Valentine's Day is a wonderful time to say "I Love You" to those who are close to you. But beware - it's also a high profile holiday for hackers looking to deliver computer viruses through innocent looking e-mail.
Information technology consultants are advising organizations and their employees to be extra vigilant this Valentines Day and take proactive steps to protect themselves from spam.
"Social engineering spam" is a tactic commonly used by virus writers, spammers and hackers, which relies heavily on human interaction and involves tricking other people to break security procedures, often taking advantage of the natural helpfulness of people as well as their weaknesses. Viruses such as the 'Kournikova' and 'I Love You' are classic examples of how the perpetration of viruses can be dramatically increased by exploiting common weaknesses. Once the recipient has opened the e-mail, it can administer its viral payload.
Socially engineered 'Valentine spam' could waste time and disrupt IT infrastructure. E-mail users should think twice before opening e-mail from strangers.
The situation is made worse by the tendency for individuals to forward large amounts of e-cards, screensavers and jokes on Valentines Day. As well as discouraging e-mail users to be vigilant, these attachments cause network congestion and may contain malicious code themselves.
As well as educating users and updating anti-virus patches and e-mail policies, organizations should ensure their IT departments take proactive steps to combat the growing problem of spam - according to Gartner, 34 per cent of e-mail handled by companies is spam. As well as draining productivity, spam compromises network performance and has even be known to contain malicious code capable of corrupting files and disabling computers. Furthermore, the potential cost of just one pornographic spam e-mail finding its way to a sensitive employee or being forwarded from within an organization to a customer or partner can be staggering. Litigation cases involving sexual harassment charges can reach six or even seven figure sums.
The following five-point checklist, provided by Clearswift, provides IT departments with a quick and easy guide to preventing spam:
- Block offenders
- Blacklist services hold information about currently reported spam servers and known offenders.
- IT managers should block servers and IP addresses that have previously sent spam.
- Find out if the sender is real
- Verify that e-mails are sent from valid domains.
- Verify that the sender is able to receive real e-mail as spammers do not wish to receive returned mail.
- Learn the style of messages
- Reject messages with large numbers of recipients in the "To" field as they are likely to be spam.
- Use content analysis to filter out e-mails containing typical spam topics such as dieting advice or loan offers.
- Incorporate predefined spam expression lists, such as "Lose pounds!", into content analysis engines.
- Deploy content analysis across a wide variety of languages as spammers exist across the globe.
- Prevent your site being used to Spam
- Protect yourself from spammers who bounce their e-mails around other organizations servers in order to conceal their identity.
- Prevent malicious Spam
- Protect yourself from e-mail flooding designed to overload and crash the server.
Clearswift is the world's leading provider of software for managing and securing electronic communications. Visit them at www.clearwsift.com.