Category : All about Spam
Recent Winners of Fight Email Spam Survey
We are extremely pleased with the tremendous response that we have received to this point from our Fight Email Spam survey. As promised we have randomly selected winners of our gift card prizes. (Jan 23, 2012)
Anti-Spam for Exchange: Multi-Layer, Per-Domain & Per-User Configuration & Reports
Does your anti-spam solution provide you with granular, muti-layer configuration and reports? Have you ever found yourself wishing you were able to set one domain’s, one department’s or one user’s anti-spam filtering differently than the rest? Multi-layer per-domain and per-user configuration is the correct prescription. (Dec 16, 2011)
Fight Email Spam and Win!
We want to hear what spam challenges you face - even if you don’t use Vircom’s spam solutions. Take our 3-minute survey on Spam and enter for a chance to win cool prizes, including the new iPhone 4S. We will use the data to continue improving our product and will share our findings with you. (Dec 09, 2011)
Please take my money!
Here’s the latest phishing attempt that I think is worth sharing. Long gone are the days when “photoshopping” pictures was done only for online dating! (Nov 07, 2011)
The Evolution of Spam
Even spammers evolve with time. As we become better equipped to deal with traditional spam email, spammers have had to rethink their methods of cyber attack. The result is phishing - targeted attacks aimed to gain access to highly sensitive personal or corporate data, such as usernames, passwords or credit card details, by luring unsuspecting recipients via email to a fake website disguised as a legitimate one from a trusted source. (Aug 25, 2011)
It Won’t Happen to Me
I came across an interesting report entitled ‘2010 MAAWG Email Security Awareness and Usage Report’ from the Messaging Anti-Abuse Working Group (MAAWG). The report was compiled from a January 2010 survey that the MAAWG conducted of more than 3,700 email users (who do not rely on an IT person to manage their email address) in 6 countries including Canada, US, France, Germany, Spain and the United Kingdom and gives insight into the behaviors of respondents regarding email usage and computer viruses. (Aug 02, 2011)
Unsolicited Bulk Email i.e. Spam!
Spam is defined as unsolicited bulk email (UBE). We all receive unsolicited email every day (advertisements, sales enquiries, job enquiries). That alone doesn’t make it spam. It takes two to tango. An email is considered spam only if it is both unsolicited and sent in bulk to a large quantity of recipients. (Jul 26, 2011)
Look Ma, I’m a SPAM (a Dell Story)
Kids, today I will tell you the story of a legitimate message that wanted to be a spam. Once upon a time, a legitimate Dell email was being sent to customers. For years he was treated as a boring legit. But one day he decided he wanted to be someone: he wanted to look like a SPAM, or no - even better - a PHISH! (Jun 16, 2011)
Rustock & Other Major Spam Botnets That Unleashed Their Zombie Armies On To The Web
When the infamous Rustock botnet was taken down, it helped reduce one third of all junk email being sent. Botnets are responsible for an average of 88% of all spam sent globally. For anyone new to the term, a botnet is essentially a network of infected computers (i.e. zombie computers) operated by criminal entities, which are programmed to perform malicious tasks or functions. (Jun 14, 2011)
TDS (Traffic Distribution System) : Custom made malware
There is a common-sense rule that says: to make a substantial amount of money in a market where the conversion rate is small, you have to increase your target audience and find as many ways possible to reach potential customers. You want a mass market. Cyber-criminals seek the same thing. With increasing numbers of computer types, tablets, smart phones, etc., the pool of potential customers (or victims) is greatly expanding. (Jun 02, 2011)
How to detect a spammer on your network? What to do about it?
The mechanics of detecting a spammer on your network is fairly straightforward. Spammers will spam via your network in two ways: (1) Via a compromised host on your network. An infected machine has become a bot in a botnet and is sending out spam directly to the internet. (2) Via a compromised mail account where the spammer will be using one of your user's mail accounts to broadcast spam via your own MTA. (May 31, 2011)
ISP Feedback Loops
So your email traffic is getting blocked by the major ISPs but you're not getting much cooperation from them when it comes to getting unblocked. Then it might be time for you - or whoever is responsible for the email server - to sign up for various Feedback Loops (FBL). Most major ISPs have these loops in place to keep you informed about any complaints against your organization, the reasons for your being blocked, and the process to follow to resolve the situation. (May 16, 2011)
Spear Legit - Wait… What?
It’s not easy being an anti-spam specialist. When reputation scores and other filters fail to block all the junk, we sometimes have to jump in and analyze the messages manually. All the while, millions of end-users are breathing down my neck, waiting for me to release an update ASAP. (May 06, 2011)
Conficker worm on April 1st
It's that time of year again when most admins get more nervous about computer security. Why? April 1st is looming, and often malware is implanted on victims' machines with an internal timer set to unleash its effects on April Fool's Day. (Mar 29, 2011)
How to Analyze Spam Email Headers
Spam characteristics appear in two parts of an email: the message header and the message content. Headers are important to examine because they show the history of the message delivery path as well as some common characteristics of spam. When a message is initially generated, it should include standard header fields such as From, To, Subject, Date, and Message-ID. Other standard headers include Received, Cc, Bcc, etc. (Mar 22, 2011)
Word of the Week: Clickjacking
Clickjacking scams are making the rounds of Facebook users again, and while the current wave is supposedly under control (according to the FB people) new versions keep popping up all the time. (Mar 07, 2011)
Spear Phishing with unsecured databases
Remember the old phishing emails that starting with “Dear User1”? Well, those days have passed and scammers have gotten to know you better. And where’s the best place to do that - Facebook? Yes of course, but that’s not the only source of information. (Feb 14, 2011)
Lt. Nicholas Hamilton - US Army Lieutenant Iraq Scam
It appears the Nigerian 411-type scam has invaded Iraq, and it’s using American soldiers as the bait and hook. Our spam filters are picking up this new form of trash that will definitely play on Americans’ patriotism and their support for their troops. (Feb 09, 2011)
Spam Crossword: Do you know your spam?
Take a break and play our Spam Crossword! (Feb 04, 2011)
World Business Guide 2011: New Year, Old Scam
Over the past 6 years, this scam has been called Euro Business Guide and World Business Directory, claiming thousands of victims and making thousands of dollars in the process. Why change a winning formula? In 2011 it’s back as the World Business Guide. (Jan 21, 2011)
Word of the Week: Pagejacking
Pagejacking is defined in Vircom’s Glossary of Spam Terms as “A form of spamming a search engine’s index (spamdexing) whereby spammers make a copy of a website and use it to redirect surfers to malicious websites.” This means that a website page (preferably one with a high page ranking) is copied (sometimes with meta-tags) and the traffic is filtered off to another site. (Jan 13, 2011)
Word of the Week: Bacn
What? Wait a second…we’ve heard of spam (and dread it) but what is this bacn you speak of? Mmm bacon (a la Homer Simpson). Nope, not that kind! Bacn, as described by Wikipedia, is all that email that you have signed up for (think: countless newsletters that seemed necessary at the time) but are often not read by you for a long period of time. (Nov 23, 2010)
Latest spear phishing wave targets companies
Let’s say your name is Jim and you get this email. It looks like this Michelle knows you but you can’t really remember who she is. Since you have 8,641,037 friends on Facebook, you decide to trust the email (it’s not perfect, but it’s not as full of typos as typical spam, so that’s a start!). (Nov 12, 2010)
WHOIS Woes
Over the last couple of weeks, I’ve been working on a project where I needed to determine the creation dates of various domains. Little did I know about the complexities involved in achieving such an apparently simple task. After all, ICANN has a WHOIS Data Reminder Policy (WDRP), thus all domains must have this information readily available via a simple WHOIS query. (Oct 25, 2010)
The Spam War Debate
Have you read any of the Spam Wars debate by Computerworld bloggers David A. Milman 1 and Richi Jennings 2? Both make valid points, but the brunt of their focus was on dealing with Inbox contents, which is the last line of defense. In my opinion, the real problems lie at the head of the matter: the design of the Internet and the message transmission structure, and that little thing called money. The only true way to win the spam wars is to cut off both heads of the beast. What do you think? (Oct 08, 2010)
Adam Guerbuez follow-up: Lost his case
A Quebec court upheld the US judgment against Adam Guerbuez and ordered him to pay $1,068,928,721.46 CDN to Facebook. (Oct 05, 2010)
Sex, pills & scams
These three words reflect 90% of the spam traffic for May-June 2010. Between fake Twitter emails and classic Nigerian 419, there was a rise of new phishing attempts using .html attachment files. (Jul 15, 2010)
Interview with Adam Guerbuez: $873 Million Dollar Man
"I need a one way ticket to Tijuana!" You might think that if something happens and you want to escape. But if you live in Canada, just sit back and relax - you have nothing to worry about. Canada is known for their lazy laws for certain types of crimes, especially "new" ones (like the latest incidents of financial fraud and spam). (Jun 07, 2010)
Think you don’t spam? Think again!
