Spam, phishing and pharming are all terms relating to dubious online practices, either to sale goods or services online or to gain access to confidential information, often with malicious intent.

Spam is the term used to describe unwanted emails that are typically distributed in bulk. Spam messages will typically contain commercial content – examples include pornography, pharmaceuticals, dubious financial transactions, or ‘too good to be true’ offers. In most cases, spam emails are sent with fraudulent intent, but there are also cases where reputable companies or private users send mass emails too. National laws give various definitions as to precisely what is classed as spam – your national awareness centre can provide further information.

Spam can also be used to launch phishing attacks where users are sent emails tricking them into ‘updating’ their personal details online via a fake website (imitating a bank or similar). Spam can also be used as a means of distributing malicious software which can install key-logging software on your PC without your knowledge - see our related article on viruses and malware for more on this issue.

Pharming is the term used to describe the process of redirecting users to a fraudulent copy of a legitimate website, again with the aim of stealing personal data and passwords for criminal intent. The definition of pharming might also be extended to include targeted advertising or the ‘pushing’ of people towards products and services, for example : “people who have bought ‘x’ have also bought ‘y’… and if you do you will save 10 Euro.”

It is also increasingly common to receive SMS spam on mobile phones. A related term – spim – is used to describe spam attacks using instant messaging services. Facebook and other social networking spam is now also very common.

Understanding the issues

Some of the key issues to be aware of regarding spam, phishing and pharming are outlined below:

Overwhelmed by spam

Spam is a problem and, although falling in resent years, experts still estimate that in excess of 64 per cent of email messages sent today are spam (Symantec Intelligence Report, October 2012).

Aside from being irritating and time consuming for the recipient, the implications of spam are clear: the growth of spam is a huge drain on human resources and computer networks, affecting both individuals and organisations.

The indiscriminate nature of spam

Spam is often sent indiscriminately meaning that users, regardless of their age or interests, can be exposed to content which is inappropriate in nature. As outlined above, many spam emails will offer fantastic incentives, or ‘too good to be true offers’, making them even more attractive to young people. Making young email users aware of spam, and employing technical solutions to minimise what they receive in the first place, is key.

Identity theft

Identity theft is the term used to describe the theft of personal data to impersonate an individual, usually for financial gain. The issue isn’t new, but has been intensified by the internet, giving criminals new routes to gathering personal data on a much larger scale. In the online gaming world identity theft is often called social engineering.

Criminals will use a range of methods to gather personal data – ranging from harvesting data already published online (such as on online profiles and social networking sites), to using a combination of spam, phishing and pharming techniques.

Identity theft can be devastating for the victim: aside from the obvious possible consequences of financial loss, it can take lots of time and energy to resolve such issues, and can result in long-term damage to your reputation and credit rating.

Although not likely to be such a key risk for younger internet users, who obviously won’t be carrying out financial transactions online, awareness of the risks, recognising the importance of remaining alert, and keeping personal information private are all key skills which should form part of their digital literacy awareness and information. This in turn will benefit them as they grow older and begin to interact more with businesses and services online.

Positive parenting strategies for spam and related issues

There are various strategies that parents might adopt to help their children be aware of, and manage, spam and related issues. These include:

Get protected!

Look for ‘spam filter’ options in your email package, and make sure that these are activated for all users - contact you email provider of you are unsure what features are available to you. Be aware, however, that as with any technological tool, spam filters can never be guaranteed to be 100 per cent effective. Many email providers provide the option to mark mail as spam, which will prevent the likelihood mail from that spammer getting through to you again in the future.

Equally so, some spam filters may overblock, marking legitimate and wanted mail as spam: if you are expecting an email that hasn’t arrived it’s worth checking your spam or junk mail folder to see if it’s waiting there. Most email services will provide options to mark emails as ‘not junk’ and will add the address to your safe list for the future.

Use your head

CERT (the Computer Emergency Response Team), a US-based organisation specialising in internet security vulnerabilities, recommends a simple five-stage test (known as the ‘KRESV’ test) to try to prevent viruses from spreading, but it can also be useful in identifying spam. Try to encourage all family members to follow this simple routine when using email:

• The Know test: Is the email from someone that you know?

• The Received test: Have you received email from this sender before?

• The Expect test: Were you expecting email with an attachment from this sender?

• The Sense test: Does email from the sender with the contents as described in the subject line and the name of the attachment(s) make sense?

• The Virus test: Does this email contain a virus? Always check it using anti-virus software.

Don’t respond!

If you, or your child, do receive spam, it is important to never respond even if an ‘unsubscribe’ link is provided. By responding, you are alerting the spammer that yours is a valid email address, and this will just increase the likelihood of you receiving yet more spam in the future.

Likewise you should never forward spam on to others – this just increases the problem.

Don’t publish your email address online

Teach your children the importance of keeping their email address private – the same as they would with any other personal information. The less their email address is ‘out there’ in cyberspace, the less chance there is of it being harvested for spam lists. It is also important to remember that email addresses are often used as usernames on many popular web-based services.

Equally, remind children to be mindful of the information they provide when signing up for services online, and encourage them to read the terms and conditions. The terms should state exactly what the service provider intends to do with the information provided, which may include passing details on to third parties. In theory, a good service should only really ask for the minimum information needed to process a request.

It might actually be worth your child having two email addresses: a personal address which is only passed on to known and trusted family and friends, and one which is used for communication on public forums such as online profiles and competitions, using a nickname in the email address rather than a real name.

The same basic rules apply to mobile phone numbers too. SMS spam is becoming an increasing problem, so it pays to keep mobile numbers private too.

Talk often

The best online safety strategy – regardless of the age of the user or the technology or issue involved – is to talk with your children!

Try to create a culture in the home where your child feels confident that they can discuss their online experiences – both good and bad - with you, without fear that their access to the technology will simply be withdrawn.

Chat regularly with your children about what they are doing online, what the latest technology or trends are as they see them, what their concerns might be, and what they would like to be able to do online. Work together to identify potential self-protection strategies based on their age and experiences, and review these regularly.

If, as a parent, you have a clearer idea of might be on the horizon in terms of your child’s technology use, you will be better equipped to deal with any issues that might arise!

Know where to get help and advice if things do go wrong

If you or your children do experience problems relating to online safety issues, it is important to recognise that you are not alone - there are a number of organisations that can provide help and advice.

Many countries operate national helplines, or visit your national awareness centre website for further information on a range of online safety issues, including contacts and campaigns in your country.

source:

http://www.saferinternet.org/online-issues/parents-and-carers/spam-phishing-and-pharming

#spam #pharming #phishing