Web Development and Database

Administration
Level - I

Module Title: Protect Application or System Software

Module code: EIS WDDBA1 05 0322
Nominal duration: 30Hour

Prepared by Moges Tesfaye (MSc in ICT)

Contents
Acknowledgment.........................................................................................................................................4
Unit one: user accounts control..................................................................................................................7
1.1. Modifying default user settings to conform security policy....................................................8
1.2. User Access Control Policies.....................................................................................................9
1.3. User account control process and interaction........................................................................10
1.4. Logon process...........................................................................................................................11
1.5. The UAC User Experience......................................................................................................12
1.6. Configure security policy settings in window 10....................................................................17
1.7. Using appropriate utilities to check strength of passwords and its complexity rules.........19
1.8. Identify Security Gaps.............................................................................................................22
Self-check-1..........................................................................................................................................24
Unit Two: Detect and remove destructive software................................................................................25
2.1. Destructive Software....................................................................................................................26
2.2. Virus Infection, Removal and Prevention..............................................................................31
2.3. Selecting and installing virus protection and scheduling......................................................34
Self-check-2..........................................................................................................................................37
Operation sheet 2.1: Installing kaspersky anti-virus........................................................................39
Lap Test -2.............................................................................................................................................43
Unit Three: How to Identify and taking action to stop spam.....................................................................44
3.1. Definition of Spam...................................................................................................................45
3.2. Types of spam...........................................................................................................................45
3.3. How can I stop spam?..............................................................................................................47
3.4. Configuring and using Spam filters........................................................................................50
Self-check-3..........................................................................................................................................54
Operation sheet 3.1: Set spam filter on Gmail...................................................................................55
Operation sheet 3.2 Setting Windows local Security policy.................................................................56
Lap Test -3...........................................................................................................................................59
Unit four: Perform workplace duties following written notices..............................................................60
4.1. Receiving and Following Instructions....................................................................................61
Self-Check 4.........................................................................................................................................63
Reference..............................................................................................................................................64

Prepared by Moges Tesfaye (MSc in ICT)

Unit one: user accounts control

This learning unit is developed to provide the trainees the necessary information regarding the
following content coverage and topics:
 Modifying default user settings to conform security policy
 Modifying previously created user settings to update security policy
 Ensuring legal notices displayed at logon
 Accessing information service
This unit will also assist you to attain the learning outcomes stated in the cover page.
Specifically, upon completion of this learning guide, you will be able to:
 Document and report client requirements
 Meet client requirements in line with organizational requirements.

1.1. Modifying default user settings to conform security policy

1.1.1. Introduction on user access control

User access control (UAC) is defined as the capacity of an organization and its systems to
allow or deny a user or an object access to its systems and resources. A user can be restricted
from accessing a program, database or file. An object in this definition represents passive
entities such as a system or a process. Systems and processes under the UAC are also restricted
from accessing other processes and programs.
User Account Control (UAC) helps prevent malware from damaging a PC and helps
organizations deploy a better-managed desktop. With UAC, apps and tasks always run in the
security context of a non-administrator account, unless an administrator specifically authorizes
administrator-level access to the system. UAC can block the automatic installation of
unauthorized apps and prevent inadvertent changes to system settings.
UAC allows all users to log on to their computers using a standard user account. Processes
launched using a standard user token may perform tasks using access rights granted to a
standard user.
1.1.2. Components of User Access Control

Prepared by Moges Tesfaye (MSc in ICT)

The UAC comprises three main components. Each of these components are governed by a set of
UAC policies forming management policy. The three components are:
 Identification and authentication are two processes that determine who or what, if at
all, has access to any of the systems and resources. Without proper identification and
authorization, policies dictate that absolutely no access to the system or resource is
granted. Without a valid passport, unique to an individual, the visa is not granted.
 Authorization determines what an authorized user or object can access and the scope of
that access. As a non-immigrant you can shop at any mall or store but you do not have
right to access the free national health care system as a national would.
 Accountability identifies and establishes exactly what the user or the process did within
the system once access was granted.
1.2. User Access Control Policies
These policies detail the specifics which are used in enforcing the restrictions by the user access
controls on the systems.
A. Identification Policies

1. User access—users must reveal their identity to the system. This means that the user needs to
tell the system who he/she is. This is done by using a username.
2. Object access—the system must identify the object requesting access to the system using a
matching identifier previously stored within its database. Identification is achieved by the use of
identifiers such as computer names, MAC addresses, IP (Internet Protocol) addresses, or Process
Identification (PI) numbers.
1.3. User account control process and interaction
User Account Control (UAC) is a fundamental component of Microsoft's overall security vision.
UAC helps mitigate the impact of malware

1.4. Logon process

The following shows how the logon process for an administrator differs from the logon process
for a standard user.

Prepared by Moges Tesfaye (MSc in ICT)

By default, standard users and administrators access resources and run apps in the security
context of standard users. When a user logs on to a computer, the system creates an access token
for that user. The access token contains information about the level of access that the user is
granted, including specific security identifiers (SIDs) and Windows privileges.
When an administrator logs on, two separate access tokens are created for the user: a standard
user access token and an administrator access token. The standard user access token contains the
same user-specific information as the administrator access token, but the administrative
Windows privileges and SIDs are removed

Here's how to turn User Account Control (UAC) on or off in Windows 10 and later:
1. Type UAC in the search field on your taskbar. (If the search field isn't visible, right-click
the Start button and choose Search.)

Prepared by Moges Tesfaye (MSc in ICT)

 2. Click Change User Account Control settings in the search results.
3. Then do one of the following:
o To turn UAC off, drag the slider down to Never notify and click OK.
o To turn UAC on, drag the slider up to the desired level of security and click OK.
4. You may be prompted to confirm your selection or enter an administrator password.
5. Reboot your computer for the change to take effect.

 The UAC settings.

 Always notify.

Prepared by Moges Tesfaye (MSc in ICT)

 The UAC prompt is shown when apps try to install software or make changes to your
computer and when you try to change Windows settings. The Desktop is dimmed when a
UAC prompt is shown.
 Notify me only when apps try to make changes to my computer.
This is the default setting for UAC. UAC prompts aren’t shown when you try to make
changes to Windows settings. The Desktop is dimmed when a UAC prompt is shown.
 Notify me only when apps try to make changes to my computer (do not dim my
desktop).
UAC prompts are not shown when you try to make changes to Windows settings, but the
Desktop isn’t dimmed when a UAC prompt is shown.
 Never notify.

Desktop apps in Windows 10 don’t run with administrator permissions and consequently can’t
make automatic changes to an operating system. When a desktop app wants to make system
changes (such as modifications that affect other user accounts, modifications of system files and
folders, or installation of new software), Windows 10 issues what’s called a UAC confirmation
dialog box, where users can confirm whether they want those changes to be made.
If the user clicks No, the changes won’t be made. If the user clicks Yes, the app receives
administrator permissions and makes the system changes it’s programmed to make.

Prepared by Moges Tesfaye (MSc in ICT)

1.5. Configure security policy settings in window 10
Security policy settings are rules that administrators configure on a computer or multiple devices
for protecting resources on a device or network. The Security Settings extension of the Local
Group Policy Editor snap-in allows you to define security configurations as part of a Group
Policy Object (GPO)
Security settings policies are used as part of your overall security implementation to help secure
domain controllers, servers, clients, and other resources in your organization.
Security settings can control:
 User authentication to a network or device.
 The resources that users are permitted to access.
 Whether to record a user's or group's actions in the event log.
 Membership in a group.
To manage security configurations for multiple devices, you can use one of the following
options:
 Edit specific security settings in a GPO.
The Security Settings extension of the Local Group Policy Editor includes the following types of
security policies:
 Account Policies. These policies are defined on devices; they affect how user accounts
can interact with the computer or domain. Account policies include the following types of
policies:
o Password Policy. These policies determine settings for passwords, such as
enforcement and lifetimes. Password policies are used for domain accounts.
o Account Lockout Policy. These policies determine the conditions and length of
time that an account will be locked out of the system. Account lockout policies
are used for domain or local user accounts.
o Kerberos Policy. These policies are used for domain user accounts; they
determine Kerberos-related settings, such as ticket lifetimes and enforcement.

