Spam Protection Guide

Similar documents
Online Scams. Ready to get started? Click on the green button to continue.

Cyber Security Guide for NHSmail

PROTECTING YOUR BUSINESS ASSETS

BEST PRACTICES FOR PERSONAL Security

How to recognize phishing s

Security and Privacy

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

>MESSAGELABS END USER IT SECURITY GUIDE >WHAT STEPS CAN YOU TAKE TO KEEP YOURSELF, YOUR COLLEAGUES AND YOUR COMPANY SAFE ONLINE?

FAQ. Usually appear to be sent from official address

Web Mail and e-scout Instructions

Introduction to

The Dilemma: Junk, Spam, or Phishing? How to Classify Unwanted s and Respond Accordingly

2 User Guide. Contents

Train employees to avoid inadvertent cyber security breaches

Security Awareness. Presented by OSU Institute of Technology

Phishing. What do phishing s do?

Webomania Solutions Pvt. Ltd. 2017

INTERNET SAFETY IS IMPORTANT

CUSTOMER TIPS: HOW TO GUARD AGAINST FRAUD WHEN USING ONLINE BANKING OR ATM s

Phishing. Eugene Davis UAH Information Security Club April 11, 2013

Introduction. Logging in. WebMail User Guide

Newcomer Finances Toolkit. Fraud. Worksheets

Cyber Security Guide. For Politicians and Political Parties

Manually Create Phishing Page For Facebook 2014

Do not open attachments on s that you are not sure of.

Phishing: When is the Enemy

Using WebQuarantine for Managing Quarantined Messages

(electronic mail) is the exchange of computer-stored messages by telecommunication.

Your security on click Jobs

Fighting Phishing I: Get phish or die tryin.

3.5 SECURITY. How can you reduce the risk of getting a virus?

Use and Abuse of Anti-Spam White/Black Lists

Paid-for antivirus software

Security and Privacy. Xin Liu Computer Science University of California, Davis. Introduction 1-1

Who We Are! Natalie Timpone

TIPS TO AVOID PHISHING SCAMS

Deep Sea Phishing: Examples & Countermeasures

Cyber Hygiene Guide. Politicians and Political Parties

How to Build a Culture of Security

Phishing: What is it?

Creating and Using an Account

Introduction. Logging in. WebQuarantine User Guide

Online Security and Safety Protect Your Computer - and Yourself!

News English.com Ready-to-use ESL / EFL Lessons

Introduction This paper will discuss the best practices for stopping the maximum amount of SPAM arriving in a user's inbox. It will outline simple

Math for Liberal Studies

INTERNET SECURITY STAYING SAFE ONLINE

ONLINE SAFETY. Messaging, , Vlogging and Sexting

Protection FAQs

ctio Computer Hygiene /R S E R ich

ANTIVIRUS SITE PROTECTION (by SiteGuarding.com)

Contents. Management. Client. Choosing One 1/20/17

to Stay Out of the Spam Folder

Franzes Francisco Manila IBM Domino Server Crash and Messaging

About Lavasoft. Contact. Key Facts:

Duplication and/or selling of the i-safe copyrighted materials, or any other form of unauthorized use of this material, is against the law.

User s Guide. SingNet Desktop Security Copyright 2010 F-Secure Corporation. All rights reserved.

Reduce Your Network's Attack Surface

ATTACHMENTS, INSERTS, AND LINKS...

I G H T T H E A G A I N S T S P A M. ww w.atmail.com. Copyright 2015 atmail pty ltd. All rights reserved. 1

GUIDE TO KEEPING YOUR SOCIAL MEDIA ACCOUNTS SECURE

How Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong

56 Common Problems and Solutions

ANTIVIRUS SITE PROTECTION (by SiteGuarding.com)

Personal Cybersecurity

Introduction to

ITConnect KEEPING TRACK OF YOUR EXPENSES WITH YNAB

Your message is sent from your computer to a server (like the post office) where the

Internet and Mini.K.G Senior Scientist, FRAD, CMFRI

mycampus Portal Campus Voic Wireless Network Employee / Faculty Edition ASU IT Services

Digital Safety and Digital Citizenship

ELECTRONIC BANKING & ONLINE AUTHENTICATION

User Services OBJECTIVES

Page 1 of 6 Bank card and cheque fraud

Ages Donʼt Fall for Fake: Activity 1 Don t bite that phishing hook! Goals for children. Letʼs talk

Guide to credit card security

Keeping Sane - Managing your

Kaspersky Internet Security - Top 10 Internet Security Software in With Best Antivirus, Firewall,

EDULEADERSHIP. Handle Every Kind of for Maximum Productivity HOW TO: JUSTIN BAEDER ON HIGH-PERFORMANCE INSTRUCTIONAL LEADERSHIP

Staying Safe on the Internet. Mark Schulman

SPAM Malware s Super Highway. How To Protect Yourself Against Malicious s 1

ProofPoint Protection Perimeter Security Daily Digest and Configuration Guide. Faculty/Staff Guide

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

Incident Response Tools

Choic Anti-Spam Quick Start Guide

FAQ: Privacy, Security, and Data Protection at Libraries

South Central Power Stop Scams

Discussion Ppt To work on completing questions you need your book and exercise copies

IT Security Protecting Ourselves From Phishing Attempts. Ray Copeland Chief Information Officer (CIO)

Food Allergy Heroes Walk

What if I m not at home when the postman comes to deliver my parcel?

Quick Heal AntiVirus Pro Advanced. Protects your computer from viruses, malware, and Internet threats.

IT & DATA SECURITY BREACH PREVENTION

Conveying Emotion. Chapter 12: Computers In Polite Society: Social Implications of IT. Improving the Effectiveness of . Problems with

How to use in the business environment. By XXXX XXXX

PRACTICING SAFE COMPUTING AT HOME

Dataprise Managed Anti-Spam Console

Using web-based

Getting Started 2 Logging into the system 2 Your Home Page 2. Manage your Account 3 Account Settings 3 Change your password 3

Target Breach Overview

Transcription:

Spam Email Protection Guide Version 1.0 Last Modified 5/29/2014 by Mike Copening Contents Overview of Spam at RTS... 1 Types of Spam... 1 Spam Tricks... 2 Imitation of 3 rd Party Email Template... 2 Spoofed Links... 2 Bad URL Hidden Behind Friendly Text... 3 Bad URL Hidden Behind Different URL Text... 3 URL Shortening Service... 3 Legitimate Looking URL... 4 Mass Email Link Tracking... 4 Spoofed Sender... 4 Fake Fax, Scan, or Voicemail with Dangerous Attachments... 4 Threatening Subject Matter... 5 Hacked Accounts... 6 Email Review Safety Checklist... 7 Reporting Spam... 7 Overview of Spam at RTS Spam email is a big problem for the internet. At RTS we receive roughly 34,000 to 42,000 spam emails a week; these are automatically blocked by our spam filtering software (currently Symantec). Some spam emails still get through the cracks; some weeks the software is not as effective as others. Spammers are always trying to find new ways to break through anti-spam software. The following guide will make you aware of things to look out for and best practices to follow. Types of Spam The following outlines the usual types of spam that are received. Solicitations This is best defined as marketing emails from legitimate 3 rd parties. There is nothing malicious in nature with these emails or organizations. You may not have signed up for their email services, but they are sending you email that you don t care or want to see. These usually have unsubscribe links within the email since their emails follow the best practices of mass emails. Phishing This is a malicious email that attempts to get you to supply information about yourself. That information may be personal contact information, credit card or bank accounts, or other usernames and passwords. The email usually pretends to be legitimate, using corporate logos and themes from legitimate emails. Virus The email almost always has wording in its text concerning the need to open an attachment or click a link. Most of the time, these attachments are zip files that contain executable (exe) files. Sometimes they are PDF or Word

Docs that contain malicious code. Sometimes they are HTML files that when launched try to take you to a website. The goal here is to infect your machine with a virus. Hacked Accounts It is very common with popular free email providers like Google, Yahoo, or Microsoft to have an account hacked. Sometimes the hack will send very legitimate looking emails using the person s signature and themes. Hackers may even reply to emails coming from people who reply asking if the email was legitimate. The hacked account usually sends the bad email to the entire address book. A hacked account usually displays a link to try to phish information, such as usernames and passwords. These are the most dangerous kinds of emails because they can easily fool people since it is coming from a legitimate person s account. Spam Tricks Spammers use a variety of tricks to try to get you to act upon the email they have sent. The following will demonstrate how to analyze the email before actually taking any action on it. Imitation of 3 rd Party Email Template Spammers will frequently take a 3 rd party organization s themes and use them in their own email in an attempt to make you think the email is legitimate. The language or nature of the email will try to catch you and make you panic and click on links. In these cases, the sender of the email is usually different than what a legitimate email would contain. Notice how this looks like an email from Walmart, however, the sender of the email doesn t look like something Walmart would send, let alone, Walmart is spelled incorrectly as Wallmart (double L). Hovering over the links also reveals URL s to places not on Walmart.com, which is a form of a spoofed link. Spoofed Links Spammers will spoof links. This means that the text for the link does not go to where it says it should. A good practice with any link in email is to hover over it in Outlook. Outlook will show the true URL where it is taking you. Here are five examples.

