Old email accounts are not deleted in time so hackers are able to use them and send spamming emails around the European schools and outside.
What is email spamming?
Spam is electronic junk mail. Email spam or also known as junk email refers to unsolicited email messages, usually sent in bulk to a large list of recipients. Spam can be sent by real humans, but more often, it is sent by a botnet, which is a network of computers (bots or spambots) infected with malware and controlled by a single attacking party (bot herder). Apart from email, spam can also be distributed via text messages or social media.
Why is spamming cyber crime?
Most spam is irritating and time-consuming, but some spam is positively dangerous to handle. Usually, email scams are trying to get you to give up your bank details so that the fraudsters can either withdraw money or steal your identity.
Many different types of messages are defined as spamming but some of them include phishing scams and advanced fee fraud. Be very suspicious of the following messages:
- anything that offers you something for nothing;
- anything that looks like it’s going to ask you to give up financial details;
- anything to do with accounts of yours that has embedded links to follow;
- anything that asks you to keep it secret.
Why is this happening in European school?
European school Luxembourg 2 has a huge problem with information technology. I wrote about the lack of investments in ICT and the lack of proper IT experts in European schools in the article about digital competence.
It is more important for the European school that people in the IT field speak the French language than know anything about IT. The consequence is of course a total mess with the administration of user accounts. There are many other issues but this one is related to the problem in this article.
When students leave European schools their accounts are not deleted promptly. Accounts stay there for a long period of time, students are not using them anymore and hackers are able to gain access to those accounts. Once inside they use the official European school domain to send out spam messages to the school’s community and to the rest of the world.
Why is this activity inappropriate?
When users receive email from a trusted domain, such as eursc.eu domain is, they don’t question about email content. They believe these emails are from a legitimate sender and click on the links or attachments.
Why would spammers send emials from eursc.eu domain?
The main reason is to bypass spam filters. People might also trust an email sent from a trustworthy domain. So when a spammer has such email on a list (e.g. firstname.lastname@example.org), they write code to send an email “from” another email@example.com. This helps the spam email make it past spam filters as well as seem more familiar to the recipient.
Here you can see an example of such an email. Please consider the main points in noticing how to spot such fake emails.