Presentation is loading. Please wait.

Presentation is loading. Please wait.

Don’t click on that! Kevin Hill.  Spam: Unwanted commercial email ◦ Advertising ◦ Comes from people wanting to sell you stuff. ◦ Headers may be forged.

Published byMeagan Peters Modified over 8 years ago

Similar presentations

Presentation on theme: "Don’t click on that! Kevin Hill.  Spam: Unwanted commercial email ◦ Advertising ◦ Comes from people wanting to sell you stuff. ◦ Headers may be forged."— Presentation transcript:

1 Don’t click on that! Kevin Hill

2  Spam: Unwanted commercial email ◦ Advertising ◦ Comes from people wanting to sell you stuff. ◦ Headers may be forged to hide actual accounts sending the email.  Phishing: email pretending to be from someone else you trust ◦ Deceptive ◦ Designed to look like legitimate email from a trusted source. ◦ Banks, ISPs, corporate IT departments.

3  We use block lists to block emails from known spam sending servers.  Many sites now using Sender Reputation systems.  Spam reports from Fermilab = bad reputation scores.

4  Look at the “Full Headers”  Why “Full Headers”? ◦ Email has envelope From and To addresses, just like old timey postal mail. ◦ The headers your mail client shows are equivalent to addresses at the top of a physical letter. ◦ All servers add a “Received:” header. Only headers added by local or trusted upstream servers are trustworthy. ◦ Don’t trust those either.

5  Never, ever send usernames and passwords via email.  Don’t enter your username and passwords into a web form/application you don’t recognize/expect to use.  Don’t forward your fnal.gov email to another site and then report messages from it as spam.

6  HTML links have two parts: a display part and a URL  “click here” => http://example.com/nextpage.hmtl http://example.com/nextpage.hmtl  Don’t assume a link that looks like a URL actually links to that URL  “http://www.fnal.gov/computing” => http://www.example.com/hacked_app/scam_ me.php “http://www.fnal.gov/computing http://www.example.com/hacked_app/scam_ me.php

7  URLs can be prefixed with a username/password.  http://www.fnal.gov:computing.email.login@ example.com/hackme.html is a valid URL, but doesn’t go where you might think at first glance. http://www.fnal.gov:computing.email.login@ example.com/hackme.html  Read emails in plain text instead of html when you can.

8  Holding the pointer over a URL should show where its actually linking in the status line.  Latest versions of browser more clearly show if an SSL link is really registered to that domain.  Beware of fake SSL certs! Hard to be 100% sure. Use good judgment.

9  Look at mouse-over’s in your mail client to see where a link is really pointing.  Better to type in URLs then to click on untrustworthy links, but don’t mistype!  Save bookmarks to important pages.  Use bookmarks when you get an email requesting you do something at a particular site.

10  Emails about Fermilab systems will not come from non-fnal.gov addresses.  Real Fermilab web forms/apps will not be hosted on non-fnal.gov websites.  Outsourcing/Cloud based hosting makes things complicated.

11  Messages available at http://home.fnal.gov/~kevinh/SNP/

12

Download ppt "Don’t click on that! Kevin Hill.  Spam: Unwanted commercial email ◦ Advertising ◦ Comes from people wanting to sell you stuff. ◦ Headers may be forged."

Similar presentations

How to Write an Email. What makes email different? People do not read emails, they scan emails. You need to convince them this is important. You need.

How to Write an . What makes different? People do not read s, they scan s. You need to convince them this is important. You need.
Surrey Public Library Electronic Classrooms Email Essentials.

Surrey Public Library Electronic Classrooms Essentials.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.

COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
© 2005 Convio, Inc. NTEN Webinar: Protecting your organization and donors from online scams February 23, 2006.

© 2005 Convio, Inc. NTEN Webinar: Protecting your organization and donors from online scams February 23, 2006.
Dealing With Spam The email kind, not the Food product.

Dealing With Spam The kind, not the Food product.
A few simple steps, hints and tips to figure out if it is indeed fake. - By Emily Breuss.

A few simple steps, hints and tips to figure out if it is indeed fake. - By Emily Breuss.
Lesson 11 Using Online Banking. Key Terms Account Transfer – online transfer of money; ex. Savings to checking acct. Fraud – using trickery to convince.

Lesson 11 Using Online Banking. Key Terms Account Transfer – online transfer of money; ex. Savings to checking acct. Fraud – using trickery to convince.
Jason Rich CIS - 158 1.  The purpose of this project is to inform the audience about the act of phishing. Phishing is when fake websites are created.

Jason Rich CIS  The purpose of this project is to inform the audience about the act of phishing. Phishing is when fake websites are created.
Spam and E-Mail. Spam Spam is unwanted e-mail usually meant to sell something to the recipient. If a business or organization with which you are affiliated.

Spam and . Spam Spam is unwanted usually meant to sell something to the recipient. If a business or organization with which you are affiliated.
Phishing – Read Behind The Lines Veljko Pejović

Phishing – Read Behind The Lines Veljko Pejović
August 15 click! 1 Email Basics Kitsap Regional Library.

August 15 click! 1 Basics Kitsap Regional Library.
Basics: Getting Started Uploading and Sharing Videos on YouTube. Basics: Getting Started Uploading and Sharing Videos on YouTube. 1.

Basics: Getting Started Uploading and Sharing Videos on YouTube. Basics: Getting Started Uploading and Sharing Videos on YouTube. 1.
Adding your school email account to your iPad. OS v. 5.0 This tutorial is based on the 5.0 version of the iPad Operating System. If your iPad menu does.

Adding your school account to your iPad. OS v. 5.0 This tutorial is based on the 5.0 version of the iPad Operating System. If your iPad menu does.
Email By Laura Trawin.

By Laura Trawin.
Teach a man (person) to Phish Recognizing email scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.

Teach a man (person) to Phish Recognizing scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.
Radoncssi.org Google based IT infrastructure Alf Siochi.

Radoncssi.org Google based IT infrastructure Alf Siochi.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Managing and Avoiding Junkmail. Junk E-mail  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.

Managing and Avoiding Junkmail. Junk  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.
LEARN THE QUICK AND EASY WAY! VISUAL QUICKSTART GUIDE HTML and CSS 8th Edition Chapter 21: Publishing Your Pages on the Web.

LEARN THE QUICK AND EASY WAY! VISUAL QUICKSTART GUIDE HTML and CSS 8th Edition Chapter 21: Publishing Your Pages on the Web.
ICT Essential Skills. Email (electronic mail) Snail Mail.

ICT Essential Skills. (electronic mail) Snail Mail.

Similar presentations

Ads by Google