North Star Strategic IT – Your Denver IT  Support company

Anti-phishing software works by searching for any phishing content that may exist in an email.  It is normally used as a complementary service to your email service in the form of a toolbar.  This toolbar will display the real name of any website you visit and any fake websites phishers tend to use.

This software offers a backup defense for blocking phishing attacks and sites that might have been clever enough to get through your browser’s built in protection.  Here are a few of them:

Earthlink Toolbar Scamblocker

• Earthlink provides a free toolbar for your browser that includes a Scamblocker, which is used to protect you from phishing scams and pop ups.
• It works by warning you if you attempt to connect with a page that is on Earthlinks blacklist of fake sites.
• It analyzes every site you visit and display the security rating of the web page on the toolbar.

Earthlink’s Scamblocker can be downloaded at this link:
http://www.earthlink.net/software/free/toolbar/

Netcraft Anti-phishing Toolbar

• Netcraft is provides a tight knit community where when one person reports a phishing email, the listed URL is blocked for all Netcraft members.
• By displaying the website’s hosting location, it helps expose fraudulent URLs.  For example, if your bank is located in the U.S. and the hosting location is listed as Poland, it is most likely a scam.
• The toolbar will also detect URLs that use certain letters or characters to deceive.

The Netcraft Anti-phishing Toolbar can be downloaded at this link:
http://toolbar.netcraft.com/

North Star Strategic IT – Your Denver IT  Support company

TrustWatch Toolbar

• Trust Watch offers a free toolbar designed to protect you from phishing attacks, identity theft, and internet fraud.
• It performs checks in real-time to inform you if the website you are attempting to visit has been verified by a legitimate third-party organization, and whether or not it is safe to send personal information through the site.
• It is equivalent to performing a credit check.

The TrustWatch Toolbar can be downloaded at this link:
http://toolbar.trustwatch.com/

Stopzilla Anti-Spyware 5.0

• Stopzilla is an ant-spyware program that detects and prevents phishing attacks, popup ads, spyware, adware, and any other form of malicious applications, as well as hijack protection.

Stopzilla can be downloaded at this link:
http://www.stopzilla.com/

Spybot – Search and Destroy

• Sybot Search and Destroy is a free to use anti-spyware program.
• The largest benefit of this program is that it will write-protect all of your computer’s host files, which is the main target of phishing spyware.

Spybot can be downloaded at this link:
http://www.safer-networking.org

Webroot’s Phish net

• Phish Net uses a dynamic blacklist that aids in protecting phishing attacks.
• It works by storing personal data (eg. Credit card numbers, bank accounts, etc.), and alerting you as to whether or not it is a trusted site when you attempt to enter personal information.
• It will also alert you to any redirects that may have happened during the transmission of your data, as well as make sure the site has an encrypted connection before transmission.

Webroot’s Phish net can be downloaded at this link:
http://www.webroot.com/consumer/products/

North Star Strategic IT – Your Denver IT  Support company

Provided by Jim Horton - North Star Strategic IT
Your Denver source for IT computer support, network consulting and planning, voice over IP (VoIP) solutions, and so much more. Cisco Partner - VoIP and Unified Communications Microsoft Partner - Small Business Server Specialists Schedule time with one of our highly qualified network technology specialists

Denver IT Support: Anti-phishing Software

What is an anti-spam filter?
This refers to a special program used for detecting and blocking dangerous emails. It looks for words and phrases or other things that may indicate an email is spam. It is based on the assumption that email containing certain details is spam.

It also has the capacity to remember which email addresses have previously send spam and block these. Mail from approved sources is delivered without question. These are referred to black lists and white lists. The anti-spam filter updates these lists. If the software perceives an email to be spam, it is added to the black list. If the user checks the email as safe it will be taken off the black list and treated as a trusted address in the future or white listed. The filter catches most email with unwanted adult content or pornography, referred to as “sporm.”

What to Look for in Anti-Spam Filter Software

You need to think about some other features you may find important:

• Make sure the anti-spam filter you purchase will work with your email client. This software will not necessarily work with all email providers.
• Make sure you will be able to use the software after you buy it. Some software programs are difficult to understand and use. If you buy an anti-spam filter you cannot use, you will be wasting your time and money.
• You should be able to set your own preferences in the program for your email filtering. You need to be able to choose options for what you want to block and what to allow in your inbox.
• It is good to get one that allows you to create your own white list. This will ensure you will receive all email you wish to allow without any problems. You would not want an important email to be blocked or even deleted.
• The anti-spam filter software should download and install with no problems. You may need to register the software before use or download additional updates before using it.

It is a good idea to buy a program that has some user reviews or other assurance that it is stable and fully developed. Look on the packaging for the latest release date. You may not want to buy a product that is still in the beta testing stage.

Spam email is a nuisance and time consuming to delete. It can also be very dangerous to your computer. You can protect yourself and your PC by purchasing the anti-spam software that is best for you and your email provider.

Provided by Jim Horton - North Star Strategic IT
Your Denver source for IT computer support, network consulting and planning, voice over IP (VoIP) solutions, and so much more. Cisco Partner - VoIP and Unified Communications Microsoft Partner - Small Business Server Specialists Schedule time with one of our highly qualified network technology specialists

How to Choose Anti-spam Filter Software

This process usually involves selecting a mass mailing service with a high rate of successful email deliveries, and lower ‘bounce rate.’ This service then sends a designated amount of emails promoting your product or service to random email account holders, and some of the recipients may become potential customers to your company.

However, this might be too much of a risk to take since, inspite of their claims, these services may not actually possess an extensive number of valid email addresses, hence the deliverability problem, which means that even if your mass mailing service provider sends the predetermined number of emails, the chances that they will reach potential customers or generate interest are extremely low.

Instead, you might want to follow an alternative internet marketing solution that allows you direct contact with your clientele as well as potential customers through a few simple steps that you yourself can carry out without having to go through an intermediary service.

Start by selecting a target group, or a particular set of customers who have a specific need for the product or service that you offer, and make sure your marketing techniques appeal to them.

You can lay the foundation for a symbiotic relationship between you and your customers by winning their interest and trust in your business through sales and adequate after sale service. Once you have an established set of customers, you can begin the wider publicity process.

Email deliverability, however, continues to be a hindrance even if you decide to handle the marketing process yourself, since you may be faced with innumerable spam blocking software in attempting to interact with existing clients as well as new ones. To get around this problem, consider setting up a private mailing network, which provides you with a way of blocking out spam while simultaneously having the opportunity to interact directly with your customers through the internet.

Make use of your mailing list of your customer base, as well as the database of your registered online customers and provide your valued customers with personalized email accounts within your existing domain. You can also design the mailing accounts to bear your business domain name so that your business becomes an obvious part of their online identity. This account can then be used by your customers for all purposes. Employ specialized help to carry out the function of linking up your network to whichever email server you customer uses. This simplifies matters a lot for your customers since they can now receive their personal emails directly from their default email service.

This will also allow you to have the added advantage of having exclusive and uninterrupted access to these email accounts, and the option of contacting your customers anytime you need.

Adopt these straightforward steps to help eliminate the uncertainty regarding email deliverability that comes with employing mass mailing services.

Provided by Jim Horton - North Star Strategic IT
Your Denver source for IT computer support, network consulting and planning, voice over IP (VoIP) solutions, and so much more. Cisco Partner - VoIP and Unified Communications Microsoft Partner - Small Business Server Specialists Schedule time with one of our highly qualified network technology specialists

Take Control of the Email Deliverability Problem

Bandwidth
Spam costs everyone valuable internet bandwidth that is used for spam instead of legitimate business or personal use. Bandwidth is the rate at which data is transmitted, particularly the amount that can be transmitted in a specific amount of time. The lower bandwidth rate, the slower information travels.

Think of it as a traffic jam on a major highway, the more spam there is the more delays there are in the transmission of important business information. Internet service providers must then increase bandwidth to handle the larger volume. This is not free and you can guess where the additional cost will end up – on your internet bill.

