Tuesday, October 11, 2011

I love the taste of spam in the morning

At work, we use Postini on our inbound edge email servers. It actually does a pretty decent job of spam detection and trapping. One of the things that I like about it is that it allows individual users to manage their own white-lists, without having to bug an email administrator.

It is interesting to view the daily quarantine summaries, and see what the latest and greatest 'fad' is with regards to spam and phishing attempts. I'm detecting a definite theme today.

According to the "IRS", my tax return has been received 4 times, they have "important information" about it that they want to share with me, and they were also unable to process it (which one of the 4 submittals, I'm not sure). While it would probably be educational to actually have those messages delivered, and investigate the headers on them, I'm just not that motivated to do so.

I'm not trying to steal a march on Borepatch, and do his security blogging for him (he's amply sufficient to the task, kthxbai), but please keep your wits about you when you are checking your email. Is it from a bank you don't do business with? Is it from an online payment servicer you haven't used in a decade? Is it from an online auction site you set up an account with once, and never used again? Is it coming in to your work address instead of your personal address?

Yeah, those are all probably warning signs.

My personal favorite was an email I received the other day about a problem with my bank account. I received it on my work account. The recipient on the "TO:" line? An internal distribution list (that was somehow available publicly, but don't get me started). Yeah, somehow I don't think I ever used that email address in association with ANY personal accounts.

And then there was the story I heard about a user concerned about an email they received. It said there was a problem with a NACHA payment they'd submitted, and to please click on this link. They clicked on the link 10 or more times, each time, according to the Service Desk ticket they opened, being directed to a blank web page "that didn't do anything." According to the deskside technician I spoke with, it definitely did do something. They finally decided that nuke & pave was the safest option.

Oh, and here's a protip for you. Individuals don't deal with NACHA. Financial institutions do. Your online bill payment, or direct deposit, or funds transfer might get routed through the Automated Clearing House (ACH), which NACHA manages, but you don't ever talk to them directly.

No comments:

Post a Comment