Bad URL Hidden Behind Friendly Text Using the same Walmart email, we hover over the Visit Walmart.com link. We d think this would simply be something like www.walmart.com. However, hovering over the link shows that It is, turychina.ru.. This is obviously not something related to Walmart. The top level domain.ru is a Russian country code and is frequently associated with spam. A lot of spam comes out of the Russian, Romanian, Ukrainian block. You may also see links with.cn or.in as the top level domain, as China and India also have a lot of spam. Bad URL Hidden Behind Different URL Text As noticed here, the URL display text is literally as www.facebook.com. However, hovering over it shows a completely different URL. This is one of the most frequent spoofing of links that spammers will use. It tries to lure you into a false sense of security that you are going where the text says you d be going. This isn t true. Again, hover over the link before clicking it and see if the URL is truly facebook.com or something else. URL Shortening Service This link is using the popular bitly URL shortening service. These services let people take really long URLs and make them really short. The dangerous part with these is that the ultimate URL destination is unknown. Some organizations, social media, and mass emailing services legitimately would use a URL shortening service. However, spammers can do it too. You really have to look at the rest of the email to see if it looks legitimate or not before clicking. If you do click, you need to analyze the page you are on very carefully before you do anything. Especially look at the URL you have arrived at. If you are unsure who the sender is or do not feel the email is legitimate, it is always better safe than sorry and simply not click it if a URL shortening service was used.

Legitimate Looking URL Sometimes, spammers will use legitimate services to spread their phishing attack or viruses. DropBox.com is a legitimate service that millions of people use. However, there is no telling what this URL will actually do if clicked. It could be a malicious file or a phishing attempt. Mass Email Link Tracking Similar to bitly, many mass emailing systems do link tracking. These systems create a URL in their system that then redirects to the actual URL. Our own ListServe has this ability. Generally, if you see these you have to use good judgment to determine if it is a legitimate URL. Many companies have their own mass mailing system, and their top level domain is built into the link tracking URL (this is what RTS does as seen below). Usually all links in the email look similar when this is the case. Spoofed Sender Every so often a spammer will forge the from address on an email. Setting a from address as something different than the sender is very easy to accomplish and sometimes legitimate, however, it is a way that spammers will try to catch people off guard. Most often, the email to you is also from you. If you didn t send it, it is likely just a spammer spoofing your from address on their spam email. Looking at the email headers (an IT person can help), can determine if it was truly sent by your account or spoofed. Below is an example of a spoofed email @rts.edu. Fake Fax, Scan, or Voicemail with Dangerous Attachments A very common spam is to try to fake organizational services that email to people regularly. Such as copier scans, faxes, or voicemails that go to email. More often than not, the attachment will be quarantined but sometimes it isn t. Below are examples of a fake scan, fake fax, and fake voicemail.

Threatening Subject Matter Spammers will frequently try to catch you off guard with a very threatening or scary message. Many times, they will play off recent news stories about major corporations being hacked (Target in 2013 or Ebay in 2014 are recent examples). Below is a typical threatening message about banking from WellsFargo. These emails always tend to tell you your account has attempted to be hacked, is being suspended, or that there are fraudulent transactions on your account and that you have to click a link to take corrective action. As always, if you hover over the URL, it will usually reveal something malicious. It is better to call your bank s official 1-800 number if you are in doubt than click a link.

Hacked Accounts Hacked accounts are the most dangerous types of spam. Below are some examples of people s accounts who were hacked. Generally, they send malicious phishing or virus links. Attachments would generally be blocked by the mail provider. You really need to look at the content carefully. If it looks like a strange link or request that the person would not normally send you, do not do anything. Instead, call the person if you know them and alert them that their email may have been hacked. Above is a simple link only email from a hacked account. Above is a dangerous using signature spam email from hacked account. There is also an in distress email from a hacked account, usually revolving around someone supposedly traveling abroad and having been injured or attacked and having lost money. Those emails usually ask for someone to

send them money and involve abnormal instructions for doing so. These are always spam. These are dangerous in our environment since our staff and faculty know a lot of missionaries who are abroad. Email Review Safety Checklist As a summary, it is a good idea to go through this quick checklist on every email you receive, especially from people sending outside the @rts.edu domain. Do not panic. Panicking about an email will tend to lead you to not think clearly. Some of these can be very scary, always stop and take a deep breath and follow the remaining bullets. Review the sender / from address on the email. Review who received the email. If a lot of random people are listed, it is likely a spam. If your name is not listed, it is likely spam. If only your name is listed, it still may be spam. Hover over URLs to show the true destination of the link in the email. Always be very careful with attachments; if it is a zip file be very wary. If you don t know the sender or were not expecting it, do not open it. Read the email content carefully. If it looks funny, even if from a legitimate account, it could be a hacked email account. When in doubt, ask your IT staff to review your email. Reporting Spam If you receive a lot of spam or a spam of a very consistent nature, forward the spam as an attachment to spam@rts.edu. To forward the message as an attachment, click on the message in the inbox (or folder) and hit CTRL + ALT + F on the keyboard. This will create a new email with the selected message as an attachment. You can do this for multiple emails at the same time as well. It is important to do this, because it will allow us to forward the email to Symantec and/or review the headers of the email to diagnose it. #1 Select the Message and hit CTRL + ALT + F #2 Send the email to spam@rts.edu. You should see the offending message(s) you want to forward in the attachments section of your new message.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback