1. ICASAS206A Detect and protect from spam and destructive software Identify and Stop Spam Warren Toomey North Coast TAFE Port Macquarie campus

2. Spam: Unsolicted Messages Spam is the use of electronic messaging systems to send unsolicited bulk messagesSpam Mainly e-mail, also Facebook, Twitter, forums, wikis, blogs etc. ▫UCE: unwanted commercial e-mails ▫Not just commercial, often malware vector Viable: cheap to send messages, use of botnets Purpose: ▫Send users to websites (collect personal information), spread malware, sucker users in on pyramid schemes

3. Spam Terms (Wikipedia) Phishing: attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entityPhishing Botnet: collections of computers on the Internet configured to collectively perform a task, e.g. send spamBotnet E-mail harvesting: process of obtaining lists of email addresses using various methods for use in bulk email or other purposes usually grouped as spamE-mail harvesting

4. Spam: Legislation US: CAN-SPAM Act 2003CAN-SPAM Act 2003 Australia: SPAM Act 2003SPAM Act 2003 Our legislation covers commercial messages The sender must: 1.Have the consent of the receiver, either direct or implied via an existing business relationship 2.Accurately identify the sender of the spam 3.Have an unsubscribe option that must come into effect within 5 days Doesn’t cover international senders, non- commercial messages

5. E-mail Spam: Percentages Most of the e-mail sent is spam 2012 and 1 st half of 2013 – Kaspersky Labs

6. E-mail Spam: Country of Origin

7. Spam Characteristics: Unknown Sender Trying to sell products: equipment, pharmaceuticals etc. May involve money: I have $50M to shift Poor grammar, badly laid out Inconsistent mail headers ▫But too technical to delve into here Lots of links for you to click on Asks you to unsubscribe ▫If you do, it confirms your address is valid

8. Spam Characteristics: “Known” Sender Trusted entity (e.g. bank) or a friend Trusted entity: your account has been frozen, please click on this link to reset your password ▫Wants you to perform action based on trust E-mail from “friend” ▫Is vague, doesn’t say anything to prove they know you ▫Friend is in trouble, can you help them out, e.g. by sending them money ▫Or, click here, this is a great video of XYZ….

9. Other Spam: Instant Messaging Spim: instant messaging spamSpim Use of IM systems to send spam: Facebook, Twitter, AIM, Yahoo, AOL etc. Spim will probably overtake spam ▫Next generation uses e-mail less, IM more Click fraud: deliver hyperlinks that can be easily clicked on to direct users to malicious websites

10. Other Spam: SMS & MMS Unwanted messages through SMS or MMS (multimedia messages) on your ‘phone Can cost you to receive them (e.g. roaming) Replies to them can cost a lot ▫Premium phone numbers You may “subscribe” to a service, and then get charged for each message they send to you Can be very hard to unsubscribe

11. Fighting Spam There is no silver bullet for this You can never reach 0% incoming spam However, you can minimise it This requires a combination of technology and intelligence on your part Technology by itself is not enough!

12. Fighting Spam: Technology Use filtering software ▫Looks at message content and labels as spam/not spam. Sometimes accurate, sometimes not Use anti-virus software, keep it updated Use a personal firewall Keep your security patches up to date Whitelisting, blacklisting, greylistingblacklistinggreylisting ▫Each one has pros and cons

13. Fighting Spam: Intelligence Choose password that are not easy to guess Protect your e-mail address ▫Be careful who you give it to ▫Use Bcc when sending messages to lots of people ▫Don’t respond to spam, watch “unsubscribe” links ▫Watch web forms: collecting your personal data ▫Use multiple disposable e-mail addresses Don’t click on links in messages ▫Reach and check the link details ▫Type in by hand if necessary

14. Fighting Spam: Intelligence Protect your mobile number ▫Don’t send “free ringtones” to your phone ▫Be careful who you give your number to on-line Read terms & conditions: what on-line companies can do with your details Stay on top of current scams: www.scamwatch.gov.au www.scamwatch.gov.au Don’t open attachments! Don’t unsubscribe Don’t trust e-mail details: sender, subject line Report suspicious e-mails, especially bank ones

15. Who to Report Spam To? ACMA: Forward the message to the Spam Intelligence Database at report@submit.spam.acma.gov.au. report@submit.spam.acma.gov.au If spam say it’s from a trusted entity (e.g. a bank) then report it to them, to help other people If you think someone in your organisation has had their address book compromised, report it to the IT staff

16. Activity Login to your e-mail service here, or at home Research what spam filtering and spam detection mechanisms are available Configure your e-mail system to detect spam Look through your junk mail folder ▫Read through some spam messages ▫Assess why they should be considered as spam