Phishing emails are dangerous and have potentially catastrophic effects.

One particular type of phishing email could be the most malicious of them all: an email pretending to be your email provider that asks you for your account and personal information. Do not be fooled.

Read below and learn about phishing attacks, what you can do and what XMission does to protect your accounts.

How phishing attacks happen.

Phishing is an elaborate form of data and identity theft. It works by persuading users to respond to emails asking for personal information or to go to a website where information can be entered. These are so effective because the emails usually look trustworthy and sound like plausible scenarios.

How to spot a phishing email.

While phishing emails often differ, they almost always look legitimate and always ask you for something confidential.

Examples of email subjects:

• “Verify Your Account”
• “Email Upgrade”
• “Update Your Email Account”
• “Your email account has been suspended!”

Examples of From:

• “Xmission Admin”
• “Support”
• “Webmail Support Team”
• “email@xmission.com”

Example of a Phishing body:

Confirm your email account by filling in the details below:

Username:

Password:

Why it’s so difficult to stop.

Often, phishing emails come for legitimate email accounts that have been compromised, which is what XMission has been dealing with recently.

Phishers use a variety of camouflage techniques to avoid being detected by our antispam/antiphishing systems by using:

• Random letters or famous quotes in the subject or in the body of the email;
• Invisible text in HTML emails;
• HTML or Java content instead of plain text;
• Pictures only (no other text in the email body).

Potential consequences:

By replying or following links inside emails like these you can do more damage than you might imagine.

Common Examples of what phishers can do:

• Use your information to run up your bank accounts
• Open new accounts, credit cards, loan or contracts in your name
• Have access to all of the confidential emails you receive from your bank

Don’t fall for it:

Follow these tips to stay safe:

• Don’t ever reply to emails that ask for personal/confidential information
• Forward the email to spam@xmission.com and then promptly delete it
• Do not click links in emails unless you were expecting the email
• Do not fill in forms that request information. Any trustful provider will use a secure website and digital certificate

Safety:

Customers with “@xmission.com” email addresses can verify that they have spam filtering enabled on your account, this catches almost all phishing attempts. You can verify that filtering is enabled by going to http://webmail.xmission.com and entering your login information. There you will find a button called, “Filters”. Business customers have filtering enabled already, unless requested otherwise. If you have questions, you can always go to http://chat.xmission.com and talk with one of our technical staff or call us at 801-539-0852.

Use an antivirus program that helps detect malicious emails and websites

What XMission does to protect you:

We have full time staff that monitors incoming and outgoing email for spam, phishing and other potentially harmful traffic

XMission uses Spamassassin on its five email scanning servers (http://spamassassin.apache.org) and is constantly writing rules to account for trends in spam and phishing emails (see: What is Spamassassin below)

We have Email Admins available around the clock to respond to phishing emails.

We keep details statistics that you can view at: http://postmaster.xmission.com

Our systems have been configured to automatically detect phishing emails and notify our staff

What is Spamassassin?

Excerpt from spamassassin.apache.org

SpamAssassin uses a wide variety of local and network tests to identify spam signatures. This makes it harder for spammers to identify one aspect which they can craft their messages to work around.

If you’d like to get into the details of our filters, you can visit:

http://postmaster.xmission.com/senders/spamassassin/

What is Prey ?

Prey helps you find your stolen laptop by sending timed reports to your email, including information of its whereabouts. Prey reports the general status of the computer, a list of running programs and active connections, fully-detailed network and wifi information, a screenshot of the running desktop and — in case your laptop has an integrated webcam — a picture of the thief. Pretty cool!

You need to have the software installed on your laptop for it to work. With enough luck you may just get your machine back.

The program runs on Mac OS , Linux, and Windows.

I’ll be installing this on my laptop tonight.

This latest addition to the XMission domain based services makes it even more convenient to manage your online presence. Need to secure your web transactions or an email server? We can help!

