Spam
Spam
E-mail spam is a subset of spam that involves sending nearly identical messages to thousands (or millions) of recipients. Perpetrators of such spam ("spammers") often harvest addresses of prospective recipients from Usenet postings or from web pages, obtain them from databases, or simply guess them by using common names and domains. By popular definition, spam occurs without the permission of the recipients.
Definitions provided by Wikipedia - The Free Encyclopedia
Spam Related Products
The GB-Ware is a software firewall powered by GNAT Box System Software certified to ICSA 4.0 Corporate criteria. The GNAT Box System Software was designed from the ground up as an integrated firewall system with interoperability of features, easy installation and remote management. We supply the OS and firewall software - you supply the hardware.
More information
The GB-250 and GB-250e Firewall UTM Appliances are GTA's entry level systems that provide big security for smaller business offices. Designed and priced to meet the needs of smaller organisations, the GB-250 and GB-250e include the same security and UTM features of our larger enterprise firewall UTM appliances, but scaled to fit the needs of offices with fewer than 50 employees.
More information
The ProxyAV 400 Series is a purpose-built solution designed for quick integration with ProxySG 800 for deployment in medium enterprise or distributed environments. It provides scalable performance with a choice of antivirus engines from Sophos and McAfee.
More information
The GB-3000 Gigabit Firewall UTM Appliance is Global Technology Associates' flagship appliance. It offers the highest throughput and most comprehensive feature set in GTA's product line. The GB-3000 provides powerful network security and strong performance by delivering world-class protection and gateway threat management capabilities in a single dedicated appliance.
More information
The Blue Coat AV510 Series is a purpose-built solution designed for simple integration with Blue Coat SG810 and SG510 series solutions for medium enterprise or distributed environments providing scalable performance with a choice of antivirus engines.
More information
The Blue Coat AV810 Series represents the next generation in highend appliance platforms for enterprise Web AV. The AV810 series is a purpose-built appliance designed for scalable, enterprise performance, enterprise manageability, and factory-built integration with the Blue Coat SG
More information
Websense Hosted Email Security (formerly SurfControl MailControl) provides protection at the internet level, eliminating spam and malware before they reach your network. The hosted deployment model provides centralized security with built-in redundancy, failover, and business continuity, while easing administration and optimizing network operating and capacity planning costs. Guaranteed by industry-leading SLAs, Hosted Email Security reduces business costs, eliminates the complexity and uncertainty of managing email threats, and provides the highest possible degree of protection.
More information
Protect your Internet gateway, mail and file servers, desktops, laptops, and mobile devices with this fully integrated, centrally managed security solution. Multilayered security provides maximum protection from viruses, spyware, spam and blended threats, including web-based attacks.
More information
Choose a single, integrated solution to protect mail servers, file servers, desktops, and laptops against viruses, spyware, spam, phishing, inappropriate content, and blended threats. Enterprise Security for Endpoints and Mail Servers minimises complexity and lowers your costs with centralised management, broad platform support, and flexible configuration options.
More information
Email, instant messaging, and collaboration systems connect your employees, partners, and customers, but they also open doors for cyber-criminals. In this real-time environment, attackers can spread malware, hijack systems, and steal data in a flash. To prevent this instant exposure, instant protection is critical.
More information
Keep your data confidential and your employees safe while interacting with rich Internet content. Trend Micro Enterprise Security for Gateways integrates virtualized web and messaging gateway security - proven to maximise protection while minimising complexity and lowering total cost up to 40 percent.
More information
Small to mid-sized businesses don't need to pay high prices for powerful email security. WatchGuard XCS 170, 370 and 570 Appliances are affordable, complete email security solutions that defend against inbound threats including viruses, spam, blended threats, phishing, spyware and network attacks. Block 98% of unwanted traffic at the perimeter and boost your email security and performance without breaking the bank.
More information
Designed with the most demanding messaging networks in mind, WatchGuard XCS 770, 970 and 1170 Extensible Content Security Appliances are easy-to-use, enterprise-class email security, privacy and compliance solutions that protect against inbound threats and control outbound information to prevent data loss. They offer the most effective enterprise-class messaging security solution for protection from spam, viruses, malware, blended threats, spyware, phishing, and network attacks, as well as automated content security of outbound communications to prevent data leakage across email and web.
More information
Spam Related Product Families
M86 Security provides clients with integrated Web and e-mail threat protection, including the most sophisticated Secure Web Gateway available. Our solutions protect organisations and institutions from inappropriate content, legal liability, compromised data, lost bandwidth and reduced network performance.
More information
Spam Related Industry News
Anti-spam laws baffle UK.biz Businesses are in the dark over anti-spam laws, with 83 per cent ignorant of legislation aimed at stopping junk emails, a new survey has revealed. The research, conducted by software firm Clearswift, found that although just 16 per cent of businesses were aware of laws against spam, a massive 92 per cent felt current rules were not tough enough to stop unwanted emails.
The UK government introduced anti-spam measures last year, after complaints from small firms t......
[more] News beats porn online A quarter of employees admit to surfing obsession Employees are far more likely to be addicted to news than to pornography, a survey has found.
Websense, a San Diego-based firm which provides software to monitor web habits at work, has found that news sites are proving the real internet addiction for employees.
It has to be said, of course, that most companies block access to porn sites.
Just over 20% of those surveyed said that they thought news was the most ad......
[more] The most annoying spam of 2002 Every person on the net has one thing in common. They all hate spam.
Anyone who has an e-mail account will have received these unsolicited commercial messages that offer you things you do not want, at prices you will not pay, from companies you will never call.
2002 was a bumper year for these messages and now 30% of all mail flying around the net is thought to be spam.
Filtering firm Surf Control has compiled a list of the top 10 most annoying spam me......
[more] Spammers and virus writers unite Spammers are turning to tactics favoured by virus writers to get their unwanted messages into circulation. Anti-spam activists have found that some unscrupulous spammers are hijacking the e-mail accounts of innocent users to send millions of messages.
The spammers take over the accounts using malicious e-mail messages that resemble computer viruses.
As efforts to beat spam accelerate, many junk marketers are keen to cover their tracks and hide the real o......
[more] Spam virus 'hijacks' computers Spammers are sending out viruses that take over people's computers and turn them into junk mail machines, say experts. It is a worrying new development in the ongoing war against spam and could see a huge rise in the amount of unsolicited messages in inboxes worldwide.
In a worst case scenario, it could overwhelm the entire internet system warn experts.
UK spam filtering firm MessageLabs has found what it believes is the first example of a virus that has be......
[more] Spam fuels boom in secure content market Junk mail is an increasing problem but the search for an effective cure remains fraught with difficulties. That's the message we take from a slew of recent surveys on the subject.
Market watcher IDC predicts that anti-spam products will be a key driver for the secure content management (SCM) software market which it expects to grow by 19 per cent a year to reach $6.4 billion in 2007.
"Virus infection is still the main concern regarding corporate......
[more] Microsoft tweaks, new laws won't make '04 safer Looking back at security issues of 2003 and ahead to 2004 For computer security experts, 2003 started with the Slammer Internet worm and went downhill from there. The year, which included four major worm and virus outbreaks just in August, has been labeled the "year of the worm" and "the worst year ever" by more than one computer security expert.
All that activity meant good news for antivirus software companies, such as Symantec. It was bad ne......
[more] Microsoft aims to make spammers pay Despite efforts to stem the billions of spam e-mails flooding inboxes, unwanted messages are still turning e-mail into a quagmire of misery. Spammers send out tens of millions of e-mails to unsuspecting computer users every day, employing a myriad of methods to ensure their pills, loans and "requests for our lord" pleas fox e-mail filters.
Some are even turning to prose and poetry to fool the technological safeguards people put in place.
But a group o......
[more] EU anti-spam laws are OK It's just over a month since new anti-spam legislation was introduced into the UK with almost universal condemnation that the new laws would have a limited effect in the fight against junk email. The £5,000 fine for offenders has been branded by some experts as an "inadequate deterrent". And even those who've welcomed the new legislation - which is part of an EU-wide directive - doubt it will have any real impact on combating spam.
For although there is one EU anti-s......
[more] Spammers not deterred by Can Spam Act As expected, spammers don't seem too impressed with the US Can Spam Act, which was enforced on January 1. Nor have they changed their tactics. The US Can Spam Act attempts to regulate rather than ban the practice of spamming, but it outlaws so-called fraudulent spam, where spammers use open relays/proxies to send their messages. Falsified email headers can now also be punished with prison terms, as can sending sexually-oriented email which is not properly l......
[more] Spam with Trojan horse attacks eBay users Virus authors are using spam e-mails containing a Trojan horse program to help spread the latest version of the Mimail e-mail worm. The latest threat, which targets customers of eBay's PayPal online payment service, highlights a growing trend in which online criminals combine computer viruses, spam distribution techniques, Trojan horse programs and "phishing" scams to circumvent security technology and fool internet users, said Carole Theriault, securi......
[more] New Bagle worm spreads over internet disguised as Calculator, warns Sophos Sophos, a world leader in protecting businesses against spam and viruses, is warning of a new worm called Bagle-A (W32/Bagle-A). Following many reports in Australia, Sophos has already started to see multiple reports coming from the UK and other countries, and users are advised to be cautious of emails received over the weekend with the subject line "Hi".
The Bagle-A worm (also known as Beagle) arrives as an email me......
[more] Spam may be wiped out by 2006 Internet users beware -- within a couple of years you may have fewer opportunities to reduce your debt or increase your penis size Unwanted "spam" offers currently account for more than half of all e-mail traffic, but at least two high-tech executives say the torrent of pornography and unbelievably low mortgage rates could slow to a trickle by 2006.
Microsoft founder Bill Gates predicted the demise of unsolicited commercial e-mail at the World Economic Forum in D......
[more] 'Clean up this Internet effluent now' Messagelabs CTO Mark Sunner claims that ISPs allowing unfiltered traffic to flow to customers is like a water authority pumping out raw sewage We are losing the malware war. Conventional antivirus and anti-spam countermeasures seem ineffective against an increasingly sophisticated enemy. The argument is that server- and client-side solutions draw the battle lines far too deeply inside their own territory, robbing computing, bandwidth and other resources. Wha......
[more] City sees the benefits of wireless networks Survey shows more businesses are convinced but security is still lax The third annual Wireless Security Survey of London has highlighted a significant increase in the use of wireless networks by businesses.
In the two years since the survey was first undertaken, the number of wireless networks used in the City has increased from 124 in 2001, to 328 in 2002 and 1078 in 2003.
The benefits of the technology appear to have convinced companies, and th......
[more] Worst virus ever All eyes were on security as a fast-moving e-mail virus claimed the crown as the worst ever, and along the way it managed to make enemies of two software heavyweights MyDoom raced onto the Internet on Monday, quickly clogging e-mail servers, as it propagated itself with millions of messages laden with malicious software code. The virus arrived with one of several different random subject lines, such as "Mail Delivery System," "Test" or "Mail Transaction Failed."
Once the vir......
[more] Mydoom cripples US firm's website The Mydoom e-mail worm has paralysed the website of US software firm SCO, in a massive denial of service attack The company - which owns the Unix operating system - said the virus was "overwhelming the internet with requests to www.sco.com".
Both SCO and Microsoft have offered $250,000 rewards each for help to catch the author of the worm - the fastest-spreading virus known so far.
A variant of the virus is expected to attack Microsoft's site from Tuesda......
[more] Spam, scam, spoof and spyware: beware epidemic in Internet empire Spam, the circulation of unwanted electronic messages, is dangerous and expensive for businesses and individuals and is growing uncontrollably on an epidemic scale So says an official report prepared for an OECD-EU meeting on Monday and Tuesday. Confidence in the entire environment of Internet communications and electronic commerce is at risk.
A simple answer is not at hand, says the report which has just been declassified by......
[more] Governments must act together to curb spam Only coordinated action by governments can curb the alarming rise in unsolicited bulk e-mails, or spam, a high-level seminar in Brussels was told. The two-day meeting, organised by the Organisation for Economic Cooperation and Development (OECD) and the European Commission (news - web sites), was being held after the Mydoom e-mail worm infected more than one million computers around the world.
Mydoom underlined the vulnerability of computer systems......
[more] EC draws line in spam sand The EC is calling for greater international co-operation in combating spam Speaking at this week's OECD workshop on spam in Brussels, Commissioner Erkki Liikanen said the OECD should "rapidly agree" a five-point framework to promote effective legislation against spam. This programme calls for co-operation between enforcement agencies, self-regulation by industry, technical measures, legislative action and greater consumer awareness.
The OECD workshop on spam coinci......
[more] Shoppers spend less online because of spam Experts says spam is hurting online businesses and could stunt the Internet economy's growth The exponential growth of unsolicited junk email -- spam -- is shaking consumer confidence in the Internet and may hamper growth of the e-economy, officials have told a global anti-spam meeting.
A survey published by consumers group the Trans-Atlantic Consumer Dialogue (TACD) showed 52 percent of respondents were shopping less on the Internet or not at all b......
[more] Spam Slayer: Be Wary of Opting In New laws offer some protection, but they can't save you from yourself Opting in" to receive commercial e-mail that might interest you seems harmless enough. But it can turn the trickle of spam in your in-box into a torrent. A huge volume of spam, regardless of new antispam laws, still plagues e-mail users. Sharon Lewis is one example.
"I spend about an hour every day deleting spam," Lewis says.
I found Lewis and others like her through opt-in e-mail lists,......
[more] Clueless office workers help spread computer viruses Busy or apathetic employees are accelerating the spread of viruses and potentially costing UK businesses millions in clean-up charges, according to a survey out today Two-thirds of the 1,000 people quizzed by market researchers TNS in January admit they are not aware of even the most basic virus prevention measures. Meanwhile a third of those polled in the Novell-sponsored study said they are too busy to check their emails before opening them.......
[more] US anti-spam law fails to bite US legislation designed to stem the tide of junk e-mails has had little impact on spam, say experts US e-mail filtering firm Postini said the Can-Spam Act had only made a slight dent in the amount of unwanted mail.
It found spam accounted for 79% of all e-mails it processed in January, down from 80% in December 2003.
Critics of the US law had predicted it would do little to stop spam and may even encourage some businesses to start sending unsolicited messag......
[more] Fast-Moving Virus Intercepted Over Four Million Times In Only 9 Days MailWatch, a leading spam-blocking, virus-scanning and content-filtering service protecting corporate networks worldwide, today announced the total, and most frequently occurring virus threats it intercepted on behalf of its corporate customer base during January. The company also announced that it scanned 153 million messages in January for its customers, a 5% increase over December's total.
In January, MailWatch intercep......
[more] IT security: Something's gotta give 2004 is just over a month old but it's already been an eventful year for information security with the MyDoom worm carving its name into the annals as the most malicious code cocktail ever MyDoom demonstrated that with a bit of social engineering, users will always be duped into opening attachments. Once in progress, MyDoom launched an avalanche of e-mails clogging networks and servers while interrupting business productivity. It then launched denial-of-servic......
[more] Adware ploy dupes IMers with bin Laden 'news' Beware of instant messages bearing news of Osama bin Laden's capture Several victims told CNET News.com on Wednesday that a new Trojan horse advertising program, called BuddyLinks, masquerades as a news Web site with a story on the al-Qaida leader's capture in an attempt to fool users of America Online's instant-messaging program into downloading software and receiving advertising.
Although the software has some of the properties of an Internet w......
[more] Spam seen as security risk Spam is definitely annoying, but corporate customers also see it as a potential security risk, according to a survey released Wednesday The study, commissioned by security software maker Network Associates, surveyed 356 small to large organizations in North America. Questions focused on the effects of unwanted e-mail in the corporate environment.
About 90 percent of companies surveyed agreed that spam makes their companies more vulnerable to security threats. Beca......
[more] Anti-spam scam mimics official site An apparently official Web site promising to reduce spam may itself be collecting email addresses for spammers, the US Federal Trade Commission has warned Consumers should not submit their email addresses to a Web site that promises to reduce unwanted "spam'' because it is fraudulent, the US Federal Trade Commission said on Thursday.
Though the Web site, found at www.unsub.us, promises to reduce unsolicited commercial email, those who sign up could end up......
[more] Employees pass buck on security Most UK employees are unwilling to take any responsibility for securing their work computers, a recent survey has found. If this situation continues, computer attacks will increase rapidly this year, experts warned.
Nine out of 10 office staff feel they have no part to play in protecting their machines, according to a survey by Novell. They said the responsibility rested with their employer's IT department, Microsoft or the government.
Of 1,000 respondents,......
[more] US spammer fined £75k for porn sting A US company has been fined £75,000 for spamming punters with porn emails that led to users racking up whopping phone bills.
The spam sent by New York-based BW Telecom contained peak-rate dialler software which disconnected users from their ISP before reconnecting them to a service that charged them £1.50 a minute for Net access.
UK premium-rate services regulator ICSTIS found that the email containing the Ts&Cs and dialler software was confusing.......
[more] China Cracks Down on Spammers Authorities want to block more than porn and pitches, while feeling pressure to stop spam sent from China. The Chinese government is ratcheting up its efforts to fight unsolicited e-mail in a campaign with a distinctly political flavor, but officials face an uphill battle controlling spam.
The Ministry of Public Security (MPS) has announced a joint campaign with the country's Ministry of Education (MOE) and Ministry of Information Industry (MII) to end spam in......
[more] Your computer could be a 'spam zombie' Next time you're looking for a culprit for all that junk mail flooding your inbox, have a glance in the mirror. Spammers are increasingly exploiting home computers with high-speed Internet connections into which they've cleverly burrowed.
E-mail security companies estimate that between one-third and two-thirds of unwanted messages are relayed unwittingly by PC owners who set up software incorrectly or fail to secure their machines.
David Lawrence, 4......
[more] 'Gamer's virus' aims to hit users A miserable month for Microsoft is continuing with warnings about yet another Windows worm. Anti-virus companies have issued alerts about Bagle.B that is starting to appear in large numbers.
Like many other recent viruses it harvests addresses from the popular Outlook e-mail program and sends messages using its own e-mail engine.
Bagle.B also installs a backdoor in infected machines that could gives some remote control over compromised PCs.
New virus......
[more] Hefty fine for X-rated spam scam A US-based firm has landed a hefty fine for sending XXX junk e-mails to thousands in the UK. The unsolicited messages came with a sexually explicit attachment. When opened, users thought a "click me" button would close it.
Instead it led them to a site accessed through a premium rate phone number.
The UK's premium rate watchdog, Icstis, had more than 1,000 complaints about the e-mails and said the company breached a number of regulations.
Users were c......
[more] AOL, EarthLink File Lawsuits Against Spammers Two of the nation's largest Internet service providers (ISPs) filed civil actions against bulk e-mailers Thursday to combat the continuing spam flooding ISP servers.
Dulles, Va.-based America Online (AOL) filed a $1.6 million civil law suit in Florida, claiming that a software firm conspired with international spammers based in Thailand to deliver more than 35 million spam messages to AOL subscribers.
In a separate action, Atlanta-based Eart......
[more] At the Front in the Virus Wars When F-Secure's antivirus researcher Katrin Tocheva first spotted the MyDoom virus late in the evening of Jan. 27, she immediately reached out and smacked the monkey that sits near her desk. The monkey is a stuffed toy that screams when hit. F-Secure's antivirus team uses it as an alert signal; when the monkey starts screeching, the team knows there's a new virus or worm on the loose.
The monkey screamed an awful lot in January and February 2004, and there were......
[more] Perhaps latest virus was meant to send message Nothing stirs controversy better than issues with conflicting arguments. So why do viruses seem so controversial? Users, legitimate software developers, IT professionals and just about everybody else are basically on the same side of the fence. They don't like viruses. It's just a matter of how much ill sentiment each person feels. Is it just an inconvenience -- or a major problem?
The public at large doesn't really understand the motives behind......
[more] EU's anti-spam laws in chaos It was supposed to tackle spam but is turning into a laughing stock. A study by the Institute of Information Law (IViR) at the University of Amsterdam has revealed that the EU’s much-vaunted anti-spam legislation, Directive 58, is fast turning into a legislative disaster.
The Directive on Privacy and Electronic Communications, to give it its full name, was supposed to have been adopted by EU member states by October 2003, but according to the IViR, only 7 of 15 h......
[more] Sophos Announces Opening of North American Virus Lab Sophos, a world leader in anti-virus and anti-spam protection for businesses, today announced the opening of its North American virus lab. Sophos currently operates full-time virus labs in the United Kingdom and Australia and a spam lab in Vancouver, Canada. With the addition of its Lynnfield, MA-based virus lab, Sophos will be able to further extend protection for its customers worldwide.
As the threat of viruses continues to escalate alo......
[more] Sophos Joins Microsoft Virus Information Alliance Sophos, a world leader in protecting businesses against spam and viruses, today announced that it has joined the Virus Information Alliance, an industry initiative founded by Microsoft Corp. and consisting of ten leading anti-virus vendors. The alliance aims to provide Microsoft customers with accurate and relevant information about the latest virus threats affecting Microsoft technology.
As part of the initiative, virus researchers in Sophos l......
[more] Hi-tech criminals target UK firms British businesses are under siege by criminals and vandals using technology for financial gain or to cause havoc. A survey by the National Hi-Tech Crime Unit found 83% of UK companies have been the victims of computer crime.
The vast majority, 77%, were virus attacks and, on average, companies face 254 assaults from malicious programs every year.
Other computer crimes reported in the study included fraud, theft of key data and denial-of-service attacks......
[more] Latest MyDoom picking up pace Security experts issued fresh alerts over a new, file-deleting version of the MyDoom e-mail worm that was targeting computer users with greater ferocity on Wednesday. The new outbreak, known as MyDoom.F, emerged late last week and has been gathering steam since then.
The virus is programmed to infect personal computers and use them to unleash a crippling digital barrage known as a denial-of-service attack on select Web sites belonging to Microsoft and the Record......
[more] Is security getting any easier? Although governments and companies appear to be making significant headway on many security problems, don't expect headaches like spam to disappear anytime soon, according to security experts. Human error, combined with the increasing technical sophistication of malicious hackers, creates a situation in which security, ultimately, can never be perfect, security specialists on the cryptographer's panel at the RSA Conference here said Tuesday.
Invariably, indiv......
[more] Row over how to junk spam Microsoft is proposing to stop spam by checking that messages are being sent by the person they claim to come from. The Caller-ID for e-mail idea is one of several proposals floated as a way to stem the rising tide of junk mail.
The internet's engineering body has set up an emergency meeting to sift through the different proposals and draw up a network-wide solution.
But some fear the competing proposals could cause confusion and spell the end of some widely-use......
[more] Spam's 'dirty dozen' exposed The United States, Canada, China, South Korea and the Netherlands are the top five birthplaces of spam worldwide, according to a new analysis by security software maker Sophos. In an analysis of junk e-mails received over two days in mid-February, the company created a list of the "dirty dozen" spam-producing countries.
Taking the undisputed helm on its list of spam-producing countries is the United States, which accounted for more than half of the world's unsoli......
[more] Lawmakers Launch New Anti-Spyware Bill Two champions of last year's Can Spam Act have introduced legislation in Congress to outlaw invasive software such as spyware and adware from being secretly installed on computers.
Currently, these type of programs often piggyback on downloaded files without the user's consent, transmitting information about Internet traffic patterns and generating pop-up advertisements.
Known as Spyblock (Software Principles Yielding Better Levels of Consumer Know......
[more] Antispam Registries Aren't Official FTC warns that private do-not-spam sites are ineffective at best and scams at worst. While the Federal Trade Commission investigates setting up a national do-not-spam registry, new private sites are claiming to keep users spam-free now--but they lack the force of law.
The recently enacted CAN-SPAM law exhorts the FTC to consider the feasibility of a national, government-sponsored do-not-spam registry similar to its recent Do Not Call Registry restricting te......
[more] Overeager Spam Filters Cause Headaches ISPs struggle to get off AOL's blacklist when spam-blocking methods turn heavy-handed. Major ISPs are struggling to protect their customers from a growing wave of spam, but overzealous blocking can be a nuisance too, as several small ISPs have found.
Technicians for TDS Telecom, a Midwestern ISP, scrambled last week when America Online began blasting back all e-mail to AOL subscribers from TDS's 100,000 subscribers. The problem continued for days, exaspe......