 Local Policies. These policies apply to a computer and include the following types of
policy settings:

Prepared by Moges Tesfaye (MSc in ICT)

 o Audit Policy. Specify security settings that control the logging of security events
into the Security log on the computer, and specifies what types of security events
to log (success, failure, or both).
o User Rights Assignment. Specify the users or groups that have sign-in rights or
privileges on a device
o Security Options. Specify security settings for the computer, such as
Administrator and Guest Account names; access to floppy disk drives and CD-
ROM drives; installation of drivers; sign-in prompts; and so on.
 Windows Firewall with Advanced Security. Specify settings to protect the device on
your network by using a stateful firewall that allows you to determine which network
traffic is permitted to pass between your device and the network.
 Network List Manager Policies. Specify settings that you can use to configure different
aspects of how networks are listed and displayed on one device or on many devices.
1.6. Using appropriate utilities to check strength of passwords and its complexity rules
1.6.1. Best Practices for Password Strength

Before you use password strength checkers, you need to understand a critical aspect of identity
and access management: password best practices. After all, what good is a password validation
tool if you don’t know how to compose a strong password?
Other password security best practices include:
 Don’t Allow Repeated Passwords

The more a password appears across the web, the more likely it ends up in hackers’ hands
through other
 Don’t Allow The Sharing of Passwords

This remains a persistent problem across enterprises of all sizes. Employees can and will share
their passwords with others breaches
 Don’t Incorporate Personal Information into Your Passwords

Prepared by Moges Tesfaye (MSc in ICT)

Stereotypically, birthdays often end up in users’ passwords. However, this precept extends
further than that. Social media research and other kinds of open personal information allow
hackers to conduct significant research on their targets with minimal effort
1.1.1. Password Strength Checkers and Validation Tools

Of course, you should only use password strength checkers which you can trust. Obviously, a
trustworthy validation tool should never store your passwords in any capacity; they should only
process your passwords in the browser.

Utilities to check strength of passwords and its complexity rules

A. Comparitech Password Strength Test

The Comparitech Password Strength Test provides a strong baseline for other password strength
checkers. For example, the test can demonstrate how long hackers need to crack the inputted
password.
This test evaluates passwords based on complexity, length, and can determine whether the
password appears in the list of most commonly used passwords
A. My1Login Password Strength Test

Much like the password checker above, the My1Login Password automatically hashes the
password inputted;
A. Thycotic Password Strength Checker

The Thycotic Password Strength Checker can also recognize the most common passwords and
warns against them
1.7. Identify Security Gaps
1.7.1. Authenticating Users

Before a user can log on to a computer running Windows, connect to a shared folder, or browse a
protected Web site, the resource must validate the user’s identity using a process known as
authentication.
Windows supports a variety of authentication techniques, including

 the traditional user name and password,

Prepared by Moges Tesfaye (MSc in ICT)

  smart cards, and
 third-party authentication components.

In addition, Windows can authenticate users with the local user database.
Authentication is the process of identifying a user. In home environments, authentication is often
as simple as clicking a user name at the Windows 10 logon screen. However, in enterprise
environments, almost all authentication requests require users to provide both a user name(to
identify themselves) and a password (to prove that they really are the user they claim to be).
Smart Card

Windows 10 also supports authentication using a smart card. The smart card, which is about the
size of a credit card, contains a chip with a certificate that uniquely identifies the user. So long as
a user doesn’t give the smart card to someone else, inserting
Biometrics
Biometrics is another popular form of authentication. Although a password proves your identity
by testing “something you know” and a smart card tests “something you have,” biometrics test
“something you are” by examining a unique feature of your physiology. Today the most
common biometric authentication mechanisms are fingerprint readers (now built into many
mobile computers) and retinal scanners.