Using SSL Certificates reassures your clients that you are doing everything possible to keep their information secure. Your customers can easily spot sites using SSL because the web address contains “https://” and web browsers shows either a lock symbol, key symbol, or specially highlighted navigation bar display.

Like a drivers license, SSL Certificates are issued by a trusted source, known as the Certificate Authority (CA) and the SSL protocol allows applications to communicate across the net in a way designed to prevent eavesdropping, tampering, and message forgery. All this conveys a level of trust and security to increase your client’s confidence in your online presence.

XMission will handle all your SSL Certificate needs from start to finish. Unlike other companies, we are here to help with real humans that answer the phones and respond to your emails. We will help you every step of the way and with a single bill so you do not have to manage several vendors.

Learn more about SSL Certificates by reading about them on our SSL wiki support page. You can order your SSL online, or simply call someone on our sales team. They will take care of you!

The XMission sales office is open weekdays from 9 AM to 5 PM, MST. You can reach us by calling 801-539-0852, 877-964-7746, or by emailing sales@xmission.com. As always, our support staff is here 24×7 to help you with any technical assistance you require.

Immediately after release of the patch in question and prior to exploit code being released into the wild, along with most other major providers, XMission has patched its servers for this serious issue on both its primary nameservers as well as its dedicated resolvers.

This past Tuesday (July 8), Microsoft released a patch (KB951748) via Windows update which was meant to fix a DNS exploit where hackers could redirect web page requests to malicious pages. This exploit widely affected hardware and software from many different companies. However, when combined with ZoneAlarm—a popular software firewall by Check Point Software—Windows XP and 2000 users found themselves without internet access after applying the update.

Since many Windows systems are set to automatically update the system, many people woke up that morning to find that they could no longer browse websites or get their email. We received many calls about this problem, and the fix at the time was to either set ZoneAlarm’s security level to medium, or uninstall the Microsoft update.

On Wednesday (July 9th), Check Point Software updated ZoneAlarm to correct this problem. They suggest users either update to the latest version of ZoneAlarm, or use either workaround mentioned above. (Instructions are provided on ZoneAlarm’s page.)

As always, XMission tech support is available 24/7.

Obviously, we find emails like this incredibly frustrating. Spam has cost us tremendously in time, money, and network resources, and forces our customers to feel increasingly suspicious of anything in their inbox. Like you, we have all received spam from companies claiming to be eBay, PayPal, our credit union, or even the IRS. Even though XMission successfully filters out the majority of phishing spam, be aware that some still does squeak through.

Many of these emails ask the user to enter information using a fake web address, while others request information via email directly. Spammers send out large numbers of emails betting on the odds that someone with a legitimate account will respond. Usually these emails have an urgent tone or even threaten penalty, suspension, or account closure.

Because of the volume and persistence of this threat, we wanted to share a few reminders from the Federal Trade Commission:

1. Simply do not reply. If you have concerns about an account, pick up the phone and call the business, or bring up a fresh browser and contact them directly using their website. No legitimate business will ask you for personal information over email.
2. Scammers can fake anything including “from” addresses, logos, websites, and phone numbers. Even if an email includes a local phone, donít take it at face value. Call the company using a legitimate number from a trusted source.
3. Update anti-virus and anti-spyware software regularly. Always use a firewall if you have a high-speed Internet connection.
4. Do not use insecure websites. Always confirm the security certificates of secure websites.
5. Review credit card and bank statements as soon as you receive them.
6. Even if you receive an email from a trusted source, be cautious about opening attachments or downloading files.
7. Report phishing emails to XMission (abuse@xmission.com), the FTC (spam@uce.gov), and to the legitimate company being spoofed.
8. If you have had your information compromised, report it immediately to the FTC, and then visit the identity theft website at: http://www.consumer.gov/idtheft.

http://www.ftc.gov/bcp/edu/microsites/idtheft/

Using this site, consumers can learn how to avoid identity theft, and find out what to do if their identity is stolen.  Businesses can receive information about helping their customers prevent and cope with identity theft. This site also includes resources for law enforcement to help victims of identity theft.