Featured Article

Payload Spam Skyrocketing Again

A new study is reporting a startling rise in payload spam. Over the past 3 months over 100 million spam messages with viruses attached have been blocked by spam filters, reaching levels last seen in 2007 when the massive Storm botnet …

Payload Spam Skyrocketing Again
   

Bank Forces Google to Shut Down a GMail Account After Data Breach

When a Wyoming bank’s employee unwittingly created a large data breach, an innocent GMail user paid the price. It all began when a clerk at Rocky Mountain Bank sent an email containing nearly 1500 customer names, addresses, SSN numbers and …

Bank Forces Google to Shut Down a GMail Account After Data Breach
   

Bounty offered to infect Macs

Now defunct Mac-codec site offered bounty to infect Macs.

It’s no secret that Microsoft’s top brass have displayed more than a little annoyance with
Apple’s relentless hammering at Windows’ security vulnerabilities, but in the process, the gang on Infinite Loop Way may have miffed the Black Hat community, too; or at least a segment of it that wants to teach Apple a lesson and are willing to pay for it by posting a bounty for infecting Macs with malware.

The shocking revelation about the Mac bounty program was made at the annual Virus Bulletin Conference, a confab for computer security professionals, held last week in Geneva. In a bizarre twisting of popular affiliate programs used by many legitimate businesses on the Web, a security analyst at the forum explained that a Russian network of spam and malware affiliates called Partnerka was offering 43 cents a head for each Mac enticed to install dubious software products sold by bogus online affiliates. News of the felonious fees was initially posted at a now defunct outlaw net locale called Mac-codec.com.

The networks are made up of thousands of “webmasters” who work incessantly at driving traffic to “affiliates.” The affiliates run online stores with inventories that will look familiar to anyone who has ever received a spam message — fake watches, bogus anti-virus software and placebo pills. Commissions earned from affiliates can amount to thousands of dollars a day for the  webmasters, according to security experts. One Partnerka home page bragged that one of its webmasters made $4916 in 11 days. At that rate, the Web skel could clear more than $162,000 a year.

Bounty offered to infect Macs
   

Remember When Email Viruses Were the Big Problem?

Often in the media you will see statistics from security vendors that state that spam makes up over 90% of all email sent over the internet these days.  To some people that sounds like an unrealistic number.  I received about 30 emails at work today, does that mean another 270 spam emails were sent my way as well?  Well according to the statistics, yes it does.

While I was performing some maintenance checks on a customer I decided to see if their statistics matched up with what is quoted in the press.  As it turns out they are right on target for the amount of spam that they receive.  In the reporting period that I checked about 21,000 emails had been processed, over 19,000 of which were detected as spam.  That’s around 92% spam for this small business.

But the more interesting statistic was the breakdown of overall threats.  Of the over 19,000 emails blocked only 3 were blocked for containing viruses.  It would appear, at least for this customer, that email-borne viruses are not much of a problem these days.

This is in stark contrast to the early days of my career in IT, going back more than 10 years now to March 1999 when the Melissa virus struck and took down email systems across the world.  This simple Word macro virus was the first in a wave of serious viruses that could spread using email.  Virus infections were visibly destructive, trashing files and computers that they came in contact with.  Email viruses were seen as one of the biggest threats to IT systems and were the topic of many mainstream media stories.

At the time spam was relatively non-existent, for a few simple reasons – home internet access was slow and uncommon (especially in countries well known as spam havens today), and online commerce was nearly non-existent.  Amazon and eBay had launched in the mid-1990s and online banking had also emerged but they were far from mainstream.  Malicious email was the domain of people who wanted to cause mischief or make a statement; it was not seen as a way to make a lot of money with fraud and scams.

Remember When Email Viruses Were the Big Problem?
   

Spam Still Profitable to the Tune of $4000 a Day

Despite the economic downturn, spam is still as profitable as ever. A new report says that the group of spammers behind most Viagra spam rakes in an average of $4000 a day. The average order for the drug totals around …

Spam Still Profitable to the Tune of $4000 a Day
   

Idaho: Spam Capital of the U.S.

A new study has awarded Idaho the dubious honor of Most Likely to Be Spammed. The state known best for potatoes and film festivals is also the most spammed state in the union. 93.8% of all its email traffic is spam, …

Idaho: Spam Capital of the U.S.
   

ZBot Trojan Not Detectable By Anti-Virus Programs

Security researchers have discovered that the Zbot Trojan is undetectable by most anti-virus programs because it is continually morphing. Zbot is one of the most widespread banking Trojans on the net and has been around since 2006. It uses a …

ZBot Trojan Not Detectable By Anti-Virus Programs
   

Common Spam Complaints

In my line of work I support a lot of email users at a lot of different companies, and that means I am ultimately responsible for two things – the successful delivery of legitimate email, and the prevention of spam.

Over the years this means I have heard a fairly regular list of complaints about email and spam, some of which are due to misunderstandings about the capabilities and limitations of anti-spam products.  Here are some of the most common ones I hear.

This Spam Filter Isn’t Blocking Spam

The first complaint by the customer is usually that their spam filter is not working.  The event that raises this complaint can be as simple as the CEO’s assistant noticing a single spam email in her boss’s inbox.

I quickly remind them that no anti-spam protection is 100% effective, and that the one or two spam they receive each week is a drop in the bucket compared to the flood of spam that is actually being rejected.

Fortunately all good anti-spam systems come with comprehensive reporting features so I can show them that even though they or their Help Desk has reported a few spam emails reaching user mailboxes, the anti-spam system blocked thousands of them in that same time period.

This Spam Filter Is Blocking My Emails

The opposite complaint to the first is usually from someone who did not receive an email that they were expecting and it was subsequently found in the spam quarantine.  I’ve had single occurrences of this lead to people declaring the anti-spam software broken and demanding it be removed so that their important emails aren’t blocked again.

Once again I remind them that 100% accuracy is non-existent in the spam prevention game, that removing the anti-spam software would mean thousands of spam emails get through (the reporting comes in handy here again), and that the occasional false positive is best dealt with by utilizing end user self-service features.  These allow users to manage and release their own quarantined items, usually those items that are only slightly “spammy”.

Common Spam Complaints
   

New Phishing Attack Integrates Live Chat

A new phishing attack has added a surprising twist to the traditional scheme. The messages themselves are nothing new. They are made to look like they came from a major U.S. bank and direct the victim to click on the …

New Phishing Attack Integrates Live Chat
   

New Koobface varient in the wild

A phony Windows alert is used to defeat CAPTCHA.

A new variant of one of the Internet’s most widespread pieces of malware, Koobface, has surfaced in the wild, according to academic security researchers. In this latest twist on a familiar theme, the worm’s authors have added new ways to siphon cash into their coffers through click fraud and scareware.

University of Alabama, Birmingham, researchers discovered the variant of the worm, which first appeared in 2008 and since that time has infected an estimated 2.9 million machines, during their continuing study of the abhorrent application aimed at victimizing members of social networking and blogging sites.

As is typical with this kind of scheme, it starts with spam. Unlike the common cookie cutter junk sprayed across the Net into inboxes, pitches from Koobface have a devious similarity to a genuine message from a Facebook friend. One of the suspect subject lines identified by White Hats is, “Wow! Are you realy in this video?” Since the message contains the name of a Facebook friend, a recipient’s inclination is to click on the link in the missive’s body. A close examination of the link, though, will reveal that it contains a colon.  Colons in Web addresses usually mean redirection to another URL. Facebook links don’t do that.

New Koobface varient in the wild
   

Last Comments

  • Marcelo on Preventing Internal Email Abuse with Exchange Server 2010 April 8, 2014

    Hi My friend I have Exchange 2010 but the opcion "when the subject field or the message body maches" i dont have with options! can i use other option? thanks

  • Hery on Fanbox Spam Turns Into Costly Scam April 7, 2014

    Thank you very much, your posting helpfull, cause I get this FANBOX today..

  • Harry D. on Anti-Spam Efforts are Working April 1, 2014

    Definitely, any positive news about spam is always welcome. I really don't have a lot of issues with good e-mails ending up in spam because I also check my Junk Mail from time to time, and if it's urgent and they need my reply, they simply call or try to contact me in other means. I think it's also essential that you provide your friends, colleagues, and clients other ways to reach out to you other than e-mail.

  • Steven on Apple Files Patent to Take a Bite out of Spam April 1, 2014

    Sounds like a good plan, Apple, but they should better concentrate on growing their brand and bread and butter first. As they say, jack of all trades, master of none. It's better to be great in one thing than to be good in almost all things. Don't be like Android or Google please.