In the same way that no amount of exercise can guarantee you will not have a health problem, similarly with email. However, just as there are certain habits which will greatly increase your risk of bad health, so also with email.
The following items are mostly common sense but may help to reduce your exposure to SPAM, Viruses and other hateful things.
Prevention is better than cure. Give out your email address with the same care you give out your home or mobile phone number.
We recommend that you create an alias (an alternative email name) every time you join a mailing list or give out your email to anyone you do not know well. This way, if the email address becomes the source of spam you can just delete the alias without having to send a message to all your real contacts to inform them your email address has changed.
If your mailbox has become hopelessly clogged with all kinds of nasty stuff the best policy may be to start again. Delete your current mail address and get a new one. Sure, you will have to send all your real contacts the new address. But what is worse - your inbox full of unwanted junk or a quick email to the 3 important people in your life. Just kidding, it's probably 5 people. But, if you do not use the alias policy noted above when joining mailing lists, or are not cautious about giving out your email address then, sooner or later, it will all start happening again.
If you own or operate a web site NEVER publish any email address in full on the site, that is, never have me@mywonderfuldomain.com either in plain text or in any href from the link tag, for example, never have mailto:me@mywonderfuldomain.com - instead use some form of javascript mangling function (use view source to see ours) and publish the name in some cryptic format such as 'me at mywonderfuldomain dot com'. There are thousands of email harvesting programs that just love to crawl through your site and scoop up those email addresses. Again, most websites have standard aliases like info, webmaster and so on - spammers know that too. So guess what ... they are going to send to those addresses. Instead use a mangling function and provide lots of places that people can email you by clinking a link and then you can get rid of 'info' and 'webmaster'. Since, using the link method, you control the return address, you can call it anything you want, such as, 'product-info' or 'web-master'. Email address mangling is not foolproof but it sure is better than just giving your mail addresses to even the dumbest spammer.
It is a sad fact of life that people who send out viruses, worms and other unpleasant things want to hurt the most number of people they can. If you are using the most popular email software your chances of being hit or affected are just plain higher. It's a numbers game. It's cost-effective to hit a large number of people. Less interesting or profitable to hit a smaller number. So your first line of defense is to not belong to the majority, you are simply a less interesting target. Change your email client program to a less popular one. So you are going to have to spend time learning a new client. Instead of having to spend time cleaning your system once a day. Let's think about that for ..... 1 millisecond.
There are many excellent - and free - mail programs out there. We have no reservations in suggesting that you look at Thunderbird having used it ourselves for over five years. It will import your address books and all your current mail from most email programs. You will lose nothing in the transition. It has simple controls to disable the most dangerous aspects of reading mail. Well thought out, and, as it says in the promotional material, 'reclaim your inbox'.
Yes, Yes and Yes again. BUT make sure you keep it updated (many vendors offer auto-updated services) and make sure it deals with MS Office and other macros in attached content. The best vendors have a try-before-you-buy policy. Unfortunately, even this policy is becoming less useful that it used to be because of the speed with which attacks take place. The recent spate of attacks against anti-virus software and a disconcerting trend by users to install multiple layers of anti-virus, anti-spam and anti-whatever can mean nothing gets through. We recently had to debug a user who was no longer getting mail. Turned out that, whatever mail was not snagged by the first anti-virus/SPAM layer, was grabbed by the second layer. Net result. About 1 in 10 messages were getting through. Too much of a good thing is, as always, bad.
For email and Browser software especially automatic updates are a Good Thing™. All that talk about loss of control. Just how much control do you have if your PC is zombied out by a Trojan that would have been blocked by last weeks update. Oh, you forgot to do the update.....
Since email is the biggest cause of virus attacks, offense and time wasting (SPAM), invest a bit of time to get to know your email client program's capabilities. Your email client program can be your best ally in stopping the rising tide of problems and, since it can be tailored to your needs, it's the last and perhaps most effective line of defense.
The majority of people in our experience use an email viewing window configuration in which the currently selected email is always visible in what is called a 'Message pane' (Mozilla/Thunderbird) or a 'Preview pane' (Outlook/Outlook Express). Get rid of this pane - whatever it's called. It is positively dangerous especially if you are running with Javascript enabled and the mail item is HTML mail (see below). Removing this pane may also prevent you from having to look at offensive material that you really would rather not have seen. OK, so you will have to double click the message to read it - but at least you control the next time your inbox is infected not your email program! And it's surprising how often you can spot the SPAM just by its title.
Read the subject line and the from address BEFORE you open anything.
If the subject suggests it's spam (for example, An Offer you can't refuse..., Great Offer from..., mangled name of a well known drug) or it's from address looks suspicious, for instance, slimytoad@slimytoad.com - just delete it. Why even bother to read it. Oh, you just want to confirm it's SPAM?! We delete about 90% of our email by just looking at the subject line and from address. Still got some nagging doubts about this one? Try this experiment. Instead of deleting the mail just move mail you think is spam to another folder without opening it. Then go and check just how accurate you were. You will be amazed how good you are. We have another rule. No email subject, no read. If the sender cannot be bothered to add a subject/title that describes the contents of the email why should we bother spending the time to read it.
Remember, you control your life and you can refuse offers 'you can't refuse'.
This one is tough. If you know someone, you tend to assume everything from them is OK. Remember many modern viruses use Address Books to send the virus to others. So the people you trust may have become unwitting carriers of a virus. Be a healthy cynic. If the email is not in the spirit of 'normal' communication, be suspicious. Delete it. If that sounds hard-hearted, then you have never received a panic-stricken email or phone call from a friend or colleague apologising profusely for having become infected and passing on a virus.
