Americas

  • United States
sandra_henrystocker
Unix Dweeb

Fake “Tech Support” Email

Analysis
Oct 02, 20083 mins
Data CenterOpen Source

It’s only been in the last few weeks that I have begun to notice occassional email claiming to be from Tech Support, but not looking at all like the notices that I normally receive from the “techies” in my company or those that my own group sends out from time to time. Our email filtering does a good job of keeping most of the spam out of my inbox, but a small percentage of this junk gets through. Judging just from what I’ve seen recently, the fake Tech Support email seems to have somewhat popular amount the spammers.

Fortunately, the genuine notices that I’m used to seeing have a very identifiable format. I suspect they’re generated by some automated tool. They tell about planned outages, downed links and their restorations, system upgrades, virus warnings and such.

The fake Tech Support email that came through, in contrast, have a different look, address me differently or very generically (e.g., Dear Customer) and clearly originate from outside my company’s domain. It may not be much of a stretch for you or I to recognize and delete this email and get on with our work. It’s necessarily not a good idea, on the other hand, to assume that everyone in our organizations is as savvy as we are when it comes to recognizing a hoax.

To help ensure that your own user population won’t be snared into the tech support hoax, follow some simple rules and let your users know what to expect.

For one thing, use a specific format for all notices that you send to your users. In addition, maintain a single location for any files that users should legitimately be expected to download or links they might be expected to follow. Warn you users to be on the lookout for suspicious or invalid links in all email they receive. Tell them to be wary of email that contains odd misspellings, often intended to thwart spam filters. Show your users how they can verify links by hovering over them with a mouse and viewing the URLs that the links would otherwise lead them to. Warn them about pop-ups and especially of attachments. Even today, otherwise clever people are still clicking on attachments and getting themselves into trouble. If you use either of pop-ups or attachments for your own puposes, make it very clear when your users should and should not accept them as genuine. If your email client displays only the sender’s name in email, show your users how to view the email address of the sender. It still may not be a legitimate email address, but it’s unlikely to be the same as any legitimate email addresses in your domain. Warn you users to be especially cautious whenever email they receive suggests a need to take some action immediately. Let them know that you will always provide them with plenty of time to react to any requests that you might make. A false sense of urgency is almost always an indication of something being very wrong.

The techies in my company were very good at getting a warning out to our users. Provide your users with some good rules for avoiding email hoaxes and maybe they’ll reward you by identifying the next spammers’ fad before you do.

sandra_henrystocker
Unix Dweeb

Sandra Henry-Stocker has been administering Unix systems for more than 30 years. She describes herself as "USL" (Unix as a second language) but remembers enough English to write books and buy groceries. She lives in the mountains in Virginia where, when not working with or writing about Unix, she's chasing the bears away from her bird feeders.

The opinions expressed in this blog are those of Sandra Henry-Stocker and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author