Internet Defense Technology

If you get an email claiming to be a major professional of some kind (like a lawyer, doctor, judge or something) take a look at the email address.

Any lawyer, doctor, etc. worth their weight in salt does not use hotmail as their email provider.

It is pretty safe to assume that if you got an email from someone claiming to be such a type of professional and the email address is a hotmail address, it is spam or a phishing attempt and you should just delete it.

As a note for any lawyers, doctors, etc. reading this, if you are, you really need to get an email address with your own company’s domain in it.

This is most likely a spammer who has randomly selected your email address as the return path and/or from for outbound spam.

In this case you will likely be receiving non delivery reports (NDRs) generated by the outbound spam traffic.

Unfortunately since the spammer is almost certainly using network resources not under Yahoo’s control, short of analyzing traffic and attempting to track it down to the source networks which will most likely lead back to a group of diverse, compromised computers, (not a recommended good use of your time), the best option is probably to define a message rule. Locate something common but unique about the NDRs so that they are automatically moved into a separate folder or simply deleted.

These NDRs are not themselves spam and thus they are unlikely to get blocked by existing spam blocking measures.

Eventually the spammer will select some other address to use.

Note: you would have more options to block this sort of thing if you had domain based email, particularly your own domain under your control, then you could contact your hosting company for assistance blocking the traffic, or use any number of domain-based antispam services such as Total Mail Defense.

Additionally, domain based email accounts are generally less likely to be subject to this sort of abuse, although it can happen to any email address.

Answer written by Founder, Chairman and CTO, Ron Edison

So with the holiday season quickly approaching many retailers and fighting for those few dollars you have to spend.

There will be a lot of email being sent, some of it from companies you trust, some from those you have never heard of before. Some of these companies know and understand the spam rules, some do not know or choose to ignore them.

Some of these companies may actually be sending you coupons and other incentives to buy through them (and some of these you may actually want).

Additionally, the spammers for all those lovely drugs and pictures and such will be using the holidays in their subject lines and other ways trying to get you to open the email.

What to do in this storm?

First, tell your email program not to view images automatically. This way you won’t accidentally download something while opening images.

Read the sender’s email address and make sure it looks for real. The email address should end in the name of the companies website.com (like sears.com, costco.com and such).

Unfortunately this isn’t always the case and some legitimate email comes from other addresses. So, if you look at the sender’s email address and it looks funny, but you ARE expecting the email from that company (you signed up for them), go ahead and look at the email (with the images off).

If you aren’t expecting the email and the address looks funny, delete it.

If you have gotten far enough along to open the email now read through it and see where it links out. Before clicking the link put the mouse cursor over it and then look at the bottom of your email program where an address should be written out.

Only click on the link it is going to the actual website. DO NOT click on it if it goes via another website or look similar but is in fact a trick (like sears.cr.com or something). If the address looks funny, go straight to the website yourself without clicking on the link.

With many people’s pocket books getting thinner this year we need to be careful with where we buy stuff from and make sure we don’t get caught by spammers.

Most people who send emails don’t really understand all the pieces and ways you can send an email.

You can send an email “To:” someone or “CC:” someone or even “BCC:” them.

CC is a hold over of terminology from the good old days when you had to use a piece of carbon copy to make a duplicate of something (before copiers were widespread).

So when you CC someone you are making a copy for them to read.

BCC means a blind carbon copy, you know when you gave some data to a co-worker but sent a copy of the communication to your boss so he would know where that person got it from.

When sending an email you should utilize all of these different fields.

The biggest mistake I have seen done on this is when someone tries to forward an email to a large number of their address book and they put everyone in the “To:” or “CC:” fields.

I have spoken of this before most recently in my post Forwarding Warning or Alarming Emails, but the fact holds true even when sending one of those cute emails to your friends to make them laugh.

When you put everyone in the “To:” or the “CC:” then everyone gets to see everyone’s email address. Now maybe you feel your friends wouldn’t abuse the messages, but if they ever get hacked and someone else looks for all the addresses they know, you have just exposed all your friends.

So be sure to use your email fields correctly, to protect your friends.

Over the weekend I got forwarded an email from a friend about a “BIG VIRUS COMING” and tried to use another website to prove that the virus was real (http://www.snopes.com/ which is a Urban Legends Reference Site to validate things or not).

