Presentation on theme: "What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via"— Presentation transcript:
1 What is Bad Email? Spam, Phishing, Scam, Hoax and Malware distributed via Email is one of the most effective tools in the cybercriminals arsenal. Spam filters stop much of the bad that would otherwise end up in your inbox, but crafty cybercriminals know how to design their s in a way that can circumvent your these filters. This tutorial was created to address the question, what is bad ? Several examples have been identified for you on the following slides.
2 Spam: Spam is unsolicited or undesired electronic junk mail Spam: Spam is unsolicited or undesired electronic junk mail. Characteristics of spam are:Mass mailing to large number of recipientsUsually a commercial advertisementAnnoying but usually harmless unless coupled with a fraud based phishing scamWhat is spam?Spam is unsolicited or undesired electronic junk . Some characteristics of spam are:Mass mailing to a large number of recipientsUsually a commercial advertisement,Annoying but usually harmless unless coupled with a fraud based phishing scam
3 EXAMPLES SPAM Advertising and great deals Do I know this person? Warning from Google-nice job GoogleSent to a large number of users at onceLets review one that we received here at SLU.Notice the Super Offer advertisedPfizer Sale is the supposed sender (hmm-someone doesn’t know their grammar very well). Who is I don’t know this person and I am certainly not buying pharmaceuticals from her.A red flag that this is spam is that it is sent to a large number of users as one time.This one ended up in our spam folder due to the spam filters set in place. Thanks Google for the warning notice.Now they want you to click on a link in this . Too many red flags in this one, I think I’ll get a prescription from my doctor.These s often end up in our spam folder because of our spam filters in placeIs this a trusted website?
4 EXAMPLE SPAM & PHISHING americanexpress.com is the legitimate address not aexp.comEXAMPLESent to a large number of users at one timeGeneric greetingAsking you to click on a link that goes to a fraudulent website. Hover over the link to see where it really goes
5 PhishingA phishing is a fraudulent message carefully crafted to trick you into giving up your password or other sensitive information. Financial gain and criminal activity are the key motivations for phishing. Characteristics of phishing s are:Invoke a sense of urgencyAsking you to click on a link embedded in the that has no affiliation with the organization it is masquerading asAsking for passwords or other sensitive information such as a social security numberGeneric greetings and signaturesOdd spelling or grammar
7 Scamfraud or scams can come in many different forms such as job scams and lottery scams. They are cons and share the same characteristics:Requests for moneyRequests to cash a check, wire money, or set up a bank accountPromises of money for little or no effortOdd grammar and misspellings
8 JOB SCAM EXAMPLE Email address looks real but does not actually exist Asking you to respond to a non-SLU addressEXAMPLEOdd grammarToo good to be trueNot a SLU person and no contact information
9 JOB SCAMEXAMPLEAsking you to send personally identifiable information such as SSN, drivers license or other ID
10 HoaxA hoax is also known as a spoof . The sender alters part of the such as the senders name or address so it appears to come from a legitimate source. Characteristics of hoax s are:Spread urban myths or outlandish storiesSell a bogus product or market an online serviceSpoofed address to appear legitimateOdd spelling or grammarPromise or request of money
11 This could be a spoofed email address or compromised account of a SLU student so it looks legitimate HOAX & SCAMEXAMPLEInvoke of sense of urgency or needSent to a member of the students contact listPoor punctuation and odd grammar throughout body of messageActual signature of SLU student
12 Malware distributed via Email: Malware, or malicious software, is software used to disrupt computer operation, gain access to private computer systems or gather sensitive information. Attachments in s and internet advertising are two ways malware is distributed. Some types of malware include:Viruses, ransomware, worms, Trojan horse, rootkits, keyloggers, dialers, spyware and adwareA common Trojan horse masquerades itself as anti-virus software. The Trojan presents itself as something harmful or useful in order to get victims to install it on their computerCould be a keystroke logger that can capture all your passwords!
13 MALWAREEXAMPLEOften sent from someone you trust without their knowledgeEnticing subject lineGeneric looking attachment or link that will download malware to your computer without your knowledge
14 What do I do with Bad Email? Spam or phishing from an unknown sender can be marked as spam within your program. This alerts Google to begin blocking the sender address. Other bad such as hoaxes, can just be deleted unless…..Bad from a known sender such as someone in your SLU contact list might indicate they have a compromised account. Forward the to so it can be investigated.Phishing that is concerning, can be forwarded to the helpdesk so they can be investigated. Once forwarded, choose the report phishing option within Google. This alerts Google of the fraudulent activity.Other bad that is concerning, such as those that might contain a malware attachment or job scams, can be forwarded to the helpdesk.If you have responded to any of these s with personal information, or clicked on links that may have downloaded malware, please contact the ITS Service Desk at orThe helpdesk will involve Information Security when necessary
15 Summary:The easiest way for cybercriminals to gain access to our resources is through unaware end users. Because this activity will continue to increase, it is imperative that we critically evaluate s we receive. We cannot stop cybercriminals from sending bad , however, by becoming aware of what we should be looking for, we can limit our response to them which in turn will protect our resources as well as our personal information.More info:For more examples on phishing s, visit:Take the anti-phish IQ Test hosted by Dell SonicWall visit: