Spam is any email message irrespective of content that is unwanted or unrequested by the recipient. Simply put however, it is Internet “junk mail” the cost of which is borne mostly by the recipient. The majority of spam messages are commercial advertising, although chain letters, political mailings and other forms of non-commercial mailings are often included under the same categorization. A large portion of spam has also been found to be comprised of ads for products of dubious quality and services of questionable legality.
Phishing and Spoofing
Phishing is an email fraud method in which the perpetrator sends legitimate-looking email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well known and trustworthy Web sites. Web sites that are frequently spoofed by phishers include PayPal, eBay, MSN, Yahoo, BestBuy, and America Online. A phishing expedition, like the fishing expedition it's named for, is a speculative venture: the phisher puts the lure hoping to fool at least a few of the prey that encounter the bait.
Phishers use a number of different social engineering and email spoofing ploys to try to trick their victims. In one fairly typical case before the Federal Trade Commission (FTC), a 17-year-old male sent out messages purporting to be from America Online that said there had been a billing problem with recipients' AOL accounts. The perpetrator's email used AOL logos and contained legitimate links. If recipients clicked on the "AOL Billing Center" link, however, they were taken to a spoofed AOL Web page that asked for personal information, including credit card numbers, personal identification numbers (PINs), social security numbers, banking numbers, and passwords.
Spoofing refers to email that appears to have been sent from someone other than the real sender. Virus writers and individuals who send junk email or "spam", typically want the email to appear to be from an email address that is not their own. Thus, the email cannot be traced back to the originator.
It is often impossible to know if you have received a spoof however to the careful observer there are several clues that help to separate a spoof from a legitimate communication. Typically, you will know that your email has been spoofed if:
- An email is from a commercial entity and the message requests that you provide your log in ID or your account will be suspended it is likely a spoofed email. Reputable commercial entities regularly contact their customers by email but they don't ask for log in ID because they already have it.
- You receive an email with a text file indicates a virus had been detected and removed/replaced
- You receive a reply to an email from someone you never sent a message to
- You receive an error message from a system administrator that you sent an infected file or that your message could not be sent to a particular user
- You receive an email with a blank message
Frequently Asked Questions
In brief, a 'phishing' email is one that pretends to be from a company or bank like eBay, PayPal, WAMU, Suntrust etc, and which asks you, (for various reasons), to enter your account data, such as login details. These scams are often supported by fake spoof websites, and victims are tricked into thinking they are logging to a real website. Phishing is a form of identity theft, where fraudsters steal your identity and personal information to gain access to your accounts or commit other crimes using your persona. Generally, phishing emails are usually sent from spoofed addresses.
Spoofing is the part of any form of communication (electronic or physical) whereby the sender inserts/attaches false identity contact information to the communication.
As an example, you receive an email from your bank saying that there is a problem with your online account and need to verify your account information or your account will be suspended. You click on the link at the end of the email and get a log in page that looks exactly like your banks. If you enter your log in and password, you have just given the crooks complete access to your bank account.
If you do receive a scam email, you should not click on any of the links it contains or believe anything it says. Ideally you should delete it straight away, but it would be useful if you submit it to us and to the bank or institution it is targeting.
You should act immediately. Depending on how much information you revealed, you should log into your relevant accounts and change your usernames and passwords. This will stop the fraudsters accessing your accounts with the information you sent them. Contact your banks and financial institutions and make them aware of the situation in case of problems. They should also give you further help and advice.
You may wonder how the scammers got your address or knew you were a member of a particular bank or institution. Often it is just good luck on the part of the scammers. They normally do not target individuals, but send out thousands of scam emails to randomly generated email addresses, in the hope that just a few will be successful. They also trawl the web for valid addresses they can use, and swap this information with each other. If you have ever posted on an internet forum or published something on the web, there's a good chance your address is out there somewhere just waiting to be found. If you have fallen victim before, your address is normally added to a list of 'easy victims', and you are likely to then receive even more scams.
The golden rule is that banks and other institutions NEVER ask for personal data by email. If in doubt, you can forward the email to the supposed sender and ask them if they sent it, but make sure you type in the return address by hand. Additionally, NEVER click on the links found in these messages. If you need to log into your account, open a new web browser and manually type the URL for the site into the address window. Do NOT cut and paste.
The Office of Innovation and Information Technology currently utilizes a hosted solution from Proofpoint Enterprise Protection System to filter potential spam email before it is delivered to the user. Proofpoint is a commercial grade anti-spam solution. Messages are evaluated first to identify if they originated from a from mail systems previously identified as possessing questionable reputation. Messages are further checked against a local database of characteristics and signatures for known spam patterns. Currently, over 95% of all messages received by the NSU email scanners are identified to be spoofed, spam, viruses, scams, or phishing messages. These are deleted and so do not get to the users Inbox. The detection of malicious messages is still not an exact science, and so occasionally, legitimate messages can get marked as malicious. OIT makes every effort to only delete malicious messages and so when the reputation of a message cannot be determined with 100% certainty, it is allowed through to the user. This is because OIT prefers to allow a message that it cannot classify with certainty as malicious rather than delete a legitimate message.
For more information on Proofpoint Enterprise Protection System and to review information on malicious messages, please visit http://splog.nova.edu.
Report Spam and other malicious email messages to OIIT. Please ensure that a copy of the offending message is sent as an attachment along with your report. Without this, we will not be able to adequately investigate.
It is also recommended that you visit the web sites below for additional information on some of these malicious messages and learn how to better protect yourself from them.