Exchange & Outlook UPDATE, Exchange Edition, April 7, 2005

This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Exchange & Outlook UPDATE.

Is Your Exchange/Outlook FAX Integrated?

http://www.faxback.com/landing/office.html

Saving Time and Money with Network Faxing

http://www.windowsitpro.com/whitepapers/esker/networkfaxing/index.cfm?code=exchnl_0407

C2C: Exchange Discovery, Content & Policy Management

http://www.c2c.com/site/products/active_evaluate.asp

===============

1. Commentary - Defending Against Phishing Attacks 2. Peer to Peer - Featured Thread: Creating Recurring Appointments - Outlook Tip: Controlling Custom Message Form Autosignatures 3. New and Improved - Wirelessly Synch Data

==========

~~~~ Sponsor: FaxBack ~~~~ Is Your Exchange/Outlook FAX Integrated? Receive a Starbuck's gift card when you register to listen to our archived webinar on "Integrating FAX into Microsoft Outlook and Office Environments." Also receive a complimentary whitepaper to learn more fax integration. http://www.faxback.com/landing/office.html

==========

Editor's note: Share Your Exchange Discoveries and Get $100 Share your Exchange Server and Outlook discoveries, comments, or problems and solutions for use in the Exchange & Outlook Administrator print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected]. We edit submissions for style, grammar, and length. If we print your submission, you'll get $100.

==========

==== 1. Commentary: Defending Against Phishing Attacks ==== by Paul Robichaux, Exchange Editor, [email protected]
Near my home is a medium-sized river that's a popular fishing spot. Small boats are fairly common on the river, but most of the hopeful anglers stand in the river in hip waders, trying to catch pike or walleye. Unfortunately, fishermen aren't the only people dangling bait these days. A growing number of criminals are sending out fake email messages in a process known as phishing.

The Anti-Phishing Working Group (APWG--http://www.antiphishing.org ) has a succinct definition of phishing that's worth citing: "Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' emails to lead consumers to counterfeit Web sites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords, and social security numbers. Hijacking brand names of banks, e-retailers, and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Pharming crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning." I'm amazed that any user would actually fall for an email message that says, "Your account's been compromised, so please log in." But people do fall for these schemes--and in record numbers. "Information Week" estimates that between 3 percent and 5 percent of users who receive a phishing email message actually go to the bogus Web site and provide at least some personal information. Estimates of the financial losses these attacks cause are hard to come by, but late last month the US Federal Trade Commission (FTC) settled with Zachary Hill, a Texas phisher who bilked about 400 people out of a total of more than $125,000. The APWG estimates that in February 2005 more than 2600 active phishing sites (with an average lifetime of 5 days per site) were in use. You can apply a variety of phishing countermeasures, and more are on the way. The biggest hope probably lies in the Sender Policy Framework (SPF) standard and Microsoft's Sender ID (see "Sender ID: Back From the Grave" at http://www.windowsitpro.com/article/articleid/44353/44353.html ), which provides verification that the actual sender of a message matches the domain that the message claims to be from. Microsoft is committed to introducing support for Sender ID in Exchange 2003 Service Pack 2 (SP2), a move that will undoubtedly speed its adoption. In the meantime, several antispam vendors have introduced antiphishing features in their products. Barracuda Networks, Tumbleweed Communications, and other vendors use systems that rely on user reports of phishing messages to mark similar messages as phish-y; filters that use techniques such as Spam URL Realtime Block Lists (SURBL) to mark messages that contain "bad" URLs might also help catch such messages. Ultimately, the most significant countermeasure is educating your users--and friends, relatives, neighbors, and other people to whom you provide ad hoc advice or technical support--about these messages. The majority of phishing messages claim to be from only five or six companies, such as eBay, Citibank, PayPal, and Wells Fargo, that never send out security notifications via email. Apart from the financial losses, the recent tendency of phishing sites to install crimeware on users' computers poses a worrisome long-term threat because infected home machines might not be detected for some time, and those machines can introduce problems into your corporate network. On an unrelated note, the ballot for Windows IT Pro's annual Readers' Choice awards is now live. Here's your chance to reward companies that provide excellent products and the best overall services. The September 2005 issue of Windows IT Pro will feature the winners. Click here to vote: http://www.windowsitpro.com/readerschoice

==========

~~~~ Sponsor: Esker Software ~~~~ Saving Time and Money with Network Faxing Despite the rise of e-mail and the Internet, fax continues to be an important means of business communication. Organizations can save significantly on long distance costs, increase worker productivity, and streamline their business processes simply by connecting a fax server to their local area network. In this free white paper, you'll understand the specific cost savings, security benefits, and productivity enhancements of implementing a fax server solution including the V.34 fax standard and how it can contribute to further productivity gains and cost reductions. Get this white paper now! http://www.windowsitpro.com/whitepapers/esker/networkfaxing/index.cfm?code=exchnl_0407