[more] UUNet tops spammer-hosting super league UUNet hosts more spammers than any other ISP. It has 151 listings on the Spammers Block List (SBL), including 34 known spam gangs with ROKSO records, according to the anti-spam organisation Spamhaus' records for February 2004. The second worst offender, Chinanet-QD, has 82 entries on the SBL. It hosts Alan Ralsky, listed as the single worst spammer on the ROKSO list.
Banning unsolicited commercial email is a simple matter, Spamhaus says. it has example......
[more] Spam's irritating cousin, spim, on the loose Consumers ditching e-mail for instant messages to avoid spam are in for an unpleasant surprise. Spim, or instant-messenger spam, is peppering computer screens with increasing frequency. And the problem may get worse as e-mail marketers look for new ways to reach consumers after a federal crackdown on spam.
More than 1 billion spims were sent last year - roughly four times the amount sent in 2002. Another 4 billion are expected in 2004, Ferris Resea......
[more] Sophos joins Microsoft Virus Information Alliance (VIA) Sophos, a world leader in protecting businesses against spam and viruses, today announced that it has joined the Virus Information Alliance, an industry initiative founded by Microsoft Corp. and consisting of ten leading anti-virus vendors. The alliance aims to provide Microsoft customers with accurate and relevant information about the latest virus threats affecting Microsoft technology.
As part of the initiative, virus researchers in......
[more] Through the security looking glass The annual RSA Conference, which just concluded in San Francisco, is the technology industry's premier security event. After covering a half-dozen RSA conferences in the 1990s (including several for CNET News.com), I returned this year for the first time since 1999. Talk about a time warp.
As cybersecurity has become an ever larger concern, the data security industry has mushroomed. But although the lingo has changed from the prespam days, you can divide th......
[more] Virus-fighting needs better boundaries: Sophos A tightening up of the standards applying to MIME boundaries — which separate parts of an email — would help fight viruses, suggests Paul Ducklin, Sydney-based head of technology for the Asia-Pacific region for Sophos.
And some of the filters themselves could probably do with a re-examination as to how they handle the boundaries.
Some messages do not properly separate the text of an email from an attachment. A filter may erroneously pass the a......
[more] Spammers target home PCs You may hate getting spam but unless you are careful you could be responsible for sending some of it. It is estimated that at least one-third of all junk mail messages is being relayed by home computers.
And to make matters worse your humble home PC was probably turned into a spam-spewing relay by one or more computer viruses.
Computer viruses have come a long way since the days when they were just a nuisance put together by a teenager with too much time on their......
[more] First Can Spam Suit Filed A California ISP filed suit Friday in the first action under the recently enacted federal Can Spam Act, naming BobVila.com as the defendant. San Francisco attorney John Fallat filed a lawsuit in U.S. District Court for the Northern District of California on behalf of Foster City-based Internet Service Provider Hypertouch. It alleges Sacramento-based BlueStream Media and Boston-based BVWebTies, owner of BobVila.com, violated the federal Can Spam Act by sending Hypertouch......
[more] Spam is 10 Today marks the tenth anniversary of what is generally considered the first spam message. On this day in 1994, US law firm Canter and Siegel posted a message on several Usenet newsgroups advertising its services to people interested in participating in the US Green Card lottery.
These days we'd barely bat an eyelid at such a message but at the time it was considered as appalling breach of "netiquette" - the unspoken rules of polite behaviour online. It was the cyber equivalent of......
[more] Antivirus industry slammed by DTI report Companies still get viruses despite having antivirus software - so what is going wrong? The UK government has released research that will make unpleasant reading for some in the antivirus industry.
A survey from the Department of Trade and Industry revealed that 68 per cent of large companies were infected by viruses during 2003, despite the fact that 99 per cent were using antivirus products.
Chris Potter, security analyst at PricewaterhouseCoop......
[more] NetSky, we hardly knew ye The latest variant of the NetSky worm, which is the 11th in less than a month, will be the last, according to a coded message from the worm's author. NetSky.K was discovered on Monday, and security researchers found an unexpected message from the author within its code; although the authors of NetSky, Bagle and MyDoom have been engaged in a flame war for the past couple of weeks, this latest variant differs because it not only contains the usual insults to other virus......
[more] Comcast cutting off spam 'zombies' Internet service provider Comcast Corp. is cutting off Internet service for some customers whose computers are being used to relay spam messages, according to a company spokeswoman. Comcast has been contacting customers whose machines are being used as "zombies" to forward spam e-mail with warning messages. In some cases, the company has cut off Internet access to customers, some of whom are unaware their system is sending out the commercial solicitations, sai......
[more] Major ISPs to Stand Firm on Anti-Spam Fight Looking to show a unified front against spam, the nation's top e-mail and Internet service providers -- America Online, EarthLink, Microsoft, and Yahoo! -- are expected to outline their efforts in stopping unwanted e-mail at its source.
Representatives from the coalition are scheduled to appear at a press conference Wednesday morning in Washington D.C. to talk about their collaborative efforts. The coalition is based on an anti-spam industry allia......
[more] We're just innocent techies, say accused spammers Lawyers for a Florida firm accused of inundating AOL users with spam have hit back with a motion seeking to dismiss the lawsuit.
According to dismissal papers filed yesterday, AOL's lawsuit against Connor Miller Software in Orlando federal court is "essentially the same" as a case "dismissed" by a Virginia judge last December.
The defendants' lawyer, Seth Berenzweig of law firm Albo & Oblon, says that Judge Claude Hilton of Virginia "con......
[more] Washington Beefs Up Can Spam The two powerful federal agencies empowered as the whip hand of the Can Spam Act began the process Thursday of fully implementing the United States' first national law aimed at curbing unsolicited bulk e-mail.
Since the Can Spam Act became effective on Jan. 1, it has been criticized as ineffective in slowing junk e-mail. But most of the provisions of the new law are still being interpreted and defined by the Federal Trade Commission (FTC) and the Federal Communi......
[more] Trojans rise in the virus war Net users are facing a Trojan wave as hackers seek ways into victims' bank accounts.
The war of the worms may have averted attention to the NetSky's, Bagles and MyDooms, but make no mistake, a recent surge of Trojans has its collective eyes on your bank account and personal information.
'There's no doubt that we are seeing an increase in interest amongst the malware writing community
in Trojan horses and hacking into remote computers. It is more and more commo......
[more] Office update clogs spam filters A recent update for Microsoft's Office software is blocking several popular spam filters, and software makers are scrambling to find a fix to the fixes. The problems have occurred since the release earlier this week of Service Pack 3 for Office XP and 2000, which are recent versions of Microsoft's widespread productivity package. The patches and big fixes in SP3 included a number of security fixes for Office's widely used e-mail client, Outlook.
Shortly afte......
[more] Bagle turns to anti-spam trick The latest Bagle variants are hiding their passwords in graphic files in a new ploy to avoid detection by antivirus software Three new Bagle variants (N, O and P) discovered over the weekend differ from previous incarnations because they use an anti-spam trick to try and avoid detection by antivirus software, but experts believe that the attempt won't succeed.
The Bagle worm installs a back door on infected systems and could allow the machine to be used as an em......
[more] Zombie PCs must die! Comcast, the US cable giant, is threatening to disconnect customers whose infected PC are being used to relay spam messages.
Up to 30 per cent of spam is now spewing from hijacked "zombie" PCs. Spammers use Trojan horses and worms to take over PCs and use them as spam engines, a practice that can severely disrupt the operation of ISPs.
Recently, many Comcast customer IP addresses were recently blacklisted because of this spam-spewing zombies. The cableco has sent le......
[more] I Was Addicted to Spam How did I end up spending more time training my e-mail filter than I ever did hitting Delete? If you've had to deal much with software developers, chances are you've formed the impression that they come from another planet. (If, by chance, you are a software developer, you may well feel the same about end users.) I came to realize this when I got involved with the beta test of a new spam-blocking service introduced by my ISP.
Here at work, hidden behind multiple fire......
[more] MPs reassess computer crime laws UK legislation aimed at protecting computer users from hackers and spammers is to investigated by an influential group of MPs. The All Party Parliamentary Internet Group is to look at whether the laws need updating as e-crime becomes more prevalent and sophisticated.
The MPs will question industry figures, government officials and the public on possible revisions to the law.
The group is due to report its findings in June.
Time for change?
In the p......
[more] Computer security's new 'polybot' nightmare A new malicious computer program has been detected that can create networks of remotely controlled computers to take part in online attacks, send junk e-mail messages as spam and engage in other shady activities common to the bad neighborhoods of cyberspace.
The new program, known as "phatbot" or "polybot," uses technology like that developed for file-sharing networks like Gnutella and KaZaa to control the machines. ("Bot" is shorthand for "softwar......
[more] ISP Gets Tough With 'Zombie' Customers Broadband provider Comcast is taking a tough new approach to targeting "spam zombies" -- those virus-infected, unwitting spam-sending computers among its broadband base.
The ISP is telling customers to get virus-scanning and firewall software loaded or risk losing their high-speed connection until the problem of virus infections on their computer is fixed.
In recent weeks, the cable broadband giant has been alerting surprised customers to the probl......
[more] 'Witty' Worm Wrecks Computers A quickly spreading Internet worm destroyed or damaged tens of thousands of personal computers worldwide Saturday morning by exploiting a security flaw in a firewall program designed to protect PCs from online threats, computer experts said.
The "Witty" worm writes random data onto the hard drives of computers equipped with the Black Ice and Real Secure Internet firewall products, causing the drives to fail and making it impossible to restart the PCs. Unlike ma......
[more] Spam reduces faith in email Users increasingly put off by proliferation of offensive junk mail The growing problem of spam is taking a heavy toll on US internet users' perception of the safety of email.
According to a survey by cyber-monitoring group Pew Internet and American Life Project, 63 per cent of users are becoming less trusting of emails, while over a third claim to have cut back their use of email as a communication tool.
The majority of those surveyed indicated that the volume of......
[more] Technology solution to slicing spam lags Lawsuits filed by some of the Web's biggest players against junk e-mailers have portrayed an industry united in the war against spam--but there are few signs of collaboration in developing technology standards that could be more effective in slowing the deluge. America Online, EarthLink, Microsoft and Yahoo scored a major publicity coup earlier this month, when they launched their first joint legal assault against spammers. The suits claim that hundreds......
[more] Firms urged to rethink spam strategy Enterprises must protect themselves from likely shake-up in vendor market IT managers should rethink their spam filter strategy as the market is expected to experience dramatic vendor consolidation this year, Gartner has warned.
According to the analyst group, fewer than 10 of the 40 vendors in the market will still be in business by 2005.
And current firewall, antivirus and web filtering vendor technology fails to meet enterprise requirements, while com......
[more] AOL blocks spammer sites AOL's latest shots in the anti-spam campaign might cause problems with their customers.
According to the Washington Post, AOL has blocked access to sites peddled by spam email, the only problem is that some of its customers want to visit them.
A legal eagle contacted by the Post said that while the move might help AOL stem spam, some still want what spammers sell. Other legal experts are a little worried that AOL’s paternalistic attitude might break many free speech......
[more] SurfControl Helps Companies Strategically Manage Spam and E-Mail Threats Through New Online Tool ROI Calculator for Anti-Spam Tools Helps IT Managers Quantify and Communicate the Costs and Benefits of E-mail Filtering Solutions SurfControl, the world's number one Web and e-mail filtering company, today announced the availability of a free online resource to help corporate IT managers quantify the cost of spam and assess the business value of e-mail filtering solutions.
According to a recent stu......
[more] Watch out: It's virus season again Like it or not, we're hot and heavy into the first active virus season of 2004, one that--if the past is any indication --should last until May, then resume again in early August. Despite the sheer number of medium-threat viruses on the loose this year, however--we've seen about 36 low- to medium-level threats so far since January 18, 2004--virus writers seem to be burning through their bag of new tricks with only limited success.
Indeed, none of the recen......
[more] Scripting flaws threaten Norton software Symantec has released a fix for a pair of potentially troublesome flaws that create a mechanism to turn its Norton security software packages against their owners.
The vulnerabilities have not yet been coded into script-kiddie-friendly packages and Symantec is not aware of any malicious exploitation. But there's no reason for complacency about the "high risk" flaws.
The flaws include a buffer overrun vulnerability in Norton AntiSpam 2004 and a re......
[more] Spam busters The fight against spam is getting deadly serious with the flood of junk e-mail now threatening to swamp the internet MORE than one computer user around the world probably had a quiet chuckle the first time they received an unsolicited "nudge, nudge, wink, wink" e-mail promoting the latest penis enlargement technique.
After all, it only takes one click to delete if you're not interested.
The trouble is, it's just not funny any more.
For a start, we can't click fast enough.......
[more] AOL spam blocking may have downside America Online in the past month managed to dramatically cut down on the amount of spam its subscribers are receiving, thanks to new technology and a flurry of lawsuits.
But many analysts are warning that AOL's success will lead to more spam being sent to other, more vulnerable e-mail users.
"As business and enterprises are able to stop spammers from penetrating their network, the spammers will leave those ISPs alone and concentrate their fire on othe......
[more] Spam-busters say winning war against junk e-mail They're the scourge of the electronic age -- the modern-day equivalent of the 19th century snake-oil salesmen hawking their miracle cures, love potions and get-rich-quick schemes.
Like the rain in Ireland, there seems no escape from the tide of "spam", or junk e-mail flooding the Internet.
But operating from the backstreets of the Irish capital, a small team of spam-fighters says it's winning the battle against unsolicited e-mail that costs......
[more] Junk e-mail runs rampant despite CAN-Spam Act After years of growing public concern about spam, President Bush signed into law the Can-Spam Act of 2003 (the Act) that went into effect on January 1, 2004. Unfortunately, a recent survey suggests that spam is even more widespread today than before the effective date of the Act. Is spam, thus, a necessary evil of life in the Internet age?
The CAN-Spam Act
Under the regime created by the Act, email senders are prohibited from falsifying or disgu......
[more] International spam-busting Spam is hitting the headlines again as it gradually becomes clear to the powers that be that current legislation is having little or no effect. This applies to both sides of the Atlantic, even though the penalties under the US Can Spam Act are far more severe.
After telling us that the UK did not need to have mirror legislation with the US because we could invoke other laws, the government is now finding out that maybe it cannot.
Hopefully the public inquiry in......
[more] TM domain leads anti-spam charge The registry running the top-level .tm domains is leading the charge against spam by adding the SPF protocol into all its domains' DNS records.
While a large number of ISPs, big online names, anti-spam companies and a few domain registrars have added SPF and so helped verify that an email message comes from the address it says it does, TM Domain Registry’s general manager Paul Kane tells us this is the first time an actual registry has included the protocol.......
[more] SpamHaus lobbies for .mail TLD The SpamHaus Project wants the Internet Corp for Assigned Names and Numbers (ICANN) to approve its application to launch a ".mail" top-level internet domain (TLD) and provide a trusted-sender system for email. Technically the plans should be fairly straightforward, but political issues are another matter.
One of ten applications for new TLDs, .mail would act as a "reputation service", providing a way for email recipients to ensure that incoming mail is sent by......
[more] Big Business of Fighting Spam to Get Bigger The mostly fruitless fight against unsolicited commercial e-mail has created many headaches along with a billion-dollar industry to fight it.
The Radicati Group, Palo Alto, CA, this week estimated that the market for spam-fighting software and other measures will reach $979 million this year, thanks to a 50 percent rise in demand over the past 12 months. The researcher forecasts that the market will reach $1.7 billion by 2008.
The high stakes in......
[more] Spam being rapidly outpaced by 'spim' While the torrent of unsolicited spam emails continues to rise, it is being far outpaced by the surge in unwanted messages sent to the users of instant messaging programs, analysts have warned.
The volume of so-called "spim" is set triple in 2004, according to a new report from the Radicati Group, a technology market research firm in Palo Alto, California.
The company projects that 1.2 billion spims will be sent, 70 per cent of which are porn-related.......
[more] Florida firms accused in spam lawsuits Internet service providers are stepping up their efforts to curb the flow of junk e-mails by going to court. Nine Florida companies alleged to be spam operations have been sued in the past month The ''Alabama spammers'' used dozens of phone lines in the Birmingham area, but they never set foot in the state.
The spammers used those Alabama lines to send about 250 million e-mails that advertised adult dating services and herbal Viagra pills. The group of 1......
[more] All's Fair in Politics and Spam A new class of spam is sliding into in-boxes alongside pitches for Viagra and low-interest loans. It's coming from President George Bush and Democratic frontrunner Senator John Kerry and their supporters.
Political groups I spoke with say e-mail is an inexpensive supplement to television, radio, and print ads that reach out to the electorate.
The Bush-Cheney campaign reports it has amassed 6 million e-mail addresses. Its last bulk e-mail blast to supporters......
[more] Blockage for spam filtering vendors Predicted shake-out in sector to leave fewer than 10 firms in business More than 30 enterprise spam filtering vendors will no longer be in operation or will have changed their focus by 2005, leaving fewer than 10 still in business, according to analyst Gartner.
Its Magic Quadrant for Enterprise Spam Filtering report has claimed the industry will see "dramatic consolidation" during the first quarter of 2005, as various vendors either fail, are acquired or thri......
[more] Spam’s cost is hitting schools and taxpayers Once fodder for late-night laugh lines, the volume of unsolicited e-mail is growing so quickly in the US that other people’s spam, as it’s most well-known, is costing you money. This is most clearly true in the case of government, school districts in particular.
Taxpayers in the Pottsgrove School District, for example, have spam at least partly to thank for the recent vote to spend more than $188,000 on upgrading the district’s computer system.......
[more] IM spam to triple in 2004 Spam sent via instant messaging (IM) is set to become a major nuisance in 2004, with the number of IM spam messages tripling from 400 million to 1.2 billion, according to research firm the Radicati Group.
The increase in IM spam, also referred to as "spim", will come about due to much greater use of IM among businesses and a rapid increase in published IM names in corporate and public directories, Radicati said in a report.
The overall business IM market will gro......
[more] New Netsky Variant Blames Users Worm prepares attack on peer-to-peer nets, contains boast and warning message. A new version of the Netsky e-mail worm is programmed to attack peer-to-peer networks. It bears messages blaming users for spreading viruses and claiming its authors are crusading against hacking, antivirus software companies warn.
Netsky.Q first appeared on Monday and is spreading on the Internet. It is the 17th variant of the worm to be released since Netsky first appeared in Fe......
[more] Gates talks speech, spam If Bill Gates gets his way, within 10 years speech technology will be ubiquitous and the unrelenting security headaches of today will be only a distant nightmare. Interviewed by Gartner CEO Michael Fleisher on stage here at the Gartner Symposium ITxpo 2004, Gates also touched on the importance of security, Web services, and visual modeling technologies.
In response to the question of which IT innovations will gain prominence within 10 years, the chairman and chief s......
[more] AOL raffles off spammer\'s confiscated Porsche
AOL is raffling off a Porsche Boxster sports car that it took as part-payment in a settlement awarded against a spammer last year.
The $47,000 car - a favourite with multimillionaire footballers - will be given away as a prize to one lucky AOL member as a \"thank you for their co-operation in the fight against spam\", according to the company.
Randall Boe, AOL\'s executive vice president and general counsel, said in a no-way-contrived s......
[more] Internet users prepared to pay ISPs for better spam protection Internet users are prepared to pay extra to their ISPs in return for protection against spam and 'malicious Web content', according to a new survey.
MORI found that the majority of Web users look to their ISPs to block spam, viruses and obscene websites for which 45 per cent are prepared to pay as much as £2 extra per month. Twenty-nine per cent believe the problem is so bad that they would pay an additional £5.
The survey, carr......
[more] Eliminating Spam Requires Team Effort Online sales pitches for home mortgages, human growth hormones, dating services and, in some cases, hardcore pornography are deluging e-mail inboxes. This flood of so-called spam now reportedly accounts for more than half of all e-mail.
Spam is more than just frustrating; it can contain computer viruses, worms or other malicious code that is designed to damage computer networks, files and hard drives. Some spam is designed to download programs onto reci......
[more] As spring arrives, virus spreads seeds far and wide NetSky variants accounted for 60 percent of all viruses reported in March, making it the most prolific worm in the month, according to a report released Wednesday by security software vendor Sophos. Fifteen versions of NetSky infected computers during March--sometimes two different variants appearing in a single day. And on Wednesday, yet another NetSky variant was discovered, NetSky.R, the second variant to appear this week. Antivirus experts......
[more] Firms play down significance of spam But still a problem, research shows The volume of spam email will increase in the future, but the impact on business is not as damaging as initially predicted, according to research.
The Department for Trade and Industry's biennial Information Security Breaches Survey conducted by PricewaterhouseCoopers (PwC), found that nearly all UK companies receive unwanted junk email, but a third don't believe it is a business problem.
Some 17 per cent of companies......
[more] The Red, White and Blue of Spam Despite increased legislation and hyper vigilance by IT companies, one industry report says spam has not been canned and the "phishing" industry is now booming.
But to put the blame on Russian hackers or Nigerian royalty would be a false notion.
The report issued by Commtouch Thursday is an analysis of e-mail activity for the month of March. The findings: three months after the CAN-SPAM law was enacted, it's seen no slow-down in spam volume. In fact, the......
[more] SPAM : the unintended consequence of ecommerce One of the problems of doing business online -- spam -- has been spawned by of one of its greatest benefits: email. Unwanted commercial email (junk mail in some lexicons, spam in most) has grown 115% in the last year, from 15 billion email messages to a projected 35 billion this year, according to a study from the Radicati Group.
But Radicati may have been behind the curve. Brightmail, which provides gateway spam protection to 7 of the 10 largest......
[more] EU pressures member states to implement spam law Failure to respond within two months will result in legal action against eight states The European Commission sent a final warning to eight member states of the European Union (E.U.) Thursday, for failing to transpose into their national laws an E.U.-wide law designed to curb spam and control the use of "cookies".
An initial warning was sent to nine countries last November but only one of them, Sweden, has taken action to remedy the situation.......
[more] 'Buffalo Spammer' Convicted Carmack, who lost civil case to EarthLink last spring, faces jail under new identity-theft law. A man accused of using EarthLink e-mail accounts to release a flood of spam has been convicted on charges of identity theft and falsifying business records, according to the New York State Attorney General.
Howard Carmack of Buffalo, New York, also known as the "Buffalo Spammer," has been found guilty by a jury in Erie County, New York, on 14 counts. The conviction inc......
[more] Report Shows Spammers Do It For The Money Spammers' prime motivation for engaging in spam campaigns is financial, according to a report by Vircom, a Montreal-based email security provider. The report offers a portrait of a spammer who said he can earn anywhere from $1,200 to $6,500 for a week's worth of spamming.
The report, "Why Spammers Spam," offers the first comprehensive glimpse into the world of spamming, based on more than 40 hours of interviews with three U.S.-based spammers conduct......
[more] Spam reaches new high in March More than one million junk emails sent on one day alone Spam jumped 30 per cent during the month of March, according to security company Sybari.
The firm recorded 660,000 new spam outbreaks on 1 March and 883,000 on the 31 March. And more than one million new spam mails were sent on 25 March.
The company said each spam outbreak was made up of thousands and often millions of emails sent to inboxes around the world.
"Spam is a commercially driven phenomenon,......
[more] Business spam fines from weekend A financial publication has today reported that most businesses were scrambling to comply with new legislation that will impose fines of up to $1.1 million for sending spam or unsolicited email.
Under the legislation, it is an offence to send a commercial electronic message without having the recipient's consent.
After Saturday, sending an unsolicited email to obtain consent to keep someone on a mailing list may also be considered spam.
However, the new......
[more] Seniors not fooled by spam Older Americans are more likely to recognize spam and avoid its pitfalls, such as online fraud, says a new study.
But they’re also the least likely demographic to use spam-blocking tools, says Applied Research, which surveyed 1,000 Internet users 18 and older for Symantec, a developer of Internet security software.
Only 23 percent of those 65 or older say they have opened unsolicited e-mail. In contrast, about one-third of Americans 18 to 64 say they have open......
[more] Malaysian premier ISP under quarantine for spam Several Malaysian e-mail users have complained that some of their e-mail messages sent via TM Net have bounced back, due to the Internet service provider (ISP) being "blacklisted" by global antispam groups.
Spamhaus Project, a Europe-based non-profit group that keeps tabs on spammers and their operations worldwide, has blacklisted a range of IP addresses under TM Net's responsibility due to the higher incidence of spam coming from its network.......
[more] "Lighthouse Afghan" fools Outlook spam filter Spammers using hidden words to slip through Bayesian filter… Spammers are inserting hidden words into their email messages to fool Microsoft Outlook's built-in anti-spam technology.
