Email Scams and SPAM

• What is CC doing?
• What do Scammers and Spammers want?
  Scammers Goal = trick you into performing actions whereby you or your computer may be exploited
  Spammers Goal = getting you to buy something
  They both want to validate your email address because valid email addresses can be sold to marketeers
  
• Some Exploits used by Scammers and Spammers
  
  Asking for you to reply with personal information
  
  • HTML Email (by default, GroupWise will not render HTML email)
    Fill in forms (where will your fill-in information be sent to?)
    Hidden web links (scammers can make the hidden hyperlink different from the visible text on top of it)
    Embedding pictures: http://en.wikipedia.org/wiki/Web_bug
    
    Social Engineering: http://wind.caspercollege.edu/~doit/tech_tips.html#99
    
    Phishing - a type of social engineering attack, attempting to trick you into revealing personal or financial information
    Spear Phishing - a targeted form of phishing attempting to win your confidence by pretending to be from a trusted source.
  • Infecting your computer - "zombie computer"
    Clickable Web links: http://en.wikipedia.org/wiki/Drive-by_download | Driveby in the news
    Malicious Attachments
    
    Filename Hiding Attempt: http://wind.caspercollege.edu/~doit/tech_tips.html#108
    Viruses: http://wind.caspercollege.edu/~doit/virus_subject.html
    Attachment limitations for Casper Colleges Faculty and Staff Email System: http://wind.caspercollege.edu/~doit/attach_limits.html
    
• Recognizing Scams and SPAM
  Does the message appear "Urgent"?
  Does it seem to good to be true?
  Is it a Greeting Card?
  Who is it from?
  Do you know this individual or the organization?
  Are the From and Reply-to fields the same?
  Why would you get a message from here?
  Is the spelling and/or grammer bad?
  Is the message TO: or a BC: to you?
  If you're asked to click on a link...Where will it go? (message source)
  Is message in HTML? html can hide valuable information
  Social Engineering (does it appear to come from Casper College but from an outside address?)
  
  • Forensic Resources for Email
    • Email Header informationis visible in the "Message Source" tab in a GroupWise message
    • Email Headers - Anatomy of an Email Message
    • Analyzing Email Header Information:
      • LevineCentral's Email Header Parse
      • Email Header Analyzer, RFC822 Parser - MxToolbox
      • SEM Mail Parse ~ Upload
    • 2-Letter Country Codes: http://wind.caspercollege.edu/~doit/uploads/country-codes.txt
    • Whois Lookup: http://www.whatsmyip.org/whois/
    • Regional Internet Registries: http://en.wikipedia.org/wiki/Regional_Internet_registry
• Scam examples
  

The Hodgepodge

Junk Mail - Why Junking SPAM does you no good - Effectiveness of Junk Mail: http://wind.caspercollege.edu/~doit/tech_tips.html#53
Changing an Email into a posted appointment
Moving an appointment to another calendar
Saving Views for Repetitive Messages
Using posted messages for important items
Printing an Item List: http://wind.caspercollege.edu/~doit/tech_tips.html#89
Using the Tasklist
Vacation Rule Wizard
Address Book Tips

System Group (distribution lists) Details
Phone Numbers
Student Email Lookups: http://wind.caspercollege.edu/~doit/how_to/student_ab_howto.html

Rearranging your Folder List

• Sort Subfolders
• Edit > Folders
Customizing the Nav Bar
Using Backup Mode

• Tech Tip: Using the GroupWise Client in "Backup" Mode
• Explain how the Trash folder works...why it's a backup.
What is the Data Synchronizer Service for Mobile Devices?

• http://wind.caspercollege.edu/~doit/how_to/groupwise_imap.html
• iPhone .vs. Android .vs. BlackBerry
Open Discussion

 --Unpatched IE Flaw is Being Actively Exploited
(March 12 & 14, 2011)
An unpatched flaw in Internet Explorer (IE) is being exploited in
"limited, targeted attacks," according to Microsoft.  The vulnerability
in the mshtml.dll software library used by IE was disclosed two months
ago, but Microsoft has not yet released a patch for the issue, although
a Fixit tool is available.  The attacks involve tricking users into
visiting a specially-crafted web page that launches a drive-by attack
on the browser.  Google says the attacks appear to be politically
motivated.