What is Bad Email?
Spam, Phishing, Scam, Hoax and
Malware distributed via Email
Spam is unsolicited or undesired electronic
junk mail. Characteristics of spam are:
• Mass mailing to large number of recipients
• Usually a commercial advertisement
• Annoying but usually harmless unless coupled with a
fraud based phishing scam
Advertising and great deals
Do I know this person?
Warning from Google-nice job
Sent to a large number of users at once
These emails often end up
in our spam folder because
of our spam filters in place
Is this a trusted website?
A phishing email is a fraudulent message carefully
crafted to trick you into giving up your password or
other sensitive information. Financial gain and
criminal activity are the key motivations for email
phishing. Characteristics of phishing emails are:
• Invoke a sense of urgency
• Asking you to click on a link embedded in the email that has no
affiliation with the organization it is masquerading as
• Asking for passwords or other sensitive information such as a
social security number
• Generic greetings and signatures
• Odd spelling or grammar
Email fraud or scams can come in many different
forms such as job scams and lottery scams. They are
cons and share the same characteristics:
• Requests for money
• Requests to cash a check, wire money, or set up a
• Promises of money for little or no effort
• Odd grammar and misspellings
A hoax email is also known as a spoof email. The
sender alters part of the email such as the senders
name or address so it appears to come from a
legitimate source. Characteristics of hoax emails are:
• Spread urban myths or outlandish stories
• Sell a bogus product or market an online service
• Spoofed email address to appear legitimate
• Odd spelling or grammar
• Promise or request of money
This could be a spoofed
email address or
compromised account of
a SLU student so it looks
Invoke of sense of urgency
Sent to a member of
the students contact
and odd grammar
throughout body of
Actual signature of SLU
Malware distributed via Email:
Malware, or malicious software, is software used to disrupt
computer operation, gain access to private computer
systems or gather sensitive information. Attachments in
emails and internet advertising are two ways malware is
distributed. Some types of malware include:
• Viruses, ransomware, worms, Trojan horse, rootkits, keyloggers,
dialers, spyware and adware
• A common Trojan horse masquerades itself as anti-virus software.
The Trojan presents itself as something harmful or useful in order to
get victims to install it on their computer
• Could be a keystroke logger that can capture all your passwords!
What do I do with Bad Email?
• Spam or phishing from an unknown sender can be marked as spam within your email program. This
alerts Google to begin blocking the sender address. Other bad email such as hoaxes, can just be deleted
• Bad email from a known sender such as someone in your SLU contact list might indicate they have a
compromised account. Forward the email to helpdesk @slu.edu so it can be investigated.
• Phishing email that is concerning, can be forwarded to the helpdesk so they can be investigated. Once
forwarded, choose the report phishing option within Google. This alerts Google of the fraudulent
• Other bad email that is concerning, such as those that might contain a malware attachment or job
scams, can be forwarded to the helpdesk.
• If you have responded to any of these emails with personal information, or clicked on links that may
have downloaded malware, please contact the ITS Service Desk at 977-4000 or helpdesk @slu.edu.
• The helpdesk will involve Information Security when necessary (email@example.com)
The easiest way for cybercriminals to gain access to our resources is
through unaware end users. Because this activity will continue to
increase, it is imperative that we critically evaluate emails we receive. We
cannot stop cybercriminals from sending bad email, however, by
becoming aware of what we should be looking for, we can limit our
response to them which in turn will protect our resources as well as our
For more examples on phishing emails, visit:
Take the anti-phish IQ Test hosted by Dell SonicWall visit:
Email is one of the most effective tools in the cybercriminals arsenal. Spam filters stop much of the bad email that would otherwise end up in your inbox, but crafty cybercriminals know how to design their emails in a way that can circumvent your these filters. This tutorial was created to address the question, what is bad email? Several examples have been identified for you on the following slides.
What is spam?
Spam is unsolicited or undesired electronic junk email. Some characteristics of spam are:
Mass mailing to a large number of recipients
Usually a commercial advertisement,
Annoying but usually harmless unless coupled with a fraud based phishing scam
Lets review one that we received here at SLU.
Notice the Super Offer advertised
Pfizer Sale is the supposed sender (hmm-someone doesn’t know their grammar very well). Who is Elise200fb@orange.es? I don’t know this person and I am certainly not buying pharmaceuticals from her.
A red flag that this is spam is that it is sent to a large number of users as one time.
This one ended up in our spam folder due to the spam filters set in place. Thanks Google for the warning notice.
Now they want you to click on a link in this email. Too many red flags in this one, I think I’ll get a prescription from my doctor.