Ways to Get Rid of Spam Emails

Fortunately for the users, there are plenty of ways of getting rid of annoying messages. Depending on their number, you can try different practices and find the one that works best for your case. For example, simple reports of a couple of phony emails you’ve got over the last month may be enough to prevent their appearance. Popular email services usually keep an eye on users’ reports and will likely react to reports about the malevolent activity. Still, you may sometimes require a much more harsh approach.

1. Mark as spam

Email services such as Gmail, Yahoo & Outlook have special features for filtering unwanted emails. To do this, you need to mark emails as “spam”, after which they will go to the spam folder and will not disturb you in the common list of emails. If you receive such emails from the same sender in the future, it will automatically be sent to this folder.

How to mark spam in Gmail

Tap on the square next to the email. After that tap the stop sign icon.

How to mark spam in Yahoo! Mail

Tap the box next to the email or on multiple emails. After that tap on the shield icon.

How to mark spam in Microsoft Outlook

Tap on the box next to the email, then tap on Junk Email Options in the menu. After that tap on the Block button.

2. Delete spam emails

Spam email at first glance looks harmless. But there are a few nuances that you need to consider. First of all, if you notice that your mailbox is filled with letters from unknown sources, do not click on them. By clicking on these emails, you will inform the attacker that your email is active and will be subject to more spam. The harm is that you will start receiving even more spam emails. Only if you follow links or respond to spam – that’s when you can come across the distribution of malware and other things. The best thing you can do is simply remove spam emails and rid yourself of unnecessary content.

How to delete spam from Gmail

1. Tap on the empty box to check out the message.
2. Tap on the stop sign in the top menu.
3. Tap Report Spam in the dropdown menu.
4. Tap on the “Delete All Spam Messages Now option.”

How to delete spam from Yahoo! Mail

1. Firstly, check the box next to the email.
2. In the above menu tap on the shield.
3. Tap the Report Spam option.
4. Go to the spam folder.
5. Tap the Delete Emails option.

How to delete spam from Microsoft Outlook

1. Tap the email in the inbox area.
2. Tap on the Junk Mail option in the top menu.
3. In the side menu click on the Junk Email tab.
4. To empty the folder click the metal trash can.

3. Keep your email address private

Try to avoid sharing your email on different platforms to avoid receiving spam emails. If you don’t have to share your email address, you better keep it quiet. You can also change your account privacy settings. As in the following examples:

Google Privacy Settings

1. Enter your Google account.
2. Navigate to the Security Checkup option to see the devices, security events and other email addresses and devices connected to your Gmail account.
3. Set up the toggle switches to turn features on or off.
4. Do the same process for the Personal Information and Privacy settings.

Yahoo! Mail privacy settings

1. Log-in to your Yahoo! Mail Account.
2. Click on the gear icon.
3. Click the Account Information option.
4. In the Account Security section, click on the Generate app password option.

Microsoft Outlook privacy settings

1. In the upper-right corner of the screen tap on your account icon.
2. In the menu list, tap My Account.
3. Tap on the Privacy and Security options to change the settings.

4. Use a third-party spam filter

Each mailbox has its spam filter, but working with a third-party filter can provide additional protection. All emails will pass through these two filters. This way, you can provide adequate protection against malware and unwanted content. Finding an anti-spam filter that will work with your service provider is best.

5. Change your email address

If spam still comes to your email address after all the steps above, then the problem is the continuous leak of your personal info, in particular email address. In this case, you need to change your email address. To do this, see the following guide.

1. Register a new account with your current email service.
2. After that, notify your contacts from your new account that you’ve changed email addresses.
3. Go to the Settings section and add the new email address to forward incoming emails from your old account. It is important to specify the emails you want to redirect the messages from. Otherwise, all the spam will appear in the new mailbox as well.

How to add a forwarding address

After you create a new email address, you will be able to receive emails from the old email address. To do this, you need to change your forwarding settings. By redirecting, you will be able to update your contact information in all accounts that are linked to your original account.

1. In the old email account, navigate to the Settings option.
2. Tap the Forwarding and POP/IMAP tab.
3. Enter the new email address in the Add a forwarding address box.
4. Tap “Next” to confirm the process.

