|
|
|
 |
|
Protecting your
mailbox from threats requires constant vigilance, both on the part of Mi8's
security personnel, and on the part of your users. Threats are constantly
evolving and shifting:
-
In December 2004,
1 in 19 messages received by Mi8 from the Internet was a virus - more than
doubling from the year before. This is projected to double again in 2005.
-
That same month,
spam messages made up more than 80% of messages received from the Internet
by Mi8.
-
Phishing attacks
grew exponentially in 2004, and continue to expand in 2005.
Perhaps more
frightening, however, is the fact that virus writers and spammers have started
working together, to create sophisticated attacks combining elements of both
threats. These new attacks are transforming the PCs of unsuspecting users
into "zombies", which are being used as tools for committing crimes such as
identity theft, fraud, pornographic spam, and more.
Below you will find
some commonsense advice about how to best protect your users; remember, training
user behavior is even more important than the best security technology!
Viruses & Worms |
Spam |
Phishing/Identity Theft
|
Viruses & Worms
In computer security
technology, a virus is a self-replicating program that spreads by inserting
copies of itself into other executable code or documents (for a complete
definition: see below). Thus, a computer virus behaves in a way similar to a
biological virus, which spreads by inserting itself into living cells. Extending
the analogy, the insertion of the virus into a program is termed infection, and
the infected file (or executable code that is not part of a file) is called a
host. Viruses are one of the several types of "malware" or malicious software.
In common usage, the term virus is often extended to refer to computer worms and
other sorts of malware.
While many viruses can be intentionally destructive (for example, by destroying
data), many other viruses are fairly benign or merely annoying. Some viruses
have a delayed payload, which is sometimes called a bomb. For example, a virus
might display a message on a specific day or wait until it has infected a
certain number of hosts. A time bomb occurs during a particular date or time,
and a logic bomb occurs when the user of a computer takes an action that
triggers the bomb. However, the predominant negative effect of viruses is their
uncontrolled self-reproduction, which wastes or overwhelms computer resources.
Today (as of 2005), viruses are somewhat less common than network-borne worms,
due to the popularity of the Internet broadband connections, which connect PCs
to the Internet 24x7. Anti-virus software, originally designed
to protect computers from viruses, has in turn expanded to cover worms and other
threats such as spyware.
Protecting Your
Mailboxes from Viruses & Worms
Mi8 protects your
mailbox from viruses and worms with advanced, redundant anti-virus technology
from multiple vendors. Our anti-virus definitions are updated hourly (more often
during widespread outbreaks) and our intelligent scanning technology captures
threats for which definitions are not yet available. We scan all messages
inbound from and outbound to the Internet with this advanced technology.
However, more worms
today are spreading through vulnerabilities in Microsoft Windows or Internet
Explorer, instant messaging clients, peer-to-peer sharing networks, and other
commonly installed software packages - often without any action required on the
part of your users! Note, too, that while Mi8 provides advanced anti-virus
for emails delivered through our systems, many of your users are probably
checking their Hotmail, GMail, or Yahoo!Mail accounts from your office,
providing another way for threats to enter your network. For these reasons, Mi8 strongly recommends that you also
deploy up-to-date desktop anti-virus software. Additionally, we strongly urge
you to document your corporate policy about updating your systems with security
patches (e.g., with
Windows Update and
Office
Update), and ensure your users follow this policy closely.
|
Spam
Spam is unsolicited
email on the Internet. From the sender's point-of-view, it's a form of bulk
mail, often to a list culled from subscribers to a Usenet discussion group or
obtained by companies that specialize in creating email distribution lists. To
the receiver, it appears as junk email.
By any measure, spam
has exploded into a major issue. Leading providers of spam protection tools
report that some 80 to 90 percent of all internet email today is spam, and the
number continues to grow. Spam clogs our mailboxes to the point where it
threatens viability of email as a communications tool. It also routinely carries
viruses, identity-theft scams, spyware, zombie bots and other serious security
threats.
The entire Internet industry is working to combat spam. Mi8 is a member of
various coalitions working to protect the millions of online users.
Protecting Your
Mailboxes from Spam
Here are some tips for
minimizing the spam you receive:
-
Be careful about
disclosing your email address. Spammers use programs that search chat rooms,
Internet sites, newsgroups - anywhere email addresses can be found-and use
that information to compile their mailing lists.
-
Set up an email
address just for use with Internet transactions-and keep your real address
private. Mi8 allows customers to easily create additional email
aliases without opening an entirely new account.
-
Share your primary
email address only with people you know.
-
When including
your email address in online profiles or on a personal website, disguise
your email address by writing it in "plain English" e.g.'Alice at
CompanyA
dot net'. That way, your address is still intelligible by humans but not by
email gathering software.
