Tag Archives: outbound filtering

How To Protect Email From Spam and Spammers

What is an email address?

Spam Filtering Service

An email address consists of 2 primary components. The username and the domain. Think of this like your home address. The username is like your house number (8115) and your domain is like the street name (76 Avenue). When someone needs to send email first they look for your street name and then locate your house number. The at (@) symbol acts as the separator so the computer knows what is the house number and what is the street name.

Email works best when it accepts messages!

Email is not very secure medium of communication. For example, if you don’t want your phone to disturb you, you can turn the ringer off. However, for it to be effective it has to be on all the time so when someone needs to communicate it will be available to ring. Much like an email address, has to always be available to receive messages. When a telemarketer phones, you can’t always automatically prevent them from calling because your phone is available to receive calls.  Phone services like Skype can be set to only accept calls from existing contacts.  In email terms this is called a white listing.  The concept sounds great, but it can be difficult to manage and can make it more difficult for legitimate callers to reach you if they are not on the list.  While this can protect you from spam, there are ways around this too as you will see below.

What is spam?

Spam is an acronym which stands for Something Posing As Mail.  Spam could be something simple as a flyer in your mailbox to something as dangerous as a bomb.  Opening email is usually the trigger because email can contain links and even images.  A spammer can use triggers like when an image is viewed in your mailbox or a link is clicked.  An image viewed in an email could tell the spammer if, when and where an email was opened.  This tells the spammer that they sent a message to an active mailbox. They know your email patterns and even where you live.  When a link is clicked it could take you to a web page that has anything from an advertisement to a virus.   The worst of all spam message have attached files. Something as simple as a photo can have viruses embedded in it, and once opened or viewed can trigger the virus.  The virus could sit quietly on your computer until a time trigger or a control center tells it to attack.

What does the email server do?

Email servers have several functions. To deliver email they accept, they answer knocks at the door and then check if a mailbox exists for the message.  A mailbox at your house doesn’t do this, it accepts mail from anyone.  If it doesn’t have a mailbox it can return back a message to the sender to tell them.  If it has a mailbox it will place a copy of the message into the mailbox.  You have experienced this before, when you write Return To Sender, or Wrong Address on the envelope and put it back in the mail.

An email server can also act as a forwarder. If enabled, someone could send a message to your email server, the server identifies its the wrong domain (street name) and attempts to relay the message to the correct server (street).

The email server will respond to all knocks at the door and even attempt to accept the messages if its the right street name. Remember this is the second part of the email called the domain name.  The more common the street name the more attempts it will receive from spammers.  For example, if you have a hotmail or gmail account, it will get targeted more. Why? The spammer ROI is high. There are millions of mailboxes and as you read below why this is like crack cocaine for a spammer. Do yourself a favour and move to a different street. Try getting your own domain name and onto a well protected server and adding spam filtering service available at TAPNET.com.

How does the server protect itself?

A server cannot ignore someone attempting to send email to it. For example, if someone comes to my door I have the option of going to open the door, but an email server has to go open the door.  The person at the door then asks me; “Does John live here?” and which I might say “No”, they might go away. What if they started listing names to me, like; “Does Joe live here, how about Jane, and Jack, George, Lois, Fred, Barney, Elmo, Big bird? Email servers can’t stop people from coming and asking. This lookup service can be disabled. So what would happen with the lookup disabled is the person at the door would be asking if people live here, I would simply not respond. I would only reach my hand out and take the letter if I hear a name of someone that does live here. The mail person is however blind so they wouldn’t know which name I responded to. They would never really know who lives here because they would just be listing off names and would not know when I grab the letter.

How do you protect yourself against this kind of spammer?

The example above is similar to a dictionary attack. The spammer is sending email to a list of possible names. To prevent this kind of spam would be to use an email address that is harder to guess.  Some examples are first initial plus last name, first name plus last name initial. Or perhaps adding a number in the mix.  Using just first names makes it an easy target. The spammer just needs to guess then possible names and they are past this vulnerability.

What else do spammers do?

