Author: Marc Chouinard
Marc Chouinard
Marc Chouinard is an expert’s expert who has more than 15 years of IT experience. As Head of a Security Operations Team, he is always available, responding 24/7 to new threats: “Sleeping is a waste of time!” A natural fixer of broken things, he has an uncommon approach to problem solving and a phenomenal (some say scary) memory for numbers. Non-technical individuals might refer to what Marc does as IT Voodoo. Oh, and did we mention he has a great sense of humor too?
Articles by this author
Please take my money!
Here’s the latest phishing attempt that I think is worth sharing. Long gone are the days when “photoshopping” pictures was done only for online dating! (Nov 07, 2011)
Sure! My mobile number is…
Most major news events provide an open door for email exploits. You just need a little something to appeal to the voyeur in all of us, especially live video footage (remember the BIn Laden video a few months ago?). If you have security protection on your computer (and I really hope you do), you should be fine, as long as you have more than basic AV scanning. (Jul 27, 2011)
Tired of dot.com? Do you have $185,000?
You think the Internet is a jungle? You haven't seen anything yet! A while ago, we were working on standardizing Internet domain names in an attempt to classify email traffic. Example: by forcing adult content to add “SEXUALLY-EXPLICIT” in emails, the creation of .xxx domains, and many other ideas that never came to light. (Jun 23, 2011)
Look Ma, I’m a SPAM (a Dell Story)
Kids, today I will tell you the story of a legitimate message that wanted to be a spam. Once upon a time, a legitimate Dell email was being sent to customers. For years he was treated as a boring legit. But one day he decided he wanted to be someone: he wanted to look like a SPAM, or no - even better - a PHISH! (Jun 16, 2011)
Spear Legit - Wait… What?
It’s not easy being an anti-spam specialist. When reputation scores and other filters fail to block all the junk, we sometimes have to jump in and analyze the messages manually. All the while, millions of end-users are breathing down my neck, waiting for me to release an update ASAP. (May 06, 2011)
Epsilon security breach: we’re all targets to spear phishing now!
You’ve been told time and again to be careful about who you give your email address to, and to NOT give any personal information to businesses you don’t know or trust. But what about the BIG guys you do trust? Epsilon just experienced a security breach resulting in a major data theft. (Apr 04, 2011)
Where do you hide your porn?
Yet again, a Hollywood star's Gmail account has been hacked, exposing Vanessa Hudgens' private pictures on the Net. This follows similar public airings of Ali Larter, Busy Phillips, Scarlett Johansson, Miley Cyrus, Emma Caulfield, Addison Timlin, Renee Olstead and ...you? (Apr 02, 2011)
Hijacked by free Wifi: It can cost you
It's just like jaywalking: you know it's wrong, but you do it anyway. If your monthly data plan is almost full, you’ll probably connect to a public hotspot to save some bucks. (Mar 10, 2011)
Spear Phishing with unsecured databases
Remember the old phishing emails that starting with “Dear User1”? Well, those days have passed and scammers have gotten to know you better. And where’s the best place to do that - Facebook? Yes of course, but that’s not the only source of information. (Feb 14, 2011)
World Business Guide 2011: New Year, Old Scam
Over the past 6 years, this scam has been called Euro Business Guide and World Business Directory, claiming thousands of victims and making thousands of dollars in the process. Why change a winning formula? In 2011 it’s back as the World Business Guide. (Jan 21, 2011)
Phishing alert: you’ve got 1 hour!
John P Mello Jr reports that criminals use the first hour after an attack to harvest valuable info, then disappear. How fast is your anti-phishing response? (Dec 24, 2010)
Are you afraid of the cloud?
If you need only a cheap solution for your not-so sensitive data, the bargain bin option is good enough. If you really want to jump into the cloud, look deeper and spend a bit more. But is that enough? Cybercriminals, from basement-dwelling amateur hackers to professional criminal organizations, everyone is trying to get in. Once in, it’s all over: they can see absolutely everything. But how they do get in? (Dec 02, 2010)
Latest spear phishing wave targets companies
Let’s say your name is Jim and you get this email. It looks like this Michelle knows you but you can’t really remember who she is. Since you have 8,641,037 friends on Facebook, you decide to trust the email (it’s not perfect, but it’s not as full of typos as typical spam, so that’s a start!). (Nov 12, 2010)
I’m getting flooded with spam - HELP!!
Here are the top 3 security gaffes and a bonus one! (Oct 13, 2010)
Adam Guerbuez follow-up: Lost his case
A Quebec court upheld the US judgment against Adam Guerbuez and ordered him to pay $1,068,928,721.46 CDN to Facebook. (Oct 05, 2010)
Sex, pills & scams
These three words reflect 90% of the spam traffic for May-June 2010. Between fake Twitter emails and classic Nigerian 419, there was a rise of new phishing attempts using .html attachment files. (Jul 15, 2010)
Interview with Adam Guerbuez: $873 Million Dollar Man
"I need a one way ticket to Tijuana!" You might think that if something happens and you want to escape. But if you live in Canada, just sit back and relax - you have nothing to worry about. Canada is known for their lazy laws for certain types of crimes, especially "new" ones (like the latest incidents of financial fraud and spam). (Jun 07, 2010)
Think you don’t spam? Think again!
