Solved

How to identify SPAM/TROJAN email?

Posted on 2013-01-31
10
497 Views
Last Modified: 2013-03-07
Hi Guys,

We have been receiving random emails from legit email addresses. Emails with links and asking you to sign up, etc.

How do we identify them whether or not if this is sender's issues or spam or trojan?

Cheers
Goraek
0
Comment
Question by:goraek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 19

Expert Comment

by:suriyaehnop
ID: 38841987
For me, any unwanted email to my internal user is consider spam mail. You may check their domain name at mxtoolbox.com and verify if they are listed in any DNSBlacklist
0
 
LVL 2

Author Comment

by:goraek
ID: 38842065
Yeah but its coming from yahoo, hotmail, gmail addresses.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38842105
Most spam uses faked email addresses so it isn't really coming from the server it says it is.  Without contacting the person who appears to be sending the email, you can't tell.  You will often find out that they know nothing about it because they didn't really send it.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 95

Expert Comment

by:John Hurst
ID: 38842143
First, a decent spam filter will get rid of the majority of such emails. I get none (zero). So do improve the spam filtering.

Second, see if you can see one of the emails in a user's inbox. Ask them not to activate any links. Hover over a link yourself. Almost inevitably you will find a bogus link that will lead you to a site that will hose the computer and steal information.

Third, if the emails are coming from people you know contact them and ask them to fix the problem.

.... Thinkpads_User
0
 
LVL 2

Author Comment

by:goraek
ID: 38842159
Cool wat bout the email headers? can u see much from it?
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 38842170
If you can get the actual headers, you can work through the IP addressing and sometimes see where the spam originated from. It does not always work, but sometimes does.

Remember, users are gullible, click on dodgy links, and then the spammer uses these computers as spam bots to send out more spam.

Spam is a large scale, criminal operation designed to steal your private information. So they stop at nothing to get into your computer.

... Thinkpads_User
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38843798
Your best bet to protect against such spam is reverse DNS lookups and a web filter that would deny any executable code from launching.  I use a combination Barracuda Spam firewall and a watchguard X-Core.  

In 1 year, a company of 40 people, we blocked over 24 million emails.  97.9% was spam.  IF you have a spam problem, I highly recommend purchasing a barracuda. Think about these numbers..  That's 600k emails a user, divided by 2000 hr work year, means each of my users would have to delete 300 spam messages an hr, all year long.....  Insane!  The 2 G's my work shelled out for this thing (500$ annual for updates) was worth every penny.
0
 

Expert Comment

by:angelic_webmaster
ID: 38936315
I say be careful, usually if you did not initiate a company to contact you then you should not receive emails from them. The biggest ones that I seem to get are FedEx, UPS, PayPal, and Bank of America emails. Now I do not use B of A, so when I receive that and they say my account has an issue I automatically know, but say you get an email from PayPal and it says to confirm your account and you have not done anything instead of clicking on the link go directly to PayPal.com especially if you did not do anything. Another is fake emails from FedEx and UPS telling you to download a file, if it is in a Zip file - more than likely virus.

Hackers even use fake Facebook emails to get you to give up your password.
0
 
LVL 2

Accepted Solution

by:
goraek earned 0 total points
ID: 38946589
Resolved this by adding SPF or TXT in DNS.
0
 
LVL 2

Author Closing Comment

by:goraek
ID: 38961230
Added SPF record, all worked!
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EXCH2013 Public Folder creation 1 50
Office 365:  Hybrid without everyone DirSync 5 70
Powershell command to propagate Inbox subfolders 4 31
Office 365 Spam 3 33
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Read this checklist to learn more about the 15 things you should never include in an email signature.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question