Email, Messaging, & Video Calls Email Ratware: What It Is and How It Works How spammers are using software to hijack your email Share Pin Email Print Alexander W Helin/Getty Images Email Yahoo! Mail Gmail By Paul Gil Writer Paul Gil, a former Lifewire writer who is also known for his dynamic internet and database courses and has been active in technology fields for over two decades. our editorial process Paul Gil Updated June 18, 2019 24 24 people found this article helpful Ratware is software that automates, generates, and sends spam email in bulk. Spammers use this tool to send email messages that advertise products and services or attempt to lure recipients into phishing scams. Ratware falsifies (or spoofs) the email address from which it sends the spam. These false source addresses use a legitimate email address or an impossible address format. The Purpose of Ratware Ratware is often used in conjunction with other types of malicious software, such as botnet remote control software, harvesting software, and dictionary software to: Furtively connect to internet servers or private internet-connected computers, and take over their email systems temporarily.Send massive numbers of emails in a very short time from those hijacked computers.Disconnect and mask any digital trail of their actions.Do the above three actions automatically and repeatedly. Examples of Ratware Subject Lines Once you see some email subject lines generated by ratware, you'll recognize them easily. Here are a few examples: We carry the most popular medications (peddling pharmaceuticals)You've been sent an Insta-Kiss (phishing scam to steal your identity information)F R E E 60-Second MORTGAGE qualification (identity theft)HURRY HURRY hot stock about to go through the roof (pump and dump email scams) How Ratware Works To be most effective, ratware needs to be covert, and it needs to send mass volumes of messages. To achieve secrecy, ratware has used port 25 to bypass most internet service provider (ISP) email blocks. Port 25 has become tightly monitored and controlled by about half of the private ISPs. However, locking down port 25 restricts business customers from running their own email services for their employees. Many ISPs with large business customers have opted to leave port 25 open for their legitimate customers, and use other firewall techniques to thwart spammers who attempt to get onto their networks and send spam. Because of port 25 and other defenses, spammers have evolved to other means to send their spam and phishing emails. Forty percent of successful ratware spammers also deploy zombie and bot computers, which are personal computers that are temporarily converted into spam tools without the knowledge or permission of their owners. With worm programs such as Sobig, MyDoom, and Bagle, spammers sneak onto private computers and infect those machines. These worm programs open secret doorways that allow spammer-commissioned hackers to take remote control of machines and turn them into robotic spam weapons. The hackers get paid from 15 cents to 40 cents for each zombie computer they acquire for their spammer employer. Ratware is then unleashed through these zombie machines. Because less than 0.25 percent of spam emails are successful in winning a customer or deceiving a reader, ratware must send large amounts of spam emails before it becomes effective. That's why ratware uses text generation programs that send spam messages to lists of email addresses. The minimum successful batch is about 50,000 emails in a single burst. Some ratware, depending on the kinds of computers it hijacks, can send over two million messages in ten minutes. Where Ratware Comes From Ratware tools can't be found by searching Google or Amazon. These products are secret and are often custom-made applications created by talented but unethical programmers. Once developed, successful ratware programs are sold privately. Because ratware software is illegal and violates the CAN-SPAM Act, programmers only give it to those who pay them enough to make the illegal venture worthwhile. While many spammers get away with their crimes, Jeremy Jaynes and Alan Ralsky are two famous spammers who were convicted. Before they did, though, they earned over one million dollars in illegal profit from spam.