Viruses, Worms and Malware
Viruses have become commonplace and devastating. Spammers will include viruses and malicious software in the messages they send out disguised as attachments. Some of these viruses will silently install on your machine and give the hacker any vital information stored in your system. Identity theft is perpetrated many times this way.

Viruses are also created with the single purpose of destroying property. Consumer reports recently studied the cost of damage that has been done to computers in this manner. The cost is over eight billion dollars worldwide in the past two years alone. This number does not include costs of anti-spam and virus software that consumers have felt compelled to purchase.

Productivity
While spam is irritating, it also eats up your valuable time just filtering through it to find your real email among all the spam. For businesses that receive hundreds or thousands of important emails daily, the cost in productivity is substantial. Spam calculators, like the one available at cmsconnect.com, estimate the lost time to be nearly 50 hours per employee and almost $1000 per person per year. That is a significant amount of money and time.

Lost Messages and Data
Spam blockers and filters that are supposed to be protecting us from the bad emails often grab legitimate correspondence as well. Even one lost important email from a client or supplier can cost money and relationships.

Identity Theft
The latest in the long line of schemes to bilk you out of your money are phishing frauds. Phishing uses what looks like an official email from a company you do business with. The message will be worded in such a way that the spammer hopes you will input your personal information, thereby allowing them the opportunity to steal your identity and more. This scheme alone has wound up costing victims billions of dollars.

Spam has become a drain on society, at least from an economic and productive standpoint. Everyone but the spammer is paying an extreme amount of money for his or her actions.

Provided by Jim Horton - North Star Strategic IT
Your Denver source for IT computer support, network consulting and planning, voice over IP (VoIP) solutions, and so much more. Cisco Partner - VoIP and Unified Communications Microsoft Partner - Small Business Server Specialists Schedule time with one of our highly qualified network technology specialists

The Costs of Spam

Spammers use a technique known as “harvesting,” where they collect your email address from legitimate websites like USENET, chat rooms, message boards, AOL profile pages, and special interest group postings. They are sites you have visited and filled out a request info form leaving your contact information or ecommerce sites where you have placed orders.

Technology has aided in the creation of the spambot, which is the spammers ticket to getting your email address. Spambots harvest your information from these websites by sending out feelers that scan every page of the site, collecting any text containing the “@” symbol. They then compile the list of emails into a database that has the capability to send bulk emails, in turn sending out mass spam mail. Spammers also sell the harvested emails to other spammers, further spreading your email and its spam intake. Think of it as a bad form of networking, you tell 3 people who tell 3 people and so on.

Most websites are now requiring you to register with them before you can place an order or receive certain information from them. The thing to worry about here is that some sites are not as careful with your email as you would like them to be. Newsgroups are your biggest concern when it comes to letting your email address “slip” through the cracks and into the spammer’s hands. Most of these newsgroups do not worry themselves with hiding your email address, thus leaving your email address exposed and vulnerable to spammers. You will also have to worry about the websites that deliberately sell your information.

Spammers also use a method that targets a particular domain. They just guess and make up any possible combination of email addresses based on a domain name, such as @YourDomain.com.  They take the mailing list of the addresses they have made up and send out the spam. The most vulnerable to this technique are corporate emails, because they have the distinct format of @BusinessName.com. Even though a large portion of these spam mails bounce, spammers don’t really care because they send out millions of spam mails daily. This leaves a small portion of spam to get through, which is enough for the spammer. This method is known as the brute force spam attack, and it is easy to see why.

A great defense against this is to make it as difficult as possible for the feelers to collect your email.  When you fill out the register form replace the “@” symbol with “at.” This makes it more difficult to find your email since the spambots are looking for the “@” symbol. The best defense is to display your email as an image rather than text, making it even more difficult.

Provided by Jim Horton - North Star Strategic IT
Your Denver source for IT computer support, network consulting and planning, voice over IP (VoIP) solutions, and so much more. Cisco Partner - VoIP and Unified Communications Microsoft Partner - Small Business Server Specialists Schedule time with one of our highly qualified network technology specialists

How Spammers Get Your Email Address

As the spam epidemic has grown the government has enacted the CAN-SPAM act (Controlling the Assault of Non Solicited Pornography and Marketing). This act has attempted to legislate the activities of any company hoping to send bulk commercial email as well as companies that are marketing their products in the messages. It has created stiffer penalties for those who violate it and gives the consumer the right and the way to ask that spammers cease and desist.

The CAN-SPAM act was signed in January of 2004. This act covers any and all emails whose express purpose is advertising or promotion. Even including ones whose contents are only available online. The act also covers what is considered transactional or relational messages. In other words, messages from websites that you may have had a previous transaction or relationship with. This rule applies to both new and existing customers. None of the correspondence may contain false routing information.

Several federal agencies have been charged with enforcing the act. The Federal Trade Commission and the Department of Justice both have been given authority to enforce the CAN SPAM act. It also gives the internet service providers an outlet to sue violators in order to recoup any losses they may have incurred.

Other Major Provisions of the Law

• Bans the attempt to fake any information in the header or subject. In other words, they must identify correctly what the message is and the routing information as well. To and from information must also be accurate. This way you know exactly who sent the email and from where.
• No misleading subject lines. The subject line must not be falsified to make the recipient open the email thinking it is safe. It must clearly state the subject of the email message.
• All of these types of emails must offer a way for the recipient to opt out of future emails from the same sender. All such requests to get out of receiving email must be honored by the sending company and your email address must be erased from their list or database. The commercial company will have a maximum of ten days to stop sending you messages.
• When it comes to commercial bulk emails these must be easily identified as advertisements or solicitations. They must include the sender’s actual mailing address as well.
• Recipients must be warned in advance of any sexually explicit material in the email before they open it. This must be somewhere in the subject line.

Violators of this legislation face serious penalties. Each violation can carry a fine as high as $10,000 per incident and in some instances; the commercial mailer could face incarceration.

Along with the CAN SPAM is the Digital Phish Net, or DPN, which was enacted in 2004. This is a mutual effort between law enforcement officials and the internet industry. The whole purpose is to identify and punish spammers who are performing illegal activity by phishing. Internet auctions, financial groups and internet service providers are all working to fight this type of cyber crime. They get involved by providing information on violators in real time to police.

Provided by Jim Horton - North Star Strategic IT
Your Denver source for IT computer support, network consulting and planning, voice over IP (VoIP) solutions, and so much more. Cisco Partner - VoIP and Unified Communications Microsoft Partner - Small Business Server Specialists Schedule time with one of our highly qualified network technology specialists

Spam – What is Your Protection Under the Law?

It is always best to immediately contact a company directly if you have any doubts about an email you received asking for information. Use the contact number listed on your invoice or statement, because the contact number on the email will most likely direct you to the identity thief.

You should never click on any links in an email you find suspicious. If you do, you put your computer at risk of very harmful Trojan horse spyware, which will install keyloggers on your system. Doing so allows hackers direct access to any and all personal information stored on your computer, which is used to steal your identity and boost their financial status.

Do not, under any circumstances, fill out a form that has been sent in an email requesting personal information.  Any requests for personal information should be flagged as spam.  The growing technology of HTML allows phisher to create professional and sophisticated forms.  And any information you fill out directly ends up in the hands of the phisher. Any links in unsolicited emails are harmful and should not be trusted. Phishers can create links that pose as though they are legitimate. Phishers uses methods such as misspelling addresses or using sub-domains that include a legitimate business name.

Links can also be masked to look like a legitimate company’s web page, but clicking will actually send you to a phisher’s website. Avoid cutting and pasting a link into the browser and take the time to type it out.  This will allow you to bypass clicking the link of the suspected phishing email. Be on the lookout for emails that are impersonal, as legitimate companies will contain at least some piece of specific personal information that only you would know. For example, your bank will usually include a portion of your account number in the email.

