slide1 l.
Skip this Video
Loading SlideShow in 5 Seconds..
SPAM PowerPoint Presentation
Download Presentation

Loading in 2 Seconds...

play fullscreen
1 / 42

SPAM - PowerPoint PPT Presentation

  • Uploaded on

SPAM. What you can – and can’t – do about it. SPAM Overview. SPAM Scope and cost Viruses Definition and examples (CCSF +) Fraud and Phishing Types of phishing Some Examples Spyware From annoyance to identity theft CCSF’s Barracuda SPAM filter Protecting yourself. The Spam Problem.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'SPAM' - johana

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript


What you can – and can’t – do about it

spam overview
SPAM Overview
  • SPAM
    • Scope and cost
    • Viruses
    • Definition and examples (CCSF +)
  • Fraud and Phishing
    • Types of phishing
    • Some Examples
  • Spyware
    • From annoyance to identity theft
  • CCSF’s Barracuda SPAM filter
  • Protecting yourself
the spam problem
The Spam Problem
  • Spam = unsolicited email
    • Ads
    • Viruses
    • Phishing
    • spyware
  • The Problem
    • Volume / Annoyance
    • Cost-Shifting
    • Waste of Resources
    • Fraud
spam as of total email
Spam as % of total email
  • March 2003 ― 45%
  • Feb 2004 ― 62%
spam today
Spam today
  • March 2003 ― 45%
  • January 14, 2005:
  • Feb 2004 ― 62%

From up-to-the minute statistics

has this happened to you
Has this happened to you?
  • “Email undeliverable” notices for email you never sent?
  • Requests to confirm account numbers, PINs, Passwords?
  • “Microsoft” emails containing “updates” or “fixes”?
  • or“The support team” messages
email undeliverable
“Email undeliverable”
  • Mail from “your” email address sent to people all over the world
  • Causes
    • Mining: Spammers gather email addresses from
      • Intercepted email
      • Spyware planted on users’ computers
    • Spoofing: Spammers use your email address to disguise their messages
microsoft emails
“Microsoft” emails
  • Contain fake “updates” with viruses
  • Microsoft never uses email for updates
  • Virus protection preinstalled on all CCSF computers
    • Automatically updates for latest virus data
    • Updates happen in background – no messages appear
administrator@ccsf edu
  • Messages claiming to come from our ITS admins
  • Ask for info because “account is expiring”
  • Verify by sending password
  • Unsigned (and misspelled)
  • Never genuine! We don’t:
    • Email confidential security/personal info
    • Send unsigned messages
    • Misspell
recent examples 1 ccsf support
Recent examples 1: CCSF “support”
  • The W32mydoom virus carried by this message sent to many CCSF email addresses

Dear user of,

Your account has been used to send a huge amount of spam during the recent week.

We suspect that your computer was infected by a recent virus and now runs a trojan proxy server.

Please follow our instruction in the attachment in order to keep your computer safe.

Virtually yours,

The support team.

ccsf s policy
CCSF’s policy….
  • Users: Delete this virus/hoax
  • Email Admin: Took action to block these messages as soon as known
  • Our policy statement:

(i.e., with a name such as Shirley Barger, Anne Morris, Doug Re, whomever). "Virtually yours," "The CCSF Team", "CCSF Administrators" and such AIN'T our STYLE, and it won't be.

recent examples 2 ccsf user
Recent examples 2: CCSF “user”
  • Email on Faculty Listserv from "Rbalestr“

From: "Rbalestr" <>

To: ""

Date: Saturday - September 18, 2004 6:50 AM

Subject: Faculty: Re:

jvwdtbyfru.bmp (3958 bytes) [View] [Save As] (36606 bytes) [View] [Save As]

Mime.822 (57943 bytes) [View] [Save As]

recent examples 2 carried a virus
Recent examples 2: Carried a virus
  • Email on Faculty Listserv from "Rbalestr“

From: "Rbalestr" <>

To: ""

Date: Saturday - September 18, 2004 6:50 AM

Subject: Faculty: Re:

jvwdtbyfru.bmp (3958 bytes) [View] [Save As] (36606 bytes) [View] [Save As]

Mime.822 (57943 bytes) [View] [Save As]

File carrying a Virus!

other examples
Other examples….

Fake craigslist msg w virus



Subject: Important notify about your e-mail account. Hello user of e-mail server, Your e-mail account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. Pay attention on attached file.

For security reasons attached file is password protected. The password is "13545".

Cheers, The team

March 2004

  • Fake Subject lines disguise content
  • “Remove” links gather addresses
  • “Spoofing” of identity
    • Fake From: addresses in email
    • Disguised server sources implicate innocent parties
  • False claims, phishing
  • Attempts to gather confidential information
    • Credit card #s
    • PINs
    • Account #s
    • Passwords
  • May use original site’s graphics
  • Return addresses/links mimic originals

Since August 2003, most major banks in the USA, the UK and Australia have been hit with phishing attacks

confirm account numbers
Confirm account numbers
  • “Phishing” for confidential information
  • Growing fraud phenomenon
  • International
  • Recent organized crime involvement
  • Spam for
    • Siphoning money
    • Identity Theft
new tsunami phishing scams
New Tsunami phishing scams

From USA TODAY (Edward Iwata and Martin Kasindorf)

The FBI is investigating dozens of bogus Web sites that

prey on potential tsunami donors by mimicking sites of

well-known charities, FBI Special Agent Tom Grasso said Monday.

