Email, Spamming, Hoaxes, Phishing

Email

Email, or electronic mail, is a modern form of communication with many advantages. It is flexible, fast and direct. Email played a crucial role in the proliferation of the Internet in the early 1990's. Unfortunately, due to the relative ease with which sender addresses can be disguised,email and the Internet leave room for illegal activities such as spamming.

Broadly categorized, spam includes unsolicited advertisements, hoaxes and proliferation of malicious software – malware. The inconvenience and danger to the user is increased by the fact that the costs of sending email are next to zero, and authors of spam have many tools and sources available to acquire new email addresses. In addition, the volume and variety of spam makes it very difficult to regulate. The longer you use your email address, the higher the possibility of it ending up in a spam engine database.

Some hints for prevention:
  • If possible, don't publish your email address on the Internet
  • Only give your email address to trusted individuals
  • If possible, don't use common aliases – with more complicated aliases, the probability of tracking is lower
  • Don't reply to spam messages which have already made it into your inbox
  • Be careful when filling out Internet forms - especially beware of check boxes such as "Yes, I want to receive information about ... in my inbox."
  • Use specialized email addresses – e.g., one for your work, one for communication with your friends, one for online purchases, etc.
  • From time to time, change your email address
  • Use an antispam solution such as ESET Smart Security's Antispam module.

Spamming

Internet advertising is one of the most rapidly growing forms of advertising in the world. A significant percentage of internet advertising uses email as a means of contact. Its main marketing advantages are zero cost and high level of directness/effectiveness. What's more, messages are delivered almost immediately. Many companies use email marketing tools to communicate with their current and prospective customers. In some cases such advertising is legitimate, as many users may be interested in receiving commercial information about some products.

However, many companies send unsolicited bulk commercial messages. In these cases, email advertising crosses the line and becomes spam. The amount of unsolicited commercial email has become a serious problem, and shows no signs of abating. Use of the ESET Smart Security Antispam module is an essential aspect of protecting your email address from spam messages.

Hoaxes

A hoax is a message spread across the Internet. Usually it is sent via email and sometimes via communication tools like ICQ and Skype. The message itself is often a joke or Urban Legend.

Computer Virus hoaxes try to generate fear, uncertainty and doubt (FUD) in the recipients, bringing them to believe that there is an 'undetectable virus' deleting files and retrieving passwords, or performing some other harmful activity on their system.

Some hoaxes are meant to cause emotional embarrassment to others. Recipients are usually asked to forward such messages to all their contacts, which perpetuates the life-cycle of the hoax. There are mobile phone hoaxes, pleas for help, people offering to send you money from abroad, etc. In most cases it is impossible to track down the intent of the creator.

In principle, if you see a message prompting you to forward it to everyone you know, it may very well be a hoax. There are many specialized web sites on the internet which can verify whether an email is legitimate or not. Before forwarding, perform an internet search on any message you suspect of being a hoax.

Phishing

The term phishing defines a criminal activity which uses techniques of social engineering (manipulating users in order to obtain confidential information). Its aim is to gain access to sensitive data such as bank account numbers, PIN codes, etc. Access is usually achieved by sending email masquerading as a trustworthy person or business (financial institution, insurance company).

The email can look very genuine, and will contain graphics and content which may have originally come from the source that it is impersonating. You will be asked to enter, under various pretenses (data verification, financial operations), some of your personal data – bank account numbers or usernames and passwords. All such data, if submitted, can easily be stolen and misused.

It should be noted that banks, insurance companies, and other legitimate companies will never request usernames and passwords in an unsolicited email