![Page 1: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/1.jpg)
SPAMWhat you can
– and can’t – do about it
![Page 2: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/2.jpg)
2
SPAM Overview
> SPAM Scope and cost Viruses Definition and examples (CCSF +)
> Fraud and Phishing Types of phishing Some Examples
> Spyware From annoyance to identity theft
> CCSF’s Barracuda SPAM filter> Protecting yourself
![Page 3: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/3.jpg)
3
The Spam Problem
>Spam = unsolicited email Ads Viruses Phishing spyware
>The Problem Volume / Annoyance Cost-Shifting Waste of Resources Fraud
![Page 4: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/4.jpg)
4
Spam as % of total email
>Feb 2004 ― 62%>March 2003 ― 45%
![Page 5: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/5.jpg)
5
>Feb 2004 ― 62%>March 2003 ― 45%>January 14, 2005:
Spam today
From http://www.appriver.com/ - up-to-the minute statistics
![Page 6: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/6.jpg)
6
Has this happened to you?
>“Email undeliverable” notices for email you never sent?
>Requests to confirm account numbers, PINs, Passwords?
>“Microsoft” emails containing “updates” or “fixes”?
>[email protected] or“The ccsf.edu support team” messages
![Page 7: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/7.jpg)
7
“Email undeliverable”
>Mail from “your” email address sent to people all over the world
>Causes Mining: Spammers gather email
addresses from• Intercepted email• Spyware planted on users’
computers Spoofing: Spammers use your email
address to disguise their messages
![Page 8: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/8.jpg)
8
“Microsoft” emails
> Contain fake “updates” with viruses
> Microsoft never uses email for updates http://office.microsoft.com/OfficeUpdate/ http://windowsupdate.microsoft.com
> Virus protection preinstalled on all CCSF computers Automatically updates for latest virus
data Updates happen in background – no
messages appear
![Page 9: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/9.jpg)
9
> Messages claiming to come from our ITS admins
> Ask for info because “account is expiring”
> Verify by sending password> Unsigned (and misspelled)> Never genuine! We don’t:
Email confidential security/personal info
Send unsigned messages
Misspell
![Page 10: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/10.jpg)
10
Recent examples 1: CCSF “support”
>The W32mydoom virus carried by this message sent to many CCSF email addressesDear user of ccsf.edu,
Your account has been used to send a huge amount of spam during the recent week.We suspect that your computer was infected by a recent virus and now runs a trojan proxy server.Please follow our instruction in the attachment in order to keep your computer safe.
Virtually yours,The ccsf.edu support team.
![Page 11: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/11.jpg)
11
CCSF’s policy….
> Users: Delete this virus/hoax> Email Admin: Took action to block these
messages as soon as known> Our policy statement:> CCSF PERSONNEL WILL NEVER SEND OUT A MESSAGE
ASKING FOR ACCOUNT INFORMATION OR INSTRUCTING USERS TO OPEN AN ATTACHMENT THAT RELATES TO THEIR ACCOUNT THAT IS NOT PERSONALLY SIGNED BY A SYSTEMS ADMIN (i.e., with a name such as Shirley Barger, Anne Morris, Doug Re, whomever). "Virtually yours," "The CCSF Team", "CCSF Administrators" and such AIN'T our STYLE, and it won't be.
![Page 12: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/12.jpg)
12
Recent examples 2: CCSF “user”
>Email on Faculty Listserv from "Rbalestr“
From: "Rbalestr" <[email protected]> To: "[email protected]"[email protected] Date: Saturday - September 18, 2004 6:50 AM Subject: Faculty: Re:
jvwdtbyfru.bmp (3958 bytes) [View] [Save As] foto2.zip (36606 bytes) [View] [Save As] Mime.822 (57943 bytes) [View] [Save As]
![Page 13: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/13.jpg)
13
Recent examples 2: Carried a virus
>Email on Faculty Listserv from "Rbalestr“
From: "Rbalestr" <[email protected]> To: "[email protected]"[email protected] Date: Saturday - September 18, 2004 6:50 AM Subject: Faculty: Re:
jvwdtbyfru.bmp (3958 bytes) [View] [Save As] foto2.zip (36606 bytes) [View] [Save As] Mime.822 (57943 bytes) [View] [Save As]
File carrying a Virus!
