Featured Article

New Botnets Emerging

Despite the shutdowns of several spam friendly ISPs, the number of botnets sending out spam has increased. The newest kid on the block is the Maazben botnet, which was first discovered in May.  It joins veteran botnet Rustock in spewing …

New Botnets Emerging
   

Outlook Web Access Users Hit With Trojan

A new spam campaign is targeting Outlook Web Access users with the goal of distributing a nasty Trojan.  The messages are slick and professional-looking and tell the recipient that they need to update their mail settings by clicking on the …

Outlook Web Access Users Hit With Trojan
   

Spamhaus targets snowshoe spam

Snowshoe Spam is a growing problem.

Continued growth of snowshoe spam has prompted Spamhaus, a leader in the war on junk email, to craft a specific response to it. Earlier this month, the spamfighters rolled out a CSS component of the organization’s Spamhaus Block List.

The SBL is a database of IP addresses from which the organization recommends blocking email. Mail systems throughout the Internet can query the database in real time. It allows email administrators to identify, tag or block incoming messages from IP addresses blacklisted by the group as being connected to sending, hosting or originating unsolicited bulk email, better known as spam.

According to Spamhaus, CSS is an integral part of the SBL. It’s distinguished, however, by a different return code, 127.0.0.3. Users of the SBL need not do anything to activate the new CSS, other than to make sure that their existing spam filters can handle the additional return code.

Snowshoe Spam gets its name from the way it fans out its malicious behavior over the Web. Just as snowshoes spread the weight of a step on snow to minimize sinking and facilitate travel, snowshoe spammers spread their abhorrent activities across a multitude of IP addresses. By doing that, they can reduce their visibility on the Web and raise havoc with reputation metrics and evade detection by spam filters. The spammers know a percentage of their clutter will be diverted by anti-spam systems deployed by their targets, but by broadening the swath of their efforts, they can increase that percentage.

Spamhaus targets snowshoe spam
   

Pharmaceutical Scam Responsible for 70% of September’s Spam Volume

According to a new report by security researchers, 70% of all spam sent last month was the result of a massive pharmaceutical scam. The messages were made to look like they came from legit pharmacies in Canada, but the links …

Pharmaceutical Scam Responsible for 70% of September’s Spam Volume
   

Taking Control of the Risks

We can all agree that spam is a huge problem for anyone who is making use of the internet.  But spam itself is not the actual risk we need to focus on.

The real risks are the objectives that spammers are attempting to achieve, such as identity theft, credit card fraud, bank fraud, selling fake goods, phishing, taking over computers for botnet armies and other online scams.

Too often we focus on solving the problem of spam, instead of addressing the risks that spam presents to us.  We scan for malware but not phishing attacks.  We do email content filtering but no web content filtering.  We run a firewall but an open wireless network.  We ban Twitter and Facebook but not online forums.

Protecting ourselves from the risks of spam means first understanding those risks, and then implementing a comprehensive protection strategy that addresses each of them in turn.

Taking Control of the Risks
   

Media overloads with fishing analogies in Operation Phish Phry reports

The FBI, depending on the news story you read, either “netted,” “snared,” “hooked,” “reeled in” or “lured” a huge number of cybercriminals in a massive phishing investigation. We’ll resist the temptation to add to the trend by referring to the FBI as “fishing for phishers,” although we may reserve the right to wonder aloud at “the one that got away.”

This week, the FBI announced that a multinational investigation, conducted both in the US and Egypt, resulted in 53 defendants being indicted in the US, and 47 more charged in Egypt, for an even hundred, which according to Computerworld, is the largest number of people ever charged with the same cybercrime. Looks like they “bagged their limit.” Of the 53 US defendants, 33 have already been arrested.

Media overloads with fishing analogies in Operation Phish Phry reports
   

Spam From Sites Involved in Data Breach Increases Dramatically

Last week we told you about a huge data breach that was affecting Hotmail, Yahoo!, and GMail accounts – hundreds of thousands of them at last count.  Now experts say that the amount of spam messages coming from those sites …

Spam From Sites Involved in Data Breach Increases Dramatically
   

Researchers say malware cultural problem

Malware is fundamentally a cultural problem, according to an octet of academics who hijacked control of a malicious computer network, or botnet,  for 10 days earlier this year.

“[T]he victims of botnets are often users with poorly maintained machines that choose easily guessable passwords to protect access to sensitive sites,” the group observed in a paper that is scheduled to be presented next month in Chicago at the ACM Computer and Communications Security Conference.

“This is evidence that the malware problem is fundamentally a cultural problem,” reasoned the paper’s authors, Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna.

         “Even though people are educated and understand well concepts such as the physical security and the necessary maintenance of a car, they do not understand the consequences of irresponsible behavior when using a computer,” they explained. “Therefore, in addition to novel tools and techniques to combat botnets and other forms of malware, it is necessary to better educate the Internet citizens so that the number of potential victims is reduced.”

Researchers say malware cultural problem
   

Open Source Ethos Infects Malware Community

In February of this year the BBC World News took an inside look at the Russian malware scene and discovered a thriving market for paid malware development and support services.   For a very low cost spammers are able to purchase the tools they need to command thousands of computers for their own botnet.  The enterprising malware authors will even sell them an ongoing support plan to help them adapt their tools to get around the latest anti-malware detection software.

Now SC Magazine reports that as much as 10% of the malware available to spammers is open source.  Open source refers to code that is freely available for users to download, modify, and re-use for their own purposes.  It is widely regarded as an effective way to gain popularity for a piece of software, and also to improve the quality of the code itself as it’s inspected by savvy users.

Though this is not the first time open source malware has appeared, the sudden increase highlights the seriousness of the spam and malware problem on the internet.  Years ago these same coders were content to cause havoc with malicious email viruses and denial of service attacks.  Now they turn their attention to making a profit, and are engaging in practices like giving away open source code to promote their skills.

With this trend towards open source malware the adaptability of malicious code will only increase, both through paid services by the malware authors as they customize their code for their customers, and through independent modification by those who download the free tools and change them to suit their own purposes.

Open Source Ethos Infects Malware Community
   

Massive Data Breach Affecting Hotmail, Yahoo, AOL, Comcast, Earthlink and Google Users Revealed

At least 50,000 email addresses and passwords belonging to Hotmail, Yahoo AOL, Comcast, Earthlink, and Google accounts have been discovered posted to the net by hackers. Microsoft and Google both denied any responsibilty for the breach, blaming it on a widespread …

Massive Data Breach Affecting Hotmail, Yahoo, AOL, Comcast, Earthlink and Google Users Revealed
   

Last Comments

  • Jim on To Spam or Not to Spam? British Man Gets His Bard on; Gets Revenge, Too June 30, 2014

    Although I can understand Joseph's decision to do that, I don't completely side with him, simply because I have been spammed before and I know it doesn't feel really good. Well, that may be his goal, but you can never correct a wrong with another wrong. I just hope he found fulfillment with what he had done.

  • Connie Law on Does Legitimacy Make LinkedIn and Zoosk Spam All Right? June 30, 2014

    @Peter: It seems like I missed that story about Papa John's. Is it found in here? What actually happened? I'm very interested about spamming made by legitimate companies because I feel that's what usually happens these days. Especially in Facebook. These companies are flooding my newsfeed.

  • Angela on Report: U.S. an Oasis for Spam June 30, 2014

    Hi AG! I hope you can share more of the study with us. Yeah, it sounds very interesting. I think people's opinions here can actually be backed by some good research. Maybe you can contact the admin of this website. Most probably they will allow you to guest post so you can share your findings.

  • Pete on Do Changes to China’s Anti-Spam Laws Matter? June 30, 2014

    @Ran: We can't expect anything from China, my dear. I even feel that they're using this spam excuse to gain more control not only on its people but also from business operators. They love to work that way. Everything that you see is usually just a facade.