Table of Contents

• What is spam?
• What is phishing?
• Can I avoid spam?
• Use the  NPS Spam Manager  to block spam
• Report Spam w/Headers
• Report Spam Scams & Internet Fraud
• Anti-Spam Links

What is Spam?

• Webopaedia.com: "Electronic junk mail or junk newsgroup postings"
• CAUCE.org: "Unsolicited Commercial Email (UCE)"
• Spam.abuse.net: "Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers rather than by the sender."

What is Phishing?

Phishing is an attempt to scam an email recipient into surrendering private information that will be used for identity theft. For information on avoiding scams see the FTC Consumer Alert entitled How Not to Get Hooked by a ‘Phishing’ Scam.

More information on phishing is available online at:

• Anti-Phishing Working Group (APWG)
• Webopaedia: Phishing
• Wikipedia: Phishing
• Google: Phishing

How Can I Avoid Getting on Spamming & Phishing Lists?

If you use email you will probably find your email address on someone's spam list sooner or later. But there are a few things you can do to reduce the likelihood of receiving unwanted email:
• Don't reply to the spam message! A lot of spam comes with instructions on how to remove yourself from their email list. Any response - even a request to remove you from their list - is generally a bad idea. Click here for more info.
• Don't give out email addresses. Many web pages ask you to enter one or more email addresses to receive some service. You may not want to give out your email address unless you are certain the web site does not sell their email list. Sites offering sweepstakes, special offers, greeting cards, and other "specials" that require you to enter your or others' email addresses are notorious for selling or "sharing" those addresses with their "business partners". You may not want to participate in those "add your email address to the list and forward to 10 people" email chain letters that circulate.
• Don't forward email addresses. You can help protect the email addresses of your family, friends, and business associates by removing them from the messages you forward, when possible. Those interesting and/or humorous messages that fly around the Internet with long chains of forwarding addresses offer fertile grounds for harvesting email addresses.
• Don't post a working email address to web pages or newsgroups. Some spammers employ web bots (computer programs) that automatically search web pages and newsgroups for email addresses. The fewer web pages and newsgroups that list your email address, the lower the likelihood you will end up on spammers' lists. If you do need to post an email address you may want to modify it to something that might foil automated email address harvesters but that another person could make work. For example, instead of posting your real email address, johndoe@yahoo.com, you might use an invalid - but readable - email address with parenthetical instructions (if necessary) indicating how a person could make it valid:
  • johndoe @ yahoo.com   (remove spaces)
  • johndoe@yahoo.com.NOSPAM   (remove .NOSPAM)
  • johndoe at yahoo dot com

While you may not be able to stop unscrupulous people from sending unwanted email messages that doesn't mean you have have to see them. Our NPS Spam Manager is a great way to control what email messages reach your mailbox. Click here to read more about it.

Reporting Spam: Forward Message & Headers

If you receive spam email containing inappropriate content for an educational environment, you may want to report the incident to the network administrators for their email system or to an NPS Network Administrator. In either case, they will need you to include the email headers when you forward a copy of the email message. The email headers provide routing information that may help determine where the email originated. Unfortunately many spam messages "spoof" their email account of origination. They actually originate from somewhere else entirely.

If the email message contains images from or links to web sites with inappropriate content then please forward the entire email message and all email headers to an NPS Network Administrator so we can add the web sites or domains to our Internet filter. If the advertised web site does not contain objectionable content it is unlikely we will block access to that site. If the email originated from a server used by other legitimate email accounts then we may not be able to block it either. It's not that we don't want to help, but the district consensus is that we should facilitate Interent access for staff and student research and allow unhindered, virus-free email communications unless they are obviously inappropriate for our educational environment.

The email headers for a message are not normally visible in Microsft Outlook (the most prevalent NPS email client software). To see them you will need to open the email message, then select Options... from the View menu in that message to open the Message Options window (see graphic). Next position the mouse cursor inside the box labelled Internet headers, click the left mouse button once, press Ctrl-A on the keyboard to select all of the information in that box (the text should be highlighted as in the graphic), then press Ctrl-C to copy the Internet headers (the selected text) to the Windows clipboard. If you use a different procedure to copy the Internet headers, please be certian to scroll down far enough to get all of the headers. You should then be able to paste the headers into the email message you are forwarding to your network administrator.

If you are using the NPS Webmail system (our local implementation of SquirrelMail) then you will find a link to "View Full Header" in the short header above the message.

If you are the using Mozilla Thunderbird email client software then you can view the full list of email headers for a message by opening the View menu, then selecting Headers from the list of menu items, then selecting All from the list of sub-menu items.

Report Spam Scams

If you have received email messages or discovered Internet content that you believe is knowingly fraudulent, then you may wish to report them to one or more of the following:
• The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). Their web site includes consumer tips and an online complaint form.

• The Federal Trade Commision now has an spam web site where you will find spam-related news, legislation, and consumer tips. The FTC prosecutes spammers who attempt to defraud consumers. You can file a complaint on their web site or forward spam emails to them at: spam@uce.gov

Anti-Spam Links

• The Network Abuse Clearinghouse   --   www.abuse.net
  This site offers a wealth of information about abuse and responsible use of the Internet. In particular, their spam.abuse.net site is one of the best online anti-spam resources I've found.

• Coalition Against Unsolicited Commercial Email   --   www.cauce.org
  CAUCE is an ad hoc, all volunteer organization, created by Netizens to advocate for a legislative solution to the problem of unsolicited commercial email (UCE, a.k.a. "spam").

• Spamhaus   --   www.spamhaus.org
  Spamhaus tracks the Internet's worst Spammers, known Spam Gangs and Spam Support Services, and works with ISPs and Law Enforcement Agencies to identify and remove persistent spammers from the Internet. This site includes:
  • The Spamhaus Block List is a free realtime DNS-based database of IP addresses of verified spammers, spam gangs and spam services. The SBL is used by Internet Service Providers and corporate networks worldwide and currently protects 98 million SBL users from persistent spammers.
  • Register Of Known Spam Operations (ROKSO) is a register of known spam operations (spammers and spam gangs) that have been thrown off Internet Service Providers 3 times or more. These are the 100+ most determined spammers, many with criminal records for fraud and theft, responsible for over 90% of American and European spam. ROKSO collates information and evidence on each spam operation to assist ISP Abuse Desks, researchers and Blocklist maintainers.

• SpamCon   --   www.spamcon.org
  The SpamCon Foundation is a California non-profit corporation that protects email as a viable communication and commerce medium by supporting measures to reduce the amount of unsolicited email that crosses private networks, while ensuring that valid email reaches its destination. This site now includes The SpamCon Foundation Law Center (formerly The Suespammers Project). Click here to see SpamCon's list of Oklahoma anti-spam legislation.

• SpamLaws   --   www.spamlaws.com
  The site offers lists of current and pending anti-spam legislation for the U.S. and its states and selected other nations. Click here to see SpamLaws's list of Oklahoma anti-spam legislation.

• Mail Abuse Prevention System (MAPS)   --   mail-abuse.org
  MAPS is a not-for-profit California organization whose mission is to defend the Internet's e-mail system from abuse by spammers.

• Declude.com's List of all known DNS-based spam databases

• The SPAM-L FAQ contains spam info - including how to track spam

• No Spam T-Shirt available from Libertees.com

• Additional Lists of Anti-Spam Links:
  • spam.abuse.net's links
  • cauce.org's links
  • spamlaws.com's links

Network Administrator Contact Info: