OUR BUSINESS IS BUILDING YOUR BUSINESS
Email spoofing (Forgery) - Who really sent that email?
(The latest scourge)
I can't believe it. I emailed a virus to myself. Why, you ask? Well, I don't
know. I really don't remember doing it. In my sleep maybe? But I did send that
virus. It says so right in the email. So I guess I am guilty, right? Don't be
so sure...
It used to be that if someone emailed a virus to you, you emailed back and complained
about their faulty virus software. Today you can't do that. The Klez
virus (among others) has been wreaking chaos around the world by spoofing
the email addresses it sends itself from. Rather than mail itself out using
the address of the person infected, it takes a random name from the infected
person's address book and mails itself out as that person. That makes it nearly
impossible to figure out which infected person's machine sent that email to
you. Norton Anti-Virus detected and deleted a total of 1,143 viruses sent to
my email address from April 15, 2004 to May 25, 2004. That's not counting the
spam, just the viruses. If you are using Outlook (Or Outlook Express) as your
emailer of choice, you may want to consider something else. (Pegasus
is completely free and Eudora has
a free version. If you like Outlook, Bloomba (not free) may be for you.) 98% of the viruses out there are written to run through Outlooks
address book. Are we saying that Outlook is a bad program? Absolutely not (Even
though we've never used it). It's just that since most people use it, it's a
logical target for spammers and hackers to attack.
Haven't heard from your friends in a while? If you use any type of spam software
(such as Mailwasher)
you should be carefull not to blacklist yourself or your friends by mistake!
If an email has something in the title that is obvious spam (viagra, cheap software,
etc.) you may just automatically hit "blacklist". But it may have your friends
email address on it! Check your filters often to make sure your friends can
get through to you.
Global Business Partnership will NEVER send out blind emails. Nor will any of it's members. If you get anything unwanted from anyone from the gbp.net domain address, you can be certain it wasn't sent by anyone here.
From Symantec's web site:
"This worm often uses a technique known as "spoofing." When it performs its
email routine it can use a randomly chosen address that it finds on an infected
computer as the "From:" address. Numerous cases have been reported in which
users of uninfected computers received complaints that they sent an infected
message to someone else."
How can you avoid becoming infected with such a virus? It's simple. First, never
ever ever open an attachment received via email if you didn't know it was coming.
Put the email in question is a separate folder, then email the person back and
ask them what it is. You are as likely to receive an email virus from someone
you do know as you are from someone you don't know. The reason for this is because
nearly all email virus's spread by mailing themselves out to everyone in your
address book. Of course, the newer generations are just looking for open ports.
That's a whole different ball park. You should have a firewall set up. If you
don't have a router, try the free version of Zone Alarm
for protection.
It's imperative that you get a good, updated anti-virus program and scan every
program you download before you run it. We prefer Norton Anti-Virus
but always run manual updates in addition to the automatic updates to grab updates
to the program updates which are not accessible through automatic updates alone.
For a good free anti-virus program, try Grisoft.
!!! But remember, even with a good, updated, anti-virus program, you are still open for new viruses. When a new one is released, the companies have to find it and fix it before their program can nullify it. That could take days... or even longer. That's why doing a full systems scan frequently is imperative. You could have gotten one before your anti-virus program vendor even knew about it, let alone patched it. Once it's discovered and fixed by your anti-virus company, the full system scan can find it and fix it.
And that's not all.
Compounding the problem, it's not always a virus that causes
you to receive an email from someone who didn't actually send it. There are
plenty of people with far too much time on their hands sending emails out to
people and spoofing the return address. Why do they do this you ask? Well, aside
from the obvious viagra, etc. peddlers, there are many possible reasons. Some
of them are simply trying to cause trouble. Some people would like to discredit
the person being spoofed by sending some truly vile message to the recipient,
an insult to the boss perhaps. It's the same mentality you see in people who
knock on your front door and then run before you can answer it.
Sometimes email spoofing is used to do what hackers call "social engineering". (aka "Phishing")
You get an email from your web site's administrator, or from your ISP. The email
asks you to go to a web page and enter your password, or to get you to change
your password to one of their choosing. You might receive an email that asks
for detailed information on a secret company project which appears to come from
your boss, but instead comes from your company's competitor. Many well-known
companies are daily victims of email spoofing, either accidentally with a virus,
or deliberately. Lavasoft, for
example, is a common victim of email spoofing.
On May 28, 2004, a New York state man who sent out millions of "spam" e-mails
was sentenced to 3-1/2 to seven years in prison, the state attorney general's
office said. Howard Carmack, known as the "Buffalo Spammer," received the maximum
sentence for 14 counts of identity theft and forgery. He was also fined over
16 MILLION dollars by earthlink. His ISP. You would think that other spammers
would take notice.
There is really no way to prevent receiving a spoofed email. If you get an odd-looking
email from someone, there are ways of telling if it is fake. The simplest way
would be to simply reply to it and ask for clarification. If that is not an
option, you could look at the headers to see where the email originated from.
You should also exercise some common sense. If the email is outrageously insulting,
asks for something highly confidential, or just plain doesn't make any sense,
find out if it really is "from" the person it says it's "from".
So, in a nutshell... Email is broken. Badly. Some ISP's do some filtering for you, but that has come to the point where it only compounds the problem. Every day, more and more messages seem to get "lost". Just a few short years ago it was virtually impossible to lose email with a reliable ISP. Email was their top priority. Could be a number of reasons, of course, but much of it is because the email is being deleted as spam before it even gets to you. There's simply too much junk coming through for any ISP to handle effectively. And, it's to the point where you need to open virtually every email you get just to make sure it's spam.
Some links for more Information...
Home