Common spam email security threats

In addition to being annoying and time-consuming, spam emails can compromise users’ digital security. Attachments that are attached to spam emails often carry a virus or malware. Here is a list of the most common ones.

• Trojan horses

Trojans are malware disguised as legitimate apps. Get on the user’s PC they can by downloading free apps or come through attachments in email. Trojan installs malicious code, usually spyware or coin miners, via a link attached to an email. Thus, the attacker manages to control the user’s computer, steal data and block many programs. From this point of view, remember that clicking on all composed spam emails is dangerous.

• Phishing and vishing

Phishing emails are one of the most common attacks in this case. Since, in letters of this kind, the attacker imitates the messages of legitimate companies and firms, trying to extract the necessary information for him. In the Phishing email, it is suggested to go to the attached link and confirm your data or credit card details. It’s a scheme to steal sensitive data.

Vishing is also used to steal data only through calls. Intruders call users and, during the conversation, extort card numbers, personal data, addresses, insurance numbers, etc. To avoid falling victim to Phishing and Vishing, check the legality of the companies that call or write to you. Also, try to answer only those calls in your phone book.

• Zombies

Zombies are a type of malware that can spread via spam email. This program turns the user’s computer into a server through which it sends spam to other users. You won’t be able to see the moment when this malware will be on your computer, but slow PC operation will be the first sign that it is. Moreover, an infected computer can attack web pages. To avoid this, you should not click on the attached links in spam emails.

How to stay free of spam emails?

You can take all the steps mentioned above only if you are a victim of spam mailing. If you only know about it and do not want to face such a problem directly, then take the recommended precautions. Use the spam filters we mentioned earlier. Do not spread your email address on different platforms and sites. Also, try not to click on pop-ups and banners that carry annoying and malicious content. Finally, be careful when visiting untested and unprotected sites, and especially leaving there your main email address. If you need to browse such pages time to time, that will be a great solution to create a separate email address that will take all the potential spam.

The post How to Get Rid of Spam Emails in Gmail, Yahoo & Outlook appeared first on Gridinsoft Blog.

Exploitation of these issues allows an attacker to steal credentials, intercept emails, and so on.

While the entire STARTTLS negotiation process was not very robust and error prone, STARTTLS came at a time when there was still no massive support for encrypted connections in mail clients and servers.

Since there were no better alternatives at the time, most users and administrators chose to enable STARTTLS as a temporary solution until TLS became more widespread.

Now everything has changed: almost all mail clients and servers support TLS-only mode, in which all old protocols, including POP3, IMAP and SMTP, by default operate over an encrypted channel that protects email from hacking or eavesdropping, and mail clients refuse to send emails if a secure TLS connection cannot be established. However, there are still millions of mail clients and hundreds of thousands of mail servers where STARTTLS is supported and is still enabled.

Now experts report that they have discovered over 40 vulnerabilities in client and server implementations of STARTTLS. Problems can be abused to downgrade STARTTLS connections to plain text, intercept emails, steal passwords, and so on.

Although to implement such attacks, an attacker must first carry out a MitM attack (in order to be able to interfere with the STARTTLS negotiation process, that is, the attacker must interfere with the connection established between the mail client and the mail server, and must also have credentials to log into the account on the same server), the research team insists that “these vulnerabilities are so widespread that we recommend that you avoid using STARTTLS whenever possible.” That is, users and administrators are advised to update their clients and servers as soon as possible, and switch to using TLS-only.

Over the past few months, researchers have been actively collaborating with the developers of mail clients and servers to fix 40 bugs they discovered. Although users now can install the resulting patches and continue using STARTTLS, researchers still advise switching to TLS-only.

Let me remind you that I talked about the fact that Hackers used Firefox extension to hack Gmail.

The post Vulnerabilities in STARTTLS threaten popular email clients appeared first on Gridinsoft Blog.

According to the researchers, the campaign was active from January to February 2021. Hackers attacked Tibetan organizations around the world using a malicious Firefox extension that steals Gmail and Firefox data and then downloads malware onto infected systems.

