Category: Email Management and Protection Articles

Since the Internet started growing explosively around two decades ago, email has provided individuals and businesses the enormous convenience of being able to communicate anytime and anywhere, wherever people can hook up to an Internet connection. With email, people can send messages with attachments such as photos, documents and other digital files. As more businesses welcomed email as an integral business communication tool, a lot of successful business transactions have been consummated solely through this marvelous electronic communication wonder.

However, the Internet, along with email as one of its components, has been created on the basis of trust. The early developers of the Internet exchanged ideas and collaborated freely on the early Internet as their platform for their research collaborations, trusting that they are communicating and exchanging classified files with people they know. But as the years progressed, and as email and the Internet advanced as a whole, the number of users exchanging messages through the Internet has grown tremendously.

Today, many perpetrators of online theft are devising schemes that are aimed at grabbing unsuspecting individuals’ personal data. Some online thieves are even creating means to penetrate businesses and take away precious corporate information. One such scheme is phishing. Phishing is a fraudulent online correspondence that has been created to dupe people into giving away personal information such as credit card numbers, TIN numbers, bank account numbers and ATM card PINs. Phishing can also take your Web identity, allowing the perpetrator to transact business online using your identity and other information that is pertinent to you.

Hackers who carry out phishing campaigns do so by sending emails that usually ask you to confirm or update information including your bank account number, your email password and ATM PIN number. One such phishing scam is an email disguised as coming from a bank. Other scams are posed as messages coming from online payment services such as PayPal or Xoom, asking you to validate your username and password.

It is sad to note that thousands of people and many businesses have already been deceived, and have lost millions of dollars in the process. And as more and more people and corporate entities have become aware of this fraudulent activity, online scammers have been diligently working on other schemes that they believe they can pull off to steal other people’s hard-earned money.

To avoid having you or your business become a victim to phishing and other online scams, here are some practical tips from ThinkPlanInvest.com.

10 Steps to Avoid Falling Prey to Phishing Scams

1. If you are doubtful about the credibility of the email, DO NOT click on any link provided in the email. This may trigger malicious codes to be installed on your PC.

2. Before you share any information on a website in response to an email, always ensure that the URL shown in the email matches the URL of the bank website. If it does not, you have valid reason to suspect that there’s something fishy.

3. Do not open unexpected e-mail attachments or instant message download links.

4. Check the web address carefully. One trick is to mouse over the link that has been sent to you. The actual destination URL is shown on the bottom of your browser. If it is not the website you thought or if it has strange extensions, like “.cn” or any other foreign country extension do not click on it.

5. Check for the Padlock icon at the bottom right corner of the webpage. It must be always ‘On’ during secure transactions.

6. Ensure that you have installed the latest anti-virus/anti-spyware/personal firewall/security patches on your computer.

7. Always use a non-admin user ID for daily work on your computer.

8. Do not access banks or make payments using your debit or credit card from shared or unprotected computers in public places like cyber cafes.

9. Do not transfer funds to or share your account details with unknown/non-validated sources, especially those luring you with commissions, attractive offers or prizes.

10. If you receive an email from a friend and the tone or language is out of character, don’t open any attachments or follow any links. On Facebook, a common phishing scam has included getting messages from friends with links that install a Trojan horse if you follow the link. The messages come from hacked accounts.

To find help in securing your IT systems, visit All Covered or call 866-446-1133.

Download PDF

Contact All Covered

del.icio.us | Reddit | Slashdot | Digg | More

The Truth About Spam

Spam is any piece of unwanted or unsolicited email that is sent out to thousands of email recipients at one time. Spam will attempt to convince you to buy a product or participate in a scheme to steal information or money from online sources. Spam can be broken into several basic categories:

• Financial scams – are get-rich-quick schemes and lotteries. These scams use elaborate and confusing descriptions to mislead you into investing in a financial scheme. A well known scam is the “Nigerian Fraud Scam” where someone tells you that their uncle, who is the rightful, but currently deposed, ruler of a country, can restore democracy, but only with your monetary support.
• Phishing schemes – are attempts to impersonate a legitimate company with the goal of convincing you to give up your security credentials or release personal data.
• Financial offers – are usually, but not always, legitimate advertisements for mortgages, debt consolidation, credit cards or other financial programs.
• Stock offers – emails will offer “insider” knowledge to artificially raise the value of low performing stocks.
• Consumer product offers – these advertisements range from fairly benign ads for health aides and designer knockoff hand bags, to more offensive adult content add that offer online dating services and access to adult sites.

