When MTNLCloud took over responsibility for email addresses of @mtnl.net.in in Aug 2016, several security mechanisms were put in place.
- The first one was to close port 25 for all broadband clients and asking clients to switch to a different port for sending emails, or use the relay service provided by MTNL. This by itself was a major change. Overnight, SPAM originating from Bots and Zombies in Mumbai broadband stopped.
- An outbound Anti SPAM, first of its kind in the world, was implemented.
- Anti SPAM system was revamped which not only catches SPAM, but provides good intelligence on the activity of SPAMmers.
These have made MTNLCloud Email service one of the most secure in India and possibly in the world.
The Anti SPAM system has revealed that there is an army of hackers who constantly try to get through the email system by using Phishing. They prey upon email users and try to extract passwords as well as try to inject Malware into the email users system.
One of the common mechanism is to send emails as MTNLCloud Administrator and trying to get the user to enter their password in an unauthorized web page. Then this password is mis-used to send SPAM. These emails use a wide variety of psychological tricks, including
- offering free upgrades,
- threatening to cancel the account,
- threatening to cancel unless the account is verified, etc.
In here, we share some samples of attempted SPAM so that users can recognize it for what it is (if at all they receive it). These SPAM are blocked by MTNLCloud Anti SPAM system, but was made available to Administrators for analysis.
We will post a screen shot of the email as well as information on how it was sent. We will aggregate about 10 of these emails and post them in an article as and when possible.