Prepared by Moges Tesfaye (MSc in ICT)

Operation sheet 2.2 Setting Windows local Security policy
 Operation title: Procedures of setting local security policy
 Purpose: To practice and demonstrate the knowledge and skill required to set window
security policy
 Instruction: follow the procedure and complete the task

Note: You will need to be an administrator to open the Local Group Policy Editor.
The Local Group Policy Editor is a Microsoft Management Console (MMC) snap-in that gives a
single user interface through which all the Computer Configuration and User Configuration
settings of Local Group Policy objects can be managed. The Local Security Policy settings are
among the security settings contained in the Local Group Policy Editor. An administrator can use
these to set policies that are applied to the computer. In this project, you will view and change
local security policy settings. Run type mmc--- file add/remove snap in--- select group policy
object-----add—browse---user—select administrator- ok

1. Click Start.
2. Type secpol.msc into the Search box and then click secpol.
Note: You may be prompted at this point for an administrator password or confirmation.
3. First create a policy regarding passwords. Expand Account Policies in the left pane and
then expand Password Policy.
4. Double-click Enforce password history in the right pane. This setting defines how many
previously used passwords Windows will record. This prevents users from “recycling”
old passwords.
5. Change passwords remembered to 4.
6. Click OK.
7. Double-click Maximum password age in the right pane. The default value is 42,
meaning that a user must change his password after 42 days.
8. Change days to 30. After changing it to 30, take a screenshot and paste it below this step.
Make sure your VM number in the top left is visible in the screenshot or no credit will be
given for this step.

Prepared by Moges Tesfaye (MSc in ICT)

 9. Click OK.
10. Double-click Minimum password length in the right pane. The default value is a length
of 8 characters.
11. Change characters to 10.
12. Click OK.
13. Double-click Password must meet complexity requirements in the right pane. This
setting forces a password to include at least two opposite case letters, a number, and a
special character (such as a punctuation mark).
14. Click Enabled.
15. Click OK.
16. Double-click Store passwords using reversible encryption in the right pane. Because
passwords should be stored in an encrypted format this setting should not be enabled.
17. If necessary, click Disabled. After clicking disabled, take a screenshot and paste it below
this step. Make sure your VM number in the top left is visible in the screenshot or no
credit will be given for this step.
18. Click OK.
19. In the left pane, click Account lockout policy.
20. Double-click Account lockout threshold in the right pane. This is the number of times
that a user can enter an incorrect password before Windows will lock the account from
being accessed. (This prevents an attacker from attempting to guess the password with
unlimited attempts.)
21. Change invalid login attempts to 5.
22. Click OK.
23. Note that the Local Security Policy suggests changes to the Account lockout duration
and the Reset account lockout counter after values to 30 minutes.
24. Click OK.
25. Expand Local Policies in the left pane and then click Audit Policy.
26. Double-click Audit account logon events.

Prepared by Moges Tesfaye (MSc in ICT)

 27. Check both Success and Failure. After checking the settings, take a screenshot and paste
it below this step. Make sure your VM number in the top left is visible in the screenshot
or no credit will be given for this step.
28. Click OK.
29. Right-click Security Settings in the left pane.
30. Click Reload to have these policies applied.
31. Close all windows.

Unit Two: Detect and remove destructive software

This unit to provide you the necessary information regarding the following content coverage
and topics:
 Defining and identifying common types of destructive software
 Selecting and installing virus protection and scheduling compatible with current
operating system
 Describing advanced systems of protection
 Establishing maintenance practices
 Installing software updates on a regular basis
 Configuring software security settings to prevent from infecting computer
 Running and/or scheduling virus protection software
 Reporting detected destructive software
 Removing destructive software
This guide will also assist you to attain the learning outcomes stated in the cover page.
Specifically, upon completion of this learning guide, you will be able to:
 Define and identify common types of destructive software
 Describe advanced systems of protection
 Configure software security settings to prevent from infecting computer
 Report detected destructive software

Prepared by Moges Tesfaye (MSc in ICT)

  Remove destructive software

. Destructive Software
2.1.1. What is destructive software’s

Destructive software isreferred toasmalware (malicious software) and the term includes viruses,
worms, logicbombs,rootkits, Trojan horses, adware, key stroke loggers and spyware
application.
2.1.2. The Common Types of Destructive Software

The common types of destructive software are:

