Archive for the ‘Email’ Category

How Do They Get My Email Address?

Sunday, February 24th, 2008

Spammers have several ways of getting legitimate email addresses - including yours. Some of the common ways are:

1. the error page (invoked when an incorrect aspx or web page is referenced) shows myemail@mydomain dot com
- this can be fixed by putting in a way to automatically send an email (thus hiding) rather than relying on the user to do it.

2. an old copy of the contact us page was found. It had myemail@mydomain.com on it.
- the cached copies of the old program containing myemail@ will eventually disappear.

3. has myemail@mydomain.com been used to register at any websites? If so they could have sold or given away email addresses.

4. Since info@ is very common email address to use for domains the spammer could have guessed that info@ existed. Spammers usually try common email addresses such as info@, test@, etc hoping for a hit.

Read the entire article about how spammers get your email address.

Doug

Bogus Microsoft Lottery

Wednesday, April 11th, 2007

I, too, received an email claiming I may get several thousand dollars from Microsoft for participating in an email test. From a friend, no less! Microsoft is not going to give someone several thousand dollars for forwarding a few emails. Besides, the email had several poorly constructed sentences and many misspellings. Other friends have received emails claiming they won the Microsoft lottery.

Fortunately Microsoft has a few ways of recognizing email scams. If you are using Outlook a digital signature may be attached to a genuine Microsoft email. Read about the digital signature from Microsoft.

To summarize:
- Microsoft does not send software updates as attachments.
- Legitimate updates have a valid Microsoft Web address
- Legitimate updates are also on the Microsoft web site
- Be wary of clicking on links from an email
- The best way to mitigate problems is to visit the Microsoft web site home and from there find what you need

Doug

Domain Owners: Create your own Throwaway Email Addresses

Thursday, January 25th, 2007

If you own a domain, you have a great anti-spam tool at hand: your email server. All email to an address at your domain that does not already exist (such as “abc@mydomain.com”) is probably forwarded to your main account by default or a catch-all account.

You can use this feature to create throwaway email addresses on the fly:

* If you need to give an email address to sign up for something, make one up.

For example, if you sign up for a newsletter at ebb, enter “ebb@mydomain.com” as your email address.

If you get spam, have a look at the junk email’s headers. If ebb@mydomain.com shows up as the original recipient, you know who to blame: ebb. Nobody else even knew the address existed. Be aware, though, that spammers sometimes make up email addresses, and sometimes one they create can match one you created.

If the spam continues to arrive at the ebb@mydomain.com address, get rid of both the address and the spam by making any mail to ebb@mydomain.com bounce back to the sender.

The one downside of creating a catch-all account is that -any- email sent to your domain will be accepted and put in the ‘catch-all’ account.

Doug

Image Spam

Saturday, December 30th, 2006

Just when we thought spam was under control…

Image spam is an email that looks like 100% text but in reality includes a little image. The image is varied in color and size slightly before it is sent so many similar emails can be sent. Having the image embedded, making it slightly different, makes it difficult for most spam filters to detect. Image spam is involved in about 25% of all email spam (2006 IronPort) and growing.

An image spam email is about 10 times the size of a text email - causing storage problems for ISPs, users, and hosts.

One of the big targets of image spam mail is stock “pump and dump” schemes. A penny stock is bought by scammers, millions of image spam emails are sent out touting the stock, and when the stock increases significantly in price due to people falling for the scheme, the scammers sell out. The reason this works well is no one has to click on an email link - just buy the stock.

Image spam emails are usually easy to spot visually: valid text usually surrounds the image (which in many cases touts a stock). The text is unrelated to the image but is pertinent because it confuses spam filters into letting the email seem valid.

Another byproduct of image spam is the email may contain a small invisible tracking image (usually 1px square) which triggers a server fetch when the email is open. This alerts the spammer that the email address is valid: expect more spam to follow.

Image spam filtering software is offered by the big names in antispam but it is expensive - usually meant for an email server rather than a home computer. One way to combat the problem is not allow images in emails. I use Mozilla Thunderbird (a lot like Outlook but is open source) to read my emails. Its default action is to block images in emails but provide a button to load images if the user deems the email valid. Some hosts provide filtering of spam, including image email filtering, but you must check your email on the host periodically because the emails sent to the junk folder are on the host, not locally.

Doug

The Worst Security Risk? People

Friday, November 17th, 2006

In a recent story, the SANS institute has pointed out that people are the worst security risk. Even after hours of security training, people still fall for the same old ruses. Phishing, or sending nefarious links through email hoping someone will click on them, is the most popular. Users are easily duped into thinking an email comes from a credible source when in reality it does not. Clicking on links can lead to all sorts of problems.

Most of these attacks are from Eastern Europe and Asia.

Doug

Spam and Blogging

Monday, October 2nd, 2006

There are several types of spam to deal with regarding blogging: comments, backtracks, and email harvest.
Comment spamming occurs when a comment is left in response to an article with a link to a spam site.
Backtrack spam occurs when spam links are left as backtracks.
Email harvest occurs when an embedded email is taken off the blog’s page and used for spamming.

How do we prevent this?

CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) shows convoluted alphanumeric characters and has the user type them in. This method has become very popular recently in order to stop automated programs from creating accounts though some people will not deal with sites that use CAPTCHA.
Several suggestions are available for comment spam.

  • Moderate comments. This is very effective.
  • Visit left behind links in comments to make sure they point to good sites.
  • Have the user register in order to post a comment.
  • Use CAPTCHAs during the registration process so it cannot be automated.
  • Limit the number of links per comment (check admin screen)

Some blogs have black word lists that you can add your own words so if they appear in a comment the comment is rejected.
Authors can be preapproved so their comments do not have to be moderated.

Backtrack ideas:

  • Turn off backtracking. Drastic but effective.

An email address can be embedded using JavaScript to hide the fact that it is an email address.URL blacklists, where any URL left in a comment is checked against a blacklist, is effective but difficult to maintain. There are several public ones available. For example, Wordpress has the akismet plugin which checks the spamminess of a comment anonymously.

A proposal to reduce spam, backed by Google, Yahoo, and Microsoft, is add an attribute “rel=nofollow” to any embedded links in a comment or trackback. The search engines, upon encountering this, will not use the link in calculating ranking. Some blogs automatically default to adding the nofollow attribute to links.
Doug

Email is not Secure…but it can be

Monday, September 18th, 2006

Recently I read about someone who sent their credit card information over email to purchase something. Naturally, I was shocked. Come to find out he thought email was secure…and in talking to online store vendors many people think email is secure.
It is not.
Logging onto email programs such as Yahoo! is somewhat secure. The login page is unsecure (http: not https: ) which means there is no guarantee that the Yahoo page is really from Yahoo; but if it is, the user name and password are submitted to Yahoo using SSL security (provided your browser is equipped to use SSL - IE, Opera, and Firefox are). BUT, once logged in, sending and receiving emails is not secure.
There are ways of sending and receiving encrypted emails.
A hushmail (free or paid web-based email like gmail or yahoo) user, for example, can send/receive encrypted email to another hushmail user (or PGP user), no problem - the login and the email itself are fully secured. If the recipient’s email is unsecure and you wish to send a secured email, hushmail has an option to ask a question and give an answer for the recipient. If answered correctly the recipient can view the email.
There are add-on programs for email programs such as Outlook that have encryption capability. For example, PGP (pretty good privacy - an encryption technique) can be added on to Outlook so anyone else with PGP (or hushmail user) can send/receive encrypted email.
Large companies use a private network and their own mail servers so intercompany email can be encrypted - but if it leaves the company’s network it is either unencrypted or would require the recipient to have an encryption scheme (like PGP).

One of the benefits of using a totally secure email is you can use it in a public place, such as an airport or coffee shop, and not get snooped.
We use encrypted email for business and generally unencrypted for personal.

Doug