![Page 14: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/14.jpg)
14
Other examples….
Fake craigslist msg w virusFrom: [email protected] To: [email protected] Subject: Important notify about your e-mail account. Hello user of Craigslist.org e-mail server, Your e-mail account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. Pay attention on attached file. For security reasons attached file is password protected. The password is "13545". Cheers, The Craigslist.org team
March 2004
![Page 15: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/15.jpg)
15
Fraud
>Fake Subject lines disguise content
>“Remove” links gather addresses
>“Spoofing” of identity Fake From: addresses in email
Disguised server sources implicate innocent parties
>False claims, phishing
![Page 16: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/16.jpg)
16
Phishing
>Attempts to gather confidential information Credit card #s PINs Account #s Passwords
>May use original site’s graphics
>Return addresses/links mimic originals
Since August 2003, most major
banks in the USA, the UK and
Australia have been hit with
phishing attacks
![Page 17: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/17.jpg)
17
Confirm account numbers
>“Phishing” for confidential information
>Growing fraud phenomenon> International>Recent organized crime
involvement>Spam for
Siphoning money Identity Theft
![Page 18: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/18.jpg)
18
Unsophisticated Phishing
![Page 19: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/19.jpg)
19
Sophisticated Phishing
![Page 20: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/20.jpg)
20
New Tsunami phishing scams
From USA TODAY (Edward Iwata and Martin Kasindorf)
The FBI is investigating dozens of bogus Web sites that prey on potential tsunami donors by mimicking sites of well-known charities, FBI Special Agent Tom Grasso said Monday. Con artists also are using variations of the Nigerian "419" scam.... The e-mail authors claim to be government officials, bank officers and poor farmers who have lost loved ones in the tsunami.
![Page 21: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/21.jpg)
21
Phishing increases
> From latest AntiPhishing.org report December 2004
![Page 22: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/22.jpg)
22
Phishing updates
>http://antiphishing.org/ Up-to-date examples and
descriptions of phishing scams Examples: Amazon, eBay, AOL,
Washington Mutual…
>http://survey.mailfrontier.com/survey/quiztest.html Good information provided after
you take a quiz based on actual emails, real and fraudulent
![Page 23: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/23.jpg)
23
Spyware
> Programs installed secretly on your computer as you browse the Internet
> Purposes: Pop up ads; change home page
Capture keystrokes as you enter passwords, logins, etc
Gather Info about• browsing habits• email addresses/passwords/credit card #s
![Page 24: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/24.jpg)
24
Combating Spyware> Combat with free programs:
Spybot Search and Destroy (www.safer-networking.org)
Ad-Aware (www.lavasoft.com)> Yahoo: New free toolbar contains
anti-spyware program, popup-blocker> Microsoft: Beta tool for Windows
http://www.microsoft.com/athome/security > Summary info at
http://www.ccsf.edu/vfascio/spampage
![Page 25: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/25.jpg)
25
CCSF: New Spam filtering
>Barracuda Spam-filter Applied starting November 2004
GroupWise email only• MUCH less Spam in Mailbox
>Separate Quarantine area>Quarantine message once a day
• User control over Spam>Whitelist: Addresses always allowed>Blacklist: Always blocked
![Page 26: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/26.jpg)
26
CCSF (informal) Spam stats
>2003: 25-50% filtered out • ½-1 hour/day of GroupWise
administrator’s time
>March 2004: 65-75% filtered>Feb 2005: 80+% filtered
• 118,000+ messages a week!
>Current: 6000 + domains / addresses blocked
• List grows daily
![Page 27: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/27.jpg)
27
Barracuda’s 4 categories
1. Definitely Spam/Virus Not allowed through system
2. Likely to be Spam Sent to your Quarantine area
for you to review/delete/allow
3. Maybe Spam Tagged with [BULK] in Subject Sent to Mailbox
4. Not Spam Sent to Mailbox
![Page 28: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/28.jpg)
28
Quarantine message: Web
> Once a day, you’ll see this message (Web client)
> You can take limited action – but …
![Page 29: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/29.jpg)
29
Accessing Quarantine: Web
> For more control: Scroll to end of message
Click link at end: “click here”
> Takes you to your quarantine area See all quarantined messages
Act on them
![Page 30: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/30.jpg)
30
Quarantine message: Windows
> Once a day, you’ll see this message (Windows client)
> Click long link at end> Tip: Click first or last lines > Takes you to your quarantine area
See & act on all quarantined messages
![Page 31: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/31.jpg)
31
Quarantine area
> Deliver Just deliver the mail. Make no change to filtering
parameters.> Whitelist
Deliver and always allow message from this sender> Delete
Just deletes without changes to filtering parameters.