As spam-filtering technologies become more common, spammers have altered the construction of their messages to avoid detection. Although spam is very simple for a human to spot, the artificial intelligence systems used by junk filters rely on spotting obvious keywords......
[more] Europe trails UK on spam control Eight EU countries warned to implement privacy directive on junk mail and cookies. Eight countries within the European Union (EU) have still to enact its privacy directive governing spam email and internet cookies.
The European Commission has sent a second warning to Belgium, Germany, Greece, France, Luxembourg, the Netherlands, Portugal and Finland telling them they have two months to comply or face lawsuits before the European Court of Justice.
The Privacy......
[more] Experts anticipate spam surge The cost to people and businesses in Europe of clearing up after viruses and spam will total €9 billion (£6 billion) by the end of year and will keep rising, an IT consulting firm warns. The Radicati Group says that EU initiatives to combat spam and the wide availability of firewalls and other virus patches will not prevent costs from rising to €30 billion by 2008.
But the study also highlights the benefits of an expanding European messaging market, which it say......
[more] IM spam piling up, researchers say Spam sent via instant messaging is set to become a major nuisance this year, with the number of such messages tripling from 400 million to 1.2 billion, according to research firm The Radicati Group.
The increase in IM spam, also called spim, will come about because of greater use of IM among businesses and a rapid increase in published IM names in corporate and public directories, a Radicati report says.
The number of business IM users more than double......
[more] Wrapping up the messaging and spam tour That's it - the four-city Network World Messaging and Spam Tour is over. If you were one of the attendees, thanks for coming. If you weren't, well, you missed some great events.
One thing we do at these events is award a stupendous, fantastic prize for the best question put to the panel, and on this tour we got some great questions!
Looking back, it is interesting to identify the queries that were asked most often. Three questions were more common......
[more] Could NZ become a spam haven? New Zealand has rocketed to the third largest producer of spam in the region, according to anti-spam company Brightmail.
Spam claiming to originate from New Zealand accounts for 14% of the region's spam production, up from only 2% in January. The biggest offenders are China and Korea with 34% and 30% respectively. Japan is fourth with only 8%.
Brightmail, which provides anti-spam filters to both Telecom and TelstraClear in New Zealand, tracks email traffic t......
[more] Wireless spam: Some fighting it successfully Spam is already plaguing some wireless devices in the U.S., despite claims at a spam forum in Washington, D.C., last week that the nation was behind others at least in that one type of unwanted commercial e-mail.
PDAs that allow users to download their e-mail, such as BlackBerry devices, have the same problems with spam as "wired" computers, but have the added problems of cellular-phone spam, because PDA users may be paying per-minute charges to......
[more] Half of all email is now spam According to a recent Yankee Group report titled E-Mail Security Solutions Providers Seek to Stop Spam and Viruses at the Perimeter, half of all e-mail sent today is spam.
The report also claims that the challenge of filtering unwanted messages at the edge of U.S. businesses has created a $140 million market.
It's no secret that spam is a huge problem that the industry and governments are still trying to solve.
"Legislation alone is not sufficient; we a......
[more] Witty extinction The "Witty" worm appeared on 19 March, and within a few short days it completed its mission and effectively disappeared. It received minimal coverage by the major news media outlets and for many people it has already been largely forgotten, a mere blip on the radar among so many blips of new viruses and virus variants that appear each week. If the Witty worm didn't affect you, as is the case for most people, you probably don't care. But you should. The Witty worm set a dangerou......
[more] SurfControl boasts record quarter The war against spam has helped boost revenues for Surfcontrol, the British web and email filtering firm. In a trading update today, the company said it had invoiced $25.8m (£14m) during a record third quarter, ended 31 March. SurfControl said Q3 trading was positive and that the content security market is robust with demand "remaining high".
In the Americas region, invoicing grew 17 per cent year-on-year, while other areas combined to generate a 25 per cent......
[more] New Netsky worms change their stripes New versions of the Netsky e-mail worm are spreading on the Internet and may be the work of a different author than previous editions of that worm, according to anti-virus software companies.
Netsky.S appeared on Monday and Netsky.T was detected Tuesday. They are the 19th and 20th editions of an e-mail virus that first appeared in February. Unlike earlier variants, the new Netsky strains open "back doors" on machines they infect, prompting at least one......
[more] Va. arrests third person in spam dragnet A third person has been arrested in connection with an illegal e-mail operation, the state attorney general announced Wednesday.
Jessica Jaynes, who is also known as Jessica DeGroot, was indicted by a grand jury in Loudoun County on Wednesday. Jaynes is charged with four felony counts of using fraudulent means to send illegal unsolicited bulk e-mail, commonly known as spam.
Jaynes is the sister of Jeremy Jaynes, who was arrested in December on simi......
[more] The Deadly Duo: Spam and Viruses, March 2004 The volume of unwanted messages inched up another percentage point during March 2004, pushing the spam ratio to 63 percent. Of the 93 billion messages Brightmail's Probe Network filtered during the month, 58.6 billion were identified as spam. Unsolicited product-related messages continue to garner the largest piece of the spam pie, while scam messages experienced the biggest decrease.
Despite the mounting volume, consumers are becoming increasing......
[more] Viagra spam on the rise Here's an amazing statistic that we made up a few minutes ago:
If you took all your daily spam email offers of penis extensions and laid them out end to end, your wizened old fella would stretch three times round the globe.
And if you accepted all the offers of cut-price Viagra pinged every few seconds into your bulging inbox, the explosion risk factor inside your beige, threadbare Jockeys would be equal to 520 Hiroshimas.
Makes you think, doesn't it?
The Gu......
[more] How did MyDoom become the worst virus outbreak ever? Find out why the MyDoom worm tricked so many users and IT departments. During the last two weeks of January 2004, the MyDoom e-mail worm (also known as Novarg, Shimg, or Mimail.R) swept across the Internet in epic proportions, causing some analysts to declare it the worst-ever virus outbreak.
This worm arrived with the executable extensions of .pif, .scr, .exe, .cmd, .bat, or .zip. With the exception of the .zip file extension, most IT dep......
[more] Germany moots jail for spammers Germany's ruling Social Democratic Party (SPD) is mooting tough sanctions for spammers. These would include big fines for spammers and the companies which use their services, and prison sentences for the worst offenders.
Ulrich Kelber, an SPD MP who is promoting the draft law, says that small fines will not deter the top 50 spammers. "In the event of repeated violation we need really hard sanctions," he said. The law could be a signal to other countries, too,......
[more] US FTC says pornographic "spam" must be labelled Pornographic "spam" e-mail will have to contain a warning on the subject line so Internet users can easily filter it out, the Federal Trade Commission said Tuesday.
Starting May 19, sexually explicit e-mail will have to bear a label reading "SEXUALLY-EXPLICIT:" and the messages themselves will not be allowed to contain graphic material, the FTC said.
Outrage over unsolicited pornography and other forms of junk e-mail spurred Congress to p......
[more] Company warns of bugged spam messages Spam beacons relay back to the spammer whenever a message is opened, company says Hidden code in e-mail messages is increasingly being used to track the success of unsolicited commercial ("spam") e-mail campaigns, according to a warning by an antispam technology company on Tuesday
MX Logic Inc. of Denver, said that up to 50 percent of all spam released in the last year is bugged with so-called "spam beacons" that send a coded message back to the spammer w......
[more] Stock spam scams ramping up Spam messages promoting bogus financial tips are on the rise. Financial spam rose from 10.8 per cent to 26 cent last month, according to mail filtering outfit ClearSwift. The increase is due largely to bogus stock tips, it says.
By implying that recipients of spam emails are in possession of privileged information - such as news of an acquisition before a general announcement - spammers seek to persuade the gullible into purchasing particular stocks. If a signific......
[more] Spam: 'Happy' tenth birthday! Amazingly all this illegal activity was started by lawyers... This week marks the 10th anniversary of the first unsolicited electronic message recognised as 'spam'. On 12 April, 1994, a pair of attorneys in Arizona launched a homemade marketing software program that forever changed the Internet.
Hoping to drum up some business, Laurence Canter dashed off a Perl script that flooded online message boards with an advertisement pitching the legal services of Can......
[more] March sees drop in spam volumes Spam legislation creates a blip in volumes but is unlikely to prove a real countermeasure to the problem, says MessageLabs.
Last month showed a drop both in volumes of spam and in the percentage of email it accounts for, according to MessageLabs' data. These encouraging signs coincide with US ISPs filing suits against large scale spammers under the US CAN-SPAM Act, but the security company doesn't expect this decline to be any more than a blip while the spammers......
[more] Detecting Spam Bayesian filters use probability theory to determine if messages are legit. Will big numbers help stop the spam flood? More than 60 percent of Internet traffic is spam, so it's not surprising that people are turning to the science of big numbers for help. Many hope that Bayesian filters, based on algorithms that use probability to block unwanted messages, will stop this cyberpestilence.
Bayesian filters are more or less based on the Bayes rule, a theory of conditional probabili......
[more] EarthLink keeps tabs on spyware EarthLink is starting to keep score in its fight against spyware. The Internet service provider on Thursday said it found an average of nearly 28 spyware items on each PC it scanned during the first quarter. The company, in conjunction with Webroot Software, conducted a total of 1.06 million scans through its Spy Audit service. The majority of the items found were relatively harmless, EarthLink said, but some represented serious problems.
The term "spyware" h......
[more] Guide to Spamming the Spammers 'The Spam Letters' moves Web site collection of correspondence into a book. Ever wanted to respond to those spammers and annoy them back? Ask them the details of their incredible investment opportunities? Correct them on what body parts are too large and too small? Explain why you don't need V*i*a*g*r*a?
Jonathan Land writes those responses, then posts them on his Web site, spamletters.com. In May, No Starch Press is releasing a collection of Land's corresponde......
[more] Google's spam plan forwarded to lawyers A message to a spouse confessing to having dented the car would arrive with links to panel beaters. An email from a friend suggesting dinner would land studded with offers from restaurants.
This could be the future of free email services if the search engine behemoth Google has its way. Personal messages would be scanned and loaded with advertising relevant to their content before they have even been read by their intended recipients.
It's the price......
[more] US proposes rigorous spam sentencing The US Sentencing Commission (USSC) sent its proposals for sentencing spammers off to Congress this week.
Offences under the recently-introduced Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act) will be treated as a felony. Criminal sanctions apply where spam is sent using someone else's computer without their permission or where bulk mailers misrepresent the source of a message.
The USSC is taking a tough stand by r......
[more] Australia Cracks Down on Spam Companies urged to evaluate e-mail policies under Spam Act's threat of heavy fines. Australia's new federal antispam law has taken effect, and it's being met with some of the same concerns as the new U.S. law, notably the likelihood of nailing legitimate marketers while spammers escape.
Businesses Warned
The new Act is likely to catch some legitimate companies unaware, especially if they do not audit regularly, says Chy Chuawiwat, managing director of Clearswift......
[more] Pre-Internet e-mail: small-scale and spam-free Ten years ago, the face of e-mail was quite different than the ubiquitous communications arena it is now. To paraphrase a campaigning president, we might ask if we are better off today than a decade ago, and the answer would be a resounding affirmative.
It's hard to say exactly where nascent e-mail was on April 17, 1994, but there emerge a few clear impressions. I had two accounts, MCI Mail and America Online. They were stratified into A and B......
[more] E-Crime and Punishment Are you ready to go to jail for sending an email? Every day your e-mailbox probably contains some messages that you could readily live without. I'm not referring to the ones from your boss, but those unsolicited commercial emails known as spam. Some people are so annoyed by these bothersome emails that they seem willing to employ almost any measure to stop them.
Now, spam haters have some powerful allies. New York State Attorney General Eliot Spitzer and Microsoft CEO Bi......
[more] Viruses In 47% Of Junk E-mails According to a survey conducted by Kingsoft, one of China's leading software companies, 47% of all the junk e-mail received by China's Internet surfers contain viruses. Of the 83,641 Internet users that answered the Kingsoft questionnaire, 54% said they are receiving one to five junk e-mails a day on average, and 37% are receiving five to 20 unsolicited mails.
In the second half of March, Kingsoft handed out its anti-spam questionnaire to 100,000 people in mor......
[more] Renewed warnings over 'phishing' Bank customers are being warned again about "phishing" scam e-mails, after a recent increase in those falling victim to the internet menace. Internet security firm MessageLabs said it had stopped 215,643 "phishing" e-mails last month compared with just 279 last September.
Phishing is used by fraudsters and organised crime to gain bank details.
MessageLabs' information security analyst Natasha Staley said the figures were "just the tip of the iceberg".......
[more] Spam-buster SurfControl in $14.7 mln U.S. purchase British tech firm SurfControl Plc unveiled a deal to acquire U.S.-based Messagesoft for up to $14.69 million on Monday, in a bid to cement its hold on a growing market for software that filters junk emails.
SurfControl, whose software helps to keep computers free of unwanted Web content like pornography and junk emails, said the purchase would give it access to California-based Messagesoft's technology and its Chinese sales and distribution......
[more] New Phatbot worm may be on the loose A new variant of the Phatbot worm may be on the loose and attempting to attack SQL Server ports, according to a warning the SANS Institute issued Monday. Last month, Phatbot made the rounds, attacking Windows systems by acting as a Trojan horse. Phatbot would then link infected computers into an underground network for sending spam or launching other attacks. SANS is currently in the process of attempting to capture a full packet of data--or an executable fil......
[more] 5 years ago: Europeans petition parliament for end to spam 20.04.1999: Graham Watson MEP today launched an attack on email spammers in the European Parliament when he presented the Legal Affairs Committee with a petition calling for an end to junk email.
The petition - signed by 24,000 European internet users - calls for an end to unsolicited email, which Watson described as an invasion of privacy and a huge waste of time and money. Watson said the petition is an example of online democra......
[more] Sharp jump in share-related spam Spam e-mails tipping shares in small companies have increased by nearly a third between December and March, according to industry experts. Many of the shares recommended are either worthless or selling at massively inflated prices, spam detection firm Clearswift warned.
People who buy on the back of the bogus recommendations could make heavy losses as a result.
Most of the shares are in technology and media firms, Clearswift added.
"The spammers are l......
[more] PC users 'fail security tests' Future severe outbreaks of worms, viruses and other malicious programs are only going to be avoided with a radical new approach to computer security. So says Marcus Ranum, a senior technologist at respected security firm TruSecure and the man credited with creating the first commercial firewall.
Mr Ranum says there is a growing divide between the way that organisations and end users tackle computer security.
Many corporations are taking effective steps to p......
[more] Cash Cow or Spam Sow? A marketing firm that offers people cash in exchange for letting their computers be commandeered to distribute bulk e-mails has come under fire from antispam activists, who say the program is just a cover for a high-tech spamming operation.
The program, operated by Sendmails Corp., offers members $5 for downloading and installing the company's VirtualMDA (mail delivery agent) software. The New Hampshire company promises to pay an additional $1 for every hour of computi......
[more] Study Says Anti-Spam Efforts Yield Rapid Returns IDC says a company with 5,000 users can save $783,000 annually by implementing an anti-spam system. A study by research firm IDC should prompt smiles among anti-spam vendors. The report, titled "The True Cost Of Spam And Value Of Anti-Spam Solutions," notes that spam comprised 32% of all E-mail messages last year, double the percentage in 2001.
IDC's 32% figure is significantly lower than spam estimates put forward by anti-spam vendors such as B......
[more] Spamhaus breaches great firewall of China Monitoring project works with Chinese authorities to crack down on spammers Anti-spam organisation Spamhaus is taking its crusade to China following an invitation from the Chinese government.
After the US, more spam is sent from China than any other country, and Spamhaus hopes to persuade the Chinese authorities to implement effective anti-spam legislation and technologies.
A team of Chinese volunteers will monitor spammers and report back to the UK......
[more] Spam showing little sign of abating Companies won't stop spamming - employees won't stop complicating matters... Two factors are combining to ensure that combating spam will continue to be a near-impossible task - the fact that companies are happy to continue flouting anti-spam legislation and the fact that a lack of education among end users is set to keep aggravating the issue.
However, blame for the latter issue can hardly be laid at the feet of employees when 57 per cent of companies......
[more] 'Osama' Spam Onslaught Leads to Trojan A persistent new spam campaign that purports to show recipients pictures of Osama bin Laden being captured is in fact a ruse that could lead victims to download a malicious Trojan.
The e-mails have been flooding inboxes all over the Internet since Thursday, carrying a subject line that reads: "Osama bin Laden Captured." The sending address is spoofed, and the messages often appear in tightly grouped batches of eight or 10 e-mails at a time. The text of......
[more] Spain hit by spam pain Government ISP blocked by anti-spammers State run ISP Telefonica De Espana (TDE) has been blocked from a large number of US web sites.
TDE is the most prestigious spammer on the Abusive Hosts Blocking List (AHBL), which is used by American ISPs to identify the worst spammers in the world and block them.
According to the AHBL TDE users are flooding the world with thousands of junk advertising emails and dodgy financial scams.
It is rare for a whole ISP to be bloc......
[more] 'Ineffective' spam law ignored by EU countries Directive has no jurisdiction over spam from overseas... The EU's anti-spam directive, which was passed in July 2003, has been ignored by most EU member states because it will not stop the spam problem, according to research published by the Institute of Information Law (IvIR) at the InfoSecurity exhibition in London on Tuesday.
In its directive on privacy and electronic communications, the EU last year stipulated that all member countries shoul......
[more] Spam slows down ISP Kiwi email at snail mail speed New Zealand's largest ISP Xtra has had its entire systems slowed because of spam.
According to stuff.co.nz, yesterday it took up to 24 hours for Xtra to get an email to its destination because its servers are so clogged with junk.
That is the same length of time it takes New Zealand Post to get a snail mail to an address in the same town.
A spokesperson for Xtra said the problem was temporary and seemed to be caused by a dramatic increa......
[more] Europe drags heels in war on spam Infosecurity Europe 2004, The shortcomings of Europe's war against spam are highlighted in a study of anti-spam legislation published today. The Institute for Information Law (IViR) of the University of Amsterdam and security firm Sybari Software looked into the law regulating unsolicited commercial email (i.e. spam) in the EU. Special emphasis was placed on the EU's July 2002 Directive on Privacy and Electronic Communications.
Their report reveals weak spots......
[more] Employers could be sued for porn spam E-mail porn spam in the workplace could land European employers in court for fostering a hostile work environment, a Dutch researcher says.
The broad wording of new European anti-spam legislation opens up a new breed of legal snares for Europe's corporate sector, according to Lodewijk Asscher.
"European employers must be aware of the risk of new computer-related liabilities," said the researcher for the University of Amsterdam's Institute for Info......
[more] Would you like a cherry Bagle with your zombie PC? An unknown group of VXers has released a new version of the Bagle worm.
Bagle-Y (AKA Cherry Bagle) spreads by either email or network shares. It opens back doors on infected PCs and turns them into zombie clients in DDoS or spam networks. The worm also tries to terminate various security and anti-virus applications, as well as processes associated with the NetSky worm. Most AV vendors rate Bagle-Y, which was first spotted today, as medium-ri......
[more] Malicious spam on the rise says Brightmail Anti-spam filtering company Brightmail is warning users about an increase in malicious spam following the introduction of anti-spam legislation in a number of jurisdictions.
Brightmail, which has filters on around 25% of the world’s email addresses, is used by both TelstraClear and Telecom’s Xtra and so covers around 85% of New Zealand’s email.
Brightmail vice president for Asia Pacific, Garry Sexton, says that with the introduction of anti-spam......
[more] First complaint filed under Can-Spam The U.S. Department of Justice has filed a criminal complaint against four Detroit-area men under the federal Can-Spam Act, in the first case sparked by the legislation. In a filing Wednesday in the U.S. District Court of Michigan, federal attorneys contend that Daniel J. Lin, James J. Lin, Mark M. Sadek and Christopher Chung violated the terms of the Can-Spam Act by creating massive e-mail campaigns that marketed fraudulent weight loss products. The Can-Spam......
[more] Spam deluge nearly sinks e-hosting business A Bellevue company that has been trying to protect residential and business Internet users from unsolicited commercial e-mail likely was targeted by a major spam operation for that very reason, its founder said yesterday.
Lee Wright said ModoMail is still struggling to survive after being besieged by forged e-mails — at one point receiving 300 a second, clogging his system.
Messages hawking bogus diet patches and penis enlargement pills were b......
[more] Government talks tough on spam DTI considers 'serious enforcement' of e-privacy legislation The Department of Trade and Industry (DTI) is looking to strengthen the UK's defences against spammers.
"Spam is not going to be stopped with simple regulation," said Jean-Jacques Sahel, deputy head of international communications policy at the DTI.
"We need to take a more pragmatic approach and seriously enforce the [European] directive [on e-privacy]. Maybe we need to give the Information Commissio......
[more] Bill Gates 'can't stop spam' More than 80 percent of security professionals do not believe that Bill Gates' crusade against spam will solve the problem, according to a survey A survey of IT security professionals conducted at the Infosecurity show in London this week revealed that more than 80 percent of people do not think that Bill Gates' pledge to eliminate spam within two years is realistic.
In June 2003, the Microsoft chairman called for cooperation between government and corporations to......
[more] Copycat phisher arrested for Smile attacks The National Hi-Tech Crime Unit has arrested a Lytham St Anne's man suspected of launching a recent phishing attack against Smile customers Police have arrested a 21-year-old British man suspected of launching a phishing attack, in which he allegedly tried to trick users into revealing their bank account details, on customers of the Smile online bank.
Officers from the National Hi-Tech Crime Unit arrested the man, from Lytham St Anne's in Lancashire......
[more] UK Companies Warned to Filter Spam A Dutch researcher has warned British businesses that a clause in the European anti-spam law could hold businesses accountable for porn showing up in corporate email accounts.
Researcher Lodewijk Asscher, from the University of Amsterdam's Institute for Information Law, says the anti-spam legislation is comprised of broad wording and some porn might be slipping through. Employers could be held responsible if porn at work prompts a staff member to launch a......
[more] US goes after NZ spammer The US Federal Trade Commission has filed a legal action against Global Web Promotions, a spam enterprise that operates out of Australia and New Zealand, as part of its first criminal prosecution under the new US federal anti-spam law.
The action is half of a two-part action underway by the FTC.
In the first, the FTC filed a complaint against Detroit-based spam operation Phoenix Avatar. That complaint was developed in a joint investigation with the US Attorney’s O......
[more] Most Spam Web Sites Hosted in China While most spam comes from the US, the web sites they advertise are mostly hosted in China, according to numbers released yesterday by Commtouch Software Inc, a small anti-spam software vendor.
Commtouch said that in April 71% of the URLs found in spam directed to web servers in China, compared to 22% that were in the US. Brazil, a notorious haven for malicious hackers, came third, with 2.2% of sites.
However, only 6.2% of spam actually was sent from IP......
[more] Record Broken: 82% of U.S. Email is Spam Outdoing most analysts' worst predictions, spam accounted for 82 percent of all U.S. email last month.
After a two-month drop in spam, the number of unsolicited bulk email skyrocketed in April, bringing the saturation number up to record levels here in the U.S. and across the world, according to MessageLabs, Inc., a security company based in New York.
''This is as bad as we've seen it,'' says Paul Wood, chief information security analyst for Mess......
[more] Child porn case highlights browser hijack risks Browser hijacking programs can redirect users to pornographic websites. But could these malicious programs also lead to false accusations of possession of child pornography?
Malware such as CoolWebSearch (AKA CWS) can change browser start-up and search pages and generate pop-up pages - often punting illegal pornographic websites - on infected PCs. The program exploits IE vulnerabilities to slither onto unpatched PCs. Users would normally have......
[more] SurfControl Says 'Brand Spoofing' Spams Up Nearly 500 Percent Since January 'Brand spoof' spam scams increased nearly 500 percent since January, and by 51 times since May 2003, SurfControl, the world's number one Web and e-mail filtering company, reported today. The company also warned individuals and companies to beware of a new dirty trick employed by brand spoof spammers -- a fake address bar that appears in an e-mail recipients' Web browser -- that makes
these e-mail scams look even more......
[more] Spam fighters infiltrate spam clubs Spam fighters are gaining vital clues in the battle to keep in-boxes clean of junk mail by infiltrating spammer clubs.
Online spammer forums like the Pro Bulk Club the Bulk Club and bulkmails.org have been gatecrashed by activists from organisations like Spamhaus. Steve Linford of Spamhaus said spammers know this already but they don't know who amongst their number is working for the other side. In theory invitation to the members-only forums of these sit......
[more] A New Chinese Specialty: Spam Despite Beijing's Net censorship, the country appears to be playing host to thousands of the sites spammers want you to visit The U.S. has no shortage of people looking to blame China for America's economic problems. The flight of manufacturing jobs is China's fault. Who's to blame for the deflationary pressure that prevents companies from raising prices? China. Now that deflation worries are giving way and the U.S. economy is picking up steam while China runs the r......
[more] AOL Block 1 billion virus emails in 12 months America Online (AOL) on Friday said it has blocked more than a billion virus attachments from reaching its members since it launched automatic e-mail attachment screening and premium anti-virus protection roughly a year ago.
Since the anti-virus services were launched, AOL has protected each of its members from an average of 30 different virus attacks, or an attack every 10 days.
"As we move into a high-speed world, anti-virus protection bec......
[more] Porn Spam Gets Canned New FTC rule requiring pornographic e-mail to be labeled takes effect. U.S. e-mail users who have resigned themselves to being shocked by eye-popping pornographic messages in their inboxes can expect some relief, as federal legislation governing sexually explicit unsolicited commercial e-mail takes effect.
New Rules
In April, the U.S. Federal Trade Commission adopted the rule, part of the 2003 CAN-SPAM Act, which requires spam containing sexually oriented material to......
[more] E-Mail Scammer Gets Four Years An Internet scammer who used e-mail and a fraudulent Web site to steal hundreds of credit card numbers was sentenced to almost four years in jail Tuesday, one of the stiffest-ever penalties handed down for online fraud.
Houston, Texas federal court Judge Vanessa Gilmore sentenced Houston resident Zachary Hill to 46 months in jail for his role in duping consumers into turning over 473 credit card numbers.
The Justice Department said the sentence is "one of,......
[more] Microsoft Plans Email Caller ID Standard Yesterday, Microsoft announced that it will submit a proposal to the Internet Engineering Task Force (IETF) to make its Caller ID for E-Mail technology an industry standard. Caller ID for E-Mail is an IP-based authentication scheme for ensuring that an email sender's return address is legitimate. Microsoft hopes that broad adoption of this technology will end one of today's biggest problems with spam: Hostile messages often seem to come from friendly sou......
[more] Wednesday reckoning day for porn spammers E-mail users in the U.S. who have resigned themselves to being shocked by eye-popping pornographic messages in their inboxes can expect some relief Wednesday, when federal legislation governing sexually explicit unsolicited commercial ("spam") e-mail takes effect.
In April, the Federal Trade Commission (FTC) adopted the rule, part of the 2003 CAN-SPAM Act, which requires spam containing sexually oriented material to contain the label "SEXUALLY-EXPLI......
[more] Can Spam Not Working, But FBI Poised to Bust Gangs Spammers and anti-spammers don't think the US CAN-SPAM Act is working, but for different reasons, it emerged during a Congressional hearing yesterday, at which the FBI also said it is closing in on spam gangs with potential ties to organized crime.
Jana Monroe, assistant director of the FBI's Cyber Division, told a hearing of the Senate Commerce Committee yesterday that the FBI's Operation SLAM-Spam has identified 100 spammers, targeted 50......
[more] Costly curse of spam leaves businesses hungry for solutions A recent survey estimated that the wage cost to the UK in terms of time wasted at work dealing with unwanted spam, or unsolicited e-mails, is in excess of £5.1bn.
The survey, commissioned by Novell, covered 800 information technology employees in the UK and found that most got at least five junk e-mails a day; about one in seven received more than 25; three quarters spent up to 15 minutes a day "reading, deleting, filing, or respon......
[more] Spammers get fussy as zombie army grows Is your Internet connection actually worth infecting? The Bobax worm tests PCs first to see if they'll be good spam zombies The Bobax worm, which is less than a week old but has already spawned four variants, is one of the first worms to conduct a bandwidth test on its infected host to see if it is worthy of being used as a spam zombie.
Bobax uses a combination of the Windows vulnerabilities exploited by the Sasser worm and the MSBlast worm. Although B......
[more] Secure E-Mail Specs Could Merge Microsoft meets with SPF author to craft a technology standard. After submitting its Caller ID e-mail authentication specification to a standards body, Microsoft is discussing merging its spec with another, called Sender Policy Framework, or SPF.
E-mail experts from Microsoft will spend a weekend meeting with SPF author Meng Weng Wong of Pobox.com, looking for ways to merge the closely-related Caller ID and SPF standards, according to Wong.
"Basically, we'......
[more] Spam clogs German government's e-mail system German parliamentarians and government employees experienced long delays with their e-mail delivery earlier this week, following a flood of spam that clogged the government's e-mail system, a spokesman at the Federal Ministry of the Interior said Friday.
"We aren't having any difficulty so far today but, yes, we have had problems this week," the spokesman said, declining to say whether the flood of unwanted e-mail was the result of a targeted att......
[more] Spammers fussy over zombie army recruits Is your Internet connection actually worth infecting? The Bobax worm, which has already spawned four variants, tests PCs first to see if they'll be good spam zombies. The Bobax worm, which is less than a week old but has already spawned four variants, is one of the first worms to conduct a bandwidth test on its infected host to see if it is worthy of being used as a spam zombie.
Bobax uses a combination of the Windows vulnerabilities exploited by the......
[more] Two thirds of emails now spam: official Spam hotspots are emerging as the global levels of junk mail worldwide continue to increase. More than two thirds (67.6 per cent) of the 840m emails scanned by filtering firm MessageLabs last month was identified as spam. MessageLabs figures also indicate significant regional variations and spam "hot spots", despite attempts to deter spammers through legislation.
Currently, email traffic sent to the United States, the UK, Germany, Australia and Hong K......
[more] Spam messages on the increase Junk mail now accounts for nearly 70% of e-mails worldwide, according to filtering firm MessageLabs. Despite efforts in the US to cut down on the sending of unsolicited messages, new laws seem to be having the opposite effect.
Spammers are simply adapting rather than shutting up shop.
"The law goes part way to legitimise spam rather than outlaw it," said Natasha Staley, information security analyst at MessageLabs.
Legal impact
April saw a sharp rise in......
[more] Porn spam is dead It's smart spammers with digital descramblers from now on The amount of spam featuring pornography has fallen dramatically as spammers turn to more profitable products to flog and email less likely to meet with resistance from filters.
According to statistics from mail-filtering company Clearswift, the percentage of all spam flogging porn has dropped to just five - financial spam picked up the slack with a 27 per cent rise since June 2003.
The other hot property in spam......
[more] Porn spammers ignore new labelling rule Senders of pornographic spam are failing to comply with a new US rules that require a warning in the subject line Spammers flooding the Internet with pornographic solicitations apparently are not abiding by a new federal rule that took effect last week.
Not only did illegal sexually-explicit spam fail to slow down after the regulations took effect on 19 May, but pornographic email measured by one anti-spam company jumped from about 2 million messages i......
[more] China Struggles With Spam Foreign spammers export junk e-mail from Chinese servers, as country fights incoming spam problems of its own. Suresh Ramasubramanian knows about outsourcing. The company he works for, Hong Kong-based Outblaze, has made a business out of running e-mail and Internet services on behalf of other companies. But there is an outsourcing trend he and others are fighting to stop.
As China marks the tenth anniversary of its first full connection to the Internet, the growing......
[more] Spamhaus assaults 'Great Wall of Spam' Anti-spam organisation Spamhaus is opening up operations in China with the launch of a new site, Spamhaus.cn, this week.
For some time China has acted a 'safe-haven' for spammers offering so-called bullet-proof hosting - in reality, unscrupulous ISPs who pull the plug on spammers when enough complaints are received by their upstream provider. According to Spamhaus, China currently has three of the world's most spam-friendly ISPs: PCCW, Chinanet in Chon......
[more] Dot-xxx could help to filter porn spam A new batch of proposed Internet domains could make it easier to fight spam and filter out smut, but the head of the regulatory body that will usher them sees even broader possibilities.
"Maybe it's the Klingons, where the Klingon association plays a role in keeping the identity of Klingons," said ICANN President Paul Twomey in an interview.
Star Trek fans shouldn't expect to visit www.yahoo.klingon anytime soon, but Internet users could soon pull......
[more] Spam surge 'turning Britain into e-pariah' Criticism of the UK's spam laws is growing nearly as quickly as the problem of junk mail itself The government's failure to give businesses protection from unsolicited commercial email risks turning the UK into an Internet outcast, according to one of its political opponents.
Michael Fabricant, the shadow minister for economic affairs, claimed this week that Britain's anti-spam laws need to be strengthened, given the continued rise in the amount of......
[more] Spam Trojans a Growing Problem for ISPs Most Spam Now Originating from Residential Broadband Networks Worms, Spam Trojans to Blame Spam traffic created and routed by spam "trojans" is clogging ISP mail servers, forcing unplanned network upgrades and stoking antagonism between large and small ISPs, according to an analysis by Sandvine Incorporated. Spam trojans are likely responsible for up to 80% of all spam.
What used to be merely a nuisance is becoming a major headache for service provider......
[more] New Bobax worm copies Sasser exploit It's spreading slowly but get patched anyway… A new worm that turns infected computers into launch pads for spam and other attacks is making the rounds, according to antivirus experts.
Bobax, which was discovered on Sunday, uses the same Microsoft security vulnerability as the fast-spreading Sasser worm, but it looks to be slower.
Craig Schmugar, virus research manager for McAfee Alert Antivirus Centre, said: "The seriousness of Bobax is about a three......
[more] Zombie PCs generate 80 per cent of spam Majority of junk mail coming from home PCs infected with spam Trojans Four-fifths of the spam clogging ISPs' mail servers and affecting businesses emanates from so-called zombie home PCs infected with spam Trojans, according to security firm Sandvine.
The company found that Trojans, typically installed surreptitiously by worms or spyware, exploit vulnerabilities to bypass normal email routing and drop spam messages directly into end user machines.......
[more] Spam Gets Dangerous What isn't getting blocked is turning vicious, warn security experts at e-mail conference. ISPs and spam filters are blocking record amounts of unsolicited messages, but this electronic nuisance is hardly on the decline--and it's getting nastier. Security experts report a growing link between spam and viruses, according to e-mail vendors and analysts at the inaugural INBOX: The Email Event conference here this week.
"You can't separate spam and viruses anymore," said Mark......
[more] Mutant son of MyDoom plans three-pronged attack Virus writers have used code from the infamous Mydoom worm to create a potentially dangerous new Internet worm which uses multiple methods to spread.
Plexus-A spreads using three different methods: infected email attachments, file-sharing networks and Windows vulnerabilities (the LSASS vulnerability used by Sasser and the RPC DCOM flaw used by Blaster). The as yet unknown virus authors used MyDoom source code as the basis for creating Plexus,......
[more] ITU to hold spam summit Telcos and ISPs invited to tackle growing menace of junk email The world's leading telcos and internet service providers will gather in Geneva next month to discuss the development of an anti-spam framework.
The International Telecommunication Union (ITU) will serve as a forum for governments, regulators and consumer groups.
Because spam is a potential threat to digital services and a "significant and growing problem for users, networks and the internet as a whole......
[more] Spam landscape bleaker than ever Columnist Jonathan B. Spira says now that CAN-SPAM has made the problem worse, e-mail is losing its value because legitimate messages are outnumbered sour sales pitches. It is perhaps no coincidence that, while spam e-mail volume is increasing seemingly without bounds, more and more of my correspondents have commented that they "missed" an important piece of e-mail.
This led me to study the impact that the Controlling the Assault of Non-Solicited Pornography......
[more] Microsoft calls for outbound filtering against spam In its continuing fight against unsolicited commercial e-mail, Microsoft plans to filter outgoing messages on its consumer mail services and is busy developing new "proofing" technologies, the software maker's chief spam fighter said Thursday.
The fight is also one against the clock. Microsoft last year set a two-year goal to make spam a problem of the past. There are 19 months left, Ryan Hamlin, general manager of Microsoft's Security Tec......
[more] Zombie PCs spew out 80% of spam Four-fifths of spam now emanates from computers contaminated with Trojan horse infections, according to a study by network management firm Sandvine out this week. Trojans and worms with backdoor components such as Migmaf and SoBig have turned infected Windows PCs into drones in vast networks of compromised zombie PCs.
Sandvine reckons junk mails created and routed by "spam Trojans" are clogging ISP mail servers, forcing unplanned network upgrades and stoking......
[more] Microsoft's anti-spam plan 'hijacked by zombies' Microsoft's plan to reduce spam by forcing an email sender's machine to solve a puzzle may be defeated by the Internet's army of zombie PCs, say security experts One of Microsoft's plans to fight the spam epidemic is unlikely to adversely affect spammers or reduce the quantity of spam, according to security experts.
Microsoft's chairman Bill Gates has been calling for the IT industry to work together and eradicate the spam problem. About six m......
[more] Virus writers deploy bulk mail software Hackers have used spamming software to distribute thousands of copies of a new Trojan. Email filtering firm MessageLabs alone has intercepted more than 4,000 copies of the Demonize-T Trojan over the last 24 hours.
Demonize-T is a multi-stage Trojan that uses an object data exploit in Internet Explorer (patch here) to download and execute an encoded visual basic script from a website. The Trojan then creates an executable file which appears to download......
[more] United front against spam urged The European Commission has urged the computer industry to sort out its anti-spam strategy. Lack of co-operation between all those tackling spam was holding back efforts to stem unwanted commercial messages, said EC official Philippe Gerard.
At an anti-spam meeting in London, he said it was up to industry to do its part now that laws were in place to prosecute spammers
Junk mail accounts for nearly 70% of e-mails worldwide, say experts.
"We see differ......
[more] EU attacks anti-spam industry A senior European Union official has berated the anti-spam industry for failure to agree a common strategy. Philippe Gerard said that lack of co-operation was handicapping the fight to hold back the junk mail tsunami.
"We see different initiatives going in all different directions and the effectiveness is maybe not there," Gerard, an official with the EC's Information Society directorate, told an anti-spam meeting in London. The BBC reports that Gerard said tha......
[more] Firms won't pay extra for spam filters Few European companies willing to pay more to their ISPs for protection The problem of spam continues to get worse - but few European companies are willing to pay extra to their Internet Service Providers (ISPs) for protection.
Ian Fogg, senior broadband analyst with Jupiter Research, said that virus writers and spammers are increasingly working together, so services that deal with these problems can be bundled together naturally.
But speaking at th......
[more] Spam Explosion Set Off by Russians Russian gangs of spammers are so prolific that by December, junk e-mails could account for 90 percent of all messages sent via the Internet -- and Moscow does not want to do anything about it, a leading anti-spammer said Wednesday.
Steve Linford, director of London-based Spamhaus, a research and lobby group that works closely with U.S. and European law enforcement agencies, said that Russian computer gangs are directly responsible for some two-thirds of th......
[more] German hate mail spam attack stuns experts Mailboxes in Germany and the Netherlands were flooded yesterday with spam containing German right-wing propaganda. Spammers used the Sober.G virus - a mass mailing worm that sends itself to email addresses harvested from infected computers - to spread their messages as widely as possible.
Analysts think the spammers may have worked in tandem with virus programmers to hijack PCs and use addresses found there to build large distribution lists. This i......
[more] Microsoft Lays on More Spam Lawsuits Microsoft Corp has added eight more US lawsuits to its anti-spam enforcement campaign, meaning the firm now has filed over 80 separate cases related to alleged spamming activities over the last few years.
This week, the company used the US federal CAN-SPAM Act and its local Washington state spam statute to sue potentially dozens of individuals and companies, all of which are currently listed as "John Doe" defendants.
The complaints allege that the de......
[more] Spam gangs exploit UK legal loophole Britain seen as soft touch by groups from continent who can bombard the country's email inboxes with impunity, warn campaigners. Gangs of European spammers are moving to Britain to exploit a legal loophole which allows them to bombard email inboxes with impunity, anti-spam experts warned yesterday.
Campaigners have claimed the gangs are moving from countries such as Italy, where they face severe financial penalties or prison, to Britain, where the most they......
[more] Spam soaring and viruses a constant threat What an upbeat state of affairs... Computer users' inboxes continue to be littered with threats, nuisances and costly and unwanted emails - and there is no sign of this situation easing.
Volumes of spam email are continuing to soar month-on-month and the levels of virus-infected emails remain constant and high.
According to figures from email security firm MessageLabs, spam now accounts for around 76 per cent of all email traffic. Mark Sunner, C......
[more] Justifiying anti-spam costs Analyzing the toll unwanted e-mail takes on productivity, bandwidth, storage and support aids your attack. If spam has a bright side, it's that the universal annoyance this unwanted e-mail causes everyone from the loading dock manager to the chairman of the board makes it easier for IT to win spending approval for tools to help fight the beast.
Spam's strain on corporate coffers isn't just in lost productivity, which some companies report can be in the hundreds of......
[more] Canadian spam king won't send more e-mail A Canadian man accused of being one of the world's biggest spammers has agreed to stop sending the junk messages and plans to educate children about the dangers of the Internet, a newspaper reported Tuesday.
In March, Yahoo! Inc. sued Eric Head, his father and brother as part of a worldwide industry crackdown on hundreds of people sending unsolicited e-mail, or spam.
Yahoo alleged the three men ran a huge spamming operation and sent more than 94......
[more] Small firms stung by spam costs Spam is costing small and medium businesses nearly as much as handling virus outbreaks Junk email and fax spam are eating away at SMEs' budgets -- almost as much as cleaning up the damage caused by a virus outbreak does.
Research from the Royal Bank of Scotland Corporate, which questioned 1,000 small businesses, found one in 10 small and medium-sized businesses believe they spend £10,000 a year dealing with spam. One in 50 businesses reported they'd spent the......
[more] Father of the internet says email ID will cure spam If your name's not down, you're not coming in… Making mass emailers identifiable is the first step toward curing the epidemic of spam, said Vint Cerf, one of the architects of the internet.
Cerf, who co-created the TCP/IP (Transmission Control Protocol/Internet Protocol) of the internet and now works as chief corporate strategist for MCI, delivered opening remarks at the first inaugural Email Technology Conference.
The chief topic of de......
[more] Outlook's security compromised by spammers Spammers have found a way to bypass Outlook 2003's anti-spam security by embedding images into their emails Spammers who send pornographic pictures in the hope of enticing the recipient to signing up to an adult Web site have discovered a way to bypass Outlook 2003's security features, which are designed to stop potentially offensive content being automatically displayed in the preview window.
The latest version of Microsoft's Outlook was built with......
[more] Spammers start to use spyware Spammers have started to use hacking software that hides itself on your computer collecting information about you and what you do on the internet.
According to email security firm MessageLabs, ‘spyware’ is being installed to automatically send personal information about the PC’s owner back to the spammer.
Spammers then incorporate the personal information into spam emails to send back to the victim, who might be less suspicious of the emails because they ap......
[more] ISPs Gang Up on Spammers Even unwitting spammers could lose Internet access under tough proposal. An industry organization representing heavyweight e-mail providers Yahoo, Microsoft, America Online, and EarthLink have teamed on recommendations for ending spam, including cutting off the senders' Internet access.
A Statement of Intent, released Tuesday by the Anti-Spam Technical Alliance (ASTA), lists suggestions and "best practice" recommendations for ISPs, e-mail service providers, governmen......
[more] Spammers use your cat's name to sell you Viagra Spammers are using spyware to steal personal information -- such as a pet's name -- so they can send spam emails with personalised subject lines Spammers have started using spyware to steal personal information so they can customise the subject lines of unsolicited emails to increase their chances of being read.
Research by email security firm MessageLabs has revealed that spammers are targeting companies and individuals with unsolicited messag......
[more] Spam is making computers sick Spam overload is making computers sick and driving users mad. Research commissioned by Yahoo finds that the average British PC has nine 'sick days' per year, two more than the average for workers.
Six of these are wasted battling with spam and three more days are lost due to viruses.
Nearly half of British computer users find dealing with junk e-mails more stressful than traffic jams and the majority want service providers to act.
Lethargy
Over half o......
[more] AOL Worker Nabbed In Spam Bust An America Online employee stole a list of 92 million customer screen names that was eventually used to send massive amounts of e-mail spam, federal prosecutors said.
Jason Smathers, 24, was fired from his job as a software engineer for the Internet service provider after being arrested at his home in Harpers Ferry, West Virginia, company officials said Wednesday. He was charged with conspiracy.
Smathers, who worked at AOL's offices in Dulles, Virginia, so......
[more] Web site virus attack blunted Web surfers are no longer playing Russian roulette each time they visit a Web site, security researchers say, now that a far-reaching Internet attack has been disarmed. The attack, which had turned some Web sites into points of digital infection, was nipped in the bud Friday, when Internet engineers managed to shut down a Russian server that had been the source of malicious code. Compromised Web sites are still attempting to infect Web surfers' PCs by referring the......
[more] Spam costs businesses millions every year: report Businesses without anti-spam solutions lose around US$4.1 million in productivity each year for firms with 5,000 e-mail users. This is according to IDC's white paper titled What you can do and should do about the rising cost of spam. The paper details how spam works, the relative cost of spam, the impact of spam and how to assess solutions and outlines tactics to help businesses fight spam.
According to IDC, e-mail users in organisations wit......
[more] Spam's dirty little secret - American's buy its products We all profess to despise spam, but some Americans have a dirty little secret about junk e-mail: It works on them.
According to a Yahoo! Mail global survey of about 37,000 Internet users in 11 countries, 20 percent of U.S. residents admit buying products from spam purveyors. About 78 percent said they delete spam.
In Japan, by contrast, people deluged with junk e-mail are more active. Almost half of e-mail users said they send spamm......
[more] Instant-messaging virus costs a man his job A virus can transmit previous IM conversations to a user's buddy list without his or her consent - and with disastrous consequences Virus attacks are not yet frequent on instant-messaging applications, but the latest threat is likely to send a shiver down the spine of all IM users. A businessman whose computer had been infected by a virus found that his entire buddy list had been sent a record of all his IM conversations, said Derek O'Carroll, managing......
[more] US, UK and Australia sign anti-spam act The UK, US and Australia are combining forces to combat spam. They have signed a memorandum of understanding (MoU) to promote joint enforcement and investigation of spammers across the three countries.
Stephen Timms, the UK communications minister, today called on other countries to join the trio in their anti-spam crusade. He said the MoU is "not going to solve spam overnight but it is going to help. It reinforces our determination to tackle spam with......
[more] China remains haven for spam Web sites The number of unique new unsolicited e-mail - spam - messages has risen 42% from 350,000 per day at the end of 2003 to 500,000 a day by the end of June, according to anti-spam vendor Commtouch Software.
And while 49 countries have been identified as hosting Web sites referenced in spam e-mails, China is still the host for 73.5% of such sites, Commtouch said in a statement Wednesday. Spammers include those site links to provide more information regardin......
[more] Bagle author releases 'dangerous' assembler code Two new Bagle worm variants and the worm's original assembler source code were spreading around the Internet on Sunday - a dangerous development, according to security experts The author of Bagle started distributing two new variants and the mass-mailing worm's source code on Sunday, which could trigger another summer of misery for Windows users
The Bagle worm first appeared in January as an email attachment and within months there were more th......
[more] Junk mail host nations named and shamed Five countries are hosting the overwhelming majority - a staggering 99.68 per cent - of spammer websites, according to a study out yesterday.
Most spam that arrives in email boxes contains a URL to a website within an email, to allow users to buy spamvertised products online. While 49 countries around the world are hosting spammer websites, unethical hosting firms overwhelmingly operate from just a few global hotspots. Anti-spam vendors Commtouch recko......
[more] Computer users browsing with Microsoft to pay the 'biggest price' from online exploits Security experts and internet analysts have made a direct appeal to computer users and businesses worldwide to stop using Microsoft's leading Internet Explorer (IE) because it acts as a gateway to online criminals.
The Computer Emergency Response Team, a US-based panel, warned the world’s most popular browser could soon face extinction as the global favourite over "significant vulnerabilities in technologie......
[more] European firms expect virus attacks to double Most large European companies are expecting the number of virus attacks to double over the next ten years, according to a survey conducted by Messagelabs Email security firm MessageLabs on Monday said that almost 70 percent of European companies expect the number of email viruses to double over the next 10 years while 40 percent expect payloads to become more destructive.
This negative attitude comes despite software developers -- like Microsoft -......
[more] Spam could drive millions from Internet Millions of users may abandon the Internet and phone messaging systems unless governments and software companies join forces to block the spread of spam, say key figures in an anti-spam drive.
The global battle against spammers who use the Internet to disseminate pornography, distribute unsolicited sales pitches and engage in the new menace of "phishing" can be won in two years, officials running a three-day U.N. meeting told a news conference on Tuesda......
[more] Reheated Bagle comes with side of source code The author of mass-mailing worm Bagle began distributing its source code and two new variants on Sunday, which could trigger another summer of misery for Windows users. The Bagle worm first appeared in January as an e-mail attachment. Within months, there were more than 25 variants.
Infected PCs download a Trojan that effectively enlists that computer into the worm author's army of zombie PCs, which can be used to distribute spam and other malwa......
[more] ITU wants spam dead within two years Conference delegates call for international co-operation to defeat 'epidemic' Delegates at the International Telecommunication Union (ITU) spam conference have called for standardised, tougher worldwide anti-spam legislation, which they believe could stamp out junk email within the next two years.
The ITU has brought together regulators from 60 countries and a number of international organisations, including the World Trade Organisation and the Cou......
[more] European firms expect virus attacks to double Most large European companies are expecting the number of virus attacks to double over the next 10 years, according to a survey conducted by MessageLabs Email security firm MessageLabs on Monday said that almost 70 percent of European companies expect the number of email viruses to double over the next 10 years while 40 percent expect payloads to become more destructive.
This negative attitude comes despite software developers -- like Microsoft -- c......
[more] Swede spammed by council personal data Spam filter will not let him complain For two long years, a Swedish man has been receiving emails containing human resource information from a US local council, because a spam filter stopped him from telling them about it.
The Contra Costa County Council only found out about the massive leak when Computerworld hack Dan Verton rang them up to tell them about it.
The county’s chief information officer Tom Whittington said the council had no idea because t......
[more] Russia is going to outlaw spam
More than 99% of all websites linked in spam messages are based in China, South Korea, the US, Russia and Brazil, a new survey of Commtouch, a company engaged in selling anti spam solutions. Commtouch have analysed hundreds of millions of advertisement messages and they note that about 55% of them come from the USA. 73% of ad messages direct their recipients to websites located in China.
Several huge American ISPs united to create technical recommendation......
[more] Zombie PCs: Silent, Growing Threat Spam, worms spread malware to build a spam-bot army of unwitting recruits. The seemingly endless spate of worm infestations over the last year has left something even more troubling in its wake: armies of zombie PCs that can be used to send spam, attack Web sites, and generally wreak havoc over the Internet.
Worms such as Sobig, MyDoom, and Bagle have been identified as containing malicious code (malware) that allows remote attackers to take over infected mac......
[more] Sacked teen launches spam attack on bosses Five million emails take down website...
An aggrieved teenager, sacked from his £120-per-week job, has taken revenge on his bosses by bombarding them with five million emails, effectively crippling their website.
The spam-happy youngster was sacked for failing to complete his time-sheet and decided to launch a denial of service attack against those who had wronged him at UK insurers Domestic & General.
The five-million mail attack brough......
[more] ISPs look inward to stop spam Many major ISPs recently have come to this realization about the fight against spam: They are both part of the solution and part of the problem.
Every U.S. ISP uses anti-spam techniques to catch unwanted messages coming into their networks before they reach users. Recently, thanks to the urging of industry groups and coordination among providers, ISPs also are taking measures to limit the spam emanating from their networks. While no one is declaring the war......
[more] Pulling the plug on spam A year ago, US researchers surveyed 2,000 internet users. Asked who they would like to have oversee the online world, Bill Gates, Oprah Winfrey and the Pope came out top, in spite of the fact that none of them had a made a single manifesto pledge.
So, with the one-year anniversary fast approaching, I'm knocking my proposals into shape in case the idea should ever be taken seriously. To make things easy, I plan to campaign on a single issue: spam.
The only problem......
[more] Spam outweighs terrorism as security threat Viruses and spam have become a more significant security threat than terrorist attacks, according to a network security survey conducted by the Economist Intelligence Unit for AT&T, with 92 percent of responding senior executives rating viruses and worms as the foremost hazard to their business today. The survey recorded the views of 256 senior executives worldwide on the future of corporate networking, concluding that security is now the "single most......
[more] Spam reveals its darker side Spam is subtly shifting from nuisance to illegality, says a new report from security firm Clearswift. It has been measuring spam for the past year and has noticed a change in what is cluttering people's inboxes.
It seems spam is a hotbed of financial scams as well as a black market for fake pharmaceuticals and software.
"Spam is now being used as a channel for a plethora of malicious and illegal activity," said Clearswift's technical director, Alyn Hockey.
In......
[more] Spam victims long for the 'bad old days' Because now it's really out of hand... The face of spam and the nature of unsolicited email is still evolving as the overall amount in circulation continues to rise.
It's been 12 months since spam really burst into the public consciousness. Before then it had certainly been a well-publicised problem, but often only with the more tech-savvy while the wider public had far more questions than answers about strange mail appearing in their inbox.
Then la......
[more] UK companies in 'blissful ignorance' over spyware threat Fewer than one in seven UK companies recognise that malicious emails could expose their networks to a corporate spy, say MessageLabs UK companies are finally wising up to the importance of deploying software patches and keeping their antivirus signatures up to date, but the increasing threats from Trojans and spyware have still not sunk in, according to a survey conducted by email security services firm MessageLabs.
According to the surv......
[more] Microsoft gets four million dollars for spam Company pays Vole A judge in California has ordered a spammer to pay Microsoft more than $4 million for jamming its MSN network.
Judge Manuel Real said that Daniel Khoshnood and Pointcom had violated several laws by pretending that an email that downloaded a spam toolbar had come from Microsoft.
Khoshnood and Pointcom were told to stop using domain names like hottmail.com, wwwwindows.com, microsoftc.com, wwmsn.com, bcentrals.com and windowsupda......
[more] Worried firms consider email boycott Security concerns threaten future of 'everyone's favourite killer app' Six out of 10 companies claim they will give up email if the threat posed by viruses, spam and other unwanted content is not contained and a viable alternative emerges.
Responding to an email security survey carried out by MessageLabs a further 40 per cent said they feel 'worried' by the current email security threat to their business, with only 29 per cent feeling 'optimistic'.
The surv......
[more] Organised crime taking over spam - survey Spam has evolved over the last 12 months, with the overriding trend being the transition of spam from being annoying and indecent to illegal and malicious, according to online security firm Clearswift, which has recently announced the findings of its thirteenth spam index.
When the company first began measuring different spam content, it was dominated by an almost even mix of pornography, financial, healthcare and direct product spam. In addition, th......
[more] New SurfControl Resources Help IT Managers Increase the Value of IT Investments Deployment and Best Practices Guides Help Reduce Vulnerabilities and Optimize Network Resources Despite predictions for increased IT spending in 2004, many network managers are still facing pressure to help lower the total cost of ownership of the corporate network infrastructure, reported SurfControl (London: SRF), the world leader in enterprise Web and e-mail filtering. In response, SurfControl today introduced Su......
[more] Banks skewered by new Web scam Major companies, including several banks, have left themselves wide open to an online scam that could see malicious hackers get hold of thousands of people's personal and confidential details, including their bank account and credit card details.
Those affected include Barclaycard, Mastercard, NatWest, WorldPay, Reuters, Sky, even the UK's government listening post, GCHQ. Many hundreds of other sites are likely to be similarly affected.
UK security researc......
[more] Porn pop-ups and spam hijacking UK kids' surfing Parents' net ignorance not helping Teenagers are looking at dodgy content on the internet and their parents don't know anything about it - that's no surprise. What is surprising, however, is that most claim to be unwitting victims of spammers and pop-up merchants.
According to a London School of Economics report, UK Children Go Online 36 per cent of children have stumbled upon porn while surfing for another type of site, 25 per cent have got po......
[more] 'Spam King' escapes $20m fine - by $19.95m 'I will be a good boy from now on, honest…' Last week, self-proclaimed Spam King and ladies underwear seller Scott Richter, was staring down the barrel of a $20m fine courtesy of New York attorney general Eliot Spitzer. Now, Richter has agreed to play by the rules and Spitzer has agreed to drop his price by £19.95m.
Richter, proprietor of 'email marketing' company OptInRealBig.com - dubbed the world's second most prolific spammer by anti-spam organi......
[more] Should Spam be an ISP Concern? In a study released at its 2004 IT Security Summit, Gartner reports that roughly 34% of online adults in the US say 75% or more of the e-mail they receive is spam. In fact, 11% say they would switch their Internet service provider (ISP) for a different one that was better at stopping spam. Exactly 42% say they would be more likely to switch than not if a different ISP offered a better spam solution.
Gartner surveyed a sample of 1,427 adults over the age of 18 in......
[more] Bulk mailer faces criminal charges A bulk e-mailer in Florida has been charged with electronically breaking into a massive data warehouse and stealing gigabytes of personal information on Americans, federal prosecutors said Wednesday. Scott Levine, 45, of Boca Raton was indicted by a federal grand jury in Arkansas for allegedly breaking into Acxiom's servers and downloading 8.2 gigabytes of data in what the U.S. Justice Department called one of "the largest cases of intrusion of personal data t......
[more] Australian law claims spam success Legislation designed to cut back on junk emails and texts appears to be having some success Down Under The Spam Act 2003 has led to the closure of several major Australian-based spammers, the Australian communications Authority (ACA) claimed today.
Acting ACA chairman Dr Bob Horton said that the thwarted spammers had reacted to an ACA warning in late March that the Act was due to come into force in April and that they would need to comply with it.
"The ACA’......
[more] SurfControl, 'No room for friendly spam' If you thought the spam blocker was enough to shield your organisation against all sorts of harmful content, think again.
According to UK-based Web and e-mail content filtering software vendor SurfControl, your organisation could be exposed to all types of undesirable content that go beyond spam, and the penalties could be severe if these are not properly managed.
The company has a range of rich content filtering software that manages informatio......
[more] Follow our lead on spam, say Aussies Australia said Thursday that tough laws punishing businesses responsible for unsolicited "spam" e-mail with hefty fines were working and should be used as a global blueprint.
The Australian Communications Authority, a government watchdog, said the laws introduced in April had proved an effective deterrent to local spammers.
Under the legislation, commercial organisations that repeatedly sent unsolicited e-mail can be fined up to A$1.1mil (RM3mil) a day......
[more] Some People Like Spam According To Poll That everyone hates spam is considered a universal truth. A new poll suggests that the hatred isn't as universal as thought. According to a Yahoo Mail global survey of 3,100 Internet users, 20 percent of U.S. residents report buying products from spammers and upward of 30 percent have responded to spam.
The survey, conducted in May, give spammers cause for joy. The industry generally considers a response rate of 0.5 percent superb for spam messages. Alt......
[more] Nearly two-thirds of all emails now spam Firm warns of lasting damage to internet business as spam rates continue to rise Sixty-five per cent of all emails sent in June 2004 were spam - up from just eight per cent three years ago, according to email monitoring company Brightmail.
The steady increase in spam rates shows no sign of slowing, and existing legislation such as the US Can Spam Act will have little effect, claimed the company.
"People are underestimating the spammers," said Enrique Sa......
[more] IBM Research Joins Fight Against Spam IBM Corp.'s research arm on Friday will debut a new spam filtering test platform called SpamGuru at the first Conference on E-Mail and Spam in Mountain View, Calif.
The new offering will make its way to the enterprise with the release of IBM's Lotus Workplace Messaging 2.0 product later this quarter.
SpamGuru, which is designed to work with other anti-spam products already on the market, is a server-based product that combines a number of spam-blocking t......
[more] Big Time Spammer Shut Down By CAN-SPAM A federal court this week shut down a big-time Florida spammer and froze his assets, using the CAN-SPAM Act to put a stop to his mass mailings. Creaghan A. Harry is "responsible for what likely amounts to millions of illegal spam messages," said the Federal Trade Commission (FTC) in a statement.
Harry allegedly marketed bogus human growth hormone products, said the FTC, which collected about 40,000 complaints in the first five months of the year concerni......
[more] Think Globally, Block Locally Spam is a global problem: Even though most of it originates in the United States, the bulk of it is sent from overseas on behalf of American spammers. Is law or technology the best way to solve the problem?
That's the question considered by privacy experts at a conference called "International Spam Law & Policies: The Global Case." Most speakers firmly came down against legislation, promoting a mix of private legal action and technology.
The conference, hel......
[more] FCC Bans Wireless Spam The Federal Communications Commission (FCC) approved rules Wednesday to prohibit marketers from sending unsolicited messages to wireless phones and other devices without the express consent of a consumer.
The new opt-in rules implement the wireless provisions of the Can Spam Act passed by Congress late last year. The exceptions to the rules include transactional messages between a company and a customer and situations where an individual chooses to forward messages to a......
[more] Spam's rush hour timed AN EMAIL forwarding company has done a test on when its ‘direct marketing clients’ get their campaigns bounced by spam blockers and has charted the spam rush hours.
Return Path, which based the data on looking at the results of more than 16,000 of its clients' campaigns reckon that most spam gets sent out between 10am and 2pm on Saturdays and Sundays.
The spammers also try similar times during the week, but less often. The New York Times quoted George Bilbrey, vice pre......
[more] Pupils bear spam e-mail overload The majority of e-mail messages being sent to school children in London are spam. The first week of a project to filter the e-mails travelling across the London Grid for Learning has revealed that 75% of the messages are junk.
The most popular subjects for the spam were the drugs Viagra and Valium. Much of the remaining mail was pornographic.
The network provides more than a million school children access to net-based learning aids.
Drugs and porn
The London......
[more] OECD wants spam cut The organisation for Economic Cooperation and Development (OECD) has set up a task group to fight spam.
While this sounds like a good idea, the body has no plans to actually do anything more than "study spam" and "develop a strategy" over the next two years.
In a move vaguely similar to the Judean People’s Front Monty Python’s Life of Brian, the OECD seems to think that two years of talking will actually stop us all drowning in a sea of spam.
However a spokesOECD said tha......
[more] Police warn on key-logging spam Trojan 'Swiss Army knife' of online fraud, says Hi-Tech Crime Unit Police are warning about fake email invoices being used by cyber-criminals to steal online banking details and other information from unsuspecting internet users.
Cyber-criminals are attempting to trick users by sending spam emails that look like invoices, the National Hi-Tech Crime Unit (NHTCU) has warned.
The emails contain details of a fictitious order for web hosting or computer goods and tha......
[more] IT managers warned of summer of spam Seasonal spam trends see dramatic increase in porn junk mail over summer months IT managers must be on their guard following a sharp rise in pornographic and healthcare-related spam, security firm Clearswift has warned.
According to the company, pornographic spam has leapt by almost 350 per cent since June, while there has also been a significant rise in healthcare spam.
Clearswift observed that spam content tends to change seasonally, with this summer's up......
[more] Porn spam increases by 350 percent Pornographic e-mails have shot up by almost 350 percent in July over June, according to security solutions provider Clearswift's latest spam index. The company's June index revealed pornographic e-mails comprised only 4.8 percent of all spam for the month. However, pornographic e-mails made up 17.2 percent of all spam in July.
"Spammers are working overtime. In what appears to be an attempt to match supply with demand, healthcare spam (most of which was Viag......
[more] Spam is born in the U.S.A. The vast majority of spam originates in the United States and this summer, like last, much of it is pornographic in nature. Nearly 86 per cent of all spam messages sent since May 2004 came from the United States, according to e-mail security firm CipherTrust. This indicates spammers are finding ways around that country's anti-spam legislation.
U.S. spam-sending computers have been quite busy, as just 28 percent of IP addresses used to send spam are located in the co......
[more] Sex spam clogs summer in-boxes The temperature is rising in inboxes as spammers attempt to promote a summer of 'love'. Pornographic spam has risen by almost 350% since June according to e-mail filter firm Clearswift.
In a possible attempt to keep up with demand, the number of junk e-mails offering Viagra has also risen significantly.
"It is baffling why there is such a huge uprise," said technical director of Clearswift Alyn Hockey.
Randomness of spam
One of the reasons for the upsurge in po......
[more] ISPs gang up on spammer-run websites UK ISPs are targeting ecommerce websites run by spammers in a new ‘get tough’ policy on junk mail. ISPs belonging to the London Internet Exchange (LINX) have voted through acode of practice which gives them the mandate to shut down websites promoted through spam, even if junk mail messages are sent through a third-party or over a different network. The move is intended to remove the financial incentive to send spam.
LINX is also calling on ISPs to take down......
[more] Better checks to stop spam An open-source anti-spam group is pioneering technical changes to the email system Open-source anti-spam specialist ASSP this week became the latest software developer to implement the Sender Policy Framework (SPF) anti-spam scheme.
Beta versions of ASSP with SPF support are currently being tested, and SPF is set to be included in the next version of ASSP, expected soon. SPF extends the Simple Mail Transfer Protocol (SMTP) and Domain Name System (DNS) so systems do no......
[more] Somebody else's spam It's very depressing how almost every conversation about the Internet devolves into a discussion of how to combat spam. It's even more depressing how much worse spam keeps getting. And more depressing again still that despite the many technical conferences currently being conducted on the subject, how ineffective most current strategies seem to be. This week, LINX – the London Internet eXchange, through which about 90 percent of the UK's Internet traffic passes – announced......
[more] The root of spam could be you The biggest single source of the spam that you receive may be you. Personal computers that have been infected with certain viruses and related types of malicious code are responsible for turning the humble home PC and broadband connection into the leading source of spam on the Internet.
Depending on who you believe, as much as 80% of all the spam sent on the Internet today comes from these compromised PCs - an estimate at the end of 2003 was 30%, indicating how qu......
[more] Stopping spam at the source New antispam technology standards are on the way that promise to hit spammers where it hurts the most--their wallets. At issue is the ability to authenticate the original source of e-mail messages, a major hole in the current system that allows spammers to easily forge return addresses and hide their tracks.
This month, the Internet Engineering Task Force (IETF) reviewed several e-mail authentication proposals, agreeing to fast-track a submission from Microsoft know......
[more] US charged as largest spam producer Anti-spam laws appear to have little impact, research claims The United States is the biggest creator of spam emails, according to a new survey by anti-spam and virus protection firm Sophos.
Despite the introduction of anti-spam legislation nine months ago, America tops the table of the world's 12 worst offenders, producing more than 42 percent of all junk email reaching inboxes.
More than 40 per cent of spam is being distributed using 'zombie computers,' wh......
[more] Arrests made for spam, ID thefts Federal and state law enforcement agencies have arrested or charged dozens of people with crimes related to junk e-mail, identity theft and online scams in recent weeks, according to several people involved in the actions.
The cases, which have been brought by law enforcement offices around the country and without publicity, are expected to be announced by Attorney General John Ashcroft in a news conference in Washington on Thursday.
This year, federal authori......
[more] US cracks down on spam mountain John Ashcroft, the attorney General of the US, is expected to announce on Thursday dozens of lawsuits against alleged spammers following a low key campaign against the practise across the US. The arrests have been made over the last few weeks as part of a coordinated effort to crack down on spamming, dubbed Operation Slam Spam.
The New York Times reports that the Direct Marketing Association (DMA) has given significant funds to the campaign. The DMA is wants to......
[more] China Ranks 3rd On Sophos' List Of Spam Producing Countries China took third place on Sophos' list of the top twelve spam producing countries, behind only the United States and South Korea. Sophos researchers scanned all spam messages received at its global network of honeypots in the last month and at the top of the list was the United States, which is responsible for exporting 42.53% of all spam. South Korea was responsible for 15.42%, while China exports 11.62%.
"When we released the first......
[more] Aussie PM hires firm to spam electorate Australian Prime Minister John Howard has admitted hiring his son's company to send party political emails to voters, which opponents says violates the spirit of the country's Spam Act The government agency charged with policing Australia's anti-spam legislation has ruled out investigating a spamming scandal involving the Prime Minister, John Howard and his son, Tim Howard.
However, the Australian Communications Authority said the matter would be "discus......
[more] SurfControl reports new spam scams SurfControl technical researchers reported a fresh rash of spam scams in August that use new techniques and current events to dupe computer users.
Google's IPO and the Olympics are being used as bait to lure users into clicking through to new scams.
The anti-spam company found one scam that asks users to download the latest Google Toolbar, saying that it will stop pop-ups and spyware.
SurfControl technical staff says the downloaded program has all the signs......
[more] Spam pushes email storage costs higher Junk 'plague' and data retention policies force need for better email management A global plague of spam, combined with tighter email retention policies dictated by government and industry, is severely increasing storage costs.
According to analyst IDC, the dramatically increasing cost of storing and managing email throughout its life-cycle is driving the need for better management of email-based collaboration and content.
Some 12 billion spam messages wi......
[more] Anti-phishing technologies have no effect on spam A security company has warned that technology touted to combat phishing attack and emails with spoofed addresses will have little effect on the war against spam.
Technologies such as Sender ID and Sender Policy Framework are indeed an effective way of weeding out email that appears to be from one address but is in fact sent from elsewhere, says CipherTrust, but they have no mechanism to identify what messages are and are not spam.
Indeed the c......
[more] First 'warspamming' case reaches court A landmark case in America could establish that spammers really do take advantage of insecure wireless networks A US citizen is thought to have become the first person to be accused of hacking a wireless network in order to send spam.
Nicholas Tombros, 37, is charged under the US CAN-SPAM act, which aims to clamp down on unsolicited junk mail. Prosecutors allege that Tombros used a laptop to sniff out insecure residential wireless access points in a Los An......
[more] Spam frittered away by FBI diet US Operation Web Snare may be responsible for drop in junk mail volumes An American cyber-crime initiative may be helping to limit volumes of spam and viruses, according to MessageLabs.
The security firm has reported a 10 per cent fall in the amount of spam it has seen hitting mailboxes in August, and that the proportion of emails carrying viruses dropped about half a per cent during the same month.
Of all email scanned by MessageLabs' anti-spam service, 84.2 pe......
[more] UK firms sleep walking into virus peril IT managers blame lack of funds to defend against rising tide of attacks UK enterprises are losing the battle against viruses, with many IT managers blaming poor security on senior managers who fail to provide sufficient investment to meet IT security requirements, a survey has claimed.
Email marketing firm emedia said that the survey showed UK companies "sleep walking" as virus and spam attacks increase.
The study suggested that many companies are not p......
[more] Spammers get the boot from web host See, it can be done... ISPs take note... Web hosting and connectivity company Savvis Communications has cancelled about 40 accounts, at a cost of as much as $2m per month, from businesses that were earmarked as spammers and believed to be among some of the worst bulk-mailers.
Savvis halted the accounts after anti-spam organisations notified the company that it was providing web hosting services to known unsolicited emailers. The spammers in question were lis......
[more] Warspammer guilty under new federal law A Los Angeles man who used other people's wi-fi networks to send thousands of unsolicited adult-themed e-mails from his car pleaded guilty to a single felony Monday, in what prosecutors say is the first criminal conviction under the federal CAN-SPAM Act.
In a plea agreement with prosecutors, Nicholas Tombros, 37, faces a likely sentencing range stretching from probation to six months in custody, assuming he has no prior criminal convictions. Sentencing......
[more] Trojans with a Twist Trojans are a bad enough problem since they might allow remote access to a user's computer. One would think that having a firewall in place prevents a Trojan from opening backdoors in case of infection. But with Windows Firewall and the Win32.Surila.K Trojan that simply isn't always the case.
The reason is two-fold. The first reason is that while Windows Firewall is a decent effort on Microsoft's part to offer users a built-in firewall, many people consider the firewall to......
[more] Security 'job one priority at Microsoft' Microsoft emphasises that it thinks the battle against the 'bad people out there in cyberspace' is being won Microsoft chief executive Steve Ballmer says the task of trying to stay one step ahead of virus writers and hackers will be a never-ending battle.
Speaking at a gathering of UK press, Ballmer said Microsoft's "trustworthy computing" is far more than just a one-off initiative.
"We will be working on 'trustworthy computing ' for the rest of my days......
[more] Spam up at Tiscali down elsewhere? The Register reports that Tiscali UK is blaming a "sudden increase in spamming activity" for a deterioration in its email service.
At the same time, US Email system specialists Email Systems have issued a release advising that the amount of Spam bombarding UK inboxes took a noticeable downshift during September, arguably as a result of the extreme weather conditions directly impacting areas such as the Eastern seaboard of the US through which a great deal of......
