To understand what Anti-Spam is I think we need to understand what spam is and why we should be Anti-Spam. This type of Spam isn’t the delicious Spam you buy at grocery stores or McDonald’s in Hawaii. This spam can be problematic for you and your business.
Most people refer to spam as junk email, similar to what we every day delivered by the USPS. Spam is similar but can also be a little more malicious than that. Spam is sent to many recipients by humans and/or bots, also called botnets (spambot). Some of these emails can contain malware allowing the sender to further impact the recipient. Have you ever received a spam email and then selected “unsubscribe”? That might not be the best idea, especially if you have no idea who may have sent the email. By selecting “unsubscribe,” you just verified the email is a valid email to the sender for further emails. The best action is to block or report it as spam; this will allow you to stop receiving the spam email without verifying it is a legitimate email to the sender.
Some of the common subject lines for spam emails:
pharmaceuticals
adult content
financial services
online degrees
work-from-home jobs
online gambling
cryptocurrencies
According to TechTarget, spammers use different techniques to send and deliver spam to recipients:
Botnets enable spammers to use command-and-control servers to harvest email addresses and distribute spam.
Snowshoe spam. With this technique, spammers use a wide range of Internet Protocol (IP) addresses and email addresses with neutral reputations to distribute spam widely.
Blank email spam. This technique involves sending an email with an empty message body and subject line. It could be used in a directory harvest attack to validate email addresses by identifying invalid bounced addresses. In some instances, seemingly blank emails may hide viruses and worms that can spread through Hypertext Markup Language code embedded in the email.
Image spam. The message text, which is computer-generated and unintelligible to human readers, is stored as a JPEG (Joint Photographic Experts Group) or GIF (Graphics Interchange Format) file and placed into the email body. This method attempts to avoid detection from text-based spam filters.
There are different types of spam; each one is different depending on the objective of the sender:
Marketing messages Typically, unsolicited emails are sent by companies to recipients marketing products. These can also contain illegal products and/or services.
Malware messages Some of the spam contains malware. Even though Malware is a generic phrase for Malicious Software, it is still bad.
Frauds and scams This is the preferable Nigerian prince scam; now, additional email scams such as Auto Warranty exist.
Antivirus warnings These are emails warning the recipient to “fix” something on their computer and to click this helpful link to download a “free” program to fix your computer. Remember, free isn’t always the cheapest.
Now that we touched a bit on what spam is, let’s discuss how to deal with spam with Anti-Spam.
Fortunately, Microsoft has been stepping up its game to help protect everyone. One of the features they have is Anti-spam technologies in Exchange Online Protection (EOP). Some of the features you can enable or have enabled, providing you have a Microsoft Professional Email. Connection filtering: Identifies good and bad email source servers early in the inbound email connection via the IP Allow List, IP Block List, and the safe list (a dynamic but non-editable list of trusted senders maintained by Microsoft).
Spam filtering (content filtering): EOP uses the spam filtering verdicts Spam, High confidence spam, Bulk email, Phishing email, and High confidence phishing email to classify messages. You can configure the actions to take based on these verdicts, and you can configure what users are allowed to do to quarantine messages and whether users receive quarantine notifications by using quarantine policies.
Outbound spam filtering: EOP also checks to make sure that your users don't send spam, either in outbound message content or by exceeding outbound message limits
SPF: Sender Policy Framework verifies the source IP address of the message against the owner of the sending domain. For a quick introduction to SPF and to get it configured quickly, see Set up SPF to help prevent spoofing. For a more in-depth understanding of how Microsoft 365 uses SPF or troubleshooting or non-standard deployments such as hybrid deployments.
DKIM: DomainKeys Identified Mail adds a digital signature to the message header of messages sent from your domain.
DMARC: Domain-based Message Authentication, Reporting, and Conformancehelps destination email systems determine what to do with messages that fail SPF or DKIM checks and provides another level of trust for your email partners.
Verify your bulk email settings: The bulk complaint level (BCL) threshold that you configure in anti-spam policies determines whether bulk email (also known as graymail marked as spam).
Did you know you get a professional email account for less than $100.00 a year? Contact GingerSec at Contact@GingerSec.com to get your professional email. GingerSec offers IT Support for consumers and businesses. Visit us today at GingerSec