ULM logo

People use email everyday sometimes without thinking about who is sending what to whom and why. Most email is innocuous and useful. Some is not so harmless. There are a few questions that come up again and again. Answers to these questions often provide solutions to problems and issues related to security and safety while engaging in online activities. A few of those questions can be found below.

It seems like everyone I know is using a web-based email system like Zimbra. I am still on Outlook. Is that bad?
Outlook is an attractive target of email viruses because it has built in technology that can be used to propagate spam email. A malware-laden message can open in Outlook, scan the local contact address book, and send messages to everyone on that list even without the owner realizing it is happening. Most web-based email systems do not have capabilities for virus propagation. The contacts are stored on the server where the malware cannot easily access them. Most server systems routinely check for viruses within messages so the chances of malware reaching the system is small. Most webmail also does not have the ability to automate functions such as the mass sending of huge amounts of email. Because the webmail relies upon the user to initiate most functions, automatic processes cannot run behind the scene to spread the malware to other users. Of course, webmail can still be used to send messages with potentially dangerous attachments within.

Someone got an email from me...I did not send it. Do I have a virus?
Actually, it is easy for a person to send email as someone else. Do you need the President to email your boss? It is not that difficult to forge an email return address. In most cases, when you get a return notice from someone and you know you sent them no message, the most likely cause is someone forged your email address. Spammers gather large amounts of email addresses to sell and trade. When the intended recipient cannot be reached, the email bounces back to the forged address, in this case - yours. A full scan with an antivirus product is a good precaution in any case.

So someone forged my email address. What can I do?
In most cases, the spammer sending out the emails will move on to new addresses. If you wait several days, the emails will often stop as new target addresses are used. You can go to the trouble of changing your email address but nothing guarantees the new email address will not also be forged.

Forged emails? That sounds pretty insecure. How does anyone ever know it is really me?
They don't. Email is an inherently insecure mechanism for exchange of information. You can never be certain a message comes from the listed sender. If the email is forged, it can SEEM to come from anybody.

Is there a way to tell a message is forged?
There are telltale clues that can be found within the parts of the message most people ignore. The "email headers" often contain information useful for determining the origin of the email or how it was sent. If this information reports the origin as being outside of the country, that may be a good indicator your local sender did not post the email.

So if emails can be forged, how do I know when the Computing Center is really asking for my password?
The University Computing Center does not use email to ask for passwords. We realize email is insecure and would never use it to request personal information such as passwords. If you see an email message that asks for a password or other personal information and says it comes from the UCC, it is a good bet the message is forged.

Attachments

I got an email message with a greeting card attachment from a secret admirer. How can I find out who this mysterious admirer might be?
Usually the admirer is someone who has never met you and seeks to do you and your computer harm. The greeting card is most likely a virus file or piece of malware. When you go to view it, bad things start happening to your computer. Always beware anything that comes through the email with no sender or a sender that does not provide a specific name. A sender's name may be forged but the process is a bit harder than sending a generic message to a generic recipient. Some malware creators make a universal email they send to everyone. The hint of mystery makes opening the card tempting and they play on that feeling. Do not let them fool you.

What happens if I get a greeting card from someone I know? Can I open that one?
Again, one must be careful and on guard...it may be real or it may not be real. By taking a few careful steps, you can reduce the chances of mistaking a bad email for a good one. Try some of these. Contact the sender to see if they sent the card. See if the sender included a personal email message that seems directed specifically at you, not some generic anybody. Check the attachment type. If it is an exe file, be very wary of it and do not risk opening it. If there are included website links in the message, make sure the address matches the one actually listed. Mouseover the link and look to see at the bottom of the browser window if the link is the same as the one in the text. If not, be suspicious. See if a web address actually matches the website of a greeting card vendor. Google can be your friend.

Which attachments are safe to open?
Safety is a relative term; no attachment is completely safe. Some files are more dangerous than others. On the Windows platform, exe files are programs that can do useful things or very bad things. Unknown exe files should be avoided.

What about video files?
Video files are pretty safe assuming that they are in fact video files. Many files are labeled incorrectly to try and fool the user. If the file is actually a disguised malware file, opening the "video" can actually execute a program that does bad things. One way to improve safety is to manually open the video file from the video player. Start the video player and use the File-Open menu option to bring in and play the video. If the file is indeed a video, it should play. If it is a disguised file, an error should appear.

I heard video files can be a problem. Are they?
Again safety is relative. One of the problems with video files was that Windows Media Player has had some known security issues. It is possible for malicious code to be embedded in a windows video file. This code can activate and cause problems on the playing system. Other players incapable of activating embedded code are available. They can display movie files while ignoring executable code inside. Apple's Quicktime Player, the free Media Player Classic, and the open source VideoLAN (VLC) are examples or players that are good for playing movie files without activating malware found within.

Spam

I got a bunch of email messages I did not request. Should I report these to somebody?
Spam messages are named after a popular Monty Python skit whereby a restaurant customer could order anything he wanted on the menu as long as it included spam. There was simply no choice in the matter and the waiter made sure the patron realized that. In the case of email, spam refers to messages unwanted and never requested. When spammers get email addresses they send out messages to everyone on these lists regardless of whether the receivers actually want them or not. The goal is usually economic; a spam barrage may result in several responses and subsequent sales of the listed product. Spam continues because it is cheap and effective compared to regular "junk mail." There are no paper or ink costs and a large number of people may be contacted in a short period of time.

Because spammers are considered a nuisance, they often move from server to server to prevent being stopped. There is a period of time between the start of the spam barrage and the suspension of their email account. In that period, a lot of spam can be sent. Reporting spam really is a waste of time. There are already entities trying to close down the spammers. If spam could easily be deterred, it probably already would be. Reporting does very little if anything to change the situation.

This spam message says I can "unsubscribe" from their list. I should just do that then?
No. Most of the spammers are doing everything they can to keep you interested and viewing their messages. They will not offer a feature enabling you to make them disappear so easily. Instead the "unsubscribe" function is meant as a confirmation that someone actually is at this email address and reading their spam. When you try to unsubscribe, you basically tell the spammer, "Yes...I am here and seeing your message...take me off the list." Their response is to send even more spam since the first one was so successful.

This sounds like a losing battle. What can I do about spam?
The University uses a spam blocking mechanism to reduce spam from reaching users. It is not perfect but reduces a considerable amount of junk that never appears in the email inbox. You can also set up filters in Zimbra to move messages containing certain text directly to the trash (be careful...any of the recognized text will trigger this filter, even if the message is legitimate). Finally, if you get a junk message, mark it as spam in your email program and then ignore it. Consider it electronic junk mail and just pitch it in the trash.

Groups: