Finding ways to combat spam and hackers is something that IT is constantly working on, it’s a never-ending desire between the two to settle one over the other, to reign as supreme.
Last week many Seattle U students received several spam emails that were sent to various school listservs, largely from, what appeared to be, adviser accounts. The content of these emails is relatively cryptic, though it is at least somewhat clear that the sender–“your favorite friend and only broker”–is very interested in making the recipients wealthy.
The Office of Information Technology (OIT) has been doing their best to ward off such spam.
“We’re under constant attack of one kind or another. This is the nature of the world we’re in,” said Dennis Gendron, executive director of OIT at Seattle U. “There’s all kinds of information the university has and we have to protect it.” OIT reports that, on a typical day, the office blocks about 250 spam messages. In the period of one month just this year, they blocked 10 million.
“We’ve got a really aggressive spam filter, but some get through every time,” Gendron said. “We, as the blocker, have a measurable job blocking spam, [but] they’re like the Borg, you know, from Star Trek–they adapt and come back.”
Junior Garrett Budnik agrees. This isn’t the first time, he said.
“It’s happened maybe once or twice a year since I’ve been at school,” he said. In prior years, OIT countered spam using protocols that would search out key words commonly found in spam messages and send them into the junk folder.
Today, spam is smarter. Because of recent adaptions, IT professionals now have to use a combination of technologies—filters determine whether or not a message is spam and analyze the message’s origin. Once a message is marked as spam, anything from that sender will be “black-listed” and automatically send to the junk box.
Messages and their senders are “grey-listed” if the majority of the content seems reputable but some flags are still raised by the filter. Messages and their senders are “white-listed” if they are deemed trustworthy or the accountholder replies.
“The spam emails, from my understanding, the ones that go out… are on a very individual instance,” said OIT staff member Kurt Kapusuzoglu. “Think of ESPN sending you useless ads, but if you were part of a listserv or a public folder like an Outlook that could give multiple people away.”
Spam spreads in the same way that an email infected with viruses might spread—and usually they work in conjunction with one another. The spam email somehow gets past the junk filters and arrives in the inbox, which isn’t much harm when left alone. But if one were to click on a link within the message, a virus could be unleashed with the potential to turn one’s computer into what is sometimes called a “zombie.”
Zombie computers are taken over and their programs are utilized for the creation and distribution of more virus software. If the original virus was well-written, it likely wouldn’t be very noticeable.
Gendron noted that Seattle U’s spam filters—by and large—are fairly effective. Further, he reports, it is even rarer for these attacks to originate from an internal account that has been hacked. Gendron, throughout his time here, can recall only one account (a student account) being compromised and sending out loads of spam.
“Although we do get the occasional spam message, this does not mean that our email system is always safe,” Gendron said. As for what to do if you spot a message you believe to be spam in your inbox, the best advice Gendron has is to use your common sense, urging students to ignore fishy messages.
The next step, according to Kapusuzoglu, is to “give a call and let [OIT] know, and it’ll get blocked.”