The article starts out by deconstructing the term “identity theft” which makes it seem less dangerous than it really is and states that “identity theft” doesn’t steal anybody’s true identity, or personhood of what makes them what they are. When you are a victim of this crime, you remain you, but that’s only a small consolation when a stranger is charging up luxury cruises and fur coats on your credit card. It’s a semantic bit of theory that was actually played out on the “Family Guy” cartoon when actor James Woods stole the identity of cartoon character Peter Griffin, to the point of moving into Peter’s home, sitting at his dinner table and sleeping in his bed. It was a funny episode, but of course, that’s not what identity theft really is.

The article comments about how experts “hounded” people into shredding bank statements and being vigilant about monitoring credit reports, but the fact is, doing so really is a good idea. It’s not a conspiracy by manufacturers of shredding machines, or of companies offering various fee-based monitoring and protection services. And here’s the real kicker, at the end of the article: “It turns out that ‘identity theft’ is one of the most brilliant linguistic constructs ever, with its terrifying specter of losing not just your money—but your soul. Maybe it’s time that we renamed it what it is: a fear campaign designed to get us to buy expensive services that we don’t need.”

Advice like this is what lulls people into a false sense of security and prevents them from taking the precautions that they need to take. Is it a fear campaign? To a degree, yes, it is. But it’s based on fear of something very real. So there is reason to be afraid and one must take the necessary steps to protect oneself – because you could be a victim.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Identity theft is the real thing

This week, the FBI announced that a multinational investigation, conducted both in the US and Egypt, resulted in 53 defendants being indicted in the US, and 47 more charged in Egypt, for an even hundred, which according to Computerworld, is the largest number of people ever charged with the same cybercrime. Looks like they “bagged their limit.” Of the 53 US defendants, 33 have already been arrested.

The joint investigation actually got underway in 2007, when FBI agents went to work with banks to “identify and disrupt” criminal phishing rings that targeted the financial services industry. During the course of the investigation, information gleaned by the FBI led them to enter into a joint agreement with Egyptian authorities, when it quickly became clear that the scope of the criminal enterprise was international.

According to court records, hackers in Egypt were able to use phishing techniques to obtain bank account numbers and other personal information from banking customers. The phishing techniques weren’t anything new—it simply involved the old tried and true method of an email message that was disguised to appear as though it was from a bank or credit card company, asking people to click on a link or log onto a phony web page and enter their account details. Members of the criminal enterprise then were able to hack into accounts and transfer funds online. It was apparently quite a sophisticated operation, and included “runners” who set up bank accounts in banks to hold the stolen money, and allow it to be easily withdrawn. The US-based conspirators then wire transferred a portion of the ill-gotten gains to their Egyptian counterparts as payment.

On the US side, each defendant was charged with conspiracy to commit bank fraud and wire fraud, and will face a maximum penalty of 20 years.

Kudos to the US and Egyptian authorities for their work on this one. Ultimately though, removing this one particular crime ring certainly won’t be fishing out the stream any time soon, and phishing is still going strong. We still need to be on guard, and there are still something along the lines of 50,000 phishing web sites, and those are just the ones that have been detected by the Anti-Phishing Working Group.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Media overloads with fishing analogies in Operation Phish Phry reports

With that in mind, US-CERT has issued a warning of a recent spate of spam that is created to appear as though it is from the Internal Revenue Service. The spam attack contains a message about under-reported income, and asks recipients to open up an attachment or click on a link to view a tax statement. However, the attachment contains a piece of malware, and the link opens up to a malicious website. According to CERT, the malware is the Zeus Trojan, which is used to steal money from bank accounts. Zeus is one of the more difficult Trojans to detect, and the binary changes several times a day. Zeus attempts to break into bank accounts, and then withdraws money, and according to one report, criminals using Zeus are able to drain more than a million dollars a day from bank accounts.

The campaign has been going on for about three weeks, and according to reports, hasn’t even begun to lose steam. The barrage of spam is huge, accounting for nearly ten percent of all spam email being tracked, with one company counting 11 million spam messages just relating to this one program since September 9.

The message includes a message subject line that says “notice of underreported income,” and attempts to trick users to clicking on a link to view their personal tax statement. Some users have reported the guilty Trojan is a file named sdra64.exe.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Email scam steals money by pretending to be IRS

There has been very little news about the Twitter spam attack other than the one notice on Mashable, which has been circulated far and wide. Twitter’s own blog hasn’t said anything about it–but then again, the past day, Twitter has been hard to find, since it got hit by a denial-of-service attack yesterday and the site went down. There may be no connection between the denial-of-service attack and the wave of spam–Twitter is after all, what you might call an “attractive nuisance” that attracts all kinds of evil-doers.

Given these recent attacks, one asks should Twitter be allowed in the workplace? There’s no clear answer, except for “it depends.” Marketing people use it to good advantage to keep partners and customers informed. But one thing’s clear, workers need to be informed of the potential risks. Already, there have been many cases of malicious Twitter spam that contains links to nasty web sites that contain malware that could infect the computer or the entire network. Follow Twitter links at your own risk. This is especially dangerous as Twitter uses the abbreviated URLs, making it difficult to tell whether you’re being sent to a legitimate site.

This isn’t the first time compromised Twitter accounts have been used to send out spam. Just a few months ago in March, 750 accounts were hijacked to send links to porn sites.  And the spammers are on top of Twitter, and they’re apparently promoting its use at “Spam University,” or wherever it is they go to learn their trade. There are already commercial Twitter spamming tools out that can generate bogus Twitter accounts automatically for sending out ads.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Twitter hit by spam wave

The researchers ran more than a million Linux kernels as virtual machines, in an attempt to see how malicious botnets scale. Previous simulations have been able to re-create zombie networks of only about 20,000 nodes. Analyzing botnets has been difficult for security researchers, for a variety of reasons, not the least of which is the global, almost random distribution pattern that botnets exhibit. Unlike a real botnet though, which consists of huge numbers of individual machines, the Sandia simulation actually uses virtual machine technology to duplicate the effect of multiple machines, while actually running on one very large supercomputer.

Running a simulation has a good deal of value in terms of security research. According to a press release issued from Sandia, “Many phenomena occurring on the Internet are poorly understood, because we lack the ability to model it adequately. By running actual operating system instances to represent nodes on the Internet, we will be able not just to simulate the functioning of the Internet at the network level, but to emulate Internet functionality.”

The test is being run on Sandia Labs’ 4,480 node computer cluster named Thunderbird, which is located in its Albuquerque, New Mexico facility.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Understanding how botnets work

But it seems, one man’s trash is another man’s treasure, and there are a few people out there who actually want those fruit juices. If you’re one of those people, here’s a tip: I used to buy that same juice that the multi-level marketers sell for $40 a bottle, when I was living in Bangkok, from street vendors for about a half a dollar. Be that as it may, now and then there is an ad that catches my eye. Yes it’s true, sometimes those ads do peddle something useful, like printer ink cartridge refills, which I regularly purchase. But I suppose to lots of other people, those ads are spam, too.

The point is, there are people who respond to it, and many times they’re responding to the less-than-reputable types of spam. A survey conducted by the Messaging Anti-Abuse Working Group (MAAWG), with the delightfully tongue-in-cheek title of “A look at consumers’ awareness of email security and practices, or, ‘of course, I never reply to spam–except sometimes’” showed that 12 percent of Americans surveyed have responded to a message they considered to be spam. The reason? Because it was something they really were interested in. Another six percent clicked on it “just to see what would happen,” and 13 percent did so unknowingly.

Also, the survey said two-thirds of the respondents said they were either “somewhat” or “very” experienced in the subject of Internet security, but only a third of respondents were careful about posting their email addresses online.

Another telling result was that 82 percent were aware of bots and other types of malware threats, but only 20 percent thought their own computers could get infected–the old “couldn’t happen to me” syndrome. Users are therefore quite aware of the threats, but not necessarily active in protecting themselves against those same threats. The survey makes the point that an enormous percentage of email is spam, and most spam is generated by a “bot.” One could imply from the results then, that there are a great many people out there who understand what a bot is, don’t think they’re vulnerable to them, but are nonetheless playing host to one without knowing it. How does your computer get turned into a bot? Usually, it’s by opening up an infected email attachment, or clicking on a link contained within one of those spam messages.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Who responds to spam?

According to a paper coming out of Indiana University that was presented at the conference, it is common for spammers to gather email addresses from Web pages, in much the same way that a search engine’s spider works. When you print your email address on the Web, you’re risking spam–automated spam crawlers, constantly survey the Web, looking for email addresses, and sooner or later, it will get to yours. The research showed that when you include an email address on a comment board on a web site, there is a high probability of receiving spam. But what about when you register on a web site? It’s very common for a web site to require user registration to gain access, and this is a legitimate way for a site to operate–you’re in essence, trading your email address for access to information. But the registration process is less likely to result in spam, especially when more legitimate and mainstream sites are conducting the registration.

Is there a way to stop the spam crawler programs? The researchers say yes, and it should be a straightforward process to block them and thereby protect email addresses submitted to a web site from being harvested.

A common technique seen throughout the Internet is to replace the @ symbol with the word “at”, to foil the automated harvesting mechanism. Surprisingly, this very simple technique has proven to be highly effective.

The Indiana University researchers recommended users exercise caution when divulging email addresses–and also noted that spam can arrive very quickly, in many cases, in less than an hour after entering an email address on a web site. The spamming crawlers tended to be fairly aggressive as well, ranging from visiting two times per minute to over 50 times per minute.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

How do spammers get your email address?

This dangerous exploit holds tremendous potential to cause damage on the same scale as Conficker, or perhaps even more. Conficker took advantage of a bug that had already been patched, and captured millions of PCs to create a huge botnet. The exploit is already widely published on several Chinese web sites, and could cause tremendous damage by the time the patch is created and sent through Microsoft’s regular update mechanism.

The ActiveX control can be accessed using Internet Explorer. Several security companies have reported detecting compromised sites that use the exploit.

Systems running Vista or Windows Server 2008 are not vulnerable to the attack, since the ability to pass data within IE in those systems is restricted. Users running running IE8, Firefox, or Chrome, are also not vulnerable to the attack. Users still running Windows XP, or Windows Server 2003, are vulnerable if using IE6 or IE7.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

New zero-day IE bug triggers mass attacks

1. Education. This has to be top on the list. Educating users as to what spam is, and what the consequences of it may be will go a long way towards eliminating the hazardous effects of spam if it does get through. Users need to be educated to not click on suspicious links, and to recognize “phish” emails when they appear.
2. Avoid overuse of posted email addresses. Sometimes it’s necessary to publish your email address, but be aware that doing so may make you vulnerable to robots that collect them for purposes of spam dissemination. A response form, as opposed to a published email address, may eliminate this problem; a second strategy is to use a separate email address when it’s necessary to post it in public.
   
3. Keep your anti-spam subscription current.
4. Implement a two-stage strategy, with anti-spam protection at the gateway as well as at the desktop. In this way, the bulk of the spam will be eliminated before it hits the desktop, helping to minimize traffic, and improve productivity. The second desktop stage of protection will serve to catch anything that gets through the gateway.
5. At the bottom of a spam email, you’ll usually see a “remove” link, which gives you the option of clicking on a link to be removed from a list. Avoid clicking on these links, as they seldom do what they promise; and in fact serve the purpose of confirming that your email address is valid. The end result will be more spam, not less.
6. Be cautious about opening email attachments. These may contain dangerous malware that may transform your computer into a spam-spewing robot.
7. Depending on your email client, you will probably have a “block sender” option. Outlook does offer this option. Although your strategy should involve catching most spam with your anti-spam software (at both the gateway and desktop), if users see spam coming through, they can block the sender using this tool.
8. Keep false positives to a minimum. Your anti-spam software should provide accurate analysis, but beyond that, try setting up individual rules in your email client. You can set up a series of “from” rules to indicate that emails from certain individuals or domains should always be sent through, regardless of content.
9. When subscribing to free Internet services that request your personal information, use a separate email address other than your usual one. Providing your primary email address to almost any online service or provider will result in unwanted email later on.
10. Be cautious in using auto-responders if you’re out of the office or temporarily unavailable. Your auto-responder responds to all email that comes in, including whatever spam makes it through your gauntlet of protection. The auto-response confirms to the spammer that your email address is valid.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Top Ten Anti-Spam Tips for Business

The web site containing the form then asks the victim to mail a printed copy of the form to an address. The print-and-send is just a ruse though, the data is actually captured through a hack when the victim presses the “print” button. The email, like many such scams, attempts to create a sense of false security, by claiming the print-and-send routine is being done for the victim’s safety.

Officials still have not been able to trace the source of the fraudulent email sender, who is using a bot network to send the emails. The ATO recommends that people delete emails like this immediately, and advises that they do not ask people to provide personal information by email. The same holds true for most, if not all, tax collecting agencies in other countries.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Phishing Down Under

But they do get away with it, and they do fool people. Apparently, a fairly high percentage. A recent survey showed that a shocking number of Web users can’t identify different types of phishing. The survey asked over 1,000 respondents to identify fraudulent phishing sites, by showing two Web sites side by side. One of the sites had obvious give-aways, and the other was legitimate–but a shocking number of people couldn’t tell the difference. Eighty-eight percent were fooled by a web site with obvious spelling errors. Sixty-eight percent were fooled by a bogus Web site that didn’t have the characteristic padlock symbol common to sites using the https protocol, and 42 percent were fooled by sites that had strange numerical domain names, and 33 percent were fooled by sites that asked for account information that should not be necessary.

Another surprising statistic, and one that is somewhat embarrassing for us Yanks, is that out of the seven countries included (US, Germany, Sweden, Australia, India, Denmark, and UK), the US respondents were least likely to identify the give-away signs that should tell you you’re at a phishing site.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Can you recognize a phish when you see it?

According to the University report, there are numerous programming errors and flaws in the software, and once it has been installed, it is possible for a botnet operator to create a rogue web site to take advantage of the flaws, and take control of user computers.

There are two major vulnerabilities; the first is in how the software processes the web sites being monitored, and the second is in how it installs its updates. Both flaws allow remote sites to execute arbitrary code. The researchers made it as clear as possible in the report, saying, “Any web site the user visits can exploit these problems to take control of the computer. This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet.” And what’s worse, the flawed software can be used to install malicious software on a computer along with the filter update.

Good work on the part of the University of Michigan researchers, but they missed the mark on one front. Their recommendation that “users protect themselves by uninstalling Green Dam immediately” would be good advice, were it not for the Chinese government’s mandate–users in China have no choice but to run the software. The researchers also conclude that if Green Dam is deployed in its current form, it will “significantly weaken China’s computer security,” and that’s the real heart of the matter here–the deployment is a done deal. And because only one particular filtering product is mandated, there is little incentive to refine the product, and great incentive for abuse.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

China’s Green Dam mandate could cause trouble

If you’re not paying attention, it looks like it could be from an email administrator, and the disguised link that is included in the email appears to be a link to a Microsoft web site. Of course, it is not, and most users would know better–but it’s casting a very wide net and is likely to catch more than a few victims by the time it’s done.

The phishing attack is quite ingenious. It’s easy enough to bluff somebody out of their user name and password, or even to steal it. But full control of the account can be had if the attacker also gets the mail server information.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Outlook users targeted in phish attack

Now whenever I get something like this I’m always suspicious. There are legitimate surveys, and sometimes there is a freebie involved, although it’s not usually that generous. And then here’s the red flag: There’s a link in the email, which takes the victim to a site that doesn’t even look like a Kmart site; then the email also asks for personal information (including account number information).

The attackers aren’t too clever, and it’s a thinly-disguised ruse, particularly since the form itself isn’t on a spoofed Kmart page, and the URL the email tries to send you to isn’t from Kmart, but rather, is one that includes the obviously bogus word “epiqteen” in the address. But they do at least make some attempts by creating a legitimate-looking survey, and sending the victim to the real Kmart web site after completing the survey.

There are two tips to remember to combat these sorts of phishing attacks: First, beware of emails offering to give you free money. Second, always look at the URL the email is trying to send you to. In most cases, simply passing your cursor over the link will reveal the true URL.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Fake surveys circulating

But let’s consider the security and spam potential of such services. First of all, these types of services are extremely useful, for sending large files back and forth between members of a workgroup. In cases where you’re working on a project, and you know that this is how you are going to be working, it’s invaluable. File size on some large projects can quickly grow to tens or hundreds of megabytes, and emailing them back and forth just isn’t practical. But, like anything, it has the potential for abuse.

Terry Zink’s blog carried an entry recently about a piece of spam  that came from one of the big Web email providers, which had a payload from one of these cloud-based file service providers. The scenario is that a spammer sends out random emails, which claim that the recipient needs to download a file. The file however, contains malware of some sort. It could even be used in a directed phishing scheme, where a spammer obtains email addresses from a victim, then sends out emails to all of the victim’s friends and business associates, pretending to be that individual.

So when using these cloud-based file services, there are a few things to consider: First, be sure that you have anti-malware technology in place. Second, if you’re not expecting a file link to come through, then check first to make sure the alleged sender really did send it.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

File delivery services potential for spam

When sending emails, naturally you want to make sure as much as possible that the recipient’s spam filter isn’t going to pick it up by mistake. Since you have no control over what technology your recipients use, you’re left with just a couple techniques—if sending something important, most email clients allow you to request a receipt verification, which is a simple response that recipients click to indicate that they have received your message. Secondly, it’s just a matter of wording it correctly and putting in an appropriate subject line. Common sense rules dictate: Avoid putting in subject lines followed by multiple exclamation points, and avoid spammy-sounding words. Of course, if you’re in the pharmaceuticals business and you have legitimate cause to say “Viagra” in an email, there’s still going to be a risk your emails will be caught by a spam filter as false positives!

Somebody recently hijacked my own personal email address and used it to send out spam, and I received a large quantity of bounceback messages, one of which seemed to be a useful tool. The bounceback message said essentially, that this is the first email message the recipient had seen from my email address, and they are using Sender Address Verification (SAV) as an extra layer of spam prevention. A legitimate sender would see this bounceback, click on a link in the email, and then the email would be directed to its recipient’s inbox.

This technique, sometimes called a callback, does have some limitations. But, in this case, since somebody had hijacked my email address to send the spam, the spam recipient sent the callback (which was sent to my own email inbox). Since I was not the sender, I won’t verify it, and then the recipient is spared from having to view the spam. A limitation of the callback however, is an inevitable delay on receiving legitimate emails that get caught in the callback cycle, since it burdens legitimate senders with an extra step to make sure their emails are received on the other end.

A simple preventive measure is to add all email addresses that you know to be legitimate to your contact list, even if you never actually send out emails to those parties. For example, if you receive email newsletters, adding the return email of the email newsletter to your contact list would ensure that all email from the newsletter publisher would be allowed through the filter. Many email clients automatically add addresses to which you reply to your contact list, but since you do not usually reply to an email newsletter, it doesn’t get added automatically.

The type of spam filter you use naturally makes a big difference, and Bayesian filtering is generally thought of to be the most effective, both in catching spam, and preventing false positives. This type of system will usually not rely just on spotting keywords, a technique which lends itself to a high false positive rate; instead, it looks at the entire message.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Preventing false positives

ISS reports a rebirth of image spam, with a spike in March of this year where it reached five to 10 percent of all spam; and in April, it hit 15 to 22 percent. So why are spammers revisiting an old tactic? Peculiar. The new image spams don’t use any new groundbreaking technology, and most spam filters will be able to block them easily. The only difference is that the older, first wave of image spam back in 2006 and 2007 focused on stock trading and pump-and-dump scams. Today, stock scams aren’t going to get a lot of traction because of the economic crisis, instead, most of today’s image spams are pharmaceutical.

One possible explanation is that the spammers realize that their URLs are already in most antispam databases, and they are obscuring those URLs in the image to avoid being picked up by filters. Many of today’s image spams do not contain clickable URLs. Or maybe, just maybe, spammers have just run out of new ideas!

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Image spam returns

In addition to seeing what type of information the botnet collects and how, researchers also got a good look at victim vulnerability and weaknesses that could have been prevented. Twenty-eight percent of the victims reuse credentials for accessing multiple web sites, which researchers speculate makes it easier for attackers to gather more information on victims. This may be true, although using the same password for multiple non-essential sites isn’t necessarily bad, as long as you don’t use the same password for your bank account. It’s common for some people to be members of dozens of informational web sites which require password access, although for the most part, these don’t log any sensitive information. Ars also notes that Torpig also gathered hundreds of email, forum, and chat messages–also reminding us that it is never safe to give somebody sensitive information, account numbers, or passwords, over instant message. What’s more shocking is that during the ten day period, Torpig gathered credentials for 8,310 accounts at 410 financial institutions. Forty percent of those credentials were stolen from browser password managers instead of from actual login sessions. Researchers say that many of the thefts were the result of weak passwords.

The report also highlighted an interesting phenomenon it calls “Botnets-as-a-service”, suggesting that multiple groups are actually profiting from the stolen data and that Torpig operates as a malware service. But the biggest conclusion that researchers drew is not surprising at all–”the malware problem is fundamentally a cultural problem,” reinforcing the need for not just good anti-malware technology, but also for better education as to proper use and common sense precautions.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

UCSB reserachers hijack a botnet

Phorm’s service tracks online surfing and then delivers advertisements. The service has been under criticism from several fronts concerning privacy issues. According to BBC reports, Phorm had first requested the Home Office to give a position on its technology back in 2007; the Home Office responded in January 2008 to Phorm, saying, “I should be grateful if you would review the attached document, and let me know what you think.”

Later, the Home Office sent another document, thanking Phorm for their “amendments” to the Home Office’s advice.

It seems to me that when a government agency issues a public notice about a suspect company’s practices, it doesn’t make much sense to ask the suspect company for their input. This sort of collusion is more than bizarre, and seems more like a PR move by Phorm than any attempt by the Home Office to provide meaningful advice to the public.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Is Home Office on Phorm’s side?

Many of these virtual rumor-mills revolve around distributing emails having to do with political issues. Most recently is the one that has gained a lot of attention and has spread very quickly. The email purports to have been written by a Navy SEAL, complaining that President Obama delayed a decision to deploy the SEALS in the recent pirate hostage standoff. According to an MSNBC report this week, although the email may well have been written by a Navy SEAL, the claims are bogus. The report includes a timeline of actual events that discredits the email.

The danger of spam goes far beyond the annoying and time-consuming issues–it can easily be used as a weapon to discredit a company (or in this case, the President). Other rumors have been circulating on the Internet for years concerning some companies. Microsoft is a frequent target (remember the one that claimed to be from Microsoft, and if you sent the email to enough people, you’d get paid?), and there was one that even promised free beer. Too good to be true, but the prospect of a coupon for a free six-pack fooled a lot of people into thinking Miller Brewing Company was tracking emails (still not a technological possibility) and would give everybody a free six-pack if the viral email distribution hit two million people. There’s still another completely disgusting one I won’t get into about the Olive Garden restaurant–again not true. Still another one I received recently showed a young Iranian boy who appeared to be having his arm crushed by an automobile. The email claimed that it was an Islamic law punishment for stealing a loaf of bread; in reality the photos were from a street performance and the boy’s arm was not really being crushed.

How do companies handle these sorts of email-based rumors, hoaxes and smear campaigns? They are more common than we realize, and almost impossible to extinguish. Nonetheless, if the rumor is harmful, a vigorous PR campaign is in order, as well as submitting it to anti-hoax Web sites like snopes.com and hoax-slayer.com, and doing your own blogging and social media campaigns to promote evidence to show the original email is false.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Spam can be dangerous to a company’s reputation