What is SPIM?

  • By Greg Brown
  • Published: Feb 27, 2023
  • Last Updated: Mar 06, 2023

what is spim

Logging into a chatroom in the early 1990s and talking with someone on the other side of the world was nothing short of thrilling. You were in the comfort of your home, talking with another person on the other side of the globe, with little delay. From there, instant messaging was born. From 1997 to 2000, AOL, Yahoo, and MSN launched new IM products, and the world changed. 

No modern online communications app, website, or financial institution is free of predators looking to ruin lives or make a quick buck. Enter “spam over instant messaging” or SPIM. Unsolicited messages received from instant messaging apps, including Messenger, WhatsApp, and WeChat, are quickly becoming infected by SPIM.

Spammers use all available means to deliver annoying and unwanted ads and pornographic images through instant messaging, with the most popular method being email. According to Pew Research, instant messaging has become increasingly popular, with over 53 million Americans using several different apps. Of all these users, nearly 17 million receive unwanted ads or SPIM.

Targeted SPIM Attacks

Younger age groups are the most likely target for unwanted SPIM, with the 18 to 34 age group spending a significant amount of time chatting with friends. In 2005 the first convicted SPIM predator was an eighteen-year-old who sent out nearly 1.5 million ads.

Millennials are the most targeted group of consumers for several reasons. Younger consumers who watch TV, YouTube, and internet apps, are targeted the most by mainstream media. Now instant messaging has arrived on the scene, which is seeing an explosion of illegal advertising tactics. 

Marketing to millennials is the hottest ticket in town right now. No matter where you turn, there is advice on selling products and services to this age group. Marketers and SPIM predators find it easier to shape a future buyer’s purchasing habits than to convert older established customers from their competitors. The proliferation of instant messaging apps is the perfect vehicle to shape a young person’s future buying habits while targeting groups with illegal ads.

Millennial Statistics

  • 92% of millennials own a smartphone, and 95% follow brands through social media platforms
  • Millennials, more than any other age group, are likely to get their news from social networking sites on their smartphones

SPIM predators target millennials for several reasons, including embracing modern technology, and the group considers social media a part of their immediate communication needs. 

SPIM Attacks

Instant messaging advertising attacks take their queue from email predators with a lot more experience. People who use email as a communication tool are well aware of SPAM. Unsolicited digital communication sent out in bulk is the dreaded SPAM. 

Modern SPAM messaging contains a wide variety of malware and ransomware attack vectors. Unwitting users are often the focal point of large-scale SPAM predators who want to take down financial accounts, networks, and government infrastructure.

Many inside experts feel SPIM will eventually become a bigger problem than SPAM. The main reason for this growth is that many instant messaging apps have published directories of their users. These directories contain valuable information, including name, age, date of birth, and much more. 

SPIM attack messages contain the same dangerous links to malware websites. In the early stages of SPIM, most users feel that unwanted advertisements on their instant messaging apps are annoying, moving them to junk files. Unfortunately, these junk files do not protect the users from attacks. 

Many instant messaging platforms are publicly linked to social media, giving predators another large arena of victims. Scammers gather login information from the user and then begin their attacks on the social media user base. 


how to prevent spim attacks

Spam bots can be easily created with only five lines of Python code. On the other end of the spectrum, complex Bots mimic human behavior and automatically disseminate any information it is given. They create an unlimited number of bogus accounts linked to any number of online platforms. Once access to a platform is achieved, they create messages based on the spammer’s rules.

Bots are used extensively to spread false advertising and pornographic imagery. Spam bots create profiles from the information gathered in email and IM accounts and sign on to services such as KIK or Skype. Once on the platform, bots spread pornographic images with links to websites. If a user responds, an enormous effort is made to gain credit card information. Bots target random names in the given database, with a high probability of minors getting pornographic messages.

Protect Against SPIM

Defending against SPIM attacks and other malware is more a function of common sense than a specific process. As more SPIM attacks occur, engineers will develop software and procedures to counteract these predators.

Multi-factor authentication is probably the most effective way to counteract attacks against an instant messaging app. Without a password, predators have no way of entry into the system. Users must not have an easily recognizable second word like a birthday or a child’s name. 

Every modern messaging app has a list of filters users can employ to keep messages from getting into their app in the first place. Some platforms are more complex than others, with several categories of filters users can take advantage of. With the right combination of filters, users can determine if their buddy or contact list has been compromised. 

Receiving SPIM from a buddy list will usually contain malware and other dangerous links. Messages from compromised contact lists will have a different tone in writing and be formatted differently.

A telling sign of a compromised instant message; any links will have an HTTP prefix rather than an HTTPS secure prefix. HTTP websites are inherently unsafe because they are not encrypted.

Stay away from free or unknown instant messaging apps, if possible. Top cyber security is expensive to build and maintain, which is why it cannot typically be a part of a free business model. When choosing an instant messaging app, make sure there are plenty of safeguards against SPIM. Also, ensure user data is not stored on free plans and that there is two-factor authentication to get into an account.

About the Author
IDStrong Logo

Related Articles

How To Make Your IG Account Private

There are occasions when it makes more sense to have a private Instagram (IG) account. You might w ... Read More

Windows 10 Privacy Settings You Should Change Now

Privacy is a buzzword we hear a lot these days in the wake of data breaches, Wikileaks, and other ... Read More

How to Delete Your Facebook Account

It might seem absurd to some people who live on Facebook, deleting your Facebook account. But, man ... Read More

How to Change Network From Public to Private On Windows

Privacy has become a major concern for many of us after reading about all the data breaches, hacki ... Read More

Twitter Security and Privacy Settings Made Simple

With data breaches and ransomware intrusions in the news daily, privacy is the word on everyone&rs ... Read More

Latest Articles

What to Do if Your Credit Card is Lost or Stolen

What to Do if Your Credit Card is Lost or Stolen

Credit and debit cards have become the most prominent form of wealth access in the last decade. Once consumers pulled out thick wallets of cash—they now pull out thin clips of cards—if they bother using a card, not a watch or cellphone.

Credit Card CVV Number: Meaning and Security

Credit Card CVV Number: Meaning and Security

Inspect your credit card, and you'll likely find interesting—and crucial—elements of the plastic rectangle. The front might display the provider's name, a chip, some digits, or an entire card number; the back might hold much the same, along with a signature, when necessary, and a "valid thru [sic]" date.

The Meaning of Two-Factor Authentication (2FA): How to Turn On and Turn Off

The Meaning of Two-Factor Authentication (2FA): How to Turn On and Turn Off

Cyber attacks are a growing threat to all industries, nations, and people. They occur with increasing frequency, with the last year reporting 3,205 data compromises and over $12.5 billion in projected losses, according to the Federal Bureau of Investigation (FBI).

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Exposure Scan
Instantly and Securely Check if Your Personal Information is Exposed on the Dark Web or Sold by Data Brokers
Please enter first name
Please enter last name
Please select a state
Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address