==========

==== Events and Resources ==== (A complete Web and live events directory brought to you by Windows IT Pro: http://www.windowsitpro.com/events ) Meet the Risks of Instant Messaging Head On in This Free Web Seminar Don't overlook IM in your compliance planning. Attend this free Web seminar and learn how to minimize IM's authentication and auditability risks and prevent security dangers. You'll also receive a list of the top requirements to consider when choosing a secure IM solution. Sign up now! http://www.windowsitpro.com/seminars/instantmessaging/index.cfm?code=0406emailanncs Get Ready for SQL Server 2005 Roadshow in a City Near You Get the facts about migrating to SQL Server 2005. SQL Server experts will present real-world information about administration, development, and business intelligence to help you implement a best-practices migration to SQL Server 2005 and improve your database-computing environment. Receive a 1-year membership to PASS and 1-year subscription to SQL Server Magazine. Register now! http://www.windowsitpro.com/roadshows/sqlserverusa/index.cfm?code=0404emailanncs Windows Connections 2005 Conference April 17-20, 2005, Hyatt Regency, San Francisco. Microsoft and Windows IT Pro bring you the premier event for IT professionals. Don't miss the 3-day, hands-on Exchange Troubleshooting Specialist Course, formerly offered only to internal Microsoft employees. Space is limited. Register online or call 800-505-1201 or 203-268-3204 for more information. http://www.winconnections.com Overcoming "The Fiefdom Syndrome": How to Conquer the Turf Battles that Undermine Companies Can your organization benefit by overcoming turf battles? Don't miss this opportunity to hear Robert J. Herbold, former COO of Microsoft and author of "The Fiefdom Syndrome," and Jim Davis, Senior VP, SAS. Join Business Finance in welcoming these thought leaders on Tuesday, April 19th at 11:00 a.m. EST. Register here: http://bfmag.com/webcasts/4-19-05/index.html?ref=winit Keeping Critical Applications Running in a Distributed Environment Get up to speed fast with solid tactics you can use to fix problems you're likely to encounter as your network grows in geographic distribution and complexity, learn how to keep your network's critical applications running, and discover the best approaches for planning for future needs. Don't miss this exclusive opportunity--register now! http://www.windowsitpro.com/seminars/windowsapplications/index.cfm?code=0406emailannc ==== 2. Peer to Peer ==== Featured Thread: Creating Recurring Appointments Our forum readers are having a conversation about users creating recurring appointments in Microsoft Outlook 2003. To join the discussion, visit http://www.windowsitpro.com/forums/messageview.cfm?catid=40&threadid=131404 Outlook Tip: Controlling Custom Message Form Autosignatures by Sue Mosher, [email protected]
Q: Since I installed Microsoft Office 2003 Service Pack 1 (SP1), users complain that they see duplicate signatures when they use custom message forms. How can I eliminate the duplicates?


Find the answer (and links to more great tips) at

http://www.windowsitpro.com/microsoftexchangeoutlook/article/articleid/43908/43908.html ==== Hot Release ==== C2C: Exchange Discovery, Content & Policy Management Active Folders Content Manager is essential for every Exchange administrator's toolbox!
* SEARCHES email by nearly 50 criteria combined to thousands of options.
* SCALABLE to thousands of mailboxes.
* ACTS on all mailboxes, public folders & local and central PSTs. Download an evaluation NOW! http://www.c2c.com/site/products/active_evaluate.asp ==== Announcement ==== (from Windows IT Pro and its partners) Check Out the New Windows IT Security Newsletter! Security Administrator is now Windows IT Security. We've expanded our content to include even more fundamentals on building and maintaining a secure enterprise. Each issue also features product coverage of the best security tools available and expert advice on the best way to implement various security components. Plus, paid subscribers get online access to our entire security article database! Click here to try a sample issue today: http://www.secadministrator.com/rd.cfm?code=fseu2554up ==== 3. New and Improved ==== by Angie Brew, [email protected] Wirelessly Synch Data Synchronica released Synchronia SyncML Gateway, software that lets users wirelessly synch their calendar, contacts, tasks, notes, and email between Exchange Server and SyncML-enabled mobile phones. The SyncML Gateway doesn't require a contract with a mobile operator; it uses standard mobile Internet access. Security is guaranteed with strong Secure Sockets Layer (SSL) encryption, protecting access to corporate data. SyncML Gateway supports Exchange Server 2003 or Exchange 2000 Server. For pricing, contact Synchronica at [email protected]. http://www.synchronica.com ==== Sponsored Links ==== Quest Software Heading to Exchange from Notes or GroupWise? Get Expert Help! http://ad.doubleclick.net/clk;14771969;8214395;x?http://wm.quest.com/WITPUpdateNotesMigratorforExchange32005 NetOp--Control PCs from a USB Drive Securely access PCs from your desktop, web, CE, or thumb drive http://ad.doubleclick.net/clk;15182371;8214395;h?http://www.crossteccorp.com/netopremote/?utm_source=winitpro&utm_medium=email&utm_campaign=v8_90

=========

~~~~ Contact Us ~~~~ About the newsletter -- [email protected]
About technical questions -- http://www.windowsitpro.com/forums
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected] >

===============

This email newsletter is brought to you by Exchange & Outlook Administrator, the leading publication for IT professionals managing, securing, optimizing, and migrating Exchange and Outlook. Subscribe today!

http://www.exchangeadmin.com/rd.cfm?code=00ep234xeb

Manage Your Account

You are subscribed as #EmailAddr#.

You received this email message because you subscribed to this newsletter on our Web site. To unsubscribe, click here:

http://www.windowsitpro.com/email/index.cfm?action=QuickUnsub&NewsletterID=3&email=#emailaddr#

View the Windows IT Pro Privacy policy at

http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538,
Attention: Customer Service Department
Copyright 2005, Penton Media, Inc. All Rights Reserved.