Spam Can Hurt Your Company

According to the “spam-o-meter” (http://www.junk-o-meter.com/stats/24hours.php) almost 90% of all email being sent is spam. Dealing with spam will cost your company money:

• When you sort through spam you waste time that could be used to run your business. But, if you ignore the accumulating spam, it will take up storage space on your servers forcing you to spend money to add more storage to your IT network.
• The more spam you get, the harder your email and security systems must work to defend your IT network. Also consider that most malware is delivered through spam—many malware applications will infect your computer and turn it into a “spam server” which can be very expensive to fix.

Say “No” to Spam

Ultimately, spam will affect your company’s bottom line. However, there a few easy steps to help you avoid spam:

• Never click on a link or reply to a spam message. This includes clicking the “unsubscribe” link.
• Always look at the subject line of your email. If it looks like spam, delete it.
• Disguise your email address on your web page so web crawlers can’t identify it. Consider substituting an image for the “@” symbol in your email address.
• Don’t use your email addresses when you register for services or content on the internet. Instead, use a free email address from Yahoo or Hotmail.
• Before you give out your email to a service provider, make sure the site won’t sell your address.
• Use a spam filter. All Covered recommends business class filters from Postini or Barracuda. For more information about how to protect your business’s productivity and bottom line from spam, please contact All Covered.

Chances are that you will, no matter how careful you are, end up with the occasional piece of spam. To learn more about how to protect your IT systems contact All Covered.

Download PDF

Contact All Covered

del.icio.us | Reddit | Slashdot | Digg | More

If you use All Covered’s Email Protection Service, powered by Postini, follow these tips for your white list. Any email address on your Approved Senders list will not be quarantined for spam. An Approved Senders list helps prevent false positives, but they can also cause a vulnerability, because senders can “spoof” mail to falsify the sender address and bypass spam filtering.

Periodic reviews of the Approved Senders lists for your organization and users can help, especially if spoofed spam seems to be getting through filters more often.

End User Tip

As an end user, you can manage your Approved Senders list through the Message Center. Follow these steps:

1. Log into your Message Center.
2. Click on the Junk Email Settings link in the top left corner.
3. Scroll down to the Sender Lists area.
4. To add a sender, type in the person’s full email address or the domain (ex: domain.com) and click Save to List.
5. To remove a sender, select that sender and click Delete from List.

Note: It is recommended that you add family, friends and work colleagues to the Approved Senders list so their messages will automatically by-pass the filters.

Administrator Tips

If you have admistrative rights to your account, follow these steps:

To view and modify an organization Approved Senders list:

1. In the Administration Console, select the organization that contains your users.
2. In the Org Management, click Sender Lists to view your Approved Senders list.
3. To remove a sender, select that sender and click Remove.

To view a user’s Approved Senders list:

1. In the Administration Console, go to Users and find the user.
2. In the User Overview page, click Sender Lists to view the user’s approved sender list.
3. To remove a sender, select that sender and click Remove.

You can also use batch commands to view and modify all senders.

To view an org Approved Senders list, along with other org information, use the displayorg command:

• displayorg ORGNAME

To remove an Approved Senders from the org approved sender list, use the modifyorg command:

• modifyorg ORGNAME, approved_senders=-SENDERNAME

To view an org Approved Senders list, along with other org information, use the displayorg command:

• displayuser USERNAME

To remove an Approved Senders from the org approved sender list, use the modifyuser command:

• modifyuser USERNAME, approved_senders=-SENDERNAME

How All Covered Can Help

If this is an issue for your business, All Covered provides email anti-spam and anti-virus consulting and services for small businesses nationwide.

• Call us: For a personal consultation, call our friendly sales team at 866-446-1133
• Email us: Use our contact form and we’ll contact you within one business day.
• Free Newsletters: Use our Free IT Newsletters about IT issues facing small business
• Our services: Integrated Message Management: Email Protection Service
  
  Complete spam, virus, and phishing filtering and protection

Contact All Covered

del.icio.us | Reddit | Slashdot | Digg | More