Solved

How to identify SPAM/TROJAN email?

Posted on 2013-01-31
10
490 Views
Last Modified: 2013-03-07
Hi Guys,

We have been receiving random emails from legit email addresses. Emails with links and asking you to sign up, etc.

How do we identify them whether or not if this is sender's issues or spam or trojan?

Cheers
Goraek
0
Comment
Question by:goraek
10 Comments
 
LVL 18

Expert Comment

by:suriyaehnop
Comment Utility
For me, any unwanted email to my internal user is consider spam mail. You may check their domain name at mxtoolbox.com and verify if they are listed in any DNSBlacklist
0
 
LVL 2

Author Comment

by:goraek
Comment Utility
Yeah but its coming from yahoo, hotmail, gmail addresses.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
Most spam uses faked email addresses so it isn't really coming from the server it says it is.  Without contacting the person who appears to be sending the email, you can't tell.  You will often find out that they know nothing about it because they didn't really send it.
0
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
First, a decent spam filter will get rid of the majority of such emails. I get none (zero). So do improve the spam filtering.

Second, see if you can see one of the emails in a user's inbox. Ask them not to activate any links. Hover over a link yourself. Almost inevitably you will find a bogus link that will lead you to a site that will hose the computer and steal information.

Third, if the emails are coming from people you know contact them and ask them to fix the problem.

.... Thinkpads_User
0
 
LVL 2

Author Comment

by:goraek
Comment Utility
Cool wat bout the email headers? can u see much from it?
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
If you can get the actual headers, you can work through the IP addressing and sometimes see where the spam originated from. It does not always work, but sometimes does.

Remember, users are gullible, click on dodgy links, and then the spammer uses these computers as spam bots to send out more spam.

Spam is a large scale, criminal operation designed to steal your private information. So they stop at nothing to get into your computer.

... Thinkpads_User
0
 
LVL 16

Expert Comment

by:choward16980
Comment Utility
Your best bet to protect against such spam is reverse DNS lookups and a web filter that would deny any executable code from launching.  I use a combination Barracuda Spam firewall and a watchguard X-Core.  

In 1 year, a company of 40 people, we blocked over 24 million emails.  97.9% was spam.  IF you have a spam problem, I highly recommend purchasing a barracuda. Think about these numbers..  That's 600k emails a user, divided by 2000 hr work year, means each of my users would have to delete 300 spam messages an hr, all year long.....  Insane!  The 2 G's my work shelled out for this thing (500$ annual for updates) was worth every penny.
0
 

Expert Comment

by:angelic_webmaster
Comment Utility
I say be careful, usually if you did not initiate a company to contact you then you should not receive emails from them. The biggest ones that I seem to get are FedEx, UPS, PayPal, and Bank of America emails. Now I do not use B of A, so when I receive that and they say my account has an issue I automatically know, but say you get an email from PayPal and it says to confirm your account and you have not done anything instead of clicking on the link go directly to PayPal.com especially if you did not do anything. Another is fake emails from FedEx and UPS telling you to download a file, if it is in a Zip file - more than likely virus.

Hackers even use fake Facebook emails to get you to give up your password.
0
 
LVL 2

Accepted Solution

by:
goraek earned 0 total points
Comment Utility
Resolved this by adding SPF or TXT in DNS.
0
 
LVL 2

Author Closing Comment

by:goraek
Comment Utility
Added SPF record, all worked!
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
how to add IIS SMTP to handle application/Scanner relays into office 365.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now