Spam is ubiquitous in our environment and can be a nuisance at best or compromise your identity at worst. It’s easy to be fooled by some of these professional-looking Emails, but there are telltale signs that what you’re reading might be a scam, hoax, or some other malicious communication.
Much of the spam we receive is simply a nuisance. These are the Emails that tout the next “big” penny stock, or the hot store from which to purchase common medications, or the lowest rate on mortgages. As the saying goes, “if it sounds too good to be true, it probably is,” therefore, most people do not act on these. They do tend to clutter up an inbox if not filtered out though.
On a more sinister note, schemes like phishing (attempting to lure you to a website) can be troublesome and expensive. These solicitations may look very professional, and may even contain company logos and other official-looking verbiage or graphics. The Emails attempt to entice or even badger you into visiting a website. Once on that site, a number of things can happen: 1) you can be infected with a virus, 2) Spyware or other malware might be deployed to your PC, 3) You may be asked for personal and/or financial information. Any of these scenarios spell trouble for you or your PC. A virus might crash your PC or otherwise negatively affect its performance. Malware or spyware might compromise your identity or capture keystrokes such that an attacker can find out your login IDs and passwords to various accounts. This in addition to the solicitation for personal information may result in your identity and subsequently your bank accounts being compromised.
Spam Emails will arouse your suspicion if you view all Emails with a critical eye and know what to look for. Some examples are:
- You didn’t expect the Email and do not recognize the sender
- There is no subject line or there are no entries in the To: field
- The entry in the To: field doesn’t match your Email address
- The website link, if present, consists of numbers instead of a www.something.something format.
- The website link and the sender’s domain do not match. For example, if you receive an Email from email@example.com asking you to go to their website, you would expect the website to be www.salem.edu or something similar. Likewise, if someone claims to be someone, a Salem administrator for example, and the From or Reply-To address does not match Salem’s address format, be VERY suspicious.
Please, Please, Please, If any Email asks you for personal or login information, be wary! Don’t respond to any request unless you know exactly where the request came from and verify that the request is legitimate. Don’t give up your information unless you initiated the transaction.
Some examples are below. These are actual Emails that came into our Email system. Suspicious items are annotated in red with a summary in blue at the bottom of each image. Click the thumbnail to see a larger view.
Example 1 - This is a solicitation that appears to be from PayPal, the company that is used for making secure web transactions. It is sent out at random in hopes that it will hit the mailbox of someone with a PayPal account and entice them to go to the fake website.
Example 2 - This phishing example plays on your fears in an attempt to get you to go to their website. In both of these examples, if you clicked the link you could be open to a variety of malicious activities.
If you have additional questions, or are unsure of the legitimacy of an Email, forward that Email to the IT department and we’ll check it out for you.
If you are interested in learning more about how to fight spam, please visit 5 Ways to Fight Spam - wikiHow. This is a very good website for those who are interested in fighting back against this nuisance. Also, for guidance on how to identify where a spam came from and how to complain to a service provider, visit How To Complain To The Spammer’s Provider on abuse.net.