 Virus
A computer virus is a piece of malicious code that has been designed to replicate itself when
introduced into any computing environment (its host). This host could be another computer
program, the computer's operating system partition, a document, or a removable drive
A computer program that can copy itself and infect a computer. The term "virus" is also
commonly but erroneously used to refer to other types of malware, adware, and spyware
programs that do not have the reproductive ability.
 Worm
Write Once, Read Many (Write One, Read Multiple or WORM); a software program capable of
reproducing itself that can spread from one computer to the next over a network;
 Logic Bomb
Set of instructions inserted into a program that are designed to execute (or `explode') if a
particular condition is satisfied; when exploded it may delete or corrupt data, or print a spurious
message, o
 Trojan Horse
A Trojan, as the name implies, secretly carries often-damaging software in the guise of an
innocuous program, often in an email attachment.
 Adware

Prepared by Moges Tesfaye (MSc in ICT)

Adware is software that loads itself onto a computer and tracks the user's browsing habits or
pops up advertisements while the computer is in use

Adware and spyware disrupt your privacy and can slow down your computer as well as
contaminate your operating system or data files
 Spyware
Software that obtains information from a user's computer without the user's knowledge or
consent
2.1.3. Types of Viruses
Viruses are split into different categories, depending on what they do. Here are a few categories
of viruses:
 Boot Sector Virus
The Boot Sector of a PC is a part of your computer that gets accessed first when you turn it on. It
tells Windows what to do and what to load. It's like a "Things To Do" list. The Boot Sector is
also known as the Master Boot Record. A boot sector virus is designed to attack this, causing
your PC to refuse to start at all!
 File Virus
A file virus, as its name suggests, attacks files on your computer. Also attacks entire programs,
though.
 Macro Virus
These types of virus are written specifically to infect Microsoft Office documents (Word, Excel
PowerPoint, etc.) A Word document can contain a Macro Virus. You usually need to open a
document in a Microsoft Office application before the virus can do any harm.
 Electronic Mail (Email) Virus
Email can be used to transmit any of the above types of virus by copying and emailing itself to
every address in the victim’s email address book, usually within an email attachment. Each time
a recipient opens the infected attachment, the virus harvests that victim’s email address book and
repeats its propagation process.

2.1.4. Virus Infection Symptoms

Prepared by Moges Tesfaye (MSc in ICT)

Common symptoms of a virus-infected computer include
 A computer program disappears from its memory, especially if there is no known
removal of the program.
 Unfamiliar music or sounds unexpectedly starts playing through the speakers.
 Icons appear on the desktop unrelated to any programs that are currently being
installed, or new icons seem to appear when no software has been installed.
 An antivirus program will not run, or a new one will not install properly or at all.
 Previously installed antivirus programs will suddenly disable and can not be restarted.
 Files that have been recently opened suddenly have more than one extension, such
as .exe, .vbs, .gif, or .jpg.
 Dialog boxes and menus seem to be distorted or different.
 Unusual error messages will pop up.
 Items are not printing correctly.
 Disk drives or disks become inaccessible.
 An application or applications are not working correctly.
 The computer isn’t running as well as usual, or the computer reboots on its own.
 The computer restarts continuously.
 The computer locks up frequently or stops responding.
 The computer seems to be losing processing speed
2.1.5. Preventing viruses
There are several steps a person can take to make sure these symptoms do not appear on their
computer. These include
 Use reputable antivirus software – As mentioned before, even the best antivirus
software programs are fallible. However, they’re still the best method of preventing
malware attacks. They’re also hand if malware does pass through, especially if it comes
with removal and backup systems.
 Keep computers update – Make sure that all software, especially operating system
software and your preferred Internet browser, contain the most up-to-date patches and

Prepared by Moges Tesfaye (MSc in ICT)

 updates. These are usually published to keep computers safe from the latest known
threats.
A. Selecting and installing virus protection and scheduling
 Installing virus protection
Installing virus protection or antivirus software is used to prevent, detect, and remove malware,
including but not limited to computer viruses, computer worm, trojan horses, spyware
and adware.
Finally, antivirus software generally runs at the highly trusted kernel level of the operating
system, creating a potential avenue of attack.

