Due to the widespread use of web bugs in email, simply opening an email can potentially alert the sender that the address to which the email is sent is a valid address. This can also happen when the mail is 'reported' as spam, in some cases: if the email is forwarded for inspection, and opened, the sender will be notified in the same way as if the addressee opened it.
E-mail fraud may be avoided by:
Many frauds go unreported to authorities, due to shame, guilty feelings or embarrassment, but if you ever fall victim to an e-mail fraud that involves theft, either monetary or of your identity, contact the authorities immediately. You could help save many people from the same problem.
Fraud can take place over the phone as well. Some reports come from people asking about printer information and claim to be from supply services. Some tips for recognizing phone fraud is blocked numbers.
Network Engineering uses several tools to help keep spam from reaching your mailbox. Read on for more information about what we are doing to prevent spam, what you can do, and how to keep your address off of spammers' lists.
Spam is defined as unsolicited, bulk e-mail. Typically spam comes from strangers - people who have obtained your e-mail address without your permission. If you signed up for the mailing (intentionally or accidentally), it may be undesirable e-mail, but it is not technically spam. Likewise, if you have some sort of business relationship with the sender, it is not spam. So, an e-mail sent to you from your bank, an online service you signed up for, or your department at OSU would not be considered spam.
Note: Using OSU's e-mail system to send unauthorized bulk mailings is against the Acceptable Use Policy. For information about how to do a bulk mailing at OSU correctly, please see the Guidelines for Release of E-mail Addresses.
If Step 1 doesn't stop the spam from coming through, you can report the spam to OSU Network Engineering:
For more information about phishing, please see the Phishing helpdoc page.
OSU blocks e-mail messages that contain a reply-to address that goes to a known phisher. If practical, we will also "poison DNS" for links included in phishing e-mails, so that clicking the link will redirect you to a safe page instead.
If you respond in any way to a phishing e-mail that asks for your username and password, we will disable your account and ask you to reset your password. OSU has had a significant number of accounts become hacked in the past and these hacked accounts have been used to send hundreds of thousands of spam e-mails to OSU and to the world, causing serious e-mail disruption.
NEVER respond to phishing e-mails!
In the past, most spam came from misconfigured mail servers or proxy servers. But today most spam comes from virus-infected personal computers, hacked e-mail accounts and free e-mail providers. See the Wikipedia article on Spam for more information about how spammers operate.
One very important thing that you can do in the fight against spam is to keep your computer up-to-date on software patches and anti-virus software. It's also a good idea to run a personal firewall. Use caution when opening e-mails from addresses you don't recognize, and always scan email attachments for viruses. If your computer has become noticeably slower, it's a good idea to run virus-detection software.
Finally: NEVER share your password!
Inbox Rules can be used to lower the amount of spam received to exchange? email addresses.
These instructions do not apply if you receive your ONID email via Google Apps for OSU. Email filtering will not work with ONID if you have your ONID account set to forward to another email account. For more information about forwarding, click here.
Following are directions for setting up Spam Assassin and Mail Filters on ONID:
Personal Mail Filters
To customize junk email controls:
To train Thunderbird:
Quick Jump Links:
If you would like to report phishing emails, please follow the process below for your particular mail client.
OS X 10.0-10.10:
Older Versions of Mac Mail:
1. Once you are in the phishing attempt email, click on the little drop down arrow. This will bring up several options.
2. Click on the “Show original” option in that drop down menu.
3.This will open a new tab with a page that looks like this, a lot of text. You will need to copy and paste this text into a new email. An easy way to highlight all of the text is to press the Ctrl button and the A button at the same time. After that you can press Ctrl and C together to copy it.
4. If you feel the message is abusive or asking for your credentials please send it to phishing (@) oregonstate.edu. Otherwise send the email to spam (@) oregonstate.edu and we will look at it.
One of the most prevalent types of email fraud comes of the form of offers that are too good to be true. The fraudulent offer typically features a popular item or service, at a drastically reduced price. Most of these are just an attempt to get your credit card information and if something seems too good to be true, it probably is.
Another type of bogus offer affects people who use Ebay, Craigslist, or any other online retailer for selling their belongings. The typical scam is that a person will contact you offering to pay the full amount, or even more for a rush delivery, but they refuse to pay you until they receive the item for inspection or some other reason.
Here are some examples:
The "request for help" type of e-mail fraud takes this form. An e-mail is sent requesting help in some way, but including a reward for this help as a "hook," such as a large amount of money, a treasure, or some artifact of supposedly great value
The modern e-mail version of this scam, known variously as the "Nigerian scam", "Nigerian All-Stars," etc., because it is typically based in Nigeria, is an advance fee fraud. The lottery scam is a contemporary twist on this scam.
Responding to these emails cost someone money and loss of their identity, You can see stories of victims at http://www.google.com/news/search?aq=f&pz=1&cf=all&ned=us&hl=en&q=nigerian+scam.
Examples can be found at fraudgallery.com or you can view the thumbnails below for some basic examples.
E-mail sent from someone pretending to be someone else is known as spoofing. Spoofing may take place in a number of ways. Common to all of them is that the actual sender's name and the origin of the message are concealed or masked from the recipient. For more information, visit http://en.wikipedia.org/wiki/E-mail_spoofing
One very common example of spoofing is when people receive e-mails in their inbox saying that a message could not be delivered to a recipient, even though they do not remember sending that message. In this case, someone has learned what your email is and sent spam e-mails pretending to be from your address and the e-mail address was incorrect and sent a bounce message back to your e-mail address.
The thumbnails below show some examples of spoofed e-mail messages: