NEED HELP? Contact the Helpdesk at 847-578-8800 or helpdesk@rosalindfranklin.edu Office Hours: Monday—Friday, 8:30 a.m.—4:30 p.m. Room L. 181
IT Home About IT Services FAQs Technology Purchases
HelixNet Forms Wireless Technology Policies
Don't have Anti-Virus software? Scan your system for free
Safe Computing Security Awareness Videos University Anti-Spam Filter
Definitions
Phishing - Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware.
Here are a few examples of Phishing emails we've received.
Click here to access an interesting educational game produced by Carnegie Mellon to teach people about dangerous links/URLs.
For more information, www.antiphishing.org or microsoft anti-phishing.
Pharming - crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.
SPAM - One of the largest problems we face is the massive amount of unsolicited electronic messages (SPAM) received on a daily basis. What follows is information to address the more common questions about SPAM. Hopefully, this will help you protect yourself more effectively.
- What is SPAM? In a nutshell, it’s the unsolicited messages you receive daily in your inbox – the electronic version of junk mail. Although spam is most commonly associated with receiving large amounts of (advertising) email, it has been around and utilized to abuse electronic communications for a long time.
- Why do we receive it? SPAM is used primarily as low-cost advertising. Sending an email out to thousands of recipients is cheap and relatively easy to accomplish. Even a minimal amount of responses could fully recover any costs to the advertiser making it very cost effective.
- Is SPAM harmful to my computer? It can be. Many spammers are involved in pornography, casinos, Nigerian scams, etc. Although most spam is used for advertising, it can contain infected attachments or lead you to a web site that is infected. Email infected with viruses and Trojans are often propagated through spam, but not all spam is infected.
- How did they get my email address? There are numerous ways for gathering email addresses, some of the more common are: harvesting from Usenet postings or web pages, guessing common names like admin or webmaster, collecting lists from 3rd party sources, etc. In some cases, you may have given them your address, intentionally or inadvertently. When you use your University email account to “register” on a web site, you’ve given them permission to email you. If that information is shared (voluntarily or otherwise) with “partner” sites, the likelihood of spam increases exponentially (a pyramid scheme of sorts).
- Why the increase recently? It takes a while for new domains (like rosalindfranklin.edu) to become common knowledge to search engines or the Internet as a whole. Many spam perpetrators use programs called “bots” or “spiders” that will systematically search web pages for email addresses (essentially anything with an @ sign). Once the domain is recognized, it becomes fair game from which they can harvest information.
- Why can’t we stop it? There are a number of ways to reduce the effects of SPAM. There are hosted services with which an organization can contract to filter inbound email messages. Hardware appliances or software applications can be purchased by an organization to filter any unwanted email locally. Legislation is another avenue being approached (Can Spam Act of 2003), however its effectiveness has yet to be determined.
- What is the University doing to address the issue? The Information Technology Department has been reviewing products for the past few months and will continue to do so until an acceptable solution is found. Protection from email and/or attachments containing malicious code will continue both at the email gateway and through the use of an anti-virus application loaded on your desktop computer.
- What can I do personally? The first step is to use University assets for University business and personal assets for personal use. Additionally, use rules in your email client (Outlook or Entourage) to help filter unwanted email into a separate folder that can be reviewed and discarded less frequently than your normal messages.
For more information about SPAM, please visit Wikipedia (http://en.wikipedia.org/wiki/Spam_%28electronic%29) or the Federal Trade Commission (http://www.ftc.gov/spam/).
Virus - A virus is a manmade program or piece of code that causes an unexpected, usually negative, event. Viruses are often disguised games or images with clever marketing titles such as "Me, nude."
Worm - Computer Worms are viruses that reside in the active memory of a computer and duplicate themselves. They may send copies of themselves to other computers, such as through email or Internet Relay Chat (IRC).
Trojan Horse - A Trojan horse program is a malicious program that pretends to be a benign application; a Trojan horse program purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but Trojan horse programs can be just as destructive. Many people use the term to refer only to non-replicating malicious programs, thus making a distinction between Trojans and viruses.
Look up more definitions in Symantec's Glossary.