My friend did two things wrong when forwarding this email.

1) She forwarded it to almost her entire address book, and put all these email address in the “To” line. Which means I can see all of these people and their email address and these other people see it to. Anyone can now email all these people.

I don’t know who these people are and don’t know that I want all of them to have my email address, but the choice has been taken away from me (if just one of these people is a spammer, I have just been signed up for another piece).

If you are going to forward an email to your address book, put all the names in the “BCC” field. BCC stands for Blind Cabon Copy, which means everyone is blind to the address it is sent to. People will still get the email, but they won’t be able to see any of the email addresses.

2) My friend claims she read the Snopes page to verify this, but she obviously only scanned it, because she missed at the bottom where it says:

“Readers should take particular care not to confuse the real postcard/greeting card virus with a number of virus-related hoaxes that have been circulating for several years. A variety of messages forwarded by well-intended people to warn others about the Postcard virus contribute to this confusion by including within them links to our article about the “Virtual Card for You” hoax”.

If you are going to forward an alarming email (or any news for the matter) make sure you have 100% verified it is real, don’t scan and do half a job on this. Some people don’t take alarming news well and they get upset, especially if they don’t know what to do about it.

It seems that whenever you buy something on the Internet this leads to more email spam in your mailbox.

However, a lot of legitimate companies are starting to recognize that selling your email address to someone or even spamming them themselves without your consent gets them in trouble.

However instead of being very overt and forthcoming about getting your consent they are being subtle and many people miss the opportunity to say no because it is so hidden.

Whenever you buy something on-line read the entirety of all the pages of the checkout process. Especially look for a little title checkbox that is you either have to check to not be on their mailing list or uncheck. Sometimes there is more than one:

I get asked this a lot too and did a an early post called How Many People Actually Buy Something from Spam? which covers this subject.

Basically this is a conversion problem.

Say the spammers send out ten thousands (not uncommon number, sometimes more) spam messages and out of that say two people click through and they make money off of them. That is 0.0002% and they made money off of it.

Simple math and a little scary that it doesn’t take that much unfortunately.

That is why we at IDT feel it is so important to push education out. That way the spammers stop making money and stop spamming (hopefully).

Been seeing a lot of people talking about changing their email address to get away from the spam.

They wonder how long before they are going to have to change it again.

There is no set rule on how long it will take to get spam again. This depends on how you use your email address.

Obviously, if you never give it out to anyone you are going to have a pretty clean box. If you only give it to a few friends you trust (and tell them never to give it out) then you are probably ok.

As soon as you start buying stuff on-line, signing up for e-newsletters or put your address up on any webpage (your site, your social network identity, etc.) that is when you start opening yourself up to spam. You can see my other blog post on How Did the Spammer Get My Address? which goes over this in more detail.

So, there is no answer to that question really. It depends on your activities.

Now for the usual part (considering this is an email spam filtering company’s blog) you should just get a great filter that stops the spam from ever reaching you and you don’t have to worry about that. Of course, that means you need to check out ours here.

When you forward email from one address to another this can sometime lead to difficulties with filtering.

The worst example would be having a hotmail email address that you know forward to work or even gmail.

One of the checks that spam filters do is to check and see who the email is coming from (one reason spammers like to fake a real legitimate email as the from). If they see that it is coming from your toher legitimate email address, they won’t check any further.

While any good filter will check more than that, not all of them do and this can lead to you having a lot more spam in your inbox.

Solutions:

* Tell people about the email address change and give everyone a deadline to change over all their records. Examples, my old email address will be off in 6 months please update your records to “new address”, adding this in the footer of your emails out for a little while too.

* Get a better filter that checks much more than where an email is coming from (and there is my plug for our product, of course).

When I tell people that I work for an email spam company, one of the first and most surprising questions I get asked (after how do I stop the spam) is why do spammers spam.

Well, results from a new survey by Marshal show that 29% of respondents to a recent survey admitted they made purchases from spam messages. This is up from 2004 where only 20% admitted to doing so.

That pretty much says it all, unfortunately, spammers do it for the money and enough people buy stuff or get caught by the scams to make it worth their while to keep going.

My objective, educate everyone I met on email spam, how not to get caught, not to respond and definitely not to buy. Really in the end, if we hit the spammers where it counts (in the back pocket) they will eventually give up.