A Lesson on Spam: Spoofing, Phishing and Bounce-Backs

Since the mid-1990’s, spam has become a typical email nuisance bringing most computer users a daily dose of annoyance and frustration. In fact, securelist.com estimates that spam constitutes 70 to 80% of all email traffic. Once simply defined as “any unsolicited anonymous bulk advertising email,” spam now takes on several different forms and continues to evolve. It is important for users to be able to recognize the following common types of spam in order to mitigate the risks of falling victim to online scams and/or computer viruses and jeopardizing the security of their business network.

Spoofing

The term “spoofing” is used to describe fraudulent emails in which the sender’s address and other parts of the email header have been altered to appear as though the email originated from a different source, often a stolen email address. Spammers obtain these stolen email addresses from websites, forums, discussion boards, blogs, or essentially anything that is published on the Internet and use them to create the ‘spoofed email.’ Although most spoofed e-mail falls into the "nuisance" category and requires little action other than deletion, the more malicious varieties, typically those that involve “phishing,” can cause serious problems and security risks for your business network.

Phishing

Phishing utilizes the spoofing technique by crafting the email to appear as if it came from a legitimate company, such as a bank, a retailer, or a government agency, in order to obtain information from the user. Typically, through these phishing emails, spammers will request the user’s personal account numbers, social security number, passwords, etc. and can ultimately steal the user’s identity if given this information.

Bounce-back

“Bounce-back,” also known as “backscatter,” is spam that is directly correlated with spoofing. The spammer typically finds the email address via the Web, uses it to create a spoofed email, and sends the message out to hundreds of thousands of recipients. When the spam gets sent to an address that no longer exists, it can sometimes be ‘bounced-back’ to the email address used to create the spoofed email. Often, this creates confusion with the user as they may think that the backscatter is a sign that their computer has been hacked and is sending out spam messages.

While spam in general is probably here to stay as spammers continue to find new, creative ways to fool us, there are several things a user can do to safeguard themselves from spoofing and phishing scams. General guidelines in regards to all email include:

1. If you don’t recognize the email’s sender, don’t open it.
2. Do not open any attachments or follow any links that you are not familiar with.
3. Be aware of the spelling, grammar, and punctuation in the email. Phishing emails are typically riddled with bad grammar and spelling.
4. Review hyperlinks before following them by hovering over a hyperlink—the website you will be directed to will usually appear in an information bubble of the lower right hand corner of the application.
5. If the email is requesting any sort of personal, login, or financial information OR is requesting you to login or change your current information…STOP, close the email and report it to your network administrator.

For additional details and tips on how to combat spam, please see our previous blog post “Eat Spam, Just Don’t Look at It.” If you would like more information on how 3D Corporation can provide security solutions to protect your business from spam and other threats to your network, visit our website at http://www.3dcorp.us/, call (360) 671-4906, or email info@3dcorp.us.

  

References: http://www.securelist.com/en/threats/spam?chapter=88, http://www.pcworld.com/businesscenter/article/145449/100_email_bouncebacks_youve_been_backscattered.html, http://www.consumerfraudreporting.org/spoofing.php