Based on research, these are the best antivirus:

1. Norton 360 – Best antivirus for individual PC and Mac users. Delivers well-regarded
internet security that can include ID theft protection with LifeLock.
2. TotalAV – Best antivirus for web browsing protection. Actively scans for suspicious
websites and monitors for criminal use of your private information.
3. Intego Antivirus – Best web protection for Mac users. The company is a rarity,
focusing its services and builds primarily on OSX and iOS devices.
4. McAfee Total Protection – Offers well-respected protection for individuals or families.
5. VIPRE Antivirus – Consistently scores above more well-known brands in independent
testing lab analyses.
6. Bitdefender Internet Security – Maintains consistently reliable performance and
includes a webcam protection tool.
7. Kaspersky Lab Internet Security – Best selection of features. Includes a secure,
encrypted browser for online shopping.
8. Avira Antivirus – Blocks phishing attacks on social media and email.
9. Avast – Analyzes app behavior for potential malicious activity
2.1.6. Schedule a scan in Microsoft Defender Antivirus

Prepared by Moges Tesfaye (MSc in ICT)

Microsoft Defender Antivirus regularly scans your device to help keep it safe. We try to do this
while you’re not using your device so it doesn’t interfere with your work. You can also schedule
Microsoft Defender Antivirus to scan at a time and frequency that you choose.
1. In the search box on your taskbar, enter Task Scheduler and open the app.
2. In the left pane, expand Task Scheduler Library>Microsoft>Windows, and then scroll
down and select the Windows Defender folder.
3. In the top center pane, double-click Windows Defender Scheduled Scan.

4. In the Windows Defender Scheduled Scan Properties (Local Computer) window,

select the Triggers tab, go to the bottom of the window, and then select New.
5. Specify how often you want scans to run and when you’d like them to start.

Operation sheet 2.1: Installing kaspersky anti-virus

 Operation title: Installing Kaspersky anti-virus
 Purpose: To Install anti-virus
 Instruction: Download the Kaspersky antivirus and install on your computer
1. Download the Kaspersky Anti-Virus installer from the Kaspersky website, or via the link
in the email you received from the online store.
2. Run the downloaded installer.

Prepared by Moges Tesfaye (MSc in ICT)

 3. Wait until the wizard finds the latest version of the application or click Skip to install the
current version.

4. Click the link to review the License Agreement. If you agree to its terms, click
Continue.

Prepared by Moges Tesfaye (MSc in ICT)

 5. Click the link to review the KSN Statement. If you want to participate in Kaspersky
Security Network, leave the corresponding checkbox selected.
6. Click Install.

Prepared by Moges Tesfaye (MSc in ICT)

 7. Wait for the installation to complete. Make sure settings you want to apply are selected
and click Apply.

Prepared by Moges Tesfaye (MSc in ICT)

 8. Click Done

Prepared by Moges Tesfaye (MSc in ICT)

Lap Test -2
Instructions: Given necessary templates, tools and materials you are required to perform the
following tasks
1. Install & Use kaspersky Antivirus
A. Install kaspersky antivirus
A. Auto Scan Schedule – Weekly every Monday and Friday at 4:00 AM
B. Scan your storage drive

Lap Test -3
Instructions: Given necessary templates, tools and materials you are required to perform the
Following tasks
1. .Turn on your Windows Defender Firewall
2. Turn on User Account Control

Unit Three: How to Identify and taking action to stop spam

This unit to provide you the necessary information regarding the following content coverage
and topics:
 Defining and identifying common types of spam

Prepared by Moges Tesfaye (MSc in ICT)

  Taking Appropriate action to protect unauthorized access of spammers
 Configuring and using Spam filters
 Reporting and documenting Spams to identify the security threats and perform
recommended action
This guide will also assist you to attain the learning outcomes stated in the cover page.
Specifically, upon completion of this learning guide, you will be able to:
 Define and identify spam
 Protect unauthorized access of spammers
 Configure using spam filter
 Report and document spams to identify the security threats

3.1. Definition of Spam

Spam is any kind of unwanted, unsolicited digital communication that gets sent out in bulk.
Often spam is sent via email, but it can also be distributed via text messages, phone calls, or
social media.
3.1. Types of spam
Spammers use many forms of communication to bulk-send their unwanted messages. Some of these are
marketing messages peddling unsolicited goods
Below are several types of spam to look out for.
A. Phishing emails

