Friday, September 14, 2007

Fighting spam, part 1

(Taken from a forthcoming article in the Domnitjen magazine)

These days, there are times when using e-mail seems far less of convenience it once was. The huge amount of spam, undeliverable mail (probalby as a result of spam), annoying Out of Office replies etc. Add to that the inherant dangers with e-mail (namely viruses) and there's no doubt we're well over our honeymoon period with e-mail.

E-mail hijacking - more correctly called spoofing - is another problem that is cropping up these days. Why? Because it's so easy to do. When you send an e-mail, the From part (and other properties such as Reply-to) is simply what you say it to be in the account identity settings of your e-mail client (by client we mean software like Eudora or Thunderbird).

So if had your 'From' setting as "George Bush", with a return address of the.president@thewhitehouse.us for example, it might appear that the e-mail was indeed from the Man Himself.

Of course, if you pretend to send an email as if you were someone else, when the recepient replied the plot would soon come unstuck.

Unless of course they had also hacked into your actual e-mail account. Then they would really have hijacked your e-mail. To avoid this, the number 1 rule is use a strong password. Use a combination of letters, numbers, and try to make it more than 8 characters.

Spoofing is most commonly used in spam e-mail in order to hide where it was sent from, rather than to maliciously impersonate someone. If you think you've received a spoof e-mail, do some checking. Using the 'View Headers' option reveals useful information such as where the e-mail came from.

And don't forget, if you're using a webmail service like Hotmail, always log-off when you finish checking your e-mail.

A good guiding principle with e-mail is: be suspicious - suspect any attachment, any request for detailed personal information, and of course suspect that $10 million inheritance from Nigeria!

No comments: