April 24, 2008
A large number of Internet Centre customers have been recently affected by a large spam attack. The attack is not localized only to the Internet Centre and is affecting a significant amount of all internet users. This particular manifestation of email spam is in the form of returned or bounced mail. If you have been affected, you will have probably noticed this spam with subject lines similar to:
Subject: "Returned mail: see transcript for details"
Or
Subject: "Delivery status notification: Failure"
This email will appear to have been a rejection of an email that you have sent out. While you can receive these messages as legitimate notifications that email you have sent was rejected for whatever reason (ie. incorrect address) the contents of the recent flood of returned messages are generally all advertisements. Spammers are accomplishing this by sending advertisements using your email address to random locations on the net where they know the email will be rejected. When a server rejects the email it will return it to the sender. Since the spammer used your email address as the sender, the email bounces to you and since many spam filters allow returned traffic through you wind up with the spam. It's an unfortunately effective technique spammers have at their disposal to circumvent the protections spam filters provide.
The Internet Centre is working with Postini, our spam & virus filter provider, to isolate and filter this latest flood of advertising. Until we get the problem resolved, however, we must ask for your patience on the matter. It will be eliminated as quickly as we are able. In the meantime, we've prepared the following FAQ to address some of the more common questions and concerns about this spam attack.
"If someone is sending spam with my email address, do they have access to my email? / Has my account been hijacked?"
-No. So long as your email password remains secure no one has access to your incoming email but you. Many outgoing mail servers do not require authentication (username & password from a mailbox account holder on that server) in order to send mail. If no authentication is needed, you can make up generally any address you wish as the sender. Spammers take advantage of this to send mail using your address.
"Is the spammer using my email address to spam anyone else?"
-No. The purpose of the spammer using your email address is to spam you specifically. Using your email address to spam others would be ineffective.
"Why can't you just block whoever is sending this email?"
-The nature of this spam is such that it is always coming from what would otherwise be innocent sources. Because spammers are first sending emails to other people's mail servers before it bounces to you, you are actually receiving the email as a delivery status notification from that server, not from the spammer him/herself. For example, if a spammer sent mail, using your address, to "
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
" then Pepsi's email server would reject the email because, of course, the user "coke" doesn't exist on Pepsi's email server. When the email is rejected it gets sent to you, from Pepsi's server, so you end up receiving email from Pepsi, not from the spammer him/herself. Spammers are constantly bouncing email from a large number of different mail servers around the internet. As such, we cannot block the source.
"Is it safe to open the attachments on these emails?"
-It is never safe to open email attachments unless you're 100% sure of the source. Should you open any of the attachments on these spam emails, you'll almost assuredly see some harmless advertising. Nonetheless, we have to recommend you do not open any of the attachments. The potential for viruses is always there.
"What can I do about this spam in the meantime?"
-If you're using our postini service you can login to your service administration page at: http://login.postini.com/ From here you can adjust your spam filter level to a more aggressive setting. This has proven to be intermittently effective. It helps for some of our customers and it doesn't help as much for others.
You can also set a message rule on your email client to move emails with certain phrases in the subject line to the trash. For example, if the spam you're receiving has in the subject line, "Delivery status notification: Failure" then you can create a message rule to move anything with "Delivery status notification" to the trash. Please keep in mind, though, that this will also move any legitimate bounce email notifications that you get to the trash as well.
Additionally, you can also install a software spam filter on your computer to try to eliminate whatever gets through Postini.
"How did the spammers get my email address?"
-There are a large number of ways spammers can get your address. If you've ever posted your email address anywhere on websites or social networks then you could wind up on a mailing list somewhere. If you've contracted a virus, the virus could be sending your email address and your address book to spammers. For that matter if you're on someone else's address book, and they get a virus then you could wind up on a spammer's list that way through no fault of your own. Realistically there's very little that can be done to keep your address out of the hands of spammers. Even if you keep your address as private as possible, it seems it's simply a matter of time before your address finds its way to a mailing list. Regardless it is always recommended to run regular virus and spyware scans to minimize the threat of malicious software reporting any personal details from your computer.
We hope this FAQ has cleared up some of the confusion surrounding this latest spam problem. If you have any questions or concerns we welcome you to contact us at:
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
.
Sincerely,
The Internet Centre Support Team
4130-95 Street NW
Edmonton, AB T6E 6H5
Ph: 780-450-6787
Fax: 780-450-9143
Tollfree: 1-888-450-6787
[back to top] |
|
|
