|
Despite the new "Can-The-Spam" law,
spam continues to be a significant problem world-wide. Dartmouth
has taken many steps to try and curb the influx of spam messages
and viruses.
We hope that further education about spam and viruses
to the general community will help answer some common questions
and reduce complaints.
Please report spam by sending a copy of the offending message
with all headers displayed to the FTC (Federal Trade Commision)
at uce@ftc.gov, website-http://www.ftc.gov/bcp/conline/edcams/spam/index.html.
The FTC's website is very informative and may provide you other
methods to help curb this type of activity.
All of Dartmouth's databases are password protected
and any compromise would be easily detected and stopped by Dartmouth
administrators. Dartmouth's systems have not been compromised
in any way. Please see "Dictionary attacks" below for more information
on how an email address is harvested.
There is a difference between Spam and viruses, but there are
also some similarities.
Spam |
Virus |
| Headers are often forged to defy the user into opening the
message and read it. |
Headers are also forged but usually headers are generated
by the virus after infecting a users' computer and stealing
an
email
address
from the users' address book. |
| A false unsubscribe link, which realistically verifies a
valid email address and spammers will add to a database of
"good email addresses". |
There is no unsubscribe link. But sometimes the message appears
to come from a trusted source such as "staff@dartmouth.org"
or
"microsoft@microsoft.com". |
| Spammers continue to ignore the law and users' requests to
be removed. Spammers have also found ways around
spam filters making it more difficult to filter their messages out. |
Virus protection is the main source for combat. Spam filters
do not necessarily pick up on virus generated messages. Dartmouth
has both virus scanners and spam filtering scanning inbound
messages. |
| Dictionary spamming techniques are commonly
used. Once a spammer knows of a domain (i.e. dartmouth.org)
they randomly
place names before
the "@" sign usually going through letters of the alphabet
such as "andy@dartmouth.org, amanda@dartmouth.org, arnold@dartmouth.org,
and so on". In this scenario they also use the BCC field
so users cannot see it is a dictionary attack and think they
are receiving messages that aren't even addressed to them. |
Viruses may use a dictionary technique as well until
it starts collecting valid addresses, then it uses direct attacks based
on information it gathers from infected computers. |
| Spam usually does not cause harm to a users' computer. |
Viruses do intend to cause harm, usually on a more
global front. I.E. slowing down networks to a crawl, denial of service
attacks on websites, etc. |
Okay, now I understand a little better, what
can I do to help?
Dartmouth help desk personnel spend a significant amount
of time responding to spam and virus complaints hindering
production and improvements to new and current systems. Please
report spam by sending a copy of the offending message with
all headers displayed to the FTC (Federal Trade Commision)
at uce@ftc.gov, website-http://www.ftc.gov/bcp/conline/edcams/spam/index.html.
The FTC's website is very informative and may provide you other
methods to help curb this activity. The more reports they receive,
the more diligent they may be in passing legislation at global
levels
to help
in the fight against spam. |
|
