You’re already working long hours. Covid-19 is not letting up and your team is running on empty. Now you need to mitigate yet another virus of a different kind. If you are hoping to escape a ransomware attack and its extreme financial impact (an average of $8,500/hour of downtime), the following are essential and easy-to-follow tips with which to arm IT and general Healthcare administrators.
Read the rest of this post »
I just got junk email … from me!
It is surprisingly common for users to receive Spam email messages that appear to come from their own address (i.e. “joe@domain.com” gets a Spam email addressed so it appears to be from “joe@domain.com”). We discussed this issue tangentially in a previous posting: Bounce Back & BackScatter Spam – “Who Stole My Email Address”? However, many users wonder how this is even possible, while others are concerned if their Spam filters are not catching these messages.
The way that email works at a fundamental level, there is very little validation performed on the apparent identity of the “Sender” of an email. Just as you could mail a letter at the post office and write any return address on it, a Spammer can compose and send an email address with any “From” email address and name. This is in fact extremely easy to do, and Spammers use this facility with almost every message that they send.
Read the rest of this post »
The Internet is rife with fake and forged email. Typically these are email messages that appear to be from a friend, relative, business acquaintance, or vendor that ask you to do something. If you trust that the message is really from this person, you are much more likely to take whatever action is requested — often to your detriment.
These are forms of social engineering — the “bad guys” trying to establish a trusted context so that you will give them information or perform actions that you otherwise would not or should not do.
Here we address some of the actions you can take to protect yourself from these attacks as best as possible. We’ll present these in the order of increasing complexity / technical difficulty.
Read the rest of this post »
“GrayMail” sounds like either some shriveled up husk of an email message, or the undead ghost of messages coming back to haunt me. Both concepts are not far off the mark.
Spam is easy to define – mail that you do not want and have never asked to receive.
GrayMail is legitimate bulk mail that was requested by you in the past (even if you don’t remember doing so), but which you no longer want. Graymail is generally not considered spam, yet
it represents a significant nuisance and often the unsubscribe options provided fail to work (or you may not want to use “unsubscribe” as you are afraid of inviting more unwanted email).
Read the rest of this post »
LuxSci’s outbound email content monitoring service now permits use of Perl regular expressions in the specifications of the content. This provides administrators the ability to match content patterns (like social security numbers, account numbers, etc.), rather than just keywords and phrases.
