• Search Results
  • Audit
    • Tax
    • Advisory

    Tuesday 19 March 2019

    To fight a big data security problem, think ‘small’

     

    For spammers, small is the new big, as they try to avoid detection by sending fewer messages than ever before.

    Following a report from Bloomberg, more light has been cast on what is called ‘artisanal spam,’ or ‘snowshoe’ spam. Rather like how an actual snowshoe redistributes the weight of the person wearing it, snowshoe spam involves redistributing the load of a spam message across multiple IP addresses. This is done to help avoid detection by filters designed to combat spam messages sent from one IP address to many thousands of email addresses.

    Spamming is about more than trying to entice recipients to buy into various stock schemes or pharmaceutical enhancers. It’s also a petri dish spawning malware of all sorts. That’s why it’s a good idea to fight back at a similarly micro level. Here are three tips you can employ right now to help combat spam attacks.

    Give employees guidelines

    If you haven’t already, develop clear employee guidelines for everything from clicking on links to using personal email accounts and more. Remember that employee guidelines that are not promoted internally and discussed at least annually will be as effective as a billboard in the middle of a desert.

    Watch out for red flags

    Whether or not it’s covered in the employee guidelines document, encourage each associate to simply read the message carefully to spot any tell-tale red flags:

    • A long, nearly unintelligible ‘From’ address. An official message from your bank probably isn’t coming from an email address like bank_name@omega.19991.ca. You might have to click ‘Show details’ or a similar button/command to see this information.
    • Urgency that isn’t being conveyed through any other communication method. If your CEO really needed US$10m wired to an account in another country, she or he would probably do more than send an email. Be skeptical of any message touting urgency and seek colleagues’ input before taking any action whatsoever.
    • Generic salutations, such as ‘Dear Friend,’ or one you don’t commonly receive. If you’re commonly called Bob but you receive a message addressed to ‘Robert’, because it’s in your email address, you’ll know the sender isn’t a close friend, colleague or business associate – even if the email address (which can be faked easily) suggests otherwise.
    Think before you hit ‘send’

    If a reply absolutely MUST be sent, do so carefully. The reason there’s so much spam out there (estimates are as high as 400 billion messages per day) is that it works. If a message comes across your desk that is so enticing as to require a response, consider doing the following:

    • NEVER click on a link within the message itself. Conduct a search online to seek out whatever offer or information is presented.
    • If a reply is required once you locate relevant information, don’t enter your official email address into any online forms. Use a service such as 10minutemail.com to create a temporary email address that expires in, you guessed it, ten minutes.

    Outsmarting even the most dedicated spammer doesn’t always require a firewall and strong email filter – although you should definitely have both. Sometimes combating cyber crooks – even the ‘small’ ones – just takes a little bit of effort and access to the right tools.

    For more information, contact:

    Jessica Dore
    Rehmann, US
    T: +1 989 797 8391
    E: jessica.dore@rehmann.com

    www.rehmann.com

    Back to top