Con artists also are using variations of the Nigerian "419" scam.... The e-mail authors claim to be government officials, bank officers and poor farmers who have lost loved ones in the tsunami.

phishing increases
Phishing increases
  • From latest report
    • December 2004
phishing updates
Phishing updates
    • Up-to-date examples and descriptions of phishing scams
    • Examples: Amazon, eBay, AOL, Washington Mutual…
    • Good information provided after you take a quiz based on actual emails, real and fraudulent
  • Programs installed secretly on your computer as you browse the Internet
  • Purposes:
    • Pop up ads; change home page
    • Capture keystrokes as you enter passwords, logins, etc
    • Gather Info about
      • browsing habits
      • email addresses/passwords/credit card #s
combating spyware
Combating Spyware
  • Combat with free programs:
    • Spybot Search and Destroy (
    • Ad-Aware (
  • Yahoo: New free toolbar contains anti-spyware program, popup-blocker
  • Microsoft: Beta tool for Windows
  • Summary info at
ccsf new spam filtering
CCSF: New Spam filtering
  • Barracuda Spam-filter
    • Applied starting November 2004
    • GroupWise email only
      • MUCH less Spam in Mailbox
        • Separate Quarantine area
        • Quarantine message once a day
      • User control over Spam
        • Whitelist: Addresses always allowed
        • Blacklist: Always blocked
ccsf informal spam stats
CCSF (informal) Spam stats
  • 2003: 25-50% filtered out
      • ½-1 hour/day of GroupWise administrator’s time
  • March 2004: 65-75% filtered
  • Feb 2005: 80+% filtered
      • 118,000+ messages a week!
  • Current: 6000 + domains / addresses blocked
      • List grows daily
barracuda s 4 categories
Barracuda’s 4 categories
  • Definitely Spam/Virus
    • Not allowed through system
  • Likely to be Spam
    • Sent to your Quarantine area for you to review/delete/allow
  • Maybe Spam
    • Tagged with [BULK] in Subject
    • Sent to Mailbox
  • Not Spam  Sent to Mailbox
quarantine message web
Quarantine message: Web
  • Once a day, you’ll see this message (Web client)
  • You can take limited action – but …
accessing quarantine web
Accessing Quarantine: Web
  • For more control:
    • Scroll to end of message
    • Click link at end: “click here”
  • Takes you to your quarantine area
    • See all quarantined messages
    • Act on them
quarantine message windows
Quarantine message: Windows
  • Once a day, you’ll see this message (Windows client)
  • Click long link at end
  • Tip: Click first or last lines
  • Takes you to your quarantine area
    • See & act on all quarantined messages
quarantine area
Quarantine area
  • Deliver
    • Just deliver the mail. Make no change to filtering parameters.
  • Whitelist
    • Deliver and always allow message from this sender
  • Delete
    • Just deletes without changes to filtering parameters.
  • Classify as Not Spam
    • Deliver message and updates Spam filter.
  • Classify as Spam
    • Delete and update Spam filter
barracuda tips
Barracuda tips
  • Look at the Barracuda SPAM message regularly
  • Go to your SPAM link
  • Delete Spam
  • THEN:
    • DELETE Barracuda SPAM report messages
    • They are big!
    • Fill up your email space unless deleted
be vigilant
Be Vigilant
  • Protect your email address - treat it like your phone number.
  • Never email passwords, credit card numbers, or other personal information.
  • Don't post your email address in public places.
  • Never respond to unsolicited email or click on a URL or web site listed in spam.
  • Never forward spam chain letters.
protect against viruses
Protect against viruses
  • Don’t open suspicious attachments – even from friends
  • Check to see if they have actually sent attached docs
  • At CCSF:
    • Desktops automatically update Virus SW
    • Laptops: Lucky owners must actively keep CCSF virus SW updated (Windows and Mac)
  • At home: Get a Virus checker
    • Keep it updated!
virus vigilance
Virus Vigilance
  • Look at email attachments
    • Suspicious signs:
      • Nonsense names
      • Names ending with any of the following: .zip .scr .pif .exe .vbs .com
protect against spyware
Protect against Spyware
  • Use at least one Spyware catcher
    • Free: Ad-Aware (Personal edition)
    • Free: Spybot Search and Destroy
    • Free (So far): Microsoft beta
    • Not Free: SpySweeper ($30/yr)
    • Mac: MacScan
don t contribute to spam
Don’t contribute to Spam
  • Use the BC email field for groups outside CCSF
    • BC Field hides addresses
    • May help get msgs to Yahoo, Hotmail recipients
    • Helps prevent address capture by spammers
don t look like spam
Don’t look like Spam

If you want people to read your email messages

  • Make your email Subject lines count
    • CNIT 3/22 meeting minutes
    • Not: Info
  • Don’t use suspicious Subjects:
    • Hi!
    • Pix
    • Re:
  • Don’t leave subjects blank
spam spyware resources
Spam / Spyware Resources
  • Search on Spam facts
  • Your ISP for Spam info
  • Orman on Spam Scams)
  • For fun:
  • Spyware:
identity theft resources
Identity Theft Resources
  • Search on Identity+theft at
    • Prevention tips
    • What to do
      • to find out if your identity has been stolen
      • after the fact
    • Good clearinghouse of information
  • General:
    • updated news links site
    • Good source for Windows OS updates and general information
  • Phishing and Organized crime
    • Government site on many aspects of spam and crime
final note
Final note
  • From CAUCEthe Coalition Against Unsolicited email

According to the European Commission, the costs of spam to businesses and consumers have been estimated at USD $8 billion/year. Pressing <DELETE> doesn't recover those costs.