A-to-Z Index

Computing Homepage

Information Technology Help Desk

Mon -Thu: 8:00am -9:00 pm
Friday: 8:00am - 5:00pm
Saturday: Closed
Sunday: 3:00pm - 9:00pm

(when classes are in session)

Exceptions for the year


 

 

SPAM and other unwanted messages

Contents:

 

 

The Problem - Unwanted messages - SPAM, Phishing, e-mail borne viruses, instant message borne viruses, ...

 

Almost everybody gets them. Messages advertising stock market tips, office supplies and pornographic sites or promising easy money or miracle cures. Messages warning of dire consequences or lost fortunes if the messages aren't forwarded to everyone we know. Scams attempting to fool victims to typing banking information and passwords into fake web sites. They're a nuisance, wasting our time and computing resources. Some are shocking, others are fraudulent and illegal.

SPAM continues to be a growing problem. Malicious and nuisance messages continue to grow in number and sophistication in ways to get past SPAM filters, fool people, and in some cases deliver malware. This situation is not likely to improve in the near future. Like all email servers, the JMU email server advertises itself to the world as the place to send email to @jmu.edu addresses.  Anonymity and instant, worldwide communications combined with our desire to be reachable make it impossible to prevent unwanted messages. Anyone can connect a computer to the Internet and send messages. Public computers abound. Unsafely operated computers are abundant and easily used by abusers and criminals. Neither the computer operators, who may be regular home computer users, or the network operators, who may be mass Internet Service Providers, are equipped to handle the notification and cleanup reliably and in a timely manner. While there are laws prohibiting SPAM, they are largely ineffective for a variety of reasons.

Our e-mail system attempts to discriminate between wanted and unwanted messages. Its doubtful that a person could do this this with 100% accuracy. For a machine its impossible. If the machines are configured to be stricter, the chances of losing legitimate messages increase. At peak times, our email system blocks 636 messages per minute that it has classified as SPAM and thousands of messages per hour that carry viruses. 86% of the 1.2 million messages we receive daily are rejected.

Criminals and abusive marketers are increasingly using the Internet. Oftentimes, they use virus infected home computers and/or computers in other countries to send the stuff making it easy for them to avoid blocks and prosecution. Various sources estimate that unwanted messages constitute anywhere from 60% to 80% of all Internet e-mail and that the average person receives anywhere from half a dozen to two dozen messages daily.  In the first half of 2005, 5.7 million fraudulent "phishing" messages alone were detected *PER DAY*. There has been a large increase of this type of fraud the past several months and it is expected to continue.

We continue to evaluate our email system for improvements.  There are a variety of schemes being planned that depend upon partial authentication of senders to allow receiving e-mail servers to make decisions. All these schemes depend a lot on the participation of the majority of Internet e-mail senders and are vulnerable to the use of compromised computers within a domain which is more and more common through the use of 'BOTS'.

And even as we and the rest of the Internet improve our motivation and ability to handle unwanted and abusive e-mail messages, criminals are moving to instant messaging and other technologies to spread their abuse.

 

 


 

Prevention - How to minimize unwanted messages

 

In our present environment, it is impossible to prevent people from sending us unwanted messages if they know our e-mail address.

Theoretically, if we assigned staff 24 X 7 to do nothing but watch for this stuff and block it as it came in, we'd put a dent in it. But aside from the resources it would take, it would be a reactive process where messages would still get through even if we searched through individual mailboxes. Additionally, legitimate messages would likely be delayed or lost as we blocked email servers that were unknowingly being used to forward SPAM.

 

Minimizing reception of unwanted messages

You can minimize unwanted messages by keeping your e-mail addresses private but it is almost impossibl to do these days and is something a lot of us go out of our way not to do. What good is an address nobody knows about?

  • The more your e-mail address is available, the more spam you'll receive. Minimize this availability for your primary e-mail account. Free webmail accounts are available for the asking although you should review the provider's privacy policy before signing up.

Unfortunately, there are many ways spammers and criminals can get our e-mail addresses that are beyond our control.

 

 

Automatically classify and handle messages according to personal preferences

If you are unhappy with the way our e-mail system classifies messages, you have the ability to modify it to match your personal needs and preferences in ways that are impractical to do for the entire population. Both email services and email clients generally include functionality that allows individuals to set up custom filters and actions. Filters allow you to screen messages based on text found in the messages' sender, subject, body, and other fields and take actions such as delete them, put them in a specified folder, or flag them in some way.

Howver, we recommend that most people simply delete unwanted messages. Setting up filters can be tricky and lead to loss of legtimate messages.

These personalized e-mail message filtering rules allow to you be as stringent as you want in blocking incoming messages. You can apply filters that are impractical when applied to the mailboxes of 30,000 diverse people. If you want to reject all messages containing the words "chase bank", "$20 reward", "to whom it may concern", "viagra", "penis", "paypal", "stock symbol", "free pics", and/or "ebay" you're free to do so. Just make sure you consider what types of legitimate messages may be blocked if you do so.

Be very careful with the parameters you select for filtering lest they match messages you really want. Use these guidelines before setting a filter to delete messages:

  • The longer and more unique the text the filter is set to match, the more accurate the filter is likely to be.
  • At first, set the filter to move matching messages to a folder rather than delete them. That way you can see what type of messages will be deleted. You can switch to delete after you're comfortable with the message selection process. Let it run at least a week, preferably two before setting it to delete messages unless you're really sure of the selection pattern you picked.
  • Always send yourself some test messages after creating or modifying a filter. Make sure you understand what your filter is doing.

 


 

Reaction - Handling SPAM and other unwanted messages when they can't be prevented

Given the nature of today's Internet and e-mail, it is almost inevitable that you will receive unwanted messages. Due to the variety and  increasing sophistication, it is difficult to provide specific guidance without a very long list of complicated and conflicting rules that may or may not apply. The best general advice for minimizing risk due to malicious messages is:

  • If you receive a message that poses immediate danger to health or welfare, contact law enforcement. Do not delete the e-mail.
  • Messages that are likely to fool a person aware of Internet risks or pose unusual risk to JMU should be forwarded as an attachment to abuse@jmu.edu.
  • Do not click links or attachments of any type in unexpected e-mail or instant messages when:
    • There are no serious consequences if you don't act on the message. For example, cold sales calls, jokes, games, holiday cards, chain letters, and news items. If the news items are of interest, go to a known good web site for the information rather than clicking the link in the message.
    • The message involves sensitive information. For example, finance, account passwords, SSN, computer updates and security, and health information. In these cases, it is best to navigate to a known good web site, preferably one that has been previously used, and verify the information.
  • If in doubt, contact the apparent sender or an official, trusted web site for verification of information.
  • If you click a link in an e-mail or instant message and your browser warns you of risk, do not ignore the warning. Do not proceed. Cancel the action.  Ask for assistance.
  • If you fall victim to a "phishing" scam, that is, you type your banking, stock trading, paypal, password, or other sensitive information into a fake web site you'll need to immediately change your password. If the site has password reset or other functionality the intruder may be altered, you need to check them too.  As an example of what to check, see the instructions for recoverying from giving out your JMU password.

The most efficient and safe way to handle SPAM is to delete it. Never reply to it, click on any links, or follow instructions about removing yourself from a list.

Refusing to purchase products advertised in SPAM may reduce motivation.

If you receive messages with images that offend you, most e-mail clients can be configured so they do not display images or display messages in text rather than HTML, the language of the web that supports images. This also reduces malware risk but obviously reduces functionality.

Images depicting child pornography should be reported to law enforcement.

Faculty and staff using the campus Exchange server can forward improperly classified messages to the anti-spam vendor using the following procedure. This may enable them to improve their anti-spam services:

  • Reporting a SPAM message that ends up in your inbox ( i.e. doesn't get classified as junkmail and put in your junkmail folder):
  • Reporting legitimate messages that get classified as junkmail. ( DO NOT FORWARD MESSAGES CONTAINING SENSITIVE INFORMATION ):
  • Various law enforcement agencies have set up e-mail addresses where SPAM and other objectionable messages can be sent. If you wish to report messages, the Department of Justice web site lists the appropriate places.