Tag: Phishing
My spam is different from your spam!
The type of spam you receive depends on many things, including your behavior on the net, how you use your email address, your position in a company and much more. As a software company executive I receive a very particular stream, one that is probably very different than what most people receive. Well, at least that's what our Security Operations team tells me. (Jul 22, 2010)
Surfing on Web 2.0: Where Innovation Meets Cybercrime
Yesterday, I logged into Facebook. I usually never use my account there (I am not a Facebook fan), but once in a while I’ll spend some time on it. For the first time, after entering my credentials, a “security” page appeared stating that unusual activities have been witnessed on my account. I then had to answer some questions, choose the names of some tagged friends, and reset my password. I have no idea what happened or how my account got compromised. (Jul 20, 2010)
Sex, pills & scams
These three words reflect 90% of the spam traffic for May-June 2010. Between fake Twitter emails and classic Nigerian 419, there was a rise of new phishing attempts using .html attachment files. (Jul 15, 2010)
Who’s responsible for Internet Security?
A couple of stories in the news today caught my attention because they have very opposite perspectives on tackling cybercrime and Internet security. First, the Australian government is thinking of making home computer users responsible for security1. They’re contemplating legislation to force users to install anti-virus programs and firewalls on their home computers before being allowed to connect to the Internet. (Jun 23, 2010)
Interesting question from a customer: “Why should we block .EXEs?”
The majority of phishing attempts with drive-by-downloads try to entice you to download EXE files and run them locally. EXE files should always be blocked. You can open certain files on a case-by-case basis and in a very controlled fashion, but that’s the extent of it. (May 26, 2010)
SURBL: The catch of the day
There it is again: another email in your Inbox from an obscure financial institution, requesting that you click on the available link and be redirected to an unknown, unsecured website. Prompted for personal details or your credit card number, you hesitate to enter this information thinking something seems fishy. (May 19, 2010)
Facebook or Faceblock? Facebook implementing their own ‘email security’?
Facebook is coming under scrutiny (again!), this time about their email scanning policies. Most of you are probably in the email security industry and are well aware that any email security solution will scan a message to divert or block spam, phishing, etc. (May 12, 2010)
Six items often overlooked when purchasing an email security solution
As discussed in an earlier post , the battle against spam is an ongoing one and requires you to do your due diligence when selecting an email security solution to protect one of your business’ most important assets: email. (Apr 26, 2010)
Why can’t you stop this spam?
Maybe you’ve seen more spam hitting your Inbox over the past couple of months and wondering, “Why am I paying for filtering? This stuff is obviously spam – why can’t you guys stop it?” The main challenges of being in the spam filtering business are dealing with clients’ expectations on the one hand, and the sheer size of the spam/malware machine on the other. (Apr 16, 2010)
Anti-Social Networking
Web 2.0 is leading us to operate and collaborate more through our web browsers than ever before. Consequently, sites like Facebook, Twitter, LinkedIn and MySpace are being used more aggressively for everything from chatting to marketing. Spammers are loving this. (Apr 07, 2010)
March Email Security News
A summary of links to recent articles that I have found interesting in the last few weeks. Includes my own commentary. (Apr 02, 2010)
Are machines really the “bad guys”?
Do you know what this is? Of course you do! This, along with some other strange stuff, has gained popularity and become part of our virtual life when browsing the web. CAPTCHAs (as they’re known) are one example of a Turing test: a challenge-response criteria that is used to determine the probability that a remote being is actually a human vs. a computer that’s trying to mimic a human response. (Mar 31, 2010)
Battle of the Newsletters: Marketing 1, Security 0
While working on a False Positive (yes, it can happen to the best of us), I was stunned to discover how marketing people can bend email security rules. (Feb 22, 2010)
2009 Spam Review
2009, according to the Chinese calendar, was the Year of the Ox: “People born in the Year of the Ox are patient, speak little, and inspire confidence in others.” Well that description pretty much sums up most of the spam sent in 2009: the perpetrators tended to say little in the messages, but oh did they inspire confidence – in the criminal sense! 2009 showed a remarkable increase in Phishing/Fraud content. (Jan 11, 2010)
10 Resolutions You Shouldn’t Break This Year
It's that time of the year again..time to make (and break) resolutions. Here are some things to help you keep your email and network safe from malicious attacks. Resolutions you don't want to break! (Jan 08, 2010)
One phish, two phish, red phish, blue phish
Typical phishing messages purport to originate from various financial institutions, delivery services, Facebook, and so on, all with the aim of getting you to click the enclosed link and disclose some personal information that can be abused. (Dec 16, 2009)
What, me worry?
Incidents of cybercrime via malware and exploits are on the rise, but if this recent poll is to be believed, people are still too blasé about their Internet security. The Unisys Security Index: Global Summary report 1 revealed the following: “Concerns over security in everything from online shopping and banking to safety from computer viruses, as well as national security along with personal and financial security, were significantly down over what was recorded half a year ago for populations in the United States, the United Kingdom, Germany, Belgium, Brazil, Netherlands, Spain, Australia and New Zealand. (Nov 18, 2009)
Anti-Spam, Hacking and Virus Security: How Will Smartphones Survive?
With a double-digit market growth rate, non-existent protection and super-fast communications based on a variety of protocols and media, Smartphones clearly are a future target of choice for hackers and spammers. How will they survive, and at what cost? (Nov 13, 2009)
Botnet Generated Spam
Botnets are networks of compromised machines that are under the command and control (C&C) of one entity - the botnet master. They are typically used for crimes such as denial-of-service attacks, identity thefts, phishing and, most commonly, for sending spam. Current botnets have easy-to-use HTML-based interfaces and can be rented out by spammers for their various spamming campaigns. Researchers reported that during 2008, 85% of spam was generated by six botnets (Mega-D, Srizibi, Storm, Rustock, Pushdo and Cutwail). (Nov 06, 2009)
Top 3 Spam Trends for October
The top 3 spots were determined by the sheer volume of messages that were tracked by our system. In third place, it was a tie between "Lose WeightInstantly" PDFs and the flood of messages that originated from Chinese (cn) domains. (Nov 02, 2009)
