Spammer vs Hacker – Is there a Difference?
Lately, I’ve written quite a lot about phishing emails. While explaining how phishing scams work, I noticed that some use the terms “hacker” and “spammer” interchangeably. Although a hacker might be a spammer because there is no way out of that email list, not all spammers are hackers. Let’s understand the differences by examining how they both operate.
The Motives of Hackers and Spammers
A hacker is a person or group of people who break into IT systems, apps, and hardware to steal data or money from others. Hackers may also lock up websites or IT systems in exchange for ransom. They may also be at work skimming credit card information and transferring files with sensitive information. The goal of a hacker is to take something – money, control, or data.
Spammers have similar goals, but it is usually about the money. A spammer is a person or group, that sends large quantities of unsolicited emails to a list of users. Spammers are usually out to make money through legitimate or bogus offers.
What do spammers and hackers have in common?
It’s about their goals. Both the spammer and the hacker generally are looking to gain some cash from their efforts, but not always. Sometimes the spammer is trying to increase website traffic or build an email list to use in the future. The spammer might be after passwords, files, or other private information.
Since the 1980s, the word hacker has been warped by pop culture to indicate something with criminal intention. The original definition of the word hacker indicated any computer programmer or system administrator who is developing (or hacking) a workaround for a difficult computing issue. Hackers “hack” together solutions. In everyday use, the word hacker now means someone that is hacking into or breaking into a system with malicious intentions. Like many other technology terms there are degrees or flavors of hackers – “black hat”, “white hat” and “gray hat” all indicate level of criminal activity. Black is the shadiest and implies criminal intentions or complete rule-breaking. Another word for a criminal hacker is “cracker” but no one uses that word anymore. If you told someone a cracker broke into your IT systems, they’d think Saltines were at hard at work scamming credit card numbers!
There is such a thing as a white hat hacker. This is a person who is hired by an enterprise IT system administrator to break into their own network. The idea is to allow someone who is unfamiliar with an IT system free reign to find weaknesses in a system. The white hacker is for hire. Their results are used to strengthen the system.
Spam emails, referred to simply as SPAM, are emails that are unsolicited. In other words, no one wants them. They are associated with scams, but don’t always have to be completely illegitimate. Sometimes they are marketing emails from completely legitimate service provides. But still, they are unwanted.
Spammers are people who send mass emails generally with the goal of making money. They don’t set with the intention of taking over your laptop and maintaining control until a certain ransom is paid. They don’t try to steal credit card numbers – that’s the line between spammer, scammer, and hacker. Spammers send out groups of emails, usually advertisements of some sort. The hope is to get the recipient to click on a link and respond to some offer. It’s true that many spam emails contain legitimate offers like real estate listing and fitness equipment. The recipients’ purchases make money for the spammer. The email contains legitimate products or services. The buyer does receive their purchase and he spammer gets a cut. The reasons SPAM is illegal is because the emails are cleverly disguised and unsolicited. The FTC requires that advertisements be disclosed to the reader.
It is true that many spam emails contain scams. Like other old school scams, they frequently targeted the elderly with malicious intentions to separate them from their money. These spam emails can trick a recipient into to signing up for a bad reverse mortgage, an unnecessary insurance policy they don’t need, or some other shady financial deal. Like black hat hackers, spammers are criminals.
Spamming and hacking are both crimes. The Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act) was signed into law in December of 2003. Its goal is to prevent spammers from using and abusing email addresses of business and private citizens. Note, the CAN-SPAM Act doesn’t require senders to obtain an email recipients’ permission to before sending them an email. It does however, require that they be removed from the list and not sent any additional emails as soon as they opt-out. This is why buying an email list is not a good idea for marketing purposes. Many reputable email providers won’t allow purchased lists to be used on their email servers.
That’s where it can get shady tricky discerning a spammer from a hacker. Both a spam email and a phishing email may have an unsubscribe button. It is possible the spam email does have a functioning unsubscribe button (but not likely.) The phishing email sent by a hacker might also have an unsubscribe button. If it does, that will confirm your email address is working and monitored and cause more emails rather than removing you from a list.
Hacking is prosecutable under a number of federal and international laws, depending on the crime and evidence. Wire fraud, obtaining information from a protected computer, identity theft, possession of unauthorized access devices, and intentional damage to a protected computer are all common charges.