What is spam?
Spam is the term used to describe the electronic equivalent of junk mail, basically it is unsolicited mass email.
Why do people send spam?
In short, because it works. It is a cheap way to:
- Unscrupulously mass market products and services.
- Deliver viruses and other malware.
- Use social engineering for phishing or identity theft.
- Engage in criminal activity.
What is phishing?
Phishing is the term used for the process of attempting to acquire sensitive or personal information by fraudulent means such as your username and password or bank account details.
How did they get my email address?
There are a number of key ways:
- If your address is listed anywhere on a web page, blog, newsgroup or forum that is internet accessible, it can be harvested by automated software. Your address will likely be included in a list and sold to spammers.
- When you fill in surveys, competitions or other forms, you may be unknowingly giving permission to share your address.
- Guesswork. Spammers will often send out emails using a process similar to a dictionary attack. If the spammer gets a reply, either by a vacation rule or due to a delivery receipt, the spammers will know the address was valid. Confirmation of delivery can also be achieved by including links to a HTML image with a URL that includes your email address. If you open the email and the image is displayed, the spammer will know.
What is being done to stop all this spam?
Spam filters have been implemented to reduce the number of spam emails that end up in your mailbox. At present these filters block between 85% and 97% of all email as spam.
Why am I still getting so much spam?
No solution is currently 100% effective, however the use of “Allow Lists” is the single most contributing factor to spam getting through. While it may seem like a good idea to add the Universities email addresses to your allow list, doing so would leave you exposed to large amounts of spoofed email/spam.
What is spoofed email?
Quite simply this is email which incorrectly claims to have come from a particular sender. Most spam is spoofed in that it doesn’t really come from who it claims to have come from.
Can’t you stop email that fraudulently claims to be from the University?
While we can tell if an email originates from within our network, if we were to block those that don’t we could potentially block lots of legitimate email from external mailing lists, outsourced applications and from staff and students who send mail from their home ISP or while travelling.
Why am I getting emails that don’t appear to be addressed to me?
The address used to deliver the email is contained within the smtp envelope headers, these can be different from the email headers that you can see from your email client. It is not possible for you to see the actual routing addresses given to the mail server. If you got the email, you can be rest assured that the mail server was instructed to deliver it to you even though your address does not appear in the headers that you can see.
I didn’t get an email that someone has sent to me, what can I do?
First check that the email address it was sent to was correct, and that the sender didn’t get any bounce notification. If the email address was correct, contact the ITS Service Desk and provide them with the following details so we can follow it up: Senders email address, recipients email address and the date/time it was sent.