User guide

ManualsBrandsESET ManualsSoftwareSmart Security 7, ITA, 2U, 1Y

110

111

112

113

114

115

116

117

118

119

118

6.4.3 Phishing

The term phishing defines a criminal activity which uses techniques of social engineering (manipulating users in

order to obtain confidential information). Its aim is to gain access to sensitive data such as bank account numbers,

PIN codes, etc.

Access is usually achieved by sending email masquerading as a trustworthy person or business (e.g., financial

institution, insurance company). The email can look very genuine, and will contain graphics and content which may

have originally come from the source it is impersonating. You will be asked to enter, under various pretenses (data

verification, financial operations), some of your personal data – bank account numbers or usernames and

passwords. All such data, if submitted, can easily be stolen and misused.

Banks, insurance companies, and other legitimate companies will never request usernames and passwords in an

unsolicited email.

6.4.4 Recognizing spam scams

Generally, there are a few indicators which can help you identify spam (unsolicited emails) in your mailbox. If a

message fulfills at least some of the following criteria, it is most likely a spam message.

Sender address does not belong to someone on your contact list.

You are offered a large sum of money, but you have to provide a small sum first.

You are asked to enter, under various pretenses (data verification, Financial operations), some of your personal

data – bank account numbers, usernames and passwords, etc.

It is written in a foreign language.

You are asked to buy a product you are not interested in. If you decide to purchase anyway, please verify that the

message sender is a reliable vendor (consult the original product manufacturer).

Some of the words are misspelled in an attempt to trick your spam filter. For example “vaigra” instead of “viagra”,

etc.

6.4.4.1 Rules

In the context of Antispam solutions and email clients, rules are tools for manipulating email functions. They

consist of two logical parts:

1. Condition (e.g., an incoming message from a certain address)

2. Action (e.g., deletion of the message, moving it to a specified folder)

The number and combination of rules varies with the Antispam solution. These rules serve as measures against

spam (unsolicited email). Typical examples:

1. Condition: An incoming email message contains some of the words typically seen in spam messages

2. Action: Delete the message

1. Condition: An incoming email message contains an attachment with an .exe extension

2. Action: Delete the attachment and deliver the message to the mailbox

1. Condition: An incoming email message arrives from your employer

2. Action: Move the message to the “Work” folder

We recommend that you use a combination of rules in Antispam programs in order to facilitate administration and

to more effectively filter spam.