Phishing emails are a type of spam cybercriminals send to many people, hoping to “hook” a few
people. Phishing emails trick victims into giving up sensitive information like website logins or
credit card information.
Adam Kujawa, Director of Malwarebytes Labs, says of phishing emails: “Phishing is the simplest kind of
cyberattack and, at the same time, the most dangerous and effective. That is because it attacks the most
vulnerable and powerful computer on the planet: the human mind.”
B. Tech support scams

In a tech support scam, the spam message indicates that you have a technical problem and you should
contact tech support by calling the phone number or clicking a link in the message

Prepared by Moges Tesfaye (MSc in ICT)

 C. Email spoofing

Spoofed emails mimic, or spoof, an email from a legitimate sender, and ask you to take some
sort of action. Well-executed spoofs will contain familiar branding and content, often from a
large well-known company such as PayPal or Apple. Common email spoofing spam messages
include:
D. Current event scams

Hot topics in the news can be used in spam messages to get your attention.
E. Malspam

Short for “malware spam” or “malicious spam,” is a spam message that delivers malware to your device
F. Spam calls and spam texts

Have you ever received a robocall? That’s call spam. A text message from an unknown sender
urging you to click an unknown link? That’s referred to as text message spam or “smishing,” a
combination of SMS and phishing.
3.1. How can I stop spam?

While it may not be possible to avoid spam altogether, there are steps you can take to help
protect yourself against falling for a scam or getting phished from a spam message:
 Learn to spot phishing

To protect yourself, learn to check for some key signs that a spam message isn’t just annoying—
it’s a phishing attempt:

1. Sender’s email address: If an email from a company is legitimate, the sender’s email
address should match the domain for the company they claim to represent. Sometimes
these are obvious, like [email protected], but other times the changes are less
noticeable, like [email protected] instead of paypal.com.
2. Links: Beware of all links, including buttons in an email. If you get a message from a
company with whom you have an account, it’s wise to log in to your account to see if

Prepared by Moges Tesfaye (MSc in ICT)

 there is a message there rather than just clicking the link in the message without verifying
first.
3. Attachments: Unless you are expecting an email with attachments, always be wary before
opening or downloading them.

 Install cybersecurity

In the event that you click a bad link or download malware sent to you via spam, good cybersecurity
software will recognize the malware and shut it down before it can do any damage to your system or
network.
 Use two factor-authentication (2FA)

With two-factor or multi-factor authentication, even if your username and password are
compromised via a phishing attack, cybercriminals won’t be able to get around the additional
authentication requirements tied to your account. Additional authentication factors include secret
questions or verification codes sent to your phone via text message.

3.1. Configuring and using Spam filters

3.1.1. What is a spam filter?

A spam filter is a program used to detect unsolicited, unwanted and virus-infected emails and
prevent those messages from getting to a user's inbox. Like other types of filtering programs, a
spam filter looks for specific criteria on which to base its judgments.
3.1.1. What are the different types of spam filters?

There are many different types of spam filters. The most frequently used filters include the
following:
Blocklist filters. Blocklist filters block spam emails from senders that have been added to a
comprehensive spammers list.
Content filters. Content filters examine the contents of each email and use that information to
decide whether it is spam or not
Header filters. Header filters analyze email headers to determine if they originated from a
legitimate source

Prepared by Moges Tesfaye (MSc in ICT)

Language filters. Spammers often target people worldwide and, sometimes, send emails from
geographic areas where the language is different from the recipient's native language

Operation sheet 3.1: Set spam filter on Gmail

 Operation title: Setting spam filter on G-mail Account
 Purpose: To Set spam filter on gmail
 Instruction: perform the following task by follow the procedure below.
 Equipment, Tools & materials: Gmail account , internet connection
 Procedure:

1. Setting your spam filter in Gmail

2. Log in to your Gmail account
3. First, click on the Settings icon that looks like a gear.
4. Then, navigate to “Filters and Blocked Addresses.”
5. Choose “Create New Filter.”
6. Click in the “From” section, and type in the email address from the sender that you want to
keep out of your spam folder.
7. Finally, click “Create Filter,” and you will now be able to view messages from this sender
without navigating to the spam folder.

Prepared by Moges Tesfaye (MSc in ICT)

Prepared by Moges Tesfaye (MSc in ICT)