Using the above dictionary attack style spamming they can eventually learn who lives at the house.  Once they know that a specific person lives there they can start just sending to verified recipients.  Now the real problems start.  Imagine if someone knows your email address, the only thing stopping them from stealing your mail now is a password. Imagine if someone just came to your house mailbox and took a copy of all your mail but left the originals.  Or worse yet copied your key to the house, they can now come in without you knowing.  Maybe they won’t steal anything, but just run surveillance for a while until there’s a pay load.  Something worth stealing.  If I know your email address and email password, I can easily download a COPY of all your email without you knowing.  Maybe there’s nothing valuable there today.   Some day there will be a new credit card in the mail and I don’t even need to steal it, I just need the information on it.

Protect Email Passwords!

You won’t know if a spammer has access to your email messages until its too late. Simply, I won’t steal anything until there’s something to steal. I can slowly piece together all your identity until I have enough to do some real damage and leaves you wondering, how did this happen? Do yourself a favour and change your email passwords every 30-60 days and avoid using simple passwords.  Its not enough to just change the password but it has to be difficult to guess.  The best passwords are not those that you forget, but are difficult to memorize.  There are also outbound spam filtering services that can protect your domain name (street name).  Imagine someone at the post office checking and verifying that what your sending is legitimate and doesn’t pose any threats.  Most importantly for businesses, protecting them from getting added to a black list unsuspectingly.

How else do a spammers attack?

Now I know who lives in your house, I have a copy of the key I can walk into your house and start using your phone. Maybe I can sit at your computer and start crafting emails and sending them out. In technical terms the spammer would actually use your email address and passwords to start sending email from their own computer.  Since they can successfully login to your email account they can also use it to send emails. Possibly obtain email addresses you are sending to or receiving from and over time they accumulate valid email addresses that exist making their job much easier. Many email servers will expect people to be mobile therefore sending emails from several devices and/or locations is normal now.  A spammer could just be one of those devices in a different location sending emails to people you know or don’t know.  They are using your email account for sending. Change your passwords often to slow down this activity!

What is a black list?

We described the white list above.  A black list is a list of street names that you won’t accept mail from. If someone lives on 76th avenue and that street name is on the black list, I won’t accept anyone trying to send me mail from that street. While it is possible to be removed from the black list, a street name can be added there accidentally from some of the common reasons above.  Normally a spam filtering service will detect the street names that need to be added to the black list.  Without spam filtering services black lists would be much smaller and offer very little protection from spam.  This is another important reason to use a hosted email spam filtering service.  It helps build up this list that helps protect more people.   When you mark an email message in Outlook as spam or junk, it only adds that sender to your local black list.  This only helps in a very small way because the email address junk@junk.com is blocked but now Mr Junk sends you a message from morejunk@junk.com and it can still get through.  Do yourself a favour and get real spam protection.

Why is a black list bad for businesses?

If a spammer has successfully infiltrated an email account for sending and they start using it to send messages that contain spam or viruses and these messages are flagged as spam by the receiving server, that server now sends your email servers IP address (street name) to a black list.  When a street name has been added to a black list now everyone living with that domain name (street name) will begin to experience email not being received by their recipients. The reason is because as a basic defence, an email server will check black lists to prevent spammers that are trying to send emails in the manners described above defending your mailbox against the most common types of attacks.  For a long time spammers have been using their own domain names because it allows them to electronically move to a different street name rendering the black lists temporarily useless. If a server knows that a spammer lives on a certain street name, they don’t accept email from anyone living on that street.  If a business is added to a black lists now important emails are not getting to your customers.  Imagine not being able to email quotes, invoices or losing customers.

I use my Junk Mail Filter, isn’t that enough?

Junk mail filters are great, probably a good line of defense if you live on a busy street like hotmail or gmail.  To adequately protect ourselves from the situations outline above a spam filtering service is ideal.  It helps protect the mailbox, the server and everyone that lives on the same street name.  It is highly recommended that spam filtering services are used and if there are lot of people that can be affected from your domain name (street name) it is strongly recommended that it be used to protect everyone as a group. The damaging effects of a spammer infiltrating 1 mail box can wreak havoc in many ways over time.

Tips to protect yourself from spam?

1. Use non-descriptive names (house numbers)
2. Move away from heavily targeted streets (eg: gmail)
3. Change passwords every 30-60 days.
4. Protect your address book.
5. Protect your domain with spam filtering services.
6. Businesses should Implement inbound and outbound filtering services.

Check TAPNET.com for a free 14 day trial of our spam and virus filtering service.