> Classify as Not Spam Deliver message and updates Spam filter.
> Classify as Spam Delete and update Spam filter
![Page 32: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/32.jpg)
32
Barracuda tips
>Look at the Barracuda SPAM message regularly
>Go to your SPAM link>Delete Spam>THEN:
DELETE Barracuda SPAM report messages
They are big! Fill up your email space unless
deleted
![Page 33: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/33.jpg)
33
Be Vigilant
> Protect your email address - treat it like your phone number.
> Never email passwords, credit card numbers, or other personal information.
> Don't post your email address in public places.
> Never respond to unsolicited email or click on a URL or web site listed in spam.
> Never forward spam chain letters.
![Page 34: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/34.jpg)
34
Protect against viruses
> Don’t open suspicious attachments – even from friends
> Check to see if they have actually sent attached docs
> At CCSF: Desktops automatically update Virus SW
Laptops: Lucky owners must actively keep CCSF virus SW updated (Windows and Mac)
> At home: Get a Virus checker Keep it updated!
![Page 35: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/35.jpg)
35
Virus Vigilance
>Look at email attachments Suspicious signs:
• Nonsense names• Names ending with any of the
following: .zip .scr .pif .exe .vbs .com
![Page 36: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/36.jpg)
36
Protect against Spyware>Use at least one Spyware catcher
Free: Ad-Aware (Personal edition)http://www.lavasoft.com
Free: Spybot Search and Destroyhttp://spybot.safer-networking.de/
Free (So far): Microsoft betahttp://www.microsoft.com/athome/security/spyware/
Not Free: SpySweeper ($30/yr)http://www.webroot.com
Mac: MacScanhttp://macscan.securemac.com/
![Page 37: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/37.jpg)
37
Don’t contribute to Spam
>Use the BC email field for groups outside CCSF BC Field hides addresses
May help get msgs to Yahoo, Hotmail recipients
Helps prevent address capture by spammers
![Page 38: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/38.jpg)
38
Don’t look like Spam
If you want people to read your email messages
> Make your email Subject lines count CNIT 3/22 meeting minutes
Not: Info
> Don’t use suspicious Subjects: Hi!
Pix
Re:
> Don’t leave subjects blank
![Page 39: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/39.jpg)
39
Spam / Spyware Resources
>Search on Spam facts>Your ISP for Spam info> http://www.pcwebopedia.com/quick_ref/SpamGuide.asp
> http://biz.yahoo.com/pfg/e15credible/index.html (Suze Orman on Spam Scams)
> For fun: http://www.mailmsg.com/SPAM_python.htm
> Spyware: http://www.microsoft.com/athome/security/spyware/
![Page 40: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/40.jpg)
40
Identity Theft Resources
>Search on Identity+theft athttp://www.sfgov.org/ Prevention tips
What to do• to find out if your identity has been stolen• after the fact
> http://www.fightidentitytheft.com/ Good clearinghouse of information
![Page 41: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/41.jpg)
41
Updates
> General: http://news.yahoo.com/fc?tmpl=fc&cid=34
&in=tech&cat=spam_wars Excellent updated news links site
http://www.spamanti.net/en/ http://www.microsoft.com/athome/security/
Good source for Windows OS updates and general information
> Phishing and Organized crime http://www.ftc.gov/ftc/consumer.htm
Government site on many aspects of spam and crime
![Page 42: SPAM What you can – and can’t – do about it. 2 SPAM Overview >SPAM Scope and cost Viruses Definition and examples (CCSF +) >Fraud and Phishing Types of](https://reader035.vdocuments.us/reader035/viewer/2022062308/56649da85503460f94a94a2e/html5/thumbnails/42.jpg)
42
Final note
>From CAUCEthe Coalition Against Unsolicited email
>http://www.cauce.org/
According to the European Commission, the costs of spam to businesses and consumers have been estimated at USD $8 billion/year. Pressing <DELETE> doesn't recover those costs.