back to top

spam

What is it?

Spam is unsolicited bulk email -- indiscriminate, network-wide broadcasted messages which distribute advertisements and solicitations, many of which are for money-making schemes. It includes chain letters, items for sale, get rich quick schemes, or any other unwanted email that people often receive. An example of an unauthorized mass mailing is using a mail client's address book or a directory service to send spam email to every user or group of users listed there. Email offers from sites at which you have an account are not considered spam. Spam. Don't buy it. is a public education effort. The Help with Spam and Phishing page is a good resource.

What to do?

If you receive a spam message, it's best to just ignore the message and delete it from your mailbox. Never reply to these messages, and never send them money or personal information. Many people who send spam messages hide their real identity on the network, so trying to reply to their spam messages is usually futile. Many email applications have filtering capabilities that can block messages from specified addresses, but spammers often vary their addresses. To report the spam email to University IT Services, expand the full header of the message and forward it to abuse@uark.edu. To learn how to expand full headers and filter spam emails, go to the ITS Email Software page and select your preferred email client.

What NOT to do?

Since spamming is against the UA Code of Computing Practices, you must make sure not to send out any spam yourself. Do not send emails to large groups of people unless you know each of them personally. Make sure your email messages are appropriate for all of the recipients and that you know all of the recipients. Sometimes someone uses the Reply All button in response to unwanted spam email, which makes the problem even worse. Even if your intention is to stop a spam outbreak, when you reply to all the recipients of a mass mailing, you are perpetuating the problem! Users who are found to have initiated or propagated chain email messages or spam messages from a University account (even with good intentions) will be locked from that account for two business days. Subsequent violations of this policy will result in additional administrative sanctions.

back to top

Email Viruses

Viruses can be transmitted through email as attachments or embedded HTML and scripts. If you open an executable file that's attached to a message, the program can run and infect your computer with a virus. The virus can then use any address books that you have on your computer to mail copies of itself to everyone with whom you correspond. The infected messages will appear to be from you, even though you weren't even aware that they were sent. This also means that even if you receive an attachment from someone you know and trust, they might not have actually sent the mail; a virus could have sent it from their computer. Always check the file type before opening an attachment. Executables are most likely to contain viruses, but virus writers use tricks such as appending multiple file extensions onto the file to make the file appear to be of a different type. Since Windows doesn't show common extensions by default, you might want to change this setting (Control Panel, Folder Options, View, and uncheck Hide extensions for known file types). In addition to .exe file extensions, beware of .bat, .com, .lnk, .scr, .vbs, and others. Also beware of Word documents as they can contain macros which can contain viruses. The macro security level in Word can be set to prevent macros from running. It is also possible for a virus to be embedded in the email message itself if HTML coding was used and is read by the recipient's email client. Most email clients allow for embedding of HTML and scripts which can contain viruses. Some email clients can be configured to block attachments or executable attachments and also HTML. To protect yourself against email viruses, make sure that all service packs and security updates have been applied. Configure your mail client so that ActiveX and Java scripts won't run automatically. Install antivirus software and check often for updates. See our page, Computer Viruses, for more information.

back to top

Spoofing

If you are receiving notices of bounced email messages that you didn't send, the returned mail you received probably did not come from your account. One tactic for spammers is to use someone else's email address when mailing themselves to potential victims. That is spoofing. Sometimes they will use addresses of major service providers as the From: address such as PayPal, eBay, Microsoft, or a university when mass mailing to all of the other addresses found on the infected computer. So, you could receive a message that appears to be important information from one of these places. They might use one of the email addresses in their list of harvested addresses as the From: address of an email, and another as the To: address. If the email is not delivered to the intended recipient (in the To: field) -- possibly because the address no longer exists, is over quota, or the server would not accept the email -- the message will be bounced to the address in the From: field. If your address happened to be one that was harvested and used as the From: address, you might receive returned messages that you did not send.

Unfortunately, many email gateway filters do not take the forged address into account and will report to the address in the From: field. Sometimes these gateways cause more problems then the actual virus with these incorrect reports and their rejection messages. Additionally, many do not contain sufficient information that will help mail server administrators or IT Security staff to actually track down the origins of the messages.

back to top

Phishing

Phishing is an email fraud attempt. Email messages will appear to be from banks or online companies like eBay or PayPal or from an institution such as the University and will state that there is a problem with the recipient's account. The email will include a URL which will appear to go to a legitimate company's or institution's web site, but will actually go to a site that is maintained by the sender of the fraudulent email. The site will appear to belong to the real company using their logos and site layout and will ask for confidential account information such as bank, credit card, and/or email account information. Sometimes the email will directly ask for confidential information.

Some phishing attempts might appear to be emails from the U of A. Many phishing attacks have been targeted at the University campus. The University will NEVER send a message to users asking for account passwords, and we will NEVER ask you to respond to an email with your password. University Information Technology Services DOES send out UARK password expiration notices.

See our Security page on Phishing for more information.

back to top

Email Hoaxes

Email hoaxes could be urban legends, common fallacies, untrue strange news stories, or other misinformation of this type. Snopes is a good source to research suspected hoaxes. Virus hoax emails will contain bogus virus warnings with the intent to frighten or mislead users. Please refer to Symantec's Hoaxes page if you have a question about what appears to be a bogus message regarding a new virus.

back to top

Chain Email

A chain email is an email message that is sent to several people with a request that each recipient send out multiple copies of the letter to a number of persons so that its circulation increases exponentially. Chain letters all have a similar pattern. There will first be a "hook", something to catch your interest such as "Make Money Fast", "Virus Alert", or "People are dying". There is also usually a threat of some sort; something bad will happen to you if you break the chain or you are responsible for letting all your friends know about a (usually fake) computer virus that's going around. Sometimes they will play on your sympathy, perhaps by telling you that a sick child has requested that the chain letter be sent on. Then there will be the request. The request in email chain letters is usually that you send the mail on to several other people.

Since chain email is sent to so many people with that number increasing every time that piece of mail is sent, an email chain letter has the potential to waste great amounts of bandwidth and disk space and clog up networks which can cause problems for people trying to send legitimate email or do other work on the Internet. They are also illegal (in violation of Title 18, U.S. Code, Section 1302, the Postal Lottery Statute) if they contain any requests for money or items of value. They are also often damaging to a person's or organization's reputation, for example chain emails that illegitimately request money for an organization.

If you receive a chain email, either delete the email without sending it on to anyone or report it to University IT Services. To report the email, expand the full header of the message and forward it to abuse@uark.edu. To learn how to expand full headers, go to the ITS Email Software page and select your preferred email client. Since the use of University email, computing, and network resources to send chain email or spam mail is a violation of the University's Code of Computing Practices, users initiating chain email messages or spam messages will have access to their accounts locked for two business days.