Regular text mail is benign and reading it will do you no harm (attachments might - see below) but not the mail item itself.
Images may be embedded in both text and HTML email. This is normally done using a link back to the image source. Most modern email clients will allow you to stop this behavior. DISABLE IMAGES.
Apart from the offence and shock some of the images can cause, the very act of displaying an image causes your system to request the image(s) from the remote site. The remote site knows you have read the mail, knows you exist, knows your IP address and knows you are potentially vulnerable. And you get an offensive image as well. Must be your lucky day. Shocked, captured and scammed at the same time. Disable fetching of all images in HTML Mail by default. Most good mail client programs have a button that will let you fetch images if you think the site is safe and many even allow image fetching from user defined trusted sites.
While the vast majority of sites are clearly benign, not all are. You have nothing to lose by blocking image loading and everything to gain. DO IT.
HTML mail looks nicer than regular, boring, text mail but is potentially much more dangerous - and is regrettably becoming more popular. Just opening it can harm you through the use of embedded Javascript. If you can disable Javascript in your mailer program - DO IT (see our email FAQs). If you can disable fetching embedded images in your mail program - DO IT.
If you can avoid using HTML mail - DO IT. Unfortunately today it is probably impractical.
Only click a link to a web site or mail connection if you think it is safe or from a trusted source. But before you do click, just roll your mouse over the link and check on the status bar at the bottom of the mail client that the name is the same as that in the visible part of the link. Many times you will see a link that looks reasonable, for instance, http://www.respectedfinancialinstitution.com, but when you roll over it the status line at the bottom shows http://www.we-are-gonna-steal-your-password.com. Mmmmm.... Wonder whether I should click this link.... Delete the mail item. Period. We sometimes get marketing survey requests from suppliers of newsletters. While these can be a pain we usually follow-up because it really might help us, so we will invest the time. However, if the marketing survey links to a site which does not have the same domain name as the newsletter supplier we delete the email without a second thought. If the requestor cannot be bothered to organize the survey through their own web site then it's unlikely the survey will result in any useful action. And it could be a scam. Their loss not ours.
Attachments are the most dangerous part of email. Most viruses are carried in attachments. The best rule is NEVER open an attachment. In practice this is not possible. We all get hundreds of essential attachments. Here is the second best set of rules:
(Ed note: I don't even open these email greeting cards, especially when it is my birthday - not everyone likes me). The only exceptions to this are; if the file is referenced in the body of the email; you know the person it's from; you are expecting the file. Even then it's a potential risk.
Want to be real safe? Send a quick email and ask the sender to confirm they sent the attachment. Similarly, show the same courtesy when you attach an .exe (or any other file). Confirm the attachment in the text of the email 'attached a DOC file (something.doc) of the latest modifications etc., etc..'
Do someone a good turn - prevent a heart-attack!
Many viruses use MS office macros to do the damage. Make sure your anti-virus software is up to date and checks for macro viruses. MS are very good about publishing security fixes. Keep your software up to date. Again, if the attachment is NOT referenced in the body of the email be suspicious. Delete it or send an email requesting confirmation that it was meant to be attached. Preferably before you open it. Because after you open it you may just be watching your PC disintegrate before your very eyes.
Historically, PDFs tended to be pretty safe. Not today. However, keep your copy of Adobe Reader up-to-date. Modern versions will check periodically for updates. Always accept them. There are plenty of viruses out there for PDFs these days. Is something you are expecting. Is is referenced in the email body. Do you normally get PDF's from this sender. Normal good practice.
ZIP files can be lethal. Follow the rules for .exe attachments. Even then, inspect the contents of the zip files BEFORE YOU EXTRACT THEM and follow the advice for each file type above. If there are any .exe files inside be super cautious.
If the file is not referenced in the body of the email OR you are not expecting it OR you don't know the person sending it. Delete the email. Period. If it is important they will send it again - hopefully this time with an explanation.
If you consider deleting mail too drastic or want to track the culprits, consider creating a special system wide mailbox to which anyone can forward all suspicious messages. This mailbox should be opened by a responsible person from time to time on a PC that has NO PRIVATE OR SECURE DATA and HAS MINIMAL LAN NETWORK CONNECTIONS and NO SYSTEM PASSWORDS and NO ADDRESS BOOK on it. Use an old PC that you were going to junk. If it gets destroyed by viruses, clean it up and rebuild it. A single PC rebuild is a lot quicker than a network wide restore and rebuild.
Again to emphasize this point. If you are suspicious of a mail item or its attachment - delete the whole mail item.
Sounds a bit drastic. If you delete it, it can't hurt you. If it's infected, it can. You choose.
If it's not practical to delete the mail item because it may be important, send an email requesting confirmation of any attachment BEFORE you touch the suspicious object.
Empty your trash folder at least once a day and better yet, after every mail reading session. Apart from keeping your disc space for useful stuff, not that junk you get, it's also healthier.
Check the sidebar links for sources to help you verify mail headers and other exotica and our email FAQs pages for more information.
Good luck. Remember, if in doubt, delete it!
Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or info-support at zytrax. You will have a warm inner glow for the rest of the day.
Topics
If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C STANDARDS COMPLIANT browser such as Firefox
Search
Share
Page
Resources
Securing Systems
greylisting.org
SPF Test Site
sorbs.org
OPEN RELAY TEST
spamfaqs
spam.abuse.net
Cookies
Network Tools
Site
Copyright © 1994 - 2024 ZyTrax, Inc. All rights reserved. Legal and Privacy |
site by zytrax hosted by javapipe.com |
web-master at zytrax Page modified: April 13 2024. |