Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


How to identify SPAM/TROJAN email?

Posted on 2013-01-31
Medium Priority
Last Modified: 2013-03-07
Hi Guys,

We have been receiving random emails from legit email addresses. Emails with links and asking you to sign up, etc.

How do we identify them whether or not if this is sender's issues or spam or trojan?

Question by:goraek
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 19

Expert Comment

ID: 38841987
For me, any unwanted email to my internal user is consider spam mail. You may check their domain name at and verify if they are listed in any DNSBlacklist

Author Comment

ID: 38842065
Yeah but its coming from yahoo, hotmail, gmail addresses.
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38842105
Most spam uses faked email addresses so it isn't really coming from the server it says it is.  Without contacting the person who appears to be sending the email, you can't tell.  You will often find out that they know nothing about it because they didn't really send it.
Protect Your Retail Business and Reputatio

Wi-Fi access doesn't just impact your business & customer experience, it can also affect your security.  Join us for a webinar on Sept. 28th to learn more about the top threats and trends impacting retail today, and the key solutions to protecting retail networks and reputations.

LVL 98

Expert Comment

by:John Hurst
ID: 38842143
First, a decent spam filter will get rid of the majority of such emails. I get none (zero). So do improve the spam filtering.

Second, see if you can see one of the emails in a user's inbox. Ask them not to activate any links. Hover over a link yourself. Almost inevitably you will find a bogus link that will lead you to a site that will hose the computer and steal information.

Third, if the emails are coming from people you know contact them and ask them to fix the problem.

.... Thinkpads_User

Author Comment

ID: 38842159
Cool wat bout the email headers? can u see much from it?
LVL 98

Expert Comment

by:John Hurst
ID: 38842170
If you can get the actual headers, you can work through the IP addressing and sometimes see where the spam originated from. It does not always work, but sometimes does.

Remember, users are gullible, click on dodgy links, and then the spammer uses these computers as spam bots to send out more spam.

Spam is a large scale, criminal operation designed to steal your private information. So they stop at nothing to get into your computer.

... Thinkpads_User
LVL 16

Expert Comment

ID: 38843798
Your best bet to protect against such spam is reverse DNS lookups and a web filter that would deny any executable code from launching.  I use a combination Barracuda Spam firewall and a watchguard X-Core.  

In 1 year, a company of 40 people, we blocked over 24 million emails.  97.9% was spam.  IF you have a spam problem, I highly recommend purchasing a barracuda. Think about these numbers..  That's 600k emails a user, divided by 2000 hr work year, means each of my users would have to delete 300 spam messages an hr, all year long.....  Insane!  The 2 G's my work shelled out for this thing (500$ annual for updates) was worth every penny.

Expert Comment

ID: 38936315
I say be careful, usually if you did not initiate a company to contact you then you should not receive emails from them. The biggest ones that I seem to get are FedEx, UPS, PayPal, and Bank of America emails. Now I do not use B of A, so when I receive that and they say my account has an issue I automatically know, but say you get an email from PayPal and it says to confirm your account and you have not done anything instead of clicking on the link go directly to especially if you did not do anything. Another is fake emails from FedEx and UPS telling you to download a file, if it is in a Zip file - more than likely virus.

Hackers even use fake Facebook emails to get you to give up your password.

Accepted Solution

goraek earned 0 total points
ID: 38946589
Resolved this by adding SPF or TXT in DNS.

Author Closing Comment

ID: 38961230
Added SPF record, all worked!

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

661 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question