« When carriers help too much | Main | Symantec bulletin: Java Vulnerability »
Sunday
Jan202013

Spam, it’s not just for breakfast anymore

If you’re over a certain age, this may call to mind recollections of less-than-healthy breakfast, or Monte Python skits (or both), but these days, it’s all about email.

Spam (or Junk E-mail – by whatever name you know it, we’ll call it spam here) does not mean the same thing to everyone. This can lead to confusion, missteps and misunderstanding.

We’ll attempt to address that to some extent here.

What you don’t see can’t bother you. Most spam never gets to the intended recipient at all. It is filtered out by the email provider without ever being sent through to the inbox, giving the individual user no visibility that this even happened.

Spam is in the eye of the beholder. As for the stuff that *does* get through, different people react differently to email that is not sent to them by another person whom they know (personal email). Is an email from LL Bean resulting from placing an order from them spam? How ‘bout an email from your bank about the annual privacy notice. Or a notice about how to boost one’s (fill in: size, quantity, amount) of (fill in: body part, bank account, physical characteristic)? Any of this can be spam if one thinks it is. And not, if one thinks it’s not.

What’s a person to do? Most email services or programs (Gmail, Live Mail, Outlook, Thunderbird) have a way to indicate that a given email should from now on be considered spam for a given user. The better of these services or programs “learn” over time to do a better job of filtering out the “bad” and keeping the “good”, as the user defines those terms through the emails the user marks as spam.

The real issue isn’t just annoyance – here there be dragons! Yes, spam is annoying. It obfuscates the “real” email one intends to see. But that’s not the real problem. The real problem is what’s hidden in some spam emails: attachments that are virus infected, and links that go somewhere dangerous.

It is worth reiterating: if you receive an email from someone you do not know, do not open any attachments from that email, and do not click on any links on that email. Just delete it.

For example, when I receive an email that looks like this:

image

I delete it without a second thought. You should too.

Words to live by, those. BUT, there is another, more insidious type of spam: email that looks like it’s from someone or somewhere you know, but isn’t.

Spam that looks legitimate, but isn’t. Now, each person has his/her own tolerance for spelling errors, grammatical errors, punctuation errors, formatting errors and the like. I tend toward the pickier side this spectrum. You may be more tolerant and open minded when it comes the the many ways one can spell a word, or whether subject and verb agree, etc. However, if you see a single spelling, grammar, typographical or formatting error in an email supposedly from a big company, it’s a fake. Microsoft, Apple, Symantec, GE, Exxon, will NEVER send an email with one of these errors in it. Never, never, ever. OK, the chances aren’t strictly 0%, but they are close enough to 0% that is you see an error like this, you should probably just delete the email. Assuming none of these flaws exists, you have to look deeper.

An example. Interconnected Technologies uses ADP for payroll services. I received this email last Friday:

image

Now, the fact that it says it came from Twitter should be my first clue that it’s not legitimate. And that second to last sentence was clearly written by someone for whom English is not the first language. But the logo is really their logo, and I am a client, and they say they’re debiting my account, so I might be fooled by this into clicking on that link.

HOWEVER, if I hover the mouse over that link (in Outlook, which I and most of the rest of the business world use for Email), I see this:

 

image

The REAL link goes to a site in Czechoslovakia (hence the .cz at the end of the web address), and were I to click on that link, no doubt I’d be taken somewhere where I could have the opportunity to boost my (fill in: size, quantity, amount) of (fill in: body part, bank account, physical characteristic), or worse, to a site infected with something that might try to compromise my computer.

This is the nastiest type of spam, and the type most likely to compromise a user’s computer.

Now, if you have the Interconnected Technologies standards in place for security, this type of thing is unlikely to damage you, even if you click on such a link. But don’t take chances. I hope the above will help you understand what those chances are, how to avoid taking them, and why. As always Interconnected Technologies clients are only a call or email away from help, and if you think your system has been compromised, let us know – we’re here!

(aside: I did click on that link, just to see, and it redirected me to a site in Russia that had a Blackhole Toolkit installed. It tried, and failed, to compromise my computer)

References (8)

References allow you to track sources for this article, as well as articles that were written in response to this article.
  • Response
    Interconnected - InterconnectNow - Spam, it's not just for breakfast anymore
  • Response
    Interconnected - InterconnectNow - Spam, it's not just for breakfast anymore
  • Response
    Interconnected - InterconnectNow - Spam, it's not just for breakfast anymore
  • Response
    Interconnected - InterconnectNow - Spam, it's not just for breakfast anymore
  • Response
    Interconnected - InterconnectNow - Spam, it's not just for breakfast anymore
  • Response
    Interconnected - InterconnectNow - Spam, it's not just for breakfast anymore
  • Response
    Interconnected - InterconnectNow - Spam, it's not just for breakfast anymore
  • Response
    Respect, honor, good social status and position all these things are gained through education. If a person would be well educated and knowledgeable everyone like him and like to sit in the company of such scholar and wise person.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>