WML Tech Updates

In the interest of promoting better network security and increasing awareness of possible security threats, ITS asks that you review the article below and distribute to your colleagues.

FBI WARNS PUBLIC OF E-MAIL SCAMS

Washington, D.C. — The FBI today warned the public against three separate Internet scams that continue to flourish through spam e-mails. The warning comes after the FBI’s Internet Crime Complaint Center (IC3) received a rising number of complaints from citizens over the past few weeks.

In one scam, an e-mail recipient receives an electronic greeting card containing malware (malicious software). The cards, which are also referred to as e-cards or postcards, are being sent via spam. Like many other Internet fraud schemes, the perpetrators use social engineering tactics to entice the victim, claiming the card is from a family member or friend. Although there have been variations in the spam message and attached malware, generally the spam directs the recipient to click the link provided in the email to view their e-card.
Upon clicking the link, the recipient is unknowingly taken to a malicious web page.

In another scam, fraudulent e-mails misrepresent the FBI and/or Director Robert S. Mueller III and give the appearance of legitimacy due to the usage of pictures of the FBI Director, seal, letter head, and/or banners. The types of schemes utilizing the Director’s name and/or FBI are lottery endorsements and inheritance notifications.

The third is spam e-mail which claim to be from an official of the U.S. military sent on behalf of American soldiers stationed overseas. The scam e-mails vary in content; however, the general theme of each is to request personal information and/or funds from the individual receiving the e-mail.

These spam e-mail messages are hoaxes and should be immediately deleted. Consumers need to be wary of unsolicited e-mails that request them to take any action even if that means just clicking on an attachment. It is possible that by “double-clicking” on attachments to these messages, recipients will cause malicious software — e.g., viruses, keystroke loggers, or other Trojan horse programs — to be launched on their computers.

For further information on computer safety tips please visit the FBI website and the IC3 website.

If you have any questions, please contact ITS Partner Support at its-partner@vanderbilt.edu or call 615-343-9999.

For more information about upcoming and recent outages, see: http://its.vanderbilt.edu/outage.php

For more information about anti-virus efforts at Vanderbilt, see: http://its.vanderbilt.edu/antivirus

An announcement from Jason Reusch, Associate Director, Owen Information Technology Services:

Over the past year a marked increase in SPAM traffic internet wide has left a lot of messy inboxes in its wake. Some large email service providers have seen the volume of SPAM double to nearly 9 out of every 10 messages.

Here at Owen, incoming email traffic has grown 66% in just the last three months. Viruses and SPAM now account for 8 out of every 10 messages.

Our SPAM filters have been in place for just over three years and delivered over 30 million messages. The proportion of accepted messages identified as SPAM has risen from 39% in November 2003 to 67% in December 2006.

The overall volume has increased six fold from about 350,000 messages in November 2003 to over 2.2 Million in December 2006. See the chart for a quick look at message growth since the start of this academic year.

If you have any questions about SPAM or how to combat it, call the IT Help Line at 322-2034.

I have gotten many complaints from you all about the number of spam you are getting despite the fact that you have your spam filters set up correctly.  And I am sure Vanderbilt ITS and Owen IT are doing what they can to limit the amount of spam that gets through.  But spam is on the rise big time.

In a recent Reuters article on CNN.com entitled “9 out of 10 e-mails now spam,” things aren’t looking very good on the horizon.

The number of “spam” messages has tripled since June [2006] and now accounts for as many as nine out of 10 emails sent worldwide, according to U.S. email security company Postini.

Here are some other interesting but disturbing tidbits about spam from the article:

• There were 7 billion spam emails detected worldwide in November compared to 2.5 billion in June.
• The United States, China and Poland are the top sources of spam.
• About 200 illegal gangs are behind 80 percent of unwanted emails.
  • They disguise words to try to outfox filters searching for telltale words. So, Viagra would become V1úgra.
  • They send millions of emails, so they only need a fraction of people to reply to make a profit.
  • They develop programs that mutate to avoid detection and send fewer emails from each machine.
• Experts blame the rise in spam on computer programs that hijack millions of home computers to send emails, often without the oweners’ knowledge.
• Spam costs firms up to $1,000 a year per employee in lost productivity and higher computing bills.
• It is difficult to fight spam because the problem crosses international borders.

The BIS and Circulation mailboxes that are in Outlook now have spam filters on them as well.  No more sorting through hundreds of pointless emails trying to find that one question from a user.

All members of the Vanderbilt community are eligible to upgrade to Spy Sweeper 5.2 for free!

The free download link is available at http://its.vanderbilt.edu/antispyware

Important: After you enter the activation key during the Spy Sweeper install, Spy sweeper creates a unique keycode for your specific installation. Access your keycode by clicking the About Spy Sweeper link in the lower right of the Webroot home screen. Write down your keycode and use it instead of the activation key during future reinstalls, upgrades, or license transfers to new machines.

Doing so ensures your reinstall/upgrade/license transfer is not counted as a new install and subtracted from the number of Webroot licenses available to the Vanderbilt Community.

Alternatively, you may contact Webroot’s Consumer Support at support@webroot.com and, after providing your name and email address, they will furnish your keycode.

The AskLibrarians Mailbox now has a spam filter.  How did I do this?  Log into the computer using the AskLibrarians username and password (which can be found on the passwords excel spreadsheet), and then follow the directions on How to set up a SPAM filter in Outlook 2003.  The Circulation and BIS Mailboxes could also have spam filters set up similarily.

There are phishing emails scams out there designed to collect valid email addresses for future spam efforts.

If you would like to report such emails in the future, the best process is to forward the email in an Outlook Message file Format to the abuse email address. To forward such emails please follow these instructions:

1. Click once on the email to highlight (do not open the email)

2. Go to File>Save As
Click on the “Save as type:” drop down box
Select “Outlook Message Format (*.msg)”
Save the Outlook message file to your desktop

3. Create a new email message

4. Attach the saved Outlook message file and forward to abuse@vanderbilt.edu

5. Delete the saved message on your desktop

This saves the message and other important information about the email in an Outlook Message Format file. This practice also allows ITS to forward the complete email to the vendor who will update the spam definitions.

Otherwise the best practice is to delete such emails.

Information provided from:

Terry Cavender, CISA, PMP
Security Service Delivery Manager
Information Technology Services
Vanderbilt University

1. Open Microsoft Outlook.
2. Right-click on the link to your Inbox and select “New Folder“, enter “SPAM” and click OK.
3. Create the rule. Select Tools –>Rules Wizard from the menu.
4. Click New then Next.
5. Uncheck “from people or distribution list.”
6. Check “with specific words in the message header” (the 15th item in the list).
7. Click on highlighted “specific words” in the bottom half of the window. Type “X-Spam-Status: Yes” and click Add. (It’s important to put a space between the “:” and “Yes”.)
8. Click OK.
9. Click the highlighted word “specified folder” and select your SPAM Mail folder, click OK.
10. Click Finish.