Email+(Spam+Control+and+Phishing+Schemes)

=__Email: Spam & Phishing__ = //By Robert Guritz//

What is Spam?
Spam is unwanted bulk email. Spam sometimes is sent from anonymous addresses or spoofed addresses in someone's message box. Many spam messages can not be stopped without sophisticated spam control software. Some unwanted mail messages can be dealt with in accordance to law, but many messages are from spoofed email addresses so you never know who they actually came from. Spoofing can be done pretty easily with sophisticated systems. A spoof is an email sent from a anonymous location, but it appears to be from an actual user that you may be familiar with. A few years ago, many messages were being spoofed from admin accounts on many local systems.

Those users who send spam can get addresses in many ways. A lot of times addresses are received from scanning of usenet or other list-serv lists. Sometimes the email addresses are computer generated. The senders of the spam mail simply generate all variations of a combination of letters and send mail out. They are not concerned with undeliverable mail. Lastly, some companies sell their databases of email addresses to those individuals that send out spam.

Spam costs people money as well. Now, it doesn't cost the sender much, but the receiver may be subject to various costs. Some ISPs charge by data received, so receiving all of the unwanted mail messages would cost users money. All of this increased traffic on the Internet has also caused many to increase bandwidth in order for legitimate uses of the Internet to not get clogged down and run slower because of all of the increased traffic. Some research shows that as much as 91% of all emails sent are spam. (See Paul Kedrosky, [|More Staggering Stats on Stock Spam])

Getting rid of spam sounds easy, but it rarely is. Many spammers learn new techniques to get around certain safeguards that are put in. Many ISPs now offer spam filtering either as part of their incuded service or as part of a package or add on deal. Some products are available for certain systems if you are a network technician. [|Barracuda] makes a spam firewall product to filter spam on Exchange systems, [|GWAVA] produces a spam filter for Groupwise Systems, and there are many more by simply using an Internet search engine to search on "Spam Killers."

What does Phishing mean?
Phishing was coined from the word fishing to describe hackers who try to "fish" information from their victims. Phishing scams come in the form of emails. The most notable scam is the one where you may be requested to update your information and it will direct you to another website not the actual one advertised. When trying to spot a Phishing scam, pay close attention to the web address you are being directed to. A lot of times they may be in the form of the actual company, but include extra letters on the end to denote a foreign country. For example, a phishing scam using Ebay as the front for their scam, asked users to update their information and when you clicked the link it too you to www. ebay. com. tw which was a company in Taiwan. Extra spaces were added so it would not be a hyperlink.

Along with the foreign addresses, a couple of other things that you can keep your eye open for to spot a phishing scam is incorrect spelling or grammar. As these are foreign country residents performing these scams, a lot of times their English is not the best. If an email is poorly written it could also signal a possible phishing scams.

See this Power Point Presentation on [|Phishing Scams] developed by Robert Guritz.

If you are still unsure, there are several websites available to help you spot phishing scams. You can also simply do a google search on your subject heading, this tends to lead to a successful conclusion on whether or not the email is a scam.

Websites include:

Snopes- [|www.snopes.com] Anti-Phishing Working Group Archive- http://www.antiphishing.org/phishing_archive/phishing_archive.html