Remember that it is a phisher’s mission to steal from you leaving them endless amounts of time to invent creative ways to get personal information out of you. Make sure you are protected with updated anti-spyware and ant-virus software at all times.  The use of anti-spam filters will also eliminate the amount of phishing spam that reaches your inbox. Always take caution when opening attachments in any emails, even if they seem to come form people you have met.

Always report any phishing emails you receive in order to eliminate and get rid of phishers. Send a copy of the email to the real company being used as a cover and also send them to: spam@uce.gov and reportphishing@antiphishing.org. The emails you send will be used by the Anti-Phishing Working Group to help fight phishing.  This organization is a coalition between the internet industry, and financial institutions and law enforcement.

Forewarned is forearmed, stay informed by visiting the Federal Trade Commission’s Identity Theft website: www.consumer.gov/idtheft.

Provided by Jim Horton - North Star Strategic IT
Your Denver source for IT computer support, network consulting and planning, voice over IP (VoIP) solutions, and so much more. Cisco Partner - VoIP and Unified Communications Microsoft Partner - Small Business Server Specialists Schedule time with one of our highly qualified network technology specialists

Don’t Fall for the Phisher’s Bait

It is important to forward the entire email to the proper authorities. The header of an email shows all the computers the email passed through on its way to you. Most go through at least four computers. This includes the sender’s computer, his or her ISP, your ISP, and your computer. Although the address the email came from is hidden, an anti spam service can find the ISP of the sender through this header.

When this email goes through the computers, information is recorded in the header showing whom it came from and where it is sent. Look for the ISP it came from originally, which should be easy for you to recognize. For instance if your email is a hotmail account and you see yahoo listed in the header information then you will need to report the spam to yahoo.

In order to be able to read the information contained in the header you will have to right click on the email and choose properties. You will then need to choose options or header depending on which email client you are using. Copy and paste the complete header path into the email. You are now ready to forward the email to the ISP of the spammer and to the proper agency for reporting spam.

The Federal Trade Commission, or FTC, will add spam emails to the unsolicited commercial email, or UCE, list. It is a good idea to forward spam emails to them at uce@ftc.gov. They will not take any legal action, but it helps to have the spam listed in the database.

You may have received an email saying someone needs your help to collect money from an inheritance or for other reasons. This is a 419 scam or Nigerian Advance Fee Fraud. You are promised a huge amount of money if they can use your bank account to transfer this supposed money to. Many have been taken in by this type of scam and lost a lot of money as a result. The proper place to report this is to the United States Secret Service. Fax a copy of the spam email including the header to them.

The following are places to report spam including which type of spam they are concerned with.

The FTC or Federal Trade Commission – www.ftc.gov/bcp/conline/edcams/spam/
You can read information here about what legal actions they take against deceptive emails and places that ignore opt-out requests from users.

www.spamabuse.org
This is a third party agency to forward spam emails to have them sent to the right area.

www.spamcop.net
This place will route your spam complaint to the proper anti-spam agency for you.

If you are dealing with stock fraud, contact the SEC or Securities and Exchange Commission at this link, enforcement@sec.gov. This is only for fraudulent email concerning stocks and bonds.

Provided by Jim Horton - North Star Strategic IT
Your Denver source for IT computer support, network consulting and planning, voice over IP (VoIP) solutions, and so much more. Cisco Partner - VoIP and Unified Communications Microsoft Partner - Small Business Server Specialists Schedule time with one of our highly qualified network technology specialists

How to Report Spam Abuse

Do not Preview
If your email comes with a preview option, you will want to disable this function. The reason this is so important is many spam type emails contain an imbedded code that will infiltrate your computer leaving you prone to viruses, Trojans and more. Check the options available to you with your current email provider to change these settings.

Do not Fall for the Phisher’s Hook
A lot of spam is creatively camouflaged to get you to unknowingly give out your private personal information. The emails will look deceptively like the ones you may receive from your bank or other financial institution; they are attempting to sucker you into giving them your social security number, bank account number, private passwords or other identity related information. This is called phishing and is an illegal activity. When you respond to these emails, you are vulnerable to identity theft, credit card fraud or other financial internet criminal activity.