Who has never sent email spam? Maybe you wanted to promote something, contact friends or relatives you never really emailed before (at least with a normal email), send a chain letter that promised success and money or to promote a garage sale using your local hockey team email list? Maybe you sent a message for your business using a large contact list grabbed on a corporate email with a multitude of CC’d addresses? Or did you ‘borrow’ the customer list from work for your own use? (Oh, that’s bad!) (May 05, 2010)
Are machines really the “bad guys”?
Do you know what this is? Of course you do! This, along with some other strange stuff, has gained popularity and become part of our virtual life when browsing the web. CAPTCHAs (as they’re known) are one example of a Turing test: a challenge-response criteria that is used to determine the probability that a remote being is actually a human vs. a computer that’s trying to mimic a human response. (Mar 31, 2010)
(Un)subscribe me
Hundreds of emails get blocked daily by your spam filters, but sometimes one slips through. You look it over and it appears to be very legitimate. You don’t remember clicking ‘Yes’ to subscribe to this newsletter, but you see the classic, “You are receiving this because you subscribed to one of our partners… blah, blah, blah… and this is an excuse for us to send you spam. Yeah, it’s true: XYZ company is one of our partners, we do their mass mailing and we grabbed your address at the same time!” So, now you’re tempted to click the Unsubscribe button, but how can you tell if it’s legit? And how do you know that clicking unsubscribe won’t tell the spammer, “Hey I’m alive and I actually read what you sent - send me more”? (Mar 17, 2010)
Spam by the numbers
So you think spam volumes have gone down, right? Wrong! Have a look at this video which captures the stats quite well…. (Mar 10, 2010)
Battle of the Newsletters: Marketing 1, Security 0
While working on a False Positive (yes, it can happen to the best of us), I was stunned to discover how marketing people can bend email security rules. (Feb 22, 2010)
Catch a botnet by the tail
Catch a lizard by the tail and it will shed its tail and run free. This is a fun fact of nature (even more fun when you’re a kid) and a very clever trick to fend off a predator’s attacks. And did you know that if you try to catch a botnet, chances are the same thing will happen? (Feb 19, 2010)
Would you fall for this?
If you're about to sell something online, beware! I planted a dummy advertisement and went hunting for scammers, which wasn't difficult at all. Scams are all around us, and here are 2 where I deliberately offered myself as a "victim." (Jan 25, 2010)
2009 Spam Review
2009, according to the Chinese calendar, was the Year of the Ox: “People born in the Year of the Ox are patient, speak little, and inspire confidence in others.” Well that description pretty much sums up most of the spam sent in 2009: the perpetrators tended to say little in the messages, but oh did they inspire confidence – in the criminal sense! 2009 showed a remarkable increase in Phishing/Fraud content. (Jan 11, 2010)
Ho Ho..ohhh!
This scam is not that popular yet, but we’ll probably begin hearing more about it in 2010, thanks to Web 2.0. (Dec 07, 2009)
Help spammers create new email accounts
You are about to subscribe to a website, a newsletter, get a free email account, or try to download something. You’ve never heard of this site before but it has what you need. Before you can click Confirm, you’re asked to complete a Captcha validation. Okay, no big deal: you enter the string and press “Confirm.” (Nov 30, 2009)
How can we stop the botnets?
Botnets are a fascinating piece of software – yes, they really are! Although they lie deep in the “dark” stack of widespread tools that are used to perpetrate cyber-crimes, they really shine as well-engineered structures. They are forced to constantly evolve because of the current and on-going “arms-race” between security experts and cyber-criminals. (Nov 20, 2009)
Unsubscribe me!
