e-mail storm is a sudden spike of Reply All messages on an email distribution list, usually caused by a controversial or misdirected message. Such storms start
when multiple members of the distribution list reply to the entire list at the same time
in response to an instigating message. Other members soon respond, usually adding vitriol to the
discussion, asking to be removed from the list, or pleading for the cessation of messages. If
enough members reply to these unwanted messages, this triggers a chain reaction of e-mail
messages. The sheer load of traffic generated by these storms can render the e-mail servers
carrying them inoperative, similar to a DDoS attack. Some e-mail viruses also have the capacity to
create e-mail storms, by sending copies of themselves to an infected user’s contacts, including
distribution lists, infecting the contacts in turn.
Answer option D is incorrect. E-mail spoofing is a term used to describe e-mail activity in which the
sender address and other parts of the e-mail header are altered to appear as though the e-mail
originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail
and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail,
such as the From, Return-Path, and Reply-To fields (which can be found in the message header),
ill-intentioned users can make the e-mail appear to be from someone other than the actual sender.
The result is that, although the e-mail appears to come from the address indicated in the From
field, it actually comes from another source.