The researchers say that cybercriminals attacked Tibetan organizations with targeted phishing emails that lured victims to sites prompting them to install a fake Flash update, allegedly required to view the content.

In fact, these resources contained code that divided users into groups. So, only Firefox users with an active Gmail session were offered to install a malicious extension, while other hackers were not interested in other users.

The malicious extension was called Flash update components, but in fact it was a variation of the legitimate Gmail notifier (restartless) extension, and was capable of abusing the following features.

Gmail:

• Search for emails
• Archive emails
• Receive Gmail notifications
• Read emails
• Changing the audio and visual alert functionality in Firefox
• Flag emails
• Mark emails as spam
• Delete messages
• Refresh Inbox
• Forwarding letters
• Searching in email
• Delete messages from the Gmail Trash
• Send mail from a compromised account

Firefox (depends on the rights granted):

• Access to user data from all sites
• Show notifications
• Read and change privacy settings
• Access browser tabs

However, the attack did not end there. The extension also downloaded and installed ScanBox malware on the infected machine. It is an old malware tool based on PHP and JavaScript that has been used more than once in attacks by Chinese hack groups.

The last recorded use of ScanBox dates back to 2019, when analysts at Recorded Future noticed attacks on visitors of Pakistani and Tibetan sites.

Interestingly, this time the fake Flash attacks worked better than ever. While majority of users know for a long time that they should stay away from sites offering Flash updates, support for Flash was discontinued early this year. On January 12, 2021, all Flash content stopped playing in browsers, and this seems to be what made the TA413 attacks much more successful than usual.

Let me also remind you that a special version of Flash for China turned into adware.

The post Hackers used Firefox extension to hack Gmail appeared first on Gridinsoft Blog.

The malware established full control over infected devices, collected credentials, GPS from infected devices, made screen recordings, and so on.

At the same time, the malware carefully avoided infections in countries such as Ukraine, Belarus, Kyrgyzstan and Uzbekistan, Africa and the Middle East.

Mandrake has a three-stage structure, which allowed its operators to avoid detection by Google Play security mechanisms for a long time. It all started with a harmless dropper placed in the official application catalog and disguised as a legitimate application, such as a horoscope or cryptocurrency converter.

When such an application was downloaded on the victim’s device, the dropper downloaded the bootloader from the remote server. At the same time, the dropper himself was able to remotely turn on Wi-Fi, collect information about the device, hide its presence about the victim and automatically install new applications.

In turn, the bootloader was already responsible for direct downloading and installing Mandrake malware.

“The malware completely compromised the target device, gave itself administrator privileges (the request for rights was masked as a license agreement), after which it gained wide opportunities: forwarding all incoming SMS messages to the attackers’ server; sending messages; making calls; stealing information from the contact list; activating and tracking of the user’s location via GPS; stealing Facebook credentials and financial information and screen recording”, – report Bitdefender specialists.

Additionally, the malware carried out phishing attacks on Coinbase, Amazon, Gmail, Google Chrome, applications of various banks in Australia and Germany, the currency conversion service XE and PayPal.

Worse, Mandrake is able to reset the infected device to the factory settings in order to erase user data, as well as all traces of the malware’s activity. When the attackers received from the victim all the information they needed, Mandrake went into the “destruction mode” and erased himself from the device.

“We believe that the number of victims of Mandrake is tens or even hundreds of thousands, but we don’t know the exact number”, — writes Bitdefender expert Bogdan Botezatu.

The company’s researchers believe that for four years, all spyware attacks were coordinated by its operators manually and were not fully automated, as is usually the case. They also note that Mandrake was not spread by spam, and it seems that the attackers carefully selected all their victims.

Specialists were able to trace the Mandrake developer account on Google Play to a certain Russian-speaking freelancer hiding behind a network of fake company websites, stolen IDs and email addresses, as well as fake job ads in North America.

As for Friday, I remind you that For eight years, the Cereals botnet existed for only one purpose: it downloaded anime.

The post Mandrake malware was hiding on Google Play for more than four years appeared first on Gridinsoft Blog.