At some point you receive a newsletter that looks quite legit, but you don’t recall subscribing to it. While looking at the content, you can’t figure out if it’s spam or not. What do you do with it? Delete! (And block the sender too, if you can). (Nov 18, 2009)
Botnet Generated Spam
Botnets are networks of compromised machines that are under the command and control (C&C) of one entity - the botnet master. They are typically used for crimes such as denial-of-service attacks, identity thefts, phishing and, most commonly, for sending spam. Current botnets have easy-to-use HTML-based interfaces and can be rented out by spammers for their various spamming campaigns. Researchers reported that during 2008, 85% of spam was generated by six botnets (Mega-D, Srizibi, Storm, Rustock, Pushdo and Cutwail). (Nov 06, 2009)
Top 3 Spam Trends for October
The top 3 spots were determined by the sheer volume of messages that were tracked by our system. In third place, it was a tie between "Lose WeightInstantly" PDFs and the flood of messages that originated from Chinese (cn) domains. (Nov 02, 2009)
We need spam to sell our anti-spam
The ISP market is a jungle: it’s every man for himself and leave the wounded behind. Some time ago, I subscribed to a big ISP (that shall remain nameless) that was leading the market. When I subscribed, I gave my chosen username for the email address – although it was included with the service I never used it (I didn’t even configure it). The username is a mix of things that make it unique and pretty much unreachable through dictionary attacks, something like 667gptfoo99x@. (Oct 26, 2009)
Who do you trust?
There were 2 major malware waves last week that caused a big impact. The first one involved the Outlook Notification virus, which some major AV providers were still unable to catch even after 12 hours in the wild. (Oct 19, 2009)
Hello my Friend… My name is Irina
Since “Russian wife” spam is on the rise, I’ll take this occasion to tell you a little story. An old colleague (let’s call him John) answered one of those messages about 2 or 3 years ago, just to see how things would go. The “girl” replied very quickly, and they soon began chatting about almost everything. (Oct 05, 2009)
Spam Trends - September 2009
While examining our spam traffic over the last 4 weeks, I extracted the "new” content data. We received the usual spam every week, but occasionally had noticeable outbreaks. (Sep 28, 2009)
Here’s a Quick Way to Stop Chain Letters
You’ve never heard of "white spam"? Of course not, I just made it up. Also called "friend spam," white spam is legitimate email that comes from annoying sources: a friend or relative (or both) who sends his daily home-made blog, details of adventures with his dog or multiple weekly chain letters. (Sep 21, 2009)
Free HotSpots! Do banking while we look!
You are downtown and don’t have an EVDO/3G connection. After scanning the area, you find an SSID called “Free Internet 4 You.” Cool! You connect to the network, start checking your emails and maybe do some financial transactions, and… you’ve probably fallen into a trap. (Sep 14, 2009)
Top 5 reasons why your email was caught as spam: true stories
5 Reasons why your email might have been caught as spam (Sep 07, 2009)
Image Spam is Back! Really?!
You got 2 spam messages during the week-end. Oh my God, file a complaint! But take a look at your older quarantine or spam report contents: you’ll see that hundreds, if not thousands, of spam were caught during that period. So, is seeing only 2 spam really a big deal? (Aug 31, 2009)
Phishing threats: only by email?
You’ve all heard of the typical phishing emails that target Uncle Joe and Aunt Patty, urging them to send their personal information over the Internet because they “won the lottery.” Yes, they are the biggest fish out there, making phishing activities very attractive for scammers. But another threat is lurking quietly behind your computer: your kids. Attracted by emulators, free games and P2P, etc., this is where the dangers begin. (Aug 24, 2009)
More Recent News
Recent Spam Survey Winners
We are extremely pleased with the tremendous response that we have received to this point from our Fight Email Spam survey. As promised we have randomly selected winners of our gift card prizes. (Jan 23, 2012)
New Year's Resolution
We spend 8 to 10 (or more) hours a day at work - more time than we spend anywhere else - and our desks/workspaces are becoming our kitchen tables. But, do you realize that our desks are covered in more bacteria... (Jan 20, 2012)
Email Usage Survey
We are currently conducting a market research on email usage at work. Thank you for filling our this very short survey. (Jan 12, 2012)
