Let’s Talk About Spam..

Spam rates are on the decline. How can you help contribute to that statistic?
According to the Symantec Intelligence Report published in June 2015, spam fell to less than 50% of all email nationwide in the month of June making it the lowest it has been in a decade! National experts state that the decline is due to law enforcement agencies aggressively pursuing spamming operators and network providers being more tuned in to the problem. Levels of spam have been declining slowly within the past few years. Historically over 80% of all email processed by BIT is classified as “spam” mail. That is a lot of ‘junk mail’ to be dealt with. 
In addition, improved methods of filtering and blocking have attributed to the decline in spam, making it harder for unsolicited marketing messages to reach inboxes where people might click on the message. Unfortunately, as our technological defenses advance, so do the spammers’ methods.  
BIT has created a Report Spam mailbox on the global address list that we would like spam messages sent. The 3 types of spam emails that we would like to see users sending to the Report Spam mailbox include the following: 
  1. Any email that is asking you to enter your User ID and password to reset or verify your email account or web mail account.  

  1. NOTE: The BIT Help desk will never send out an email to users asking you to provide your User Id or password or any personal information. 

  2. BIT individually tracks the number of “phishing” attempts. This provides us insight into the methods and content being used to try to trick government officials into providing their credentials. It also allows us to proactively block and remove these messages from inboxes before an infection can occur. 

  1. Any email that is asking you to open an attachment that you are unsure of.  

  1. NOTE: The most common malicious attachments are HTML which can display phishing pages on the user’s local computer or redirect the user to a malicious website. PDF, Word and Excel are common as well. 

  2. Even a known or trusted email user may be inadvertently sending dangerous attachments if his or her email system has been corrupted.  A sophisticated spamming device can corrupt a user’s email system and attach files to that user’s outgoing emails. 

  1. Spam with one or more links.  

  1. Verify the validity of the email with the sender before you click on any links. 

  2. NOTE: Hover over the link without clicking on it and you will see the real destination of the link. Many times it points to a different web site and might be malicious. If the real destination of the link is different from the link, then send the email to Report Spam. 

Here is an example of a malicious URL:

If you look closely, when you hover over the link- you will see that the blue hyperlink listed by the “Microsoft Team” is different than the actual URL address.  
What are some other steps you can take to protect yourself from harmful spamming attacks? Here are a few helpful tips: 
  1. Limit the amount of information you share and where you post your e-mail address. 

    • Quite simply, if you don’t need to post your email address, don’t! Be especially careful when posting to forums, Facebook, or even LinkedIn profiles. Although including your email might make it easier for users to connect with you, it also makes it easier for spammers as well. In addition, consider the content you share. 
  1. Pay attention to the subject line. 

    • Phrases such as “Click here!” , “Once in a lifetime opportunity!” or anything that includes a spastic number of exclamation marks in the subject line (aside from a few overzealous coworkers you may have) warrants a reason for concern.  Sometimes, some of these “great opportunities” are worth missing. Especially if they involve spam.  
  1. Do not reply. 

    • Remember those pesky telemarketers or unrelenting salesman? Once you answer the telephone or answer the door, they know you are home… And they will be back. The same goes for spammers. Once you reply to a spam email, you just have confirmed for the spammer the legitimacy of your email address.  
  1. Do not unsubscribe. 

    • Although this may seem like a logical reaction to receiving spam, its repercussions tie in heavily with the previous point. If you aren’t sure of the legitimacy of the company to begin with, there is no guarantee that this request won’t be used against you. Once again, this could be another ploy to confirm the legitimacy of your email address.  
Although this is not an exhaustive list, at least some of these ideas can help protect yourself from spam attacks!