Exchange & Outlook UPDATE, Exchange Edition, April 7, 2005

Between 3 percent and 5 percent of users who receive a phishing email message actually go to the bogus Web site and provide at least some personal information.

Paul Robichaux

April 6, 2005

9 Min Read
ITPro Today logo in a gray background | ITPro Today

This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Exchange & Outlook UPDATE.

Is Your Exchange/Outlook FAX Integrated?

http://www.faxback.com/landing/office.html

Saving Time and Money with Network Faxing

http://www.windowsitpro.com/whitepapers/esker/networkfaxing/index.cfm?code=exchnl_0407

C2C: Exchange Discovery, Content & Policy Management

http://www.c2c.com/site/products/active_evaluate.asp

===============

==========

~~~~ Sponsor: FaxBack ~~~~ Is Your Exchange/Outlook FAX Integrated? Receive a Starbuck's gift card when you register to listen to our archived webinar on "Integrating FAX into Microsoft Outlook and Office Environments." Also receive a complimentary whitepaper to learn more fax integration. http://www.faxback.com/landing/office.html

==========

Editor's note: Share Your Exchange Discoveries and Get $100 Share your Exchange Server and Outlook discoveries, comments, or problems and solutions for use in the Exchange & Outlook Administrator print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected]. We edit submissions for style, grammar, and length. If we print your submission, you'll get $100.

==========

==== 1. Commentary: Defending Against Phishing Attacks ==== by Paul Robichaux, Exchange Editor, [email protected]
Near my home is a medium-sized river that's a popular fishing spot. Small boats are fairly common on the river, but most of the hopeful anglers stand in the river in hip waders, trying to catch pike or walleye. Unfortunately, fishermen aren't the only people dangling bait these days. A growing number of criminals are sending out fake email messages in a process known as phishing.

The Anti-Phishing Working Group (APWG--http://www.antiphishing.org ) has a succinct definition of phishing that's worth citing: "Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' emails to lead consumers to counterfeit Web sites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords, and social security numbers. Hijacking brand names of banks, e-retailers, and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Pharming crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning." I'm amazed that any user would actually fall for an email message that says, "Your account's been compromised, so please log in." But people do fall for these schemes--and in record numbers. "Information Week" estimates that between 3 percent and 5 percent of users who receive a phishing email message actually go to the bogus Web site and provide at least some personal information. Estimates of the financial losses these attacks cause are hard to come by, but late last month the US Federal Trade Commission (FTC) settled with Zachary Hill, a Texas phisher who bilked about 400 people out of a total of more than $125,000. The APWG estimates that in February 2005 more than 2600 active phishing sites (with an average lifetime of 5 days per site) were in use. You can apply a variety of phishing countermeasures, and more are on the way. The biggest hope probably lies in the Sender Policy Framework (SPF) standard and Microsoft's Sender ID (see "Sender ID: Back From the Grave" at http://www.windowsitpro.com/article/articleid/44353/44353.html ), which provides verification that the actual sender of a message matches the domain that the message claims to be from. Microsoft is committed to introducing support for Sender ID in Exchange 2003 Service Pack 2 (SP2), a move that will undoubtedly speed its adoption. In the meantime, several antispam vendors have introduced antiphishing features in their products. Barracuda Networks, Tumbleweed Communications, and other vendors use systems that rely on user reports of phishing messages to mark similar messages as phish-y; filters that use techniques such as Spam URL Realtime Block Lists (SURBL) to mark messages that contain "bad" URLs might also help catch such messages. Ultimately, the most significant countermeasure is educating your users--and friends, relatives, neighbors, and other people to whom you provide ad hoc advice or technical support--about these messages. The majority of phishing messages claim to be from only five or six companies, such as eBay, Citibank, PayPal, and Wells Fargo, that never send out security notifications via email. Apart from the financial losses, the recent tendency of phishing sites to install crimeware on users' computers poses a worrisome long-term threat because infected home machines might not be detected for some time, and those machines can introduce problems into your corporate network. On an unrelated note, the ballot for Windows IT Pro's annual Readers' Choice awards is now live. Here's your chance to reward companies that provide excellent products and the best overall services. The September 2005 issue of Windows IT Pro will feature the winners. Click here to vote: http://www.windowsitpro.com/readerschoice

==========

~~~~ Sponsor: Esker Software ~~~~ Saving Time and Money with Network Faxing Despite the rise of e-mail and the Internet, fax continues to be an important means of business communication. Organizations can save significantly on long distance costs, increase worker productivity, and streamline their business processes simply by connecting a fax server to their local area network. In this free white paper, you'll understand the specific cost savings, security benefits, and productivity enhancements of implementing a fax server solution including the V.34 fax standard and how it can contribute to further productivity gains and cost reductions. Get this white paper now! http://www.windowsitpro.com/whitepapers/esker/networkfaxing/index.cfm?code=exchnl_0407

==========

=========

~~~~ Contact Us ~~~~ About the newsletter -- [email protected]
About technical questions -- http://www.windowsitpro.com/forums
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected] >

===============

This email newsletter is brought to you by Exchange & Outlook Administrator, the leading publication for IT professionals managing, securing, optimizing, and migrating Exchange and Outlook. Subscribe today!

http://www.exchangeadmin.com/rd.cfm?code=00ep234xeb

Manage Your Account

You are subscribed as #EmailAddr#.

You received this email message because you subscribed to this newsletter on our Web site. To unsubscribe, click here:

http://www.windowsitpro.com/email/index.cfm?action=QuickUnsub&NewsletterID=3&email=#emailaddr#

View the Windows IT Pro Privacy policy at

http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538,
Attention: Customer Service Department
Copyright 2005, Penton Media, Inc. All Rights Reserved.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like