-
Beware of
pre-checked boxes when registering for online services or shopping
indicating you will "accept" emails from that organization. Uncheck those
boxes if you prefer not to receive that organization's messages.
-
When subscribing
to email notifications or newsletters ensure that you have reviewed the
website or company privacy policies about selling or distributing your email
address.
Many people have the
mistaken belief that keeping their email address private (e.g., not using it to
post to Usenet groups, not providing it for newsletter subscriptions, etc.) will
protect them from ALL spam. While this will help reduce the amount of spam you
receive, spammers have many other means of capturing (or guessing!) your email
address and adding it to their lists. Mi8 provides a default level of spam
protection for all of our users, including subscribing to professional
blocklists, monitoring spam reports from non-profit industry groups such as
CERN, and more. Additionally, Microsoft Exchange 2003 and Outlook 2003
provides an additional layer of filtering that is automatically enabled for all
users, routing suspicious mail to a Junk Mail folder under your Outlook Inbox.
For users with more
advanced protection needs, Mi8 has partnered with
Postini to offer advanced
anti-spam protection for our clients. Please contact Mi8 Client Support Services
(support@mi8.com)
|
Phishing/Identify Theft
In a phishing attack,
a fraudster spams the Internet with email claiming to be from a reputable
financial institution or e-commerce site. The email message urges the recipient
to click on a link to update their personal profile or carry out some
transaction. The link takes the victim to a fake website designed to look like
the real thing. However, any personal or financial information entered is routed
directly to the scammer; if information is provided to these sites, users can
fall victim to unauthorized credit card purchases or even identity theft.
Protecting Your
Mailboxes from Phishing & Identify Theft
The best way to
protect yourself from phishing is to educate yourself about typical scams, and
to remain suspicious about ANY email asking you to provide private information
(account numbers, passwords, etc.)
Some phishing scams
have been identified as targeting customers of specific banks, ISPs, etc. For
example, one common message claims to represent the "Verizon Billing Team" and
instructs recipients to provide extensive credit card and personal information
by way of an email link in order to maintain account access:
---------------------------------------------------------------------------------------
Dear
Verizon Customer,
This is
a repeat request, failure to reply will lead to termination of your account
and/or additional service fees.
We
could not process the subscription fees for previous billing period to the
account ticket Vze3jcb-VU-724-9401-3450.
Please
see the Billing Update Page, located at:
[link removed]
and
confirm your payment details instantly to prevent the occurrence of additional
service fees.
Thank
you for your prompt attention to this serious matter.
Sincerely,
Karen
Kell'Atti
Verizon
Online
---------------------------------------------------------------------------------------
Another common example
targets Paypal:
Dear joeshmoe@hotmail.com:
It has come to our
attention that your PayPal billing information records are out of date.
This requires you to update the Billing Information.
Failure to update your
records will result in account termination or suspension. Please update
your records in maximum 24 hours. Once you have updated your records, your
Paypal session will not be interrupted and continue as normal. Failure to
update will result in termination of service, Terms of Service (TOS) violation
or future biling problems.
Click here to update your billing records [link removed]
Thank you for using
Paypal!
The Paypal team
---------------------------------------------------------------------------------------
In all cases, the link to the website takes users to a very realistic-looking
facsimile of the legitimate website.
If you receive a
suspicious email like the examples above, DO NOT REPLY TO IT. Instead, Mi8 urges
you to take the following actions:
-
Do not open any
attachments.
-
Do not click on
any associated links or provide any information that the email requests.
-
Delete the message
immediately.
Mi8's
Advanced Spam Control Service,
provided in partnership with
Postini, provides an advanced level of protection, catching a high
percentage of phishing mail messages. For those messages that do make it
through to your mailbox, here are additional tips for identifying a possibly
fraudulent email:
-
Tip No. 1:
In most email applications, if you move your mouse cursor over a clickable
link without actually clicking it, the status bar at the bottom of the
browser window will display the name of the Web site you will be sent to if
you click the link. If the link displayed in the status bar is different
than the link shown, there is a good chance that the message is not
authentic.
-
Tip No. 2:
If you suspect an email message may be fraudulent, instead of clicking on a
link listed in the email, open a new web browser window and manually type
the web site address into it. By manually typing the web site address in a
new browser window, you eliminate the possibility of being sent to a
"hidden" site address by the link in the email message. Remember that even
when using this technique, you should still take appropriate precautions to
ensure the validity of the email and web site you are surfing to.
-
Tip No. 3:
If you have questions about the authenticity of a web site that asks you for
credit card or other personal information, call the company's customer
service telephone number before providing any data.
-
Tip No. 4:
If you click on a link within an email you receive and it takes you to a
legitimate web site but a window pops up on top of the web site that is
asking you for personal information, this is a phishing scam. Legitimate
companies will never ask for personal information of any kind in a pop-up
window; these requests are only made through a secure Web page (with links
starting with https).
|
|