Who has never sent email spam? Maybe you wanted to promote something, contact friends or relatives you never really emailed before (at least with a normal email), send a chain letter that promised success and money or to promote a garage sale using your local hockey team email list? Maybe you sent a message for your business using a large contact list grabbed on a corporate email with a multitude of CC’d addresses? Or did you ‘borrow’ the customer list from work for your own use? (Oh, that’s bad!) (May 05, 2010)
(Un)subscribe me
Hundreds of emails get blocked daily by your spam filters, but sometimes one slips through. You look it over and it appears to be very legitimate. You don’t remember clicking ‘Yes’ to subscribe to this newsletter, but you see the classic, “You are receiving this because you subscribed to one of our partners… blah, blah, blah… and this is an excuse for us to send you spam. Yeah, it’s true: XYZ company is one of our partners, we do their mass mailing and we grabbed your address at the same time!” So, now you’re tempted to click the Unsubscribe button, but how can you tell if it’s legit? And how do you know that clicking unsubscribe won’t tell the spammer, “Hey I’m alive and I actually read what you sent - send me more”? (Mar 17, 2010)
Battle of the Newsletters: Marketing 1, Security 0
While working on a False Positive (yes, it can happen to the best of us), I was stunned to discover how marketing people can bend email security rules. (Feb 22, 2010)
Would you fall for this?
If you're about to sell something online, beware! I planted a dummy advertisement and went hunting for scammers, which wasn't difficult at all. Scams are all around us, and here are 2 where I deliberately offered myself as a "victim." (Jan 25, 2010)
2009 Spam Review
2009, according to the Chinese calendar, was the Year of the Ox: “People born in the Year of the Ox are patient, speak little, and inspire confidence in others.” Well that description pretty much sums up most of the spam sent in 2009: the perpetrators tended to say little in the messages, but oh did they inspire confidence – in the criminal sense! 2009 showed a remarkable increase in Phishing/Fraud content. (Jan 11, 2010)
Ho Ho..ohhh!
This scam is not that popular yet, but we’ll probably begin hearing more about it in 2010, thanks to Web 2.0. (Dec 07, 2009)
Help spammers create new email accounts
You are about to subscribe to a website, a newsletter, get a free email account, or try to download something. You’ve never heard of this site before but it has what you need. Before you can click Confirm, you’re asked to complete a Captcha validation. Okay, no big deal: you enter the string and press “Confirm.” (Nov 30, 2009)
Unsubscribe me!
At some point you receive a newsletter that looks quite legit, but you don’t recall subscribing to it. While looking at the content, you can’t figure out if it’s spam or not. What do you do with it? Delete! (And block the sender too, if you can). (Nov 18, 2009)
Top 3 Spam Trends for October
The top 3 spots were determined by the sheer volume of messages that were tracked by our system. In third place, it was a tie between "Lose WeightInstantly" PDFs and the flood of messages that originated from Chinese (cn) domains. (Nov 02, 2009)
We need spam to sell our anti-spam
The ISP market is a jungle: it’s every man for himself and leave the wounded behind. Some time ago, I subscribed to a big ISP (that shall remain nameless) that was leading the market. When I subscribed, I gave my chosen username for the email address – although it was included with the service I never used it (I didn’t even configure it). The username is a mix of things that make it unique and pretty much unreachable through dictionary attacks, something like 667gptfoo99x@. (Oct 26, 2009)
Who do you trust?
There were 2 major malware waves last week that caused a big impact. The first one involved the Outlook Notification virus, which some major AV providers were still unable to catch even after 12 hours in the wild. (Oct 19, 2009)
Hello my Friend… My name is Irina
Since “Russian wife” spam is on the rise, I’ll take this occasion to tell you a little story. An old colleague (let’s call him John) answered one of those messages about 2 or 3 years ago, just to see how things would go. The “girl” replied very quickly, and they soon began chatting about almost everything. (Oct 05, 2009)
Spam Trends - September 2009
While examining our spam traffic over the last 4 weeks, I extracted the "new” content data. We received the usual spam every week, but occasionally had noticeable outbreaks. (Sep 28, 2009)
More Recent News
Recent Spam Survey Winners
We are extremely pleased with the tremendous response that we have received to this point from our Fight Email Spam survey. As promised we have randomly selected winners of our gift card prizes. (Jan 23, 2012)
New Year's Resolution
We spend 8 to 10 (or more) hours a day at work - more time than we spend anywhere else - and our desks/workspaces are becoming our kitchen tables. But, do you realize that our desks are covered in more bacteria... (Jan 20, 2012)
Email Usage Survey
We are currently conducting a market research on email usage at work. Thank you for filling our this very short survey. (Jan 12, 2012)
