Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to identify SPAM/TROJAN email?

Posted on 2013-01-31
10
Medium Priority
?
505 Views
Last Modified: 2013-03-07
Hi Guys,

We have been receiving random emails from legit email addresses. Emails with links and asking you to sign up, etc.

How do we identify them whether or not if this is sender's issues or spam or trojan?

Cheers
Goraek
0
Comment
Question by:goraek
10 Comments
 
LVL 19

Expert Comment

by:suriyaehnop
ID: 38841987
For me, any unwanted email to my internal user is consider spam mail. You may check their domain name at mxtoolbox.com and verify if they are listed in any DNSBlacklist
0
 
LVL 2

Author Comment

by:goraek
ID: 38842065
Yeah but its coming from yahoo, hotmail, gmail addresses.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38842105
Most spam uses faked email addresses so it isn't really coming from the server it says it is.  Without contacting the person who appears to be sending the email, you can't tell.  You will often find out that they know nothing about it because they didn't really send it.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 99

Expert Comment

by:John Hurst
ID: 38842143
First, a decent spam filter will get rid of the majority of such emails. I get none (zero). So do improve the spam filtering.

Second, see if you can see one of the emails in a user's inbox. Ask them not to activate any links. Hover over a link yourself. Almost inevitably you will find a bogus link that will lead you to a site that will hose the computer and steal information.

Third, if the emails are coming from people you know contact them and ask them to fix the problem.

.... Thinkpads_User
0
 
LVL 2

Author Comment

by:goraek
ID: 38842159
Cool wat bout the email headers? can u see much from it?
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 38842170
If you can get the actual headers, you can work through the IP addressing and sometimes see where the spam originated from. It does not always work, but sometimes does.

Remember, users are gullible, click on dodgy links, and then the spammer uses these computers as spam bots to send out more spam.

Spam is a large scale, criminal operation designed to steal your private information. So they stop at nothing to get into your computer.

... Thinkpads_User
0
 
LVL 16

Expert Comment

by:Chris H
ID: 38843798
Your best bet to protect against such spam is reverse DNS lookups and a web filter that would deny any executable code from launching.  I use a combination Barracuda Spam firewall and a watchguard X-Core.  

In 1 year, a company of 40 people, we blocked over 24 million emails.  97.9% was spam.  IF you have a spam problem, I highly recommend purchasing a barracuda. Think about these numbers..  That's 600k emails a user, divided by 2000 hr work year, means each of my users would have to delete 300 spam messages an hr, all year long.....  Insane!  The 2 G's my work shelled out for this thing (500$ annual for updates) was worth every penny.
0
 

Expert Comment

by:angelic_webmaster
ID: 38936315
I say be careful, usually if you did not initiate a company to contact you then you should not receive emails from them. The biggest ones that I seem to get are FedEx, UPS, PayPal, and Bank of America emails. Now I do not use B of A, so when I receive that and they say my account has an issue I automatically know, but say you get an email from PayPal and it says to confirm your account and you have not done anything instead of clicking on the link go directly to PayPal.com especially if you did not do anything. Another is fake emails from FedEx and UPS telling you to download a file, if it is in a Zip file - more than likely virus.

Hackers even use fake Facebook emails to get you to give up your password.
0
 
LVL 2

Accepted Solution

by:
goraek earned 0 total points
ID: 38946589
Resolved this by adding SPF or TXT in DNS.
0
 
LVL 2

Author Closing Comment

by:goraek
ID: 38961230
Added SPF record, all worked!
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question