Cochrane
Telecom Services
|
Cochrane
Telecom Services
|
|
Today's Weather
Town of Cochrane
|
E-mail Spoofing and Phishing
Note: Neither Cochrane Telecom Services (CTS), nor ONTERA will send e-mails asking its customers for usernames, passwords or asking its customers to open email attachments. If you receive an email that was sent from someone @puc.net or @ontera.net asking for personal information or asking you to open an e-mail attachment, please read the information below on how to report these activities to ONTERA’s abuse department. If you are not sure on the legitimacy of an e-mail message sent from a puc.net customer, contact CTS at 272-4232 or ONTERA at 1-800-667-0053. Spoofing:Spoofing is when an e-mail message appears to come from a legitimate source but in fact is from an impostor. E-mail spoofing can be used for malicious purposes such as spreading viruses, trawling for sensitive business data and other industrial espionage activities. If you receive a snail mail letter, you look to the return address in the top left corner as an indicator of where it originated. However, the sender could write any name and address there; you have no assurance that the letter really is from that person and address. E-mail messages contain return addresses, too – but they can likewise be deliberately misleading, or “spoofed.” Senders do this for various reasons, including:
Here is an example of a spoofed email made out to look like it originated from administrator@puc.net
As you can see, the email looks like it comes from administrator@puc.net , but no such user exists. The subject makes it seem important, enticing the email recipient to quickly open the file attachment and complete the form to avoid ‘interrupting your account records’. Unfortunately, the attachment named info-text.zip contains the W32.Mydoom.BU@mm virus which is a mass-mailing worm that uses its own SMTP engine to send an email to addresses that it gathers from the compromised computer and that has back door capabilities. Basically, the virus finds e-mail addresses on your computer and sends copies of itself off to those people on behalf of you, thus continuing the spread of infection! Some of the spoofed emails that have been circulating are being sent from users such as: With subjects such as: - Important Notification - Notice **Last Warning** - Notice of account limitation - Account Alert - *WARNING* Your Email Account will be closed - *DETECTED* Online User Violation - Online User Violation - Your Email Account is suspended for security reasons - Security measures If you receive such an email, please keep reading to find out how to report it to Ontera’s abuse department. What to do if you receive a suspicious email:The only way of putting a stop to spoofing activities is to report them to the proper authorities on the Internet. Every e-mail message contains information on the origins of the message and which computers the message passed through. This information is extremely valuable in tracing the origins of these emails. Below are instructions for the most commonly used e-mail client software on how you can help put a stop to these annoying and potentially disastrous email messages. Macintosh Entourage (Office X for Mac) Outlook Express 4.5 & 6 for Windows
Eudora
1. Open the offending email. 2. Under the title bar are four option buttons. The third one from the left is a box that says “Blah, Blah, Blah.” Click on the box to display the full headers. 3. Place your cursor in the area where the header information is displayed. 4. Press CTRL+A (i.e., hold down the Control Key while pressing the A). This will highlight all of the text. 5. Press CTRL+C to copy the highlighted text. 6. Close the header information display. 7. Choose to Forward the email TO: abuse@ontera.net. 8. Add “Header Info” to the end of the SUBJECT line. 9. Once your cursor is in the body of the email, press CTRL+V. This will paste the information copied in step 5 above into the body of the email. 10. Send the email.
Macintosh Entourage (Office X for Mac) 1. Open the offending email. 2. Choose View > Source. A new window will open showing the full message source with complete headers. 3. Place your cursor in the area where the header information is displayed. 4. Press CTRL+A (i.e., hold down the Control Key while pressing the A). This will highlight all of the text. 5. Press CTRL+C to copy the highlighted text. 6. Close the header information display. 7. Choose to Forward the email TO: abuse@ontera.net. 8. Add “Header Info” to the end of the SUBJECT line. 9. Once your cursor is in the body of the email, press CTRL+V. This will paste the information copied in step 5 above into the body of the email. 10. Send the email.
Netscape Messenger 4.X 1. Open the offending email. 2. Choose View > Headers > All 3. Place your cursor in the area where the header information is displayed. 4. Press CTRL+A (i.e., hold down the Control Key while pressing the A). This will highlight all of the text. 5. Press CTRL+C to copy the highlighted text. 6. Close the header information display. 7. Choose to Forward the email TO: abuse@ontera.net. 8. Add “Header Info” to the end of the SUBJECT line. 9. Once your cursor is in the body of the email, press CTRL+V. This will paste the information copied in step 5 above into the body of the email. 10. Send the email.
Netscape Messenger 6.X 1. Open the offending email. 2. Choose View > Message Source. 3. Place your cursor in the area where the header information is displayed. 4. Press CTRL+A (i.e., hold down the Control Key while pressing the A). This will highlight all of the text. 5. Press CRTL+C to copy the highlighted text. 6. Close the header information display. 7. Choose to Forward the email TO: abuse@ontera.net. 8. Add “Header Info” to the end of the SUBJECT line. 9. Once your cursor is in the body of the email, press CTRL+V. This will paste the information copied in step 5 above into the body of the email. 10. Send the email.
Outlook Express 4, 5 and 6 for Windows 1. Open the offending email. 2. Choose File > Properties. 3. Click on the Details Tab. 4. Click on the Message Source button, which opens a text window with the full headers and full plain-text message body displayed. 5. Place your cursor in the area where the header information is displayed. 6. Press CTRL+A (i.e., hold down the Control Key while pressing the A). This will highlight all of the text. 7. Press CRTL+C to copy the highlighted text. 8. Close the header information display. 9. Choose to Forward the email TO: abuse@ontera.net. 10. Add “Header Info” to the end of the SUBJECT line. 11. Once your cursor is in the body of the email, press CTRL+V. This will paste the information copied in step 7 above into the body of the email. 12. Send the email.
Outlook Express for Macintosh 1. Open the offending email. 2. Choose View >Source. A new window will appear containing the email with full headers. 3. Place your cursor in the area where the header information is displayed. 4. Press CTRL+A (i.e., hold down the Control Key while pressing the A). This will highlight all of the text. 5. Press CRTL+C to copy the highlighted text. 6. Close the header information display. 7. Choose to Forward the email TO: abuse@ontera.net. 8. Add “Header Info” to the end of the SUBJECT line. 9. Once your cursor is in the body of the email, press CTRL+V. This will paste the information copied in step 7 above into the body of the email. 10. Send the email.
Outlook 98 and 2000 1. Open the offending email. 2. Choose View > Options. You see the message headers in a box at the bottom of the window. 3. Place your cursor in the area where the header information is displayed. 4. Press CTRL+A (i.e., hold down the Control Key while pressing the A). This will highlight all of the text. 5. Press CRTL+C to copy the highlighted text. 6. Close the header information display. 7. Choose to Forward the email TO: abuse@ontera.net. 8. Add “Header Info” to the end of the SUBJECT line. 9. Once your cursor is in the body of the email, press CTRL+V. This will paste the information copied in step 5 above into the body of the email. 10. Send the email.
Pegasus Mail 1. Open the offending email. 2. Under the title bar are four option buttons. The third one from the left is a box that says “Blah, Blah, Blah.” Click on the box to display the full headers. 3. Place your cursor in the area where the header information is displayed. 4. Press CTRL+A (i.e., hold down the Control Key while pressing the A). This will highlight all of the text. 5. Press CRTL+C to copy the highlighted text. 6. Close the header information display. 7. Choose to Forward the email TO: abuse@ontera.net. 8. Add “Header Info” to the end of the SUBJECT line. 9. Once your cursor is in the body of the email, press CTRL+V. This will paste the information copied in step 5 above into the body of the email. 10. Send the email.
Unix programs (Pine) 1. Open the offending email. 2. Press h. This turns on the display of full headers. 3. Place your cursor in the area where the header information is displayed. 4. Press CTRL+A (i.e., hold down the Control Key while pressing the A). This will highlight all of the text. 5. Press CRTL+C to copy the highlighted text. 6. Close the header information display. 7. Choose to Forward the email TO: abuse@ontera.net. 8. Add “Header Info” to the end of the SUBJECT line. 9. Once your cursor is in the body of the email, press CTRL+V. This will paste the information copied in step 5 above into the body of the email. 10. Send the email. Never trust an Internet Mail Header 100%Unfortunately, sophisticated spammers and other malicious persons know how to falsify most of the header information before you receive it. Since they can use a false name, a false "From" address, a false IP origination address, and a false "Received from" line in the header, this means every single element that should be traceable in the header could be false and therefore useless for identifying the spammer. This makes the header unreliable for determining the network path and difficult or impossible to determine the true sender. How can this happen? Well, when the rules for mail transfer (SMTP) were developed in the early 80s, we lived in a more trusting world than is the case today. Even so, it is still important to notify Ontera about the on going spoofing activities so that the situation can be monitored. Steps to Reduce the Risk of Spoofing: - Don’t open any attachments unless you are sure they’re from a trusted source (if unsure, delete the message.) - Don't click on a URL link within a suspicious email message. - Install and run an anti-virus program such as McAfee VirusScan or Norton Antivirus - Set this program to auto-update daily - Set up your computer to automatically download Windows updates - Employ a personal firewall PhishingA form of Identity Theft - typically an e-mail is sent to you that looks like it comes from a legitimate company (E-Bay has been a typical target) telling you that you must update your records and verify your username and password. The site is really a place to collect that information from you and steal your identity, money, records and whatever they can. Knowledge is the most effective preventive mechanism today - Legitimate companies do not ask. “Phishing” – the practice of attempting to obtain users’ credit card or online banking information, often incorporates e-mail spoofing. For example, a “phisher” may send e-mail that looks as if it comes from the bank’s or credit card’s administrative department, asking the user to log onto a Web page (which purports to be the bank’s or credit card company’s site but really is set up by the “phisher”) and enter passwords, account numbers, and other personal information. Whatever the motivation, the objective of spoofed mail is to hide the real identity of the sender. This can be done because the Simple Mail Transfer Protocol (SMTP) does not require authentication (unlike some other, more secure protocols). A sender can use a fictitious return address or a valid address that belongs to someone else. Receiving mail from spoofed addresses ranges from annoying to dangerous (if you’re taken in by a “phisher”). Having your own address spoofed can be even worse. If a spammer uses your address as the return address, you may suddenly find yourself inundated with angry complaints from recipients or even have your address added to “spammer” lists that results in your mail being banned from many servers. Every single Internet e-mail message is made up of two parts--the header and the message body. Knowing how to check an Internet header can for example come in handy, if you’re tracing who the original sender of a spoofed e-mail message is, or just to see if a given e-mail message actually is spoofed. Every single e-mail you received from other organizations on the Internet contains an Internet Header. A valid Internet e-mail header provides a detailed log of the network path taken by the message between the mail sender and the mail receiver(s), this Internet mail header can sometimes be quite long depending on the network path between sender and receiver. If you believe an e-mail message to be suspicious, contact them to verify (just do not reply to the e-mail!). Remember, your bank, credit card company, Internet Service Provider, etc... would not ask for this kind of information, they should already have it! |
Send mail to feedback@puc.net with
questions or comments about this web site.
|