Friend or Foe?
Even though an email has been sent from a friend, do not assume that it is safe to view the attachments. You would be better served to contact your friend and make sure that they sent the email and the attachment. Often spammers are prone to attach viruses to their messages and if opened will take over your email program and send the message to all the contacts in your address book. Now all your friends will think that you have sent the message and the vicious cycle continues.

Read your Email in Plain Text
Well-informed spammers are known to use the program JavaScript to include unseen malicious code in the message. An example of this type of code is a virus that installs itself on your computer and gives the criminal access to your banking or other financial information and you are completely oblivious. To protect yourself from this type of scam change the display settings so that you are viewing all your messages in plain text. This will block the script from being able to get in your computer.

Never Respond
Whatever you do, don’t click on banners or reply to spam messages. If you do this, you have alerted the spammer that your address is a live email address and you will be flooded with more spam. Unless you know you have subscribed to a specific site do not click the unsubscribe button in a spam email. This is just another way they trick you into confirming that your email is valid. Of course, never forward any junk emails that come in the form of chain letters.

Most importantly use your common sense when dealing with spam, it is the best filter you can have. Use caution when checking your email, the best filters cannot keep out all spam messages.

Provided by Jim Horton - North Star Strategic IT
Your Denver source for IT computer support, network consulting and planning, voice over IP (VoIP) solutions, and so much more. Cisco Partner - VoIP and Unified Communications Microsoft Partner - Small Business Server Specialists Schedule time with one of our highly qualified network technology specialists

Five Tips to Protect Yourself from the Spam in Your Inbox

Unfortunately, this allowed spammers to use crossposting as a tool to their advantage. It made it possible for them to send electronic messages to thousands of newsgroup members simultaneously. The advantage was that they could post to a larger audience without having to differentiate between the interests and focus of the groups they targeted. The worst part of all is it would cost them almost nothing to spam all of these people.

Once email became the largest mode of communication worldwide, spammers started focusing on the massive audience now available to them. This earmarked the use of mass emailing software as another added advantage to spammers, allowing them to flood thousands and thousands of email boxes with unwanted spam.

Spammers used the access of growing internet technology to create the “spambot.” Spambots are automated programs used to search the internet, “harvesting” email addresses from newsgroups along with many other websites. They can gather thousands of email addresses in a single hour, that are used to send create bulk mailing lists that spammers use to send spam to thousands of victims simultaneously.

The act of sending unsolicited “junk” emails and postings has been labeled “spam”. It is believed by most that this term was born from a British comedy skit by Monty Python’s Flying Circus.  This skit is based in a restaurant that serves spam with every dish. While the waitress explains to a couple the availability of spam with each dish, a group of Vikings start singing “Spam, Spam, Spam…Lovely Spam! Wonderful Spam!” In the 80’s the name was quickly adapted to refer to junk email and posting, and it has been that way ever since.

The largest incident of commercial spamming dates back to 1994, involving two lawyers who spammed Usenet for advertising their services as immigration lawyers. This eventually grew to include emailing in efforts to market their spam. This incident has been labeled the “Green Card Spam.”

Unfortunately this industry has and keeps growing exponentially. More than half of the trillion-plus emails sent out daily are spam. Spam was originally used for advertising, but has grown to include spamming for malicious and criminal purposes. Some of the spam sent out has included viruses and malicious codes, while others are meant to steal identities and money from the recipients.

Spam has completely transformed the way we communicate electronically, whether it is malicious or safe, commercial or criminal, and it will continue to transform for years to come. As much as we all hate spam it has become an annoying fact of online life.

Provided by Jim Horton - North Star Strategic IT
Your Denver source for IT computer support, network consulting and planning, voice over IP (VoIP) solutions, and so much more. Cisco Partner - VoIP and Unified Communications Microsoft Partner - Small Business Server Specialists Schedule time with one of our highly qualified network technology specialists

A Brief History of Spam