[more] SurfControl unveils security appliance Vendor to seek distribution as it enters the hardware arena Filtering vendor SurfControl launched its first channel-only hardware appliance today, and said it will look to take the product through distribution in the near future.
The firm, which announced its plans to enter the hardware space in July, said the new appliance, Risk Filter, comes in three versions: E10 for 500 users, E20 for 1,000 users and E30 for more than 5,000 users. Pricing starts at £8,......
[more] Spam choking Belgium The problem of unsolicited 'spam' emails is already hitting Belgium hard and looks set to get considerably worse over the coming year, it was reported on Tuesday.
Former state backed telecoms company Belgacom, one of Belgium's biggest internet service providers, told La Derniere Heure newspaper that it had intercepted and destroyed 1.1 billion spam emails this year alone and predicted the problem would worsen over the next 12 months.
The telecoms firm said it expected the......
[more] Don't opt out of spam Security company issues warning Security outfit MessageLabs has warned that spammers are now using the opt-out link to turn PCs into open proxies for distributing more spam.
The company said email users should not click on such opt-out links provided in spam emails as they used an exploit in Microsoft's Internet Explorer to download an executable file when a user clicked on such links.
Once this file was on a PC, it could be remotely updated by spammers. Machines were the......
[more] Hack attacks and spam set to increase IDC warns of the growing importance of enforcing security policies Spam and malicious attacks will rise over the next three years presenting IT departments with bigger security concerns than ever before, says analyst IDC.
IT security spending is set to almost double from 2.5 per cent of overall technology spending to four per cent within the next four years, while spam is will increase from 17 billion emails today to 23 billion by 2007.
'Almost half of ema......
[more] Email from 'George W Bush' confesses all Spammer with a political conscience is still a spammer, as less scrupulous mailers move in on the election angle... Reading like a beautiful dream for anti-Bush campaigners such as Michael Moore, an email is spreading around the world appearing to be a confession from the man himself about all his wrongdoing while in office.
The sender, 'George W Bush' admits to drink-driving offences, draft-dodging, bankrupting companies and state and national treasuri......
[more] Leader: Spam sufferers - show some more patience "Miraculous weight loss pills" meet "unmiraculous wait gain policies"... The latest attempt to out-legislate the spammers was launched in London today with pleas to the media to bite our tongues when it comes to the - with hindsight justified - cynicism which met previous initiatives. We are trying. Honest.
The US Federal Trade Commission (FTC) is sitting down to talk with the EU, the Office of Fair Trading (OFT) and the UK information commission......
[more] China wears spam hosting crown China heads list of spam hosting countries but the U.S., U.K., Brazil and Romania lead the world in sending phishing and fraud emails, according to a report on spam trends in September by Commtouch Software Ltd., of Mountain View, which sells proprietary anti-spam products.
The hurricanes which struck Florida apparently decreased the amount of spam being sent, according to Commtouch, which said it bases its report on its analysis of "hundreds of millions" of spam......
[more] Spam crackdown signs up 15 countries Finland, Norway, Sweden and Ireland are ready to show they mean business. China and Russia sadly absent... An impressive 15 countries have signed up to the 'London Action Plan on Spam' - the first fruit of the anti-spam enforcement summit which began in London yesterday, jointly hosted by the Office of Fair Trading and the US Federal Trade Commission.
Among those on the list are representative bodies from Australian, Korea, the UK and importantly the US, whi......
[more] Webroot: Spyware is Windows-only Spyware, those annoying programs that snoop on a user's actions, remain a Windows-only phenomenon. Prominent anti-spyware developer Webroot says it has yet to detect a single Apple or Linux spyware app. In comparison, Webroot's Spy Sweeper software protects against 15,000 Windows threats.
Although Apple and Linux server worms (such as Lion) have been detected, their population is dwarfed by the proliferation of Windows-specific worms, viruses and Trojans. The m......
[more] Trojan alert: 'David Beckham' recruits zombies In the latest example of hackers using social engineering techniques, a malicious message that claims to contain pictures of David Beckham in a compromising position has hit the Internet A new attempt to entice users to fall victim to a Trojan horse has been discovered by antivirus firm Sophos, after it was posted on a swathe of Internet news groups over the weekend.
The message claims to contain pictures of English footballer David Beckham caught......
[more] First CAN-SPAM case settles for $25K The case of William C. Carson and his Florida-based DC Enterprises company, which was accused of sending thousands of unsolicited spam e-mails has been settled. The suit was originally filed in Suffolk Superior Court in Massachusetts under the federal CAN-SPAM act and the settlement was filed their as well.
“Internet marketers should note that Massachusetts takes seriously federal and state laws meant to protect against unwanted and misleading e-mails,” Att......
[more] Spam drives UK bosses to despair And there's no end in sight, say two-thirds of CIOs... Frustrated IT bosses claim the never-ending waves of spam hitting inboxes and the lack of any imminent solution to the problem is undermining the effectiveness of email as a useful communication tool.
In the latest silicon.com CIO Jury, two-thirds (eight) IT execs said not only are they sick of spam but that many of the filtering tools are not effective.
Bill Gibbons, CIO at Abbey Group, said corporates now......
[more] Spam: the digital epidemic of the XXI century Spam or unsolicited commercial email has become a real epidemic that, as well as slowing down users’ communications, also has a significant financial impact in corporate environments.
According to Spam Filter Software Review, in 2002, in the United States alone, junk mail cost businesses almost 9 billion dollars. What’s more, in 2003, 40 percent of the emails circulating around the Internet were spam and each user received an average of 2,200 spam......
[more] Medical Spam Up 90 percent in October October has seen a massive rise in the proportion of medical-related spam targeting UK inboxes according to email management specialist Email Systems.
Spam selling medical products that claim to offer miracle cures to help with problems such as weight loss, muscle relaxants, stopping smoking, depression/anxiety problems, allergies, women's health, pain relief and sexual health have shot up in prominence through the month.
Medical email comprised an averag......
[more] US duo in first spam conviction A brother and sister in the US have been convicted of sending hundreds of thousands of unsolicited email messages - or spam - to AOL subscribers. It is the first criminal prosecution of internet spam distributors.
Jurors in Virginia recommended that the man, Jeremy Jaynes, serve nine years in prison and that his sister, Jessica DeGroot, be fined $7,500.
They were convicted under a state law that bars the sending of bulk emails using fake addresses.
'Snake oil s......
[more] Spam filters: Users still fearful over false positives Users want their spam filtered but still want to see all emails - how does that work...? Email users are keen to have unsolicited emails filtered out, but are undoing much of the labour-saving good work of their filters by then insisting on seeing all mails before they are deleted in order to check for false positives.
That is one finding of a recent SurfControl survey which also revealed a third of business email users are still very conce......
[more] Hoax virus warnings and spam scams: The top 10 Here's what's been fooling email users this summer... The full top 10:
1. JDBGMGR (accounts for 14 per cent of all reports) - A hoax virus warning relating to the Microsoft debugger registrar for Java. Verdict: The purported seriousness of this virus warning has been eating up bandwidth worldwide. If you receive such a warning check with your anti-virus firm before mailing it out to everybody you know. They are invariably a hoax.
2. Budweiser fro......
[more] Experts say spam fight needs to be more strategic The fight against spam to date has been too tactical and not strategic enough, according to experts at the Next Generation Networks conference.
"There's too much of the thinking, 'I've got a problem. How do I stop it from hurting me?'" says Phillip Hallam-Baker, principal scientist at VeriSign. The thinking ought to be how to stop spam in general, he says.
"It's a public health problem. We have to look for ways to stop the infection from sprea......
[more] Turning spam recipients into bounty hunters Many spam recipients would probably like to adopt the Old West approach of “Dead or Alive” when it comes to finding and prosecuting spammers. Placing a bounty on the head of spammers would certainly provide an economic incentive to finding them.
In September, the Federal Trade Commission (FTC) published a report to Congress, “A CAN-SPAM Informant Reward System.” This report, required by the CAN-SPAM Act, discusses the potential for rewarding people w......
[more] Was Microsoft's e-mail message spam? Some people who got it think so For a year, Microsoft Corp. has extolled the virtues of the Can-Spam Act, which Congress passed in late 2003 to crack down on purveyors of unwanted bulk e-mail. The company, with other Internet and marketing firms, helped craft the act and has sued several spammers under its provisions.
But Bob Poortinga thinks the software giant is engaged in its own spamming.
Last week, Poortinga got a lengthy "executive letter" from Micros......
[more] Brother and Sister Convicted For Sending Spam E-Mails A brother and sister who sent junk e-mail to millions of America Online customers were convicted last week in the nation's first felony prosecution of Internet spam distributors.
Jurors recommended that Jeremy Jaynes, 30, be sentenced to nine years in prison and fined Jessica DeGroot, 28, $7,500 after convicting them of three counts each of sending e-mails with fraudulent and untraceable routing information.
A third defendant, Richard Rut-......
[more] Trojan infects PCs to generate SMS spam A Trojan which uses infected PCs to send spam messages to mobile phone users has been discovered.
Delf-HA Trojan horse sends spam SMS messages by using the free "Send a text message" facility found on the websites of several Russian mobile network operators.
Infected PCs download instructions on the content of junk SMS messages from a separate website. Only a small number of instances of the Trojan horse have been sighted so far, and the junk message it......
[more] Spammers take aim at Christmas Study reveals junk mail tactics becoming ever more sophisticated Spammers are becoming increasingly clever and sophisticated in developing tactics to spread viruses, gain control of computers and encourage recipients to part with cash.
According to recently published research from content security firm Clearswift, phishing scams remain the spammers' most blatant use of social engineering.
As internet banking becomes more popular, phishing is becoming increasingly......
[more] Dutch Charge Teenage Govt Web Site Hacker Suspects Dutch authorities have charged two teenagers with cyber crimes on suspicion of bringing down government Web sites last month by flooding them with traffic, public prosecutor said on Friday.
The boys from the southern Dutch town of Breda were arrested earlier this week after a raid on their houses in which computers were confiscated. There could be more arrests, the public prosecution service said.
The two are believed to have hacked into ot......
[more] War on spam: 35 firms back authentication Open letter to the FTC calls for more action and rapid roll-out... The global war on junk email has signed up a new alliance of major backers - with 35 major companies uniting to make their concerns known to the US Federal Trade Commission.
In an open letter to Deborah Majoras, chair of the FTC, the businesses, including Amazon.com, Cisco, CipherTrust, Earthlink, eBay, Symantec and VeriSign, all call for a more rapid roll-out of email authentication te......
[more] Security incidents and cybercrime on the up Security events recorded between July and September this year are up 150 per cent on those recorded by security company VeriSign in the same period last year. VeriSign's Internet Security Intelligence Briefing, published today, concludes that increased financial rewards and the greater sophistication of the computer underworld and making the internet a more dangerous environment. In particular the firm warns on the growth of hybrid attacks - such as co......
[more] Arafat worm exploits new MS vuln A worm which exploits curiosity about the death of Yasser Arafat is the first to exploit the known Extended MetaFiles vulnerability.
Aler is a network worm that was widely bulk-mailed with the subject "Latest News about Arafat!!!". These infected emails had two attachments, one a clean JPEG file and the other an infected EMF file, according to anti-virus firm F-Secure.
The EMF file exploits a well-known Windows vulnerability (MS04-032) to install the worm onto......
[more] US company fined for UK rogue dialler scam A company based in New York has been fined £100,000 ($185,500) for ripping off UK punters with a premium rate number scam. Some 850 people complained to watchdog ICSTIS that B&B Services LLC had caused them to run up huge phone bills while connected to the internet. People claimed that dialler software installed on their PCs made repeated internet calls without their knowledge or consent.
Although B&B Services, which ran an adult service, den......
[more] Bill Gates is most spammed person in the world Internet junkies, take heart: Microsoft chairman Bill Gates receives four million e-mails daily, most of them spam, and is probably the most "spammed" person in the world.
But unlike ordinary users, the software mogul has an entire department to filter unsolicited e-mails and only a few of them actually get through to his inbox, Microsoft chief executive Steve Ballmer said here Thursday.
Ballmer was speaking to government information technology a......
[more] Why messaging needs controls Only the most ostrich-like businesses can continue to ignore instant messaging According to analyst firm Meta Group, more than half of people who use instant messaging (IM) tools at work use them for non-work reasons. Yup, Meta found that 57 percent of respondents used IM at work for social reasons, while 56 percent use it at home for business reasons.
Straightaway, I interrupted the conversation with my friends over IM to see whether they agreed. After much debate......
[more] Massive rise in phishing attacks over Q3 The Anti-Phishing Working Group has reported a massive rise in phishing attacks, and suspects that a set of automated tools might be behind the rise The Anti-Phishing Working Group (APWG) suspects that a toolkit, which would allow phishing attacks to be automated, has started circulating on the Internet.
The APWG released its report for the three months to October on Tuesday and the study found a 'massive increase' in the number of phishing sites. The or......
[more] Make Love, Not Spam - Lycos screensaver to blitz spam servers Lycos Europe has started to distribute a special screensaver in a controversial bid to battle spam. The program - titled Make Love Not Spam, and available for Windows and the Mac OS - sends a request to view a spam source site. When a large number of screensavers send their requests at the same time the spam web page becomes overloaded and slow.
The servers targeted by the screensaver have been manually selected from various sources......
[more] UK's biggest spammer goes AWOL Britain's most prolific spammer, 23-year-old Peter Francis-Macrae, is on the run from both the police and UK domain registry Nominet after he finally pushed his luck too far.
Francis-Macrae, who lives in the tiny village of St Neots in Cambridgeshire with his father, failed to turn up to a hearing at Huntington Magistrates court and a warrant for his arrest has been issued. He is charged with five criminal counts from threats to kill, sending offensive messages a......
[more] Hackers nobble Lycos anti-spam plan Lycos vigilante attack on spammers has been hit by a vigilante attack. Spammers are suspected.
Lycos was offering a screensaver which, once downloaded, would launch a Distributed Denial of Service attack against spam websites. A DDS attack makes constant requests to a specific part of a website until it gets overloaded and falls over. Such attacks are illegal in most countries. Security firm FSecure advised people not to download the program because of legal......
[more] Cambridge police nab UK spammer Cambridgeshire police arrest UK spammer and charge him with threats to kill Sometimes known as the UK's biggest spammer,Peter Francis Clifford Macrae is in police custody today after appearing in court this afternoon.
Macrae, a 22 year-old from St Neots in Cambridgeshire has been charged with four counts of threats to kill and of public nuisance by bombarding Cambridgeshire police's switchboard with threatening phone calls.
"Macrae was granted bail earlier this......
[more] UK spammer 'WeaselBoy' arrested For death threats... not spamming... Peter Francis Macrae, believed to be the UK's most prodigious spammer, has been arrested by Cambridgeshire police.
Macrae's arrest relates to threats he made to kill members of the police force and a trading standards officer who was investigating his business.
Macrae, who goes by the alias of 'Weaselboy', was also charged with causing a public nuisance, relating to a denial-of-service attack which he allegedly launched ag......
[more] Microsoft sues seven sex spammers Emails in violation of the 'brown paper wrapper' rule Microsoft today began an anti-spam blitz by filing seven lawsuits against hackers who allegedly used PCs infected with Trojans to send sexually explicit spam email that violated the Can-Spam US anti-spam law.
"Sexually explicit materials and publications for sale in stores are required by law to be covered from view with a brown paper wrapper, and it is important that consumers are protected online in the sa......
[more] Lycos Europe Pulls Spam-Fighting Screensaver Analysts say a new twist on the war against spammers in Europe isn't likely to spill across Unites States borders, but is rather an opening salvo more likely to fizzle than to explode.
Earlier this week, Lycos Europe launched an aggressive campaign targeting spam-related Web sites. The UK-based company took the offensive when it released a "screensaver that spams the spammers."
Downloads of the screensaver, cheekily named "MakeLoveNotSpam," allowe......
[more] Security is just a mouse click away Next time an e-card with a jolly message drops into your computer's inbox, think before you click it open – it could be a virus which will implant itself in your machine and spread before you even realise it.
Computer users across the world are struggling against a rising tide of viruses and spam which corrupt data, slow down or take over systems and fill inboxes with junk. Viruses are mutating and spreading so fast that anti-virus software cannot keep up.......
[more] Trojan program poses as anti-spam screensaver A program that spies on keystrokes and mouse clicks to capture passwords and other personal information from computer users has begun circulating disguised as a screensaver purporting to attack spam-related websites.
This “Trojan horse” program is the latest twist in a controversial saga that began with the release of an anti-spam screensaver by Lycos Europe on 30 November. The www.makelovenotspam.com screensaver aimed to clog up the bandwidth of s......
[more] EU to spend 45 million euros to fight spam The Telecome Council of the European Union said the parliament has approved a four year programme to promote safer use of the Internet and online technologies.
The programme, dubbed Safer Internet Plus, will have a budget of €45 million and will fight "illegal and harmful Internet content".
That includes spam, unwanted and harmful content, the promotion of a safer environment and raising public awareness of dangers.
This follows up an existing progr......
[more] Malware authors mixing a lethal cocktail Security vulnerabilities will very soon be exploited within hours of their discovery, experts fear Virus writers are combining their efforts with hackers and spammers to launch Swiss Army knife-like malware attacks on users, Kaspersky Labs warned this week.
According to Russian anti-virus company Kaspersky Labs, viruses are being used to infect PCs with Trojans, creating zombie networks that send out spam or participate in denial-of-service attacks.
"We......
[more] One in five Brits 'buy software from spam' More than one in five British consumers (22 per cent) has purchased software in response to spam email, a study by Forrester Research claims. The study - sponsored by the Business Software Alliance - found that a substantial minority of punters are quite happy to make junk mail purchases across a broad range of products.
Other popular junk mail purchases included clothes and jewellery (23 per cent), leisure and travel (20 per cent), finance (18 per ce......
[more] Spam rage causes radio reporter to lose her job A Philadelphia radio reporter has quit her job after leaving an angry voicemail with an online lobbying group she believed were spamming her.
27-year-old Rachel Buchman, a freelance reporter for WHYY-FM in Philadelphia, said she became increasingly incensed by what she believed to be unsolicited junk emails from conservative organisation laptoplobbyist.com.
Buchman gave her work number at WHYY-FM in the voicemail message, which led laptoplobbyis......
[more] Zafi worm will deliver an unhappy Christmas A new version of the Zafi e-mail worm is spreading seasonal greetings along with its malicious code, according to antivirus software companies. Zafi.D is a mass-mailing worm that arrives in a Zip file attached to e-mail messages with the subject "Merry Christmas." Instead of a gift, however, the e-mail package delivers worm code that infects Windows systems on which it is opened.
Antivirus companies have issued warnings about the new worm and updated......
[more] One in every ten emails infected by Christmas card virus, reports Sophos The W32/Zafi-D worm, which was discovered on Tuesday posing as a Christmas greeting, has continued to cause problems for unprotected computer users. Experts at Sophos report that the virus is currently accounting for 75% of all virus reports at Sophos's global network of monitoring stations in the last 24 hours.
The W32/Zafi-D worm, which is believed to originate from Hungary, spreads inside holiday season goodwill email......
[more] ISP awarded $1bn in spam lawsuit An Iowa law which allows plaintiffs to claim $10 per spam email has led to a settlement of $1bn - but there are doubts as to whether the spammers will pay up An Internet service provider in Iowa has been awarded more than $1bn in what is believed to be the largest lawsuit judgment ever against spammers.
Robert Kramer, who owns CIS Internet Services, sued 300 spammers after his servers received up to 10 million spam emails a day in 2000, according to court docume......
[more] UK spammer charged with further offences The UK's most prolific spammer, Peter Francis Clifford Macrae, remains behind bars after being charged with further offences at Huntingdon Magistrates court.
Macrae, a 22 year-old from St Neots in Cambridgeshire,faced a long list of charges on Tuesday 14th December.These included blackmail, transferring criminal property, criminal damage and running a business for fraudulent purposes.
Macrae, who was charged on 30 November with making threats to kill,......
[more] 2004 was good and bad for IT security Experts agree: 2004 was the best of times, and the worst of times for those concerned about IT security. It was a year with high-profile arrests of virus authors, and the explosion of online crimes, from cyberextortion to identity theft, a year in which ISPs (Internet service providers) won millions in damages from spammers, and spam messages increased by 40 percent.
In hindsight, 2004 may be looked back upon as the year that a long tradition of hobbyist......
[more] Teenage British Trojan distributor escapes jail A 16 year-old Briton was convicted last week for releasing the Randex trojan, which was used to relay spam through infected PCs.
The teenager had his six-month sentence suspended on probation by the South Cheshire juvenile court in Crewe. He belonged to a group of juveniles from the US and Canada, which offered spammers access to a botnet of compromised PCs in change for money. Because all suspects are juvenile, none will have to serve a prison s......
[more] Who opens e-mail spam? Canadians admit to being stressed by spam e-mails, but can't resist responding to the junk.
The annual Internet review by Yahoo Canada reports that about one out of three Yahoo e-mail users said they opened spam messages because they had interesting subject lines. Forty-eight per cent of users respond to spam messages by unsubscribing. Others say they respond to the junk messages to give spammers a "piece of their mind." Two out of five users opened spam messages because......
[more] Microsoft sues seven spammers for Can-Spam Act violations Microsoft has filed seven lawsuits against senders of bulk e-mail for failing to label sexually explicit messages as required by the federal Can-Spam Act, the company said Thursday. The lawsuits, filed in Washington State Superior Court in King County, allege that the defendants violated Can-Spam's "brown paper wrapper" requirement, which calls for labeling sexually oriented content as "Sexually-Explicit" in the e-mail subject header and......
[more] Cyber Criminals Prove Elusive It was a great year for catching cyber criminals, but the culprits behind some of the most damaging software viruses of 2004 are proving adept at eluding authorities, security experts say.
Tracking virus writers -- and more importantly, gathering evidence against them -- is a thorny problem for law enforcement agencies worldwide. While the number of arrests made and sentences handed down make 2004 the best year yet for catching cyber criminals, it won't have a no......
[more] AOL spam case: Judge rejects guilty plea Not conviced theft of email addresses contravenes Can-Spam Act... A district judge in New York has refused to accept a guilty plea from a former America Online employee charged with stealing 92 million email addresses from the online giant, citing vagueness in the prosecutors' argument that the theft violated the federal Can-Spam Act.
US District Judge Alvin Hellerstein on Tuesday postponed the hearing in hopes of consulting with lawmakers in Washington,......
[more] Spam punishment doesn't fit the crime I hate spam as much as the next person, but recent decisions by courts in Iowa and Virginia demonstrate how fear of technology (and justifiable annoyance) can force the legal system to impose fines and sentences that are grossly disproportionate to the harm caused by spammers.
This is not to defend or justify spammers, whose actions are at best deceptive, almost always annoying, generally illegal and frequently criminal. But when people who send email ar......
[more] Porn loses its savor in spam Porn ads slipped down the list of top junk e-mails in 2004, replaced by those hawking online Vioxx prescriptions, ID theft scams and stock pick information, America Online said. Although "Hot Lesbian Action" made the list of most frequently sent junk e-mails, or spam, lurid displays of pornography are now more easily blocked by filters offered by AOL and other Internet service providers.The types of spam have also changed considerably and now feature deceptively sim......
[more] FBI warns of tsunami email scams Heartless fraudsters beneath contempt The FBI is warning that fraudsters are using internet scams in the aftermath of the Asian tsunami disaster.
The agency is warning of phishing websites claiming to be for relief charities, and emails offering to find victims for a fee or requesting that money be deposited in overseas accounts.
It also fears that virus writers will use attachments claiming to be pictures of the disaster to propagate malicious code.
"The FBI,......
[more] Microsoft Rolls Out Free Security Software Microsoft's antispyware program is based on technology from Giant, which Microsoft bought last month. UBS analyst Daniel Cummins said the rush to market with the tool "highlights just how bad privacy vulnerabilities in the WinOS really are." In a move that likely heralds a widely anticipated full-blown march into the antivirus software market, Microsoft on Thursday unwrapped two free software programs designed to help guard against threats faced by user......
[more] US shuts porn spam ring The Federal Trade Commission (FTC) has obtained an order to close six internet advertising companies accused of profiting from sexually explicit spam.
A federal judge in Las Vegas granted the commission's request for a temporary restraining order against the companies, their executives and an affiliate for allegedly violating federal laws regulating unsolicited commercial bulk email. The FTC sought an injunction halting the network's illegal email ads. The judge agreed......
[more] British Company Named in Porn Spam Clampdown At least one British company is among six accused of sending X-rated e-mails in disguise, and fraudulently charging recipients who joined sexually explicit websites, to be shut down by US authorities. It is the first legal case in the US involving porn internet spam.
A federal judge granted the US Federal Trade Commission’s request for a restraining order against the companies and their executives for allegedly violating laws governing commercial el......
[more] UK students swamped by spam and viruses Young children confronted with hardcore porn, illegal drugs and penis enlargement ads... UK students are being overwhelmed with increasing levels of spam email much of which carries potentially damaging attachments.
According to figures released by Email Systems, 60 per cent of emails arriving in school inboxes over the past six months have spam or have contain viruses.
While that figure is largely in keeping with global average, Neil Hammerton, MD of Em......
[more] Has Spam Growth Stabilized? While the amount of unwanted e-mail hasn't decreased, there is some good news. The volume of e-mail made up of spam has stabilized, according to figures from Symantec's Brightmail unit.
December's figures, culled from traffic traveling through its servers, showed that 67 percent of e-mail is now spam, identical to the previous month. That was after three months when spam volumes were stable at 66 percent.
This is still equivalent to tens of millions of messages per......
[more] UK firm fingered in US XXX spam probe A British-based outfit is among a dozen or so companies and individuals charged with using spam to flog access to smutty web sites.
The US Federal Trade Commission (FTC) charged London-based Global Net Ventures Ltd and the other defendants with spamming hundreds of thousands of unsuspecting consumers with porno emails without their consent.
The FTC claims those involved failed to include necessary warnings alerting people of the sexual nature of the spam.......
[more] First Look: Microsoft AntiSpyware It's a little Microsoft-centric, but we generally like the software giant's full-featured beta antispyware program. Microsoft is now in the antispyware business with the launch of a free beta version of Microsoft AntiSpyware. The software is now available in a beta release and covers all the basics a PC user needs when it comes to spyware and adware detection and removal.
In fact Microsoft AntiSpyware really is a collection of security and privacy tools that bu......
[more] Texas sues student 'spammer' for $2m Texan authorities launched federal suit yesterday against a University of Texas student alleged to have run one of the world's largest spam operations.
Ryan Samuel Pitylak, 22, and alleged accomplice Mark Stephen Trotter of Encinitas, California are accused of sending hundreds of thousands of junk mail messages through two firms they ran, PayPerAction and Leadplex. The pair are said to have specialised in spam messages hawking mortgage refinancing and other......
[more] Malware, spam prompts mass net turn off Both beginners and veterans are finding the Interweb experience so repellent that they're disconnecting in droves, blaming malware and spam. Despite an overall increase in numbers of humans connected to the internet, the mass turn-off is beginning to hit ecommerce in the United States.
"Instead of making life easier — the essential promise of technologies since the steam engine — the home PC of late has made some users feel stupid, endangered or just has......
[more] Search giants hook up to cut blog spam Search giants Yahoo and Google have teamed up with a group of high profile internet firms to back a technique designed to help combat weblog comment spam.
Others involved include Google/Blogger, MSN Search, Six Apart (TypePad, MovableType, LiveJournal), and WordPress.
The scheme centres on modifying standard HTML 'href' link tags by adding a rel="nofollow" attribute to hyperlinks. This additional tag allows webmasters and weblog owners to tell search eng......
[more] MyDoom: The virus that changed the world It's been exactly one year since the launch of the MyDoom virus that dominated many of 2004's security headlines and proved a dramatic milestone in the history of virus writing.
For many, MyDoom marked the dawning of an age of financially motivated attacks. The image of disaffected teens writing code in their bedroom was no more and the motivation appeared to have changed from 15 minutes of notoriety to a more prolonged and premeditated campaign to ext......
[more] Ipod creates spam craze Email systems throughout the world are being stuffed with spam claiming to sell the super soaraway iPod.
According to email security outfit Clearswift, it has been cleaning out shedloads of spam from shysters trying to peddle the music box.
According to the company, spammers were keen to get in on the action with one of the most sought-after Christmas gifts.
The spammers were assisted by Apple's poor supply chain which meant that it could not get enough iPods to the......
[more] Study: Small firms cook up more spam Smaller businesses, and companies that publish their employees' e-mail addresses on the Web, are far more likely to be swamped with spam, according to a new study. Antispam services provider Postini said in its annual E-mail Security Report, published Wednesday, that small businesses and companies in certain industries are experiencing more frequent spam attacks than other businesses. Companies with 100 e-mail addresses or less received up to 10 times more s......
[more] US duo in first spam conviction A brother and sister in the US have been convicted of sending hundreds of thousands of unsolicited e-mail messages to AOL subscribers. It is the first criminal prosecution of internet spam distributors.
Jurors in Virginia recommended that the man, Jeremy Jaynes, serve nine years in prison and that his sister, Jessica DeGroot, be fined $7,500.
They were convicted under a state law that bars the sending of bulk e-mails using fake addresses.
Snake oil salesman
T......
[more] MS mulls charging for anti-spyware app Microsoft is leaving its options open on charging for full versions of anti-spyware and virus disinfection tools. Speaking in London yesterday, Detlef Eckert, chief security adviser for Microsoft EMEA, revealed there will be a second beta of Microsoft Windows AntiSpyware application. However, the company remains unsure how the product will evolve from then on. "It could evolve into a consumer or enterprise product. There could be a basic and plus version,"......
[more] Google Changes Algorithm to Fight Spam With the huge popularity of Blogs, it was only a matter of time before spammers realized that they could exploit Blogs by turning them into spam farms. Google’s algorithm relies partly on the link popularity and link reputation of a website. Spammers have been known to increase their search engine rankings by inserting their link on every Blog they can find. The result is that these spammers are artificially inflating their search engine ranking using ille......
[more] Smaller companies experienced 10 times more spam in 2004 Even as attention to the cost and prevention of spam reached a high point in 2004, threats to e-mail systems grew worse as the incidence of spam remained at 75-80 per cent of e-mail, virus attacks grew threefold, and directory harvest attacks (DHAs) continued to plague corporate e-mail servers, according to a report from e-mail security firm Postini.
Smaller companies such as those with 100 users or less received up to ten times more sp......
[more] Germany gets tough on spam Penalties of up to €50,000 face spammers according to draft proposals of a new German law. Under the new plans the Act for the Use of Tele-Services will be expanded to encompass new spamming legislation.
"Penalties are always good, although in this case we'd like them to be a bit higher. €50,000 will allow the professional spammers to keep on spamming because they can offset that sort of fine." said Steve Linford director of anti-spam service Spamhaus. "But I do thin......
[more] Denial of service: Coming to an office near you? Smaller, less obvious targets flag need for managed security services... An increasing number of smaller companies are being targeted by denial of service attacks, showing it's not just large corporates or those who offer a tempting target to extortionists who are at risk from this type of attack.
Last year the problem of DoS attacks was most closely associated with online bookmakers threatened with site-crippling levels of traffic in the build-......
[more] Project Honeypot aims to trap spammers A blow-by-blow account of how one of the world's most prolific senders of spam email was tracked down and prosecuted had an audience of spam fighters on the edge of their seats last week.
After years developing anti-spam technology and drafting legislation to outlaw spammers, the delegates at MIT's annual Spam Conference in Boston were overjoyed to see the culprit nailed. "A successful trial with all the time and resources we're spending on this issue jus......
[more] Spammers 'tricking ISPs' into sending junk mail A massive spam spike is predicted, and one expert says that 'it's the beginning of the email meltdown' Spam levels are about to skyrocket, according to experts who warned this week that spammers have developed a new way of delivering their wares.
According to SpamHaus -- an anti-spam organisation which compiles blacklists blocking eight billion messages a day -- a new piece of malware has been created that takes over a PC and then uses it to send......
[more] Spam plateaus - but worse times to come? The reports of spam's death have been greatly exaggerated... The level of spam hitting users' inboxes has reached a plateau, showing little increase in recent months, leading some in the industry and the media to predict we may be on the verge of a meaningful decline in volumes of unsolicited mail.
But any celebration is misguided and more than a little premature according to those working at the coal face, with one anti-spam expert warning it could eve......
[more] Ex-AOL Worker Pleads Guilty in Spam Case A 24-year-old former American Online software engineer has pleaded guilty to stealing 92 million screen names and e-mail addresses and selling them to spammers, setting off an avalanche of up to seven billion unsolicited e-mails.
The soft-spoken Jason Smathers of Harpers Ferry, W. Va., entered the plea to conspiracy charges on Friday in U.S. District Court in Manhattan, where he was likely to face from 18 months to two years in prison at a May 20 senten......
[more] Spam E-Mail Set To Rocket The SpamHaus project, a global anti-spam group, says spam e-mails could pile up in the next few months as junk mailers have adopted a new spamming technique. They have found a way to send massive amounts of spam via ISPs directly, instead of going through individual machines.
Normally, once a spam IP address has been found, that computer or hosting company is blacklisted and mail is restricted in order to stop the flood of junk e-mail.
But by targeting the big ISPs......
[more] Are You Responsible for Internet Security? Web surfers must share the burden with technology companies, industry execs say. In the battle against online scams, consumers have a responsibility to use the tools provided by technology vendors to protect their personal data, privacy executives from EBay, Hewlett-Packard, Microsoft, and Truste said this week.
Phishing schemes are prevalent and EBay users are regularly targeted. Phishing scams typically use spam e-mail messages to drive people toward......
[more] Spammers' ISP attacks 'all hype and bluster' Industry hits back at zombie claims from SpamHaus Security vendors have accused anti-spam experts at Spamhaus of hyping a trick that allows spammers to take advantage of internet service providers' mail servers.
Earlier this week Steve Linford, director of Spamhaus, warned that email infrastructures were on the verge of collapse because a new worm is forcing zombie computers to relay spam via ISPs' mail servers. This, Linford said, is a huge problem......
[more] MCI 'makes $5m a year from spam gangs' Spamhaus has slammed MCI for hosting a website selling spamming software that is allegedly integral to the illegal trade in compromised PCs. The site - send-safe.com - sells spamware called Send Safe which uses broadband-connected PCs infected by viruses such as SoBig to distribute junk mail.
More than 70 per cent of spam comes from PCs infected with viruses or trojans, according to Spamhaus, a leading anti-spam organisation. By using compromised machines......
[more] 13 EU countries link up to fight spam Anti-spam enforcement authorities in 13 European countries have agreed to work together when investigating complaints about cross-border spam from anywhere within the EU. The countries are Austria, Belgium, Cyprus, the Czech Republic, Denmark, France, Greece, Ireland, Italy, Lithuania, Malta, the Netherlands and Spain. The idea is to make it easier to identify and prosecute spammers anywhere in Europe.
Viviane Reding, information society and media commissi......
[more] University offers spamming and spyware course Security industry objects to breaking of teaching taboo. A Canadian university has sparked controversy with plans to include instruction on spamming and spyware techniques in a forthcoming computer security course.
Due to start in the autumn, the new Spam and Spyware course at Calgary University’s Department of Computer Science will offer students direct instruction in the techniques used by commercial spammers to bombard a hapless public with their......
[more] Giants to tackle Viagra spam ring Software giant Microsoft and the world's biggest drug company Pfizer are getting into bed together to combat an internet Viagra spam ring. The two are filing 17 parallel lawsuits against two "international pharmacy spam rings" selling what they claim are generic versions of Viagra online.
Pfizer said two websites named in the suit sold "potentially dangerous medications" unapproved by regulators.
The websites involved are CanadianPharmacy and E-Pharmacy Direc......
[more] UK manufacturers drowning in spam Convergence of viruses and junk mail hitting the sector hard The UK manufacturing sector is being particularly severely hit by the rising global tide of unsolicited spam emails, research has claimed.
According to figures released by managed email firm MessageLabs, more than four out of every five emails received by manufacturing firms over the past year were spam.
But the study found that viruses were the biggest problem among not-for-profit and healthcare org......
[more] Earthlink files latest spam lawsuit Earthlink continues the corporate backlash against spam by launching four lawsuits against alleged spamming outfits. The lawsuits, against defendants in California, Florida, Nevada and Washington, accuse the spammers of violating several state and federal laws including the Controlling the Assault of Non-Solicited Pornography and Marketing Act (Can-Spam).
But although welcomed, some have questioned whether the lawsuit will be successful.
"It's good news," s......
[more] MCI-Verizon deal sparks spam fears Will Verizon's proposed multi-billion dollar take-over of MCI send spam levels rocketing or help bring the problem under control? Campaigners are divided over the impact that Verizon's proposed $6.75bn buyout of MCI could have on spam levels.
Anti-spam campaign group Spamhaus is concerned that the deal, announced on Monday, will create more safe havens for spammers to operate in.
"If [Verizon] combines with MCI, that makes it safer for hosting spam," said Ste......
[more] Spam gets vocal with VoIP We're all learning to live with spam but an even more annoying nuisance lies just around the corner. Spit (Spam over internet telephony) is set to become the next pervasive medium for scammers, penis pill purveyors and the rest.
Internet telephony means cheaper phone calls, a great prospect for consumers and businesses alike. It also means that advertising messages can be sent out for next to nothing. And history shows that spammers will take advantage of any broadcas......
[more] New version of MyDoom virus begins its rounds A new version of MyDoom is being reported by antivirus companies.
Vendors rate the threat as medium. Although it is similar to previous versions, at least one of the reasons for its relative success is the message which is written in plain English and not punctuated with mistakes and poor grammar.
The message suggests that the recipient's email address is being used to send spam and that an attached file contains instructions on how to deal with t......
[more] One tenth of spam email is for chavs The Internet is experiencing a phenomenal wave of chav spam email thanks to the rise in the chav culture, according to Lycos.co.uk. Traditional chavs are defined by their love of imitation designer labels and ‘bling’ jewellery, in particular names like Dior, Chanel and Gucci.
It is luxury brand advertising for these names which is responsible for the four fold increase in filtered spam mail, from 35 million in 2003 to 113 million in 2004.
Among these unsol......
[more] UK lectures China on spam The British Government is to host a debate in which China and the rest of Asia will be urged to toughen up on spam. The event, organised by the Department for Trade and Industry (DTI), will take place on Tuesday as part of a wider ecommerce forum. Representatives from China, Indonesia, Japan and the EU member states will hear from industry experts about the threat of spam.
"I've talked to the Chinese before, they are very attentive and take everything in but they don'......
[more] Industry unites against IM spam Days after the first arrest for instant-messaging spam, an innovative software product has been launched to help counter the menace of 'spim' Back in December, instant-messaging (IM) management company IMLogic partnered with security companies McAfee and Sybari (recently acquired by Microsoft) to build IMLogic's Threat Center, which aims to protect users from peer-to-peer and IM threats, such as viruses, worms, spim and malicious code. The centre monitors honeypot......
[more] Home Office in drive to stamp out botnets The Home Office has launched a high-profile campaign to secure the internet against hacking groups using networks of infected computers to launch worm, spam and denial of service attacks against critical businesses and services. The campaign, which features a website and an alert service to help non-IT specialists protect their computer systems, is designed to plug one of the weakest links in security on the internet: home and small business PCs.
Over t......
[more] Anti-spam spending set to soar Worldwide revenue to exceed $1.7bn in 2008, reports IDC As spam moves from nuisance to serious problem, spending on systems to fight the menace of unsolicited email will rocket, analysts have predicted.
According to a study by IDC, worldwide revenue for anti-spam packages will exceed $1.7bn in 2008 compared to $300m in 2003.
The analyst firm said that the development of spam from a mere nuisance to an increasingly serious and expensive problem is the driver behin......
[more] Firefox doused by monster security patch And faces criticism from Internet organisations. Mozilla has released a security update for its Firefox browser, claiming to pre-empt a potential spoofing vulnerability.
Firefox 1.0.1 fixes 17 security flaws, the most serious of which could allow an attacker to gain full control over a victim's PC, the Mozilla Foundation said. Firefox 1.0 was released in November and has since been downloaded more than 27 million times.
It also includes several fixes t......
[more] Email costs business owners 1.5 hours a day Is it good to talk? The average business owner spends an hour and a half each day processing email, according to new research - and that figure is set to increase.
Business owners from the Philippines, Hong Kong, India and the US are the most prolific emailers, spending two hours or more on average dealing with spam and legitimate email alike, while their Russian and Greek counterparts spend just 48 minutes a day sorting out their email, a report fro......
[more] Porn plummets as spammers clean up Dating services and financial scams on the rise as spam hits 90 per cent Pornographic spam email dropped by a huge 92.5 per cent during February, while unsolicited emails offering dating services surged by 171 per cent, newly published research has claimed.
Email management firm Email Systems said that the surge in dating spam last month was accompanied by a steep increase in unsolicited email offering financial services, which jumped by 107 per cent.
The res......
[more] MCI divorces spam bride after 18 month affair MCI, the ISP formerly known as Worldcom, has finally booted off the website hosting spamming tool Send-Safe off its network. Send-Safe, written and run by Russian Ruslan Ibragimov, is the most popular vehicle used by spammers to distribute unsolicited marketing emails.
The news has been greeted enthusiastically by anti-spam campaigners who had been lobbying MCI to stop hosting the Send-Safe website for some 18 months.
"MCI kicked Send-Safe off its......
[more] The war on spam: Can we win it with DDoS attacks? How far do we go in the fight against spam? Jonathan Yarden examines the controversy of launching DDoS attacks against spammers. On April 12, 1994, spam first entered the Internet world in the form of an unsolicited Usenet advertisement, sometimes referred to as the "green card lottery" posting. The day this infamous message began making its rounds, I knew that the era of commercial-free communication on the Net had ended. Over the next decade,......
[more] What's on your PC? Spyware, Trojans and diallers That's what... if you're not careful Users are increasingly losing ownership of their PCs with a growing amount of spyware and malicious applications finding their way on to computers in homes and the workplace. Worse still, the infections may go largely undetected.
The issue of spyware has been a major concern so far during 2005 but figures released by Computer Associates show Trojans, diallers, keyloggers and hacker tools also exist on users'......
[more] SurfControl E-mail Filter Receives Five Star Stating From CRN E-mail Filtering and Anti-spam Solution Achieves CRN Test Center Recommended Status From Leading Reseller Publication SurfControl, the world leader in enterprise Web and e-mail filtering, today announced SurfControl E-mail Filter has received a Five Star Test Center Recommended rating from CRN. The SurfControl e-mail filtering solution, which enables businesses to protect people, systems, and information from spam, spyware, phishing......
[more] First spam conviction overturned Tech terms and spam laws confuse jurors One of the first felony spam convictions in the US has been overturned - and the judge thought jurors in the case were bamboozled by technological terms.
Jessica DeGroot was jailed along with her brother, Jeremy Jaynes, earlier this year after being convicted of spamming offences. Judge Thomas D. Horne ruled that there was no "rational basis" for DeGroot's conviction and added that the anti-spam law used to convict the pa......
[more] SurfControl rides the spyware wave But warns time is running out for anybody favouring "buy" rather than "build" as an entry strategy... SurfControl last week signed a $6.8m deal for the intellectual property of threat management firm Apreo which hands the UK firm a market-ready spyware protection product. Today the company's EMEA president told silicon.com he believes SurfControl has stolen a march on its competitors.
The deal makes SurfControl the latest security vendor to add spyware protec......
[more] Spam costs UK businesses £1.3bn a year Junk e-mail is costing businesses in the UK £1.3bn a year in lost productivity, IT costs and helpdesk charges - equivalent to £22 per user per year, research has revealed.
Analyst firm Ferris Research found that UK firms receive more spam than businesses in France, Germany, Italy and China.
It calculated that spam filtering software could have a return on investment of between 30% and 220%, or higher for companies that receive large volumes of junk e-mai......
[more] Wireless security still lax Report finds 36 per cent of the City's wireless networks left open to attack More than a third of businesses using wireless networks in the City of London are overlooking basic security, leaving themselves exposed to drive-by hackers.
The fourth annual Wireless Security Survey of London shows the number of wireless local area networks (WLans) increased by 62 per cent in 2004, with access points rising from 1,078 to 1,751.
But the research, conducted by security spec......
[more] Prime Minister Accused of Sending Out Spam The Prime Minister was today accused of sending out “spam” – unsolicited and unwanted emails – in a bid to win votes in the run-up to the general election campaign.
Tory MP Michael Fabricant (Lichfield) claimed that although the messages began with the words “Dear Labour supporter” and are signed by the Prime Minister, he knew of recipients who belonged to other parties.
Mr Fabricant, shadow industry and technology minister, said: “DTI Ministers have......
[more] Zombie networks implicated in ID theft According to researchers, the use of large networks of compromised machines to install spyware as well as send spam and carry out DoS attacks is increasing Botnets — otherwise known as zombie networks — collections of compromised computers controlled by a single person or group, have become more pervasive and increasingly focused on identity theft and installing spyware, according to a Honeynet Project report.
The report, released on Monday, summarises the......
[more] Desktop Anti-Spyware Not Up to Snuff, IT Pros Say Professionals surveyed found spyware problems same or worse using PC-focused software. Desktop anti-spyware software isn't doing the job, IT professionals have concluded.
According to an international survey by proxy appliance company Blue Coat Systems, 72 percent said desktop anti-spyware programs were ineffective in protecting their networks. Blue Coat surveyed 339 IT staffers who used programs from Computer Associates International (PestPatro......
[more] FTC hits anti-spyware scammers with ban A Washington-based company has been accused of providing anti-spyware software that allows spyware in. SpywareAssassin has been shut down by the Federal Trade Commission (FTC) after an investigation revealed the product did not actually work.
The FTC used SpywareAssassin on its own clean systems, only to find that it still detected spyware.
"The pop-up that announces that consumers have spyware pops up automatically, even when the computer is clean and......
[more] Germans form spam-busting alliance An impressive cross-section of German trade organisations, including The Association of Consumer Protection Agencies (VZBZ), The Agency for the Prevention of Unfair Competition (WBZ) and The Association of the German Internet Sector (Eco), has announced a new alliance to fight spam in Germany.
The Association of the German Internet Sector, which represents approximately 300 members, including 180 ISPs, will provide technical expertise in order to track spam b......
[more] Desperate housewives spam used to spread spyware There has been a sharp increase in spam messages purporting to offer the details of women looking for casual sex in recent weeks. But surfers hoping to hook up to swingers are actually directed to pornographic websites, which often harbour spyware, email security firm Clearswift warned Tuesday.
The ruse is one of the latest additions to the spammers’ armoury, and has led to a rise in sex-themed spam from 10 in January to 18 per cent in February......
[more] Belgium's Largest Cable Operator Telenet Selects F-Secure to Offer Hosted Security Services F-Secure Corporation, and Telenet today announced a partnership to offer managed desktop based security services to Telenet's Internet customers.
Telenet is the largest cable operator in Belgium offering Internet, telephony and television services primarily in the Flemish region of Belgium towards individuals, households, companies and governmental institutions.
Together with F-Secure, Telenet will of......
[more] IBM aims to spam the spammers New software is designed to help companies get a jump on hackers who try to breach computer systems via e-mail Electronic mail touting cut-rate Viagra or how to make big bucks working from home will get pitched right back to the senders by a free program from IBM Corp.
The program, announced Tuesday, will identify computers that originate unwanted e-mail, or spam, and bounce it back at the sender--in effect spamming the spammer. The program, designed for use by lar......
[more] Politicans form transatlantic spam alliance Derek Wyatt's All Party Parliamentary Internet Group is teaming up with members of the US Congress in its fight against spam The All Party Parliamentary Internet Group (APIG) has partnered with the Internet Caucus, its counterpart at the US Congress, in a bid to tackle spammers.
Speaking to ZDNet UK on Wednesday, APIG chairman Derek Wyatt MP said the move would improve communication on e-commerce between the two countries and would help tighten laws o......
[more] Spam is popular, claims survey Junk e-mails boost shopping - apparentl. A new survey claims that more than 10 percent of e-mail users have purchased products advertised in spam.
The preliminary report from Mirapoint and the Radicati Group, suggests that it is the very success of spam in tempting users that is now driving the massive rise in the phenomenon.
Common estimates of product spam success rates are usually much lower - the figure quoted the most often is 0.00036 percent - so the new f......
[more] Microsoft bankrupts the Spam King Scott Richter has filed for bankruptcy protection for his email marketing firm OptInRealBig.com, blaming a Microsoft lawsuit Scott Richter, self-confessed Spam King and one-time peddler of ladies' underwear, has filed for bankruptcy, with Microsoft cited as the main reason.
