Inside Iowa State

August 26, 2005

The changing face of spam

By Samantha Beres

Someone dies in a plane crash, that someone was stinkin' rich, a ridiculous amount of money is trapped in a bank somewhere. You could stand in as next of kin to help collect the money and cash in yourself.

Yeah right.

Most of us have seen these spam e-mails and by now, most of us can smell spam a mile away. But spam in the last year has taken on a new face. E-mails seemingly from banks, e-retailers and credit card companies are getting through. If it looks like e-mail from say, a bank that you hold an account with, you might at least pause before hitting the delete button.

These spam e-mails are called "phishing schemes." Here's how they operate. Scammers cast a line by sending an e-mail that looks like it's from a legit company, logo and all. Some companies the spammers are impersonating are PayPal, eBay, Amazon.com, Comcast, Bank of America and Wells Fargo.

The e-mail might read like this: "Your records are out of date. Please update them immediately to restore your account." Victims bite, go to the Web site and enter personal information, like Social Security numbers or account numbers, which then are stolen.

Mike Bowman, Director of IT Security and Policies, said in general financial institutions just aren't going to ask you to provide account information through the Web. When you get a suspicious e-mail, or one that you just weren't expecting, he said, "Question it. If you're still unsure, contact the financial institution directly. You make the contact as opposed to letting someone contact you."

The lines of defense at ISU against spam, he said, are two-fold. About a year ago, Information Technology Services activated a new spam tactic called "greylisting," in which the ISU server refuses outside e-mail deliveries. A legitimate mail server will get the refusal note and try to resend the message. On the second try, the ISU mail server completes delivery. If the original mail server is a spamming machine, it likely is not set up to resend the message.

"Greylisting is still successful in terms of not accepting a large volume of spam," Bowman said. Since greylisting, junk mail at Iowa State has been reduced by the millions.

The second line of defense is for computer users to filter and delete. Filtering systems take about 15 minutes to set up and will send suspicious e-mails to a designated folder. Then, computer users can zip through the folder just to make sure there are no false-positives and delete the spam.

Attachments are dangerous

It's usually safe to open an e-mail, Bowman said, but opening attachments or clicking on a link to visit Web sites promoted in suspicious e-mail could open the door for viruses or other malicious activity.

Another action that spam receivers can take these days is to visit the Anti-Phishing Working Group Web site at http://www.antiphishing.org/. The site has a list of reported phishing schemes and can be used to report phishing e-mails.

For more information on spam and directions on how to set up filters, visit http://www.it.iastate.edu/spam.

Spam in the last year has taken on a new face. E-mails from banks, e-retailers and credit card companies are getting through. These spam e-mails are called "phishing schemes."