Category : All about Spam
Sex, pills & scams
These three words reflect 90% of the spam traffic for May-June 2010. Between fake Twitter emails and classic Nigerian 419, there was a rise of new phishing attempts using .html attachment files. (Jul 15, 2010)
Interview with Adam Guerbuez: $873 Million Dollar Man
"I need a one way ticket to Tijuana!" You might think that if something happens and you want to escape. But if you live in Canada, just sit back and relax - you have nothing to worry about. Canada is known for their lazy laws for certain types of crimes, especially "new" ones (like the latest incidents of financial fraud and spam). (Jun 07, 2010)
Think you don’t spam? Think again!
Who has never sent email spam? Maybe you wanted to promote something, contact friends or relatives you never really emailed before (at least with a normal email), send a chain letter that promised success and money or to promote a garage sale using your local hockey team email list? Maybe you sent a message for your business using a large contact list grabbed on a corporate email with a multitude of CC’d addresses? Or did you ‘borrow’ the customer list from work for your own use? (Oh, that’s bad!) (May 05, 2010)
Are machines really the “bad guys”?
Do you know what this is? Of course you do! This, along with some other strange stuff, has gained popularity and become part of our virtual life when browsing the web. CAPTCHAs (as they’re known) are one example of a Turing test: a challenge-response criteria that is used to determine the probability that a remote being is actually a human vs. a computer that’s trying to mimic a human response. (Mar 31, 2010)
(Un)subscribe me
Hundreds of emails get blocked daily by your spam filters, but sometimes one slips through. You look it over and it appears to be very legitimate. You don’t remember clicking ‘Yes’ to subscribe to this newsletter, but you see the classic, “You are receiving this because you subscribed to one of our partners… blah, blah, blah… and this is an excuse for us to send you spam. Yeah, it’s true: XYZ company is one of our partners, we do their mass mailing and we grabbed your address at the same time!” So, now you’re tempted to click the Unsubscribe button, but how can you tell if it’s legit? And how do you know that clicking unsubscribe won’t tell the spammer, “Hey I’m alive and I actually read what you sent - send me more”? (Mar 17, 2010)
Spam by the numbers
So you think spam volumes have gone down, right? Wrong! Have a look at this video which captures the stats quite well…. (Mar 10, 2010)
Battle of the Newsletters: Marketing 1, Security 0
While working on a False Positive (yes, it can happen to the best of us), I was stunned to discover how marketing people can bend email security rules. (Feb 22, 2010)
Catch a botnet by the tail
Catch a lizard by the tail and it will shed its tail and run free. This is a fun fact of nature (even more fun when you’re a kid) and a very clever trick to fend off a predator’s attacks. And did you know that if you try to catch a botnet, chances are the same thing will happen? (Feb 19, 2010)
Would you fall for this?
If you're about to sell something online, beware! I planted a dummy advertisement and went hunting for scammers, which wasn't difficult at all. Scams are all around us, and here are 2 where I deliberately offered myself as a "victim." (Jan 25, 2010)
2009 Spam Review
2009, according to the Chinese calendar, was the Year of the Ox: “People born in the Year of the Ox are patient, speak little, and inspire confidence in others.” Well that description pretty much sums up most of the spam sent in 2009: the perpetrators tended to say little in the messages, but oh did they inspire confidence – in the criminal sense! 2009 showed a remarkable increase in Phishing/Fraud content. (Jan 11, 2010)
Ho Ho..ohhh!
This scam is not that popular yet, but we’ll probably begin hearing more about it in 2010, thanks to Web 2.0. (Dec 07, 2009)
Help spammers create new email accounts
You are about to subscribe to a website, a newsletter, get a free email account, or try to download something. You’ve never heard of this site before but it has what you need. Before you can click Confirm, you’re asked to complete a Captcha validation. Okay, no big deal: you enter the string and press “Confirm.” (Nov 30, 2009)
How can we stop the botnets?
Botnets are a fascinating piece of software – yes, they really are! Although they lie deep in the “dark” stack of widespread tools that are used to perpetrate cyber-crimes, they really shine as well-engineered structures. They are forced to constantly evolve because of the current and on-going “arms-race” between security experts and cyber-criminals. (Nov 20, 2009)
Unsubscribe me!
At some point you receive a newsletter that looks quite legit, but you don’t recall subscribing to it. While looking at the content, you can’t figure out if it’s spam or not. What do you do with it? Delete! (And block the sender too, if you can). (Nov 18, 2009)
Botnet Generated Spam
Botnets are networks of compromised machines that are under the command and control (C&C) of one entity - the botnet master. They are typically used for crimes such as denial-of-service attacks, identity thefts, phishing and, most commonly, for sending spam. Current botnets have easy-to-use HTML-based interfaces and can be rented out by spammers for their various spamming campaigns. Researchers reported that during 2008, 85% of spam was generated by six botnets (Mega-D, Srizibi, Storm, Rustock, Pushdo and Cutwail). (Nov 06, 2009)
Top 3 Spam Trends for October
The top 3 spots were determined by the sheer volume of messages that were tracked by our system. In third place, it was a tie between "Lose WeightInstantly" PDFs and the flood of messages that originated from Chinese (cn) domains. (Nov 02, 2009)
We need spam to sell our anti-spam
The ISP market is a jungle: it’s every man for himself and leave the wounded behind. Some time ago, I subscribed to a big ISP (that shall remain nameless) that was leading the market. When I subscribed, I gave my chosen username for the email address – although it was included with the service I never used it (I didn’t even configure it). The username is a mix of things that make it unique and pretty much unreachable through dictionary attacks, something like 667gptfoo99x@. (Oct 26, 2009)
Who do you trust?
There were 2 major malware waves last week that caused a big impact. The first one involved the Outlook Notification virus, which some major AV providers were still unable to catch even after 12 hours in the wild. (Oct 19, 2009)
Hello my Friend… My name is Irina
Since “Russian wife” spam is on the rise, I’ll take this occasion to tell you a little story. An old colleague (let’s call him John) answered one of those messages about 2 or 3 years ago, just to see how things would go. The “girl” replied very quickly, and they soon began chatting about almost everything. (Oct 05, 2009)
Spam Trends - September 2009
While examining our spam traffic over the last 4 weeks, I extracted the "new” content data. We received the usual spam every week, but occasionally had noticeable outbreaks. (Sep 28, 2009)
Here’s a Quick Way to Stop Chain Letters
You’ve never heard of "white spam"? Of course not, I just made it up. Also called "friend spam," white spam is legitimate email that comes from annoying sources: a friend or relative (or both) who sends his daily home-made blog, details of adventures with his dog or multiple weekly chain letters. (Sep 21, 2009)
Free HotSpots! Do banking while we look!
You are downtown and don’t have an EVDO/3G connection. After scanning the area, you find an SSID called “Free Internet 4 You.” Cool! You connect to the network, start checking your emails and maybe do some financial transactions, and… you’ve probably fallen into a trap. (Sep 14, 2009)
Top 5 reasons why your email was caught as spam: true stories
5 Reasons why your email might have been caught as spam (Sep 07, 2009)
Image Spam is Back! Really?!
You got 2 spam messages during the week-end. Oh my God, file a complaint! But take a look at your older quarantine or spam report contents: you’ll see that hundreds, if not thousands, of spam were caught during that period. So, is seeing only 2 spam really a big deal? (Aug 31, 2009)
Phishing threats… only by email?
You’ve all heard of the typical phishing emails that target Uncle Joe and Aunt Patty, urging them to send their personal information over the Internet because they “won the lottery.” Yes, they are the biggest fish out there, making phishing activities very attractive for scammers. But another threat is lurking quietly behind your computer: your kids. Attracted by emulators, free games and P2P, etc., this is where the dangers begin. (Aug 24, 2009)