According to reports, Richter has filed for Chapter 11 bankruptcy protection for his email marketing company, OptInRealBig.com.
Despite facing a $500,000 fine from New York attorney gener......
[more] Financial spam booms as tax year ends Share scams running at 40 per cent of all spam March saw a huge increase in the amount of spam offering financial deals, according to a survey by Email Systems.
The email management company said that financial spam accounted for over 40 per cent of all spam, predominantly offering share tips on stock supposed to increase in value. Email Systems attributes this behaviour to it being the end of the tax year.
"Obviously the share emails are a twist on the cla......
[more] Sophos Reveals Latest 'Dirty Dozen' Spam Producing Countries Sophos, a global leader in network security, today published the results of its research on the top twelve spam producing countries. Researchers from SophosLabs(TM), Sophos's global network of virus and spam analysis centers, examined all spam messages received at its global network of spam traps from January 2005 through March 2005. Based on the analysis, experts found that the United States topped the Dirty Dozen chart once again, e......
[more] Antivirus firm warns of Microsoft security Trojan horse Malicious hackers uses same tactics as phishers A new campaign by malicious hackers uses a Web site designed to look like Microsoft Corp.'s Windows update page to trick unwitting Internet users into infecting their computers with a Trojan horse remote-access program, according to antivirus experts at Sophos PLC. The scam uses e-mail messages that appear to come from Microsoft to get recipients to visit a Web page that uploads the malicious......
[more] We're getting used to spam. Apparently There's more of it, but it's less smutty. People are getting used to spam, even though there's more of it, because less of it is about sex and porn, according to a new survey.
The Pew Internet and American Life Project asked 1,421 random Internet users for their opinions about spam, e-mail and phishing scams. The data apparently showed that people seem to be less bothered by spam recently because they've seen a decline in the number about pornography.
If......
[more] Security websites taken down by unhappy hackers Unable to take criticism, code writers resort to DDoS attack. Two prominent websites that specialise in remote access software have been taken offline by a DDoS attack orchestrated by a group of hackers who have taken offence at comments posted about them.
Rootkit.com, an established website run by security expert Greg Hoglund, has been offline for almost a week. Two other sites, operated by a prominent rootkit author known as "Holy Father" have a......
[more] New Spam Scam Exploits Pope's Death A new spam campaign is exploiting people's interest in and grief over the death of Pope John Paul II. The spam claims to offer readers a free collection of books written by the late pope. The email tells users to click on a link to receive the gift, but the link actually takes them to a Web site offering ''free money-making advice''. ''This is absolutely slimy,'' says Carole Theriault, a security consultant with Sophos, Inc., an anti-virus and anti-spam compa......
[more] Mozilla spam fools the net savvy A new spam campaign, making use of browser incompatibility, is fooling users into downloading a virus. The spam appears as a message telling the recipient that their website is incompatible with Mozilla-based browsers and asks the reader to fix the "problem".
"The email arrives with an attachment, supposedly a screenshot, so that the recipient can examine the problem," said Roel Schouwenberg, senior research engineer at Russian anti-virus firm Kaspersky on its......
[more] Save us from spam The majority of UK consumers and small businesses are yet to deploy anti-spam filters. A poll of UK residential email users and SMEs published Monday found 57 per cent have no anti-spam filtering installed, leaving them unprotected from spam, key logging and phishing attacks. Four in five consumers (82 per cent) have anti-virus protection, predominantly desktop scanners.
Most consumers (60 per cent) polled in the survey from email filtering outfit Checkbridge reckon that thei......
[more] Spam - some figures on the threat Spam lies at the heart of the modern cyber-crime phenomenon. So how big is the problem? You hear all sorts of statistics these days about the level of threat faced by companies, and the Infosecurity show is bound to see these rolled out by vendors at every opportunity. But which ones deserve to be taken seriously?
Proving there is a threat is easy; working out the scale of this is another thing altogether. We decided to research the latest reliable figures we......
[more] The Web, not email, poses the biggest security threat to systems To most companies, the perception is that the biggest threat to their users’ security continues to come from email and Spam. In today’s world, corporate communications systems are totally reliant on giving their employees Web access and email to conduct their business. Take away access to email and the Web for most employees, and they’d claim their productivity would fall. So the focus today of most IT security vendors and corpora......
[more] UK laws are failing to deter spam UK spam laws are failing to stop spammers, say campaigners. According to anti-spam organisation Spamhaus, loopholes in UK law render legislation useless in the fight against spammers. The majority of spam originates from the US but there are a handful of hardcore UK-based spammers. Since the law came into force over a year ago no UK spammers have been fined or prosecuted.
Loopholes
Internet service provider AOL is becoming frustrated by the lack of effective......
[more] Two out of Three UK Company Networks Hit by Spyware A new survey of 500 UK IT departments by SurfControl plc has found 62% of networks are known to have been infected by spyware. More than one in eight of the IT directors, CIOs and managers that participated were unable to identify whether or not their network had been infected.
IT departments are using a range of tactics to protect networks against malware, including desktop anti-spyware software (59%), content filtering (47%) and prohibiting......
[more] Blog at your own risk Blogs are getting popular with hackers too, so be careful whose blog you wander into Blog authors open up their lives to you on their web logs. But surf to the wrong blog, and you could be opening up your computer to a hacker.
A recent report by web security firm Websense warned that hackers are now using blog sites as gateways into computers of surfers who are tricked into clicking on a link to them.
These hacker-maintained websites contain malicious codes, such as Troja......
[more] Unpatched machines 'Net's biggest threat' Most Internet-connected computers don't have up-to-date software with the latest security holes patched, and this is fuelling a rise in cybercrime, according to McAfee Unpatched computers continue to represent the IT world's biggest security problem, keeping threats that target software vulnerabilities at the top of McAfee's latest industry analysis.
In its report covering security threats during the first quarter, McAfee's Anti-virus and Vulnerability......
[more] Sophos announces new "Tiger" version of their leading Mac OS X anti-virus solution New version of Sophos Anti-Virus provides centralised control for businesses upgrading to Mac OS X 10.4 Tiger Sophos, a world leader in protecting businesses from spam and viruses, today announced that Sophos Anti-Virus for Mac OS X has been extended to include support for the latest version of the Apple Macintosh operating system, Mac OS X 10.4 Tiger.
Ideal for multi-national organisations as well as small and m......
[more] Top ten viruses and hoaxes reported to Sophos in April 2005 Sophos, a world leader in protecting businesses against spam and viruses, has published a report revealing the top ten viruses and hoaxes causing problems for businesses around the world during the month of April 2005.
The report, compiled from Sophos's global network of monitoring stations, shows that Zafi-D, which first appeared at the end of 2004, continues its reign at the top of the list for the fifth month running, accounting fo......
[more] Hackers aren't just picking on Microsoft Online criminals turned their attention to antivirus software and media players like Apple Computer Inc.'s iTunes in the first three months of 2005 as they sought new ways to take control of users' computers, according to a survey released on Monday.
While hackers continued to poke new holes in Microsoft Corp.'s popular Windows operating system, they increasingly exploited flaws in software made by other companies as well, the nonprofit SANS Institute f......
[more] Hackers turning away from Windows In the first quarter of 2005 software such as iTunes, as well as antivirus applications, came under particularly focused attack Online criminals turned their attention to antivirus software and media players in the first three months of 2005, as they sought new ways to take control of peoples' computers, according to a survey released on Monday.
Hackers continued to poke new holes in Microsoft's popular Windows operating system, but they increasingly exploited......
[more] Aladdin Sees Dramatic Increase in Email Traffic with Outbreak of Win32.Sober.s Aladdin Knowledge Systems Ltd. today announced that its Content Security Response Team (CSRT) identifies the new Win32.Sober.s worm as a medium to high risk for corporate networks worldwide. Aladdin eSafe customers are proactively protected without a need for signature updates.
Win32.Sober.s is a mass-mailing worm that continues to quickly infect computers throughout the United States and Germany by disguising itsel......
[more] Police chief battered by cyber attack Thousands of threatening emails sent to cripple police computers... A UK police chief has been bombarded with thousands of threatening emails in a denial of service attack aimed at crippling his force's computer systems.
At one point just before the bank holiday weekend, 2,000 emails an hour were being sent to Greater Manchester Police (GMP) chief constable Michael Todd.
The attacker spoofed some of the email addresses to show US president George Bush as......
[more] Sober virus now infects one in 22 emails Rise of the mass-mailing worm... One in every 22 emails circulating on the internet contains the latest version of the Sober worm, according to statistics from a UK antivirus company.
Sophos claimed that the mass-mailing worm, which has been reported in 40 countries after first appearing on Monday, now accounts for 79 per cent of all viruses the company is seeing.
Graham Cluley, senior technology consultant for Sophos, said: "It's still very widesprea......
[more] Blair spam rides on back of election frenzy Spammers have tapped into British election fever by sending out an email claiming that Tony Blair's email account has been hacked. The email contains a trojan, luring the unwary into downloading its malicious code.
The email claims that screenshots are available of the hacked account allowing curious users to see what Tony Blair really says about his cabinet. Of course, it's just a ruse to download a virus.
"Clicking on the link takes users to a web......
[more] Virus writers claim Blair's email account was hacked The Prime Minister's email account is the subject of a spam scam that can infect computers with Trojan horses. Don't fall for it Cybercriminals claimed on Friday that the Prime Minister's email account has been hacked, in the latest attempt to attack PCs with malware.
On the same day Tony Blair won a third term in government, a spam message was sent out stating that malicious hackers had penetrated his email account.
The email contains a l......
[more] Spam blacklisting for one million Telewest customers Telewest says action is "heavy-handed" but they can't say they didn't see it coming... One million Telewest customers have been blacklisted for sending spam by one of the most powerful anti-spam organisations on the web.
The Spam Prevention Early Warning System (SPEWS), whose blacklist is referenced by many anti-spam controls, imposed the block in response to the high number of Telewest customers whose machines have become compromised and ta......
[more] Sophos helps Merseyside police lay down the law against viruses Sophos, a world leader in protecting businesses against spam and viruses, has announced that Merseyside Police is using Sophos's SAV Interface to secure its IT systems. Merseyside Police, which is responsible for serving and protecting the Greater Merseyside area, including Wirral, Sefton, Knowsley, St Helens and Liverpool, has implemented SAV Interface at its email gateway in order to provide the highest level of protection agains......
[more] Sober Virus Behind German Spam Barrage A new variant of the Sober mass-mailing worm is being blamed for the deluge of German spam messages flooding inboxes this weekend, anti-virus experts warned on Sunday.
The spam barrage arrives with politically-themed messages in German and contains only links to news articles on German Web sites. Finnish anti-virus vendor F-Secure Corp. said the spam run is being powered by Sober.Q, the latest mutant of a worm that was first spotted in October 2003.
The......
[more] Save us from spam The majority of UK consumers and small businesses are yet to deploy anti-spam filters. A poll of UK residential email users and SMEs published Monday found 57 per cent have no anti-spam filtering installed, leaving them unprotected from spam, key logging and phishing attacks. Four in five consumers (82 per cent) have anti-virus protection, predominantly desktop scanners.
Most consumers (60 per cent) polled in the survey from email filtering outfit Checkbridge reckon that thei......
[more] Netscape ready to launch antiphishing browser Netscape is expected to release on Thursday the final version of Netscape 8, a Web browser designed to protect users against online scams such as phishing. Early test versions of the new browser--so-called alpha and beta releases--have been available since February. Netscape has promised that the final version, like the previous ones, will include features to better safeguard systems while people surf the Web. Netscape 8 is also expected to have a c......
[more] ISPs urged to throttle spam zombies The US Federal Trade Commission (FTC), along with more than 35 government agencies worldwide, announced an ambitious effort on Tuesday to get ISPs and other organisations to deliver the net from the plague of zombie spam networks. The group is encouraging ISPs to identify and quarantine customers whose PCs may have unwittingly been turned into spam zombies, under the control of hackers.
ISPs are also being encouraged to apply rate-limiting controls for email......
[more] Spam shame of the UK exposed Freedom of Information enquiry reveals those organisations who said you want spam into your work email... and the government listened... The UK is still dogged by the persistent problem of spam email and for all the government rhetoric there have been few real signs of any effective legislative easing of the situation.
silicon.com can now reveal this is due in part to the bungled consultation process that the DTI launched into addressing the spam issue after the pr......
[more] Virus claiming Bin Laden arrest fools few on Web A new computer virus in e-mails claiming that Osama Bin Laden has been arrested has failed to lure many users to open dangerous attachments, despite its high-profile headline, security software makers said on Friday.
The virus began circulating in the past day and is one of several Bin Laden-type viruses that have been distributed on the Internet since May 2004. The current virus has a subject line claiming Bin Laden has been arrested.
The U.S......
[more] ProDefence to Launch Email Archiving Appliance into $1 billion market! ProDefence Distribution is pleased to announce the UK launch of NorthSeas Guard E/N (pronounced Guardian) email archiving appliance. The Guard E/N is the first product of it’s kind to aim at a market that is expected to be worth $1 billion dollars by 2008. The Radicati Group has predicted the market for email archiving will grow to $2.5 billion by 2008 with 40% (at a conservative estimate) likely for appliances!
Unlike oth......
[more] Aladdin announces eSafe 5 for spyware protection and Web security Aladdin Knowledge Systems Ltd. has announced the availability of Aladdin eSafe 5 that is presented as transforming the way Web security is handled in large organisations, addressing the latest spyware/adware threats with multi-layered comprehensive content protection.
Also introduced in Aladdin eSafe 5 is a gateway solution featuring four layers of spyware protection. Designed to fight the ever-increasing spyware epidemic, Aladd......
[more] Michael Jackson suicide spam leads to trojan horse, reports Sophos Experts at SophosLabs, Sophos's global network of virus and spam analysis centres, have warned of a spam campaign that claims that Michael Jackson has attempted suicide in an attempt to lure innocent computer users into being infected by a Trojan horse. The email claims that Michael Jackson has attempted to commit suicide. But clicking on the link will cause infection.
Sophos has identified hundreds of the spam messages being......
[more] Browser-based attacks increase as viruses decrease As the threat to IT operations by viruses and worms declines, browser-based attacks are increasing, according to a technology trade organization. The Computing Technology Industry Association, or CompTIA, on Tuesday released its third annual report on IT security and the work force. The survey of nearly 500 organizations, found that 56.6 percent had been the victim of a browser-based attack, up from 36.8 percent a year ago and a quarter two yea......
[more] Britney Spears Most Popular Hacker Alias A computer software company says pop music star Britney Spears’ name is used more often by “Spammers” than any other moniker.
Officials says those mass e-mails usually contain damaging viruses.
Panda Software says most virus creators employ good-looking women celebrities or other famous names to send their infected messages. Names often used including Spears, Paris Hilton, Bill Gates, and Osama Bin Laden.
A recent ploy used to pass along various infec......
[more] Microsoft sues German company over spam Microsoft said on Monday it has filed suit in German courts against a company alleged to be the kingpin of a web of companies in the United States and Ukraine distributing spam e-mails.
The software multinational said the company, registered in the state of North Rhine-Westphalia, was behind millions of unwanted advertising messages that clutter the internet worldwide.
The head of the company, who lives in Germany after a long stay in the United State......
[more] Weak security makes HK top hacker target Hong Kong's unsuspecting broadband Internet users are the most vulnerable on the planet to attacks by so-called ''zombie'' computers, according to a report by a British Internet security firm.
While Hong Kong has increased its efforts to become more secure for shopping and banking, there are vulnerabilities in the system that broadband users are not even aware of, officials say. The fact is that clandestine users piggybacking on the unaware have multip......
[more] Fake Microsoft security alert includes Trojan patch A new wave of spam that disguises itself as a Microsoft security bulletin contains a link to malicious software that gives attackers complete access to the infected machine, security researchers are reporting.
The e-mail, which began circulating late Tuesday, identifies itself as Microsoft Security Bulletin MS05-039, and offers a link to what it claims is a patch against the Sober Zafi and Mytob worms.
In fact, there is no such thing as Mi......
[more] China signs anti-spam pact Slowly dealing with Internet menace The Chinese government has joined an international anti-spam effort started by the UK and US.
As the world's second-biggest source of unsolicited e-mail, the decision is hugely significant and comes ater months of discussion between UK and Chinese government officials. "We have long been keen to engage with China on the issue of spam," said Alun Michael, the UK's e-commerce minister.
According to the Department of Trade and Industr......
[more] 'Spam report' Trojan spreading fast A new plague of spam emails containing malicious Trojan software has been sent to up to 400,000 UK addresses, security specialists BlackSpider Technologies has warned.
The emails claim to be from a member of the recipient's IT team warning that their system has been compromised and is distributing spam. The emails, which carry the subject line 'Spam Report', were first detected at 3.25am yesterday.
BlackSpider said that only one vendor has so far released a......
[more] Make our anti-spam tech the standard, say Yahoo! 'You won't regret it... ' An anti-spam technology that focuses on identifying forged email addresses has been proposed as a standard by Cisco Systems, Yahoo! and partners.
The companies, along with software makers Sendmail and PGP, submitted their DomainKeys Identified Mail (DKIM) specification to the Internet Engineering Task Force (IETF) this weekend. The IETF, a standards setting body, is expected to start discussing the technology during its......
[more] Sophos Introduces ZombieAlert Identifies 'zombie' computers on an organization's network; notifies customers if their IP addresses are listed in public Domain Name Server Blackhole Lists. Sophos, a developer of anti-virus and anti-spam software, today announced the availability of Sophos ZombieAlert, a new alert service that identifies 'zombie' computers on an organization's network.
Zombie computers are infected machines that give control to unauthorized and remote users, allowing them to send......
[more] Sophos ZombieAlert Identifies Spammer-Controlled Computers On Business Networks New automated service notifies organisations about their exploited and hijacked computers Sophos, a global leader in computer security, has announced the launch of Sophos ZombieAlert, a new alert service that identifies 'zombie' computers attached to organisational and ISP networks. Zombie computers are infected machines that give control to unauthorised and remote hackers, allowing them to send spam from the comput......
[more] E-Greetings Pose Security Risk Cyber criminals are increasingly using e-greetings to lure consumers into clicking on links that download malicious code into their computers, a security expert said Tuesday. Cyber criminals are increasingly using e-greetings to lure consumers into clicking on links that download malicious code into their computers, a security expert said Tuesday.
Over the last three months, Internet security vendor SurfControl Plc has tracked a 30 percent jump in malicious e-mai......
[more] Businesses still failing on IT security European businesses are still failing to effectively implement security measures across their organisation and are adopting a "lacklustre approach" to the integrity of the data and systems, according to analysts IDC.
The main reason for this appears to the be the continued growth of exactly what falls beneath the security umbrella, with recent issues such as compliance adding to an already vast patchwork of issues.
Against such strong criticism it is pe......
[more] Over 300 arrested in huge 419 scam investigation, Sophos reports 310 people have been arrested in Malaga, Spain as part of an investigation into a 300 million Euro ($363 million) lottery scam that attempted to rob innocent internet users out of their savings.
According to Spanish media reports, the FBI worked alongside Spanish authorities in what is believed to be the biggest round-up of so-called 419 or "Nigerian email" scammers.
Officers raided 166 properties, seizing 2000 cell phones, 32......
[more] Microsoft plans to buy worlds largest spyware company It’s been a bad month for Microsoft’s efforts to promote their visions of trustworthiness and authentication in Internet commerce.
Just as the ground began to crumble beneath "Sender ID" email authentication proposal, it was discovered that the Redmond, Wa.-based software giant was considering acquiring Claria, one of the world’s most notorious adware and spyware companies.
Let’s look first at the email authentication wars. As I’ve discuss......
[more] Security holes add up in second quarter More than 422 new Internet security holes were found during the second quarter, according to data released Monday by the SANS Institute. This represents an increase of 10.8 percent compared with the number found in the first quarter, and a jump of 20 percent compared with the second quarter of last year, the institute said in its quarterly report.
If companies and individuals don't take corrective action, the agency warned, their systems could be used by......
[more] Russian spammer beaten to death As 310 scammers are brought to justice in separate incident... Known spammer Vardan Kushnir has been found dead in his Moscow apartment, having apparently been beaten to death about the head.
The case is being treated as murder though no motive has yet been established, according to reports citing the public prosecutions office of Moscow's central district.
As such it is too early to say whether the attack was related to Kushnir's spamming activities but in the......
[more] SANS issues 'critical' patching recommendations Six Microsoft flaws and assorted vulnerabilities in Veritas backup software, Computer Associates' and Zone Alarm products topped the SANS Institute's quarterly list of the most critical flaws to patch.
"Individuals and organizations that do not correct these problems face a heightened threat that remote, unauthorized hackers will take control of their computers and use them for identity theft, for industrial espionage or for distributing spam or......
[more] Virus Writer Targets AV Vendors A virus writer released malicious code that ridicules anti-virus vendors and the Sasser worm author. A virus writer apparently seeking notoriety instead of financial gain has released malicious code that ridicules anti-virus vendors and Sasser worm author Sven Jaschan, a security firm said Friday.
The Lebreat-D virus, which is rated a low threat, creates in infected computers a JPEG image file of Jaschan, a German teenager recently convicted of authoring the wide......
[more] Warning on London Underground spam Bogus advice spreads to inboxes in sick prank Transport for London has issued a warning over spam emails containing fake safety advice.
The emails claim to provide an emergency number that can be used underground and relayed via satellite. There are no mobile phone transmitters on the London Underground and satellite signals cannot penetrate below ground.
The email body reads: "If you travel to work on the tube please note the following information: if your......
[more] U.K. Anti-Spam Policy Is Toothless The U.K. government and ISPs are doing little to tackle spam, according to the annual report from the Office of the Information Commissioner (ICO), according to a VNUnet piece in the E-Commerce Times. Apparently, no action was taken regarding the 600 spam complaints that the ICO had received in the previous 12 months. Thee ICO claimed that it lacks the necessary powers to pursue and prosecute spammers. It advises users to seek advice from their ISPs.
"This pr......
[more] IBM Says Gangs Now Behind Most Spam In the early days of the Internet, geeky hackers competed to see who could create the most diabolical computer viruses. The motivation was a twisted kind of bragging rights. But a study released by IBM says hackers today have a different motivation -- profit.
In its Global Business Security Index, the computer giant says email continues to grow as a security menace, with messages often disguised as communications from legitimate entities that seek to pry per......
[more] eBay, Yahoo pull spam auction Yahoo and eBay have pulled an offer to sell a 20,000-name mailing list of US investors from their auction sites. Direct-marketing firm Market Logisitics offered the list which includes names, email addresses and telephone numbers.
The two companies pulled the item off their auction sites saying that it violated their terms of service, which forbid the disclosure of personal data. The information would be of great value to marketers and spammers, although those on......
[more] Net criminals 'customise' attacks Net criminals and hackers are increasingly targeting their attacks at specific organisations, research shows. Worst hit, according to a worldwide survey by IBM, are government departments, financial services, manufacturing and healthcare. Of the 237 million security attacks in the first half of 2005, 137 million were aimed at these four areas.
Spam is becoming less attractive as criminals focus on fraud, identity theft and extortion. This has meant a decrease......
[more] 'Spam King' agrees $7m settlement with Microsoft A Colorado internet entrepreneur dubbed the "Spam King" has agreed to pay $7m (£4m) to Microsoft to settle charges he illegally sent hundreds of millions of unsolicited email messages touting anything from herbal remedies to loan consolidation schemes.
The software giant and New York Attorney General Eliot Spitzer sued Scott Richter and his company OptInRealBig.com for $18m in 2003, accusing him of violating state and federal laws.
As part of......
[more] AOL in great spam bounty giveaway Want to know what it is like living the life of a successful spammer? A competition from ISP AOL is offering the bounty recovered from a spam conviction to help you find out. A Hummer H2 (gigantic military- car loved by ostentatious celebrities), $75,000 cash and $20,000 in gold are to be won in a competition on the AOL website beginning today [Wednesday]. The loot was recovered from Brad Bournival, a spam scourge who at the height of his powers delivered milli......
[more] Spammers exploit Iran nuclear crisis As Iran is threatening to resume uranium-converting operations at a nuclear facility in Isfahan, spammers are taking advantage of the situation with another bogus junk email campaign.
The emails, which link to Trojan spreading websites, are purporting to contain news stories of the nuclear stand-off between the EU and Iran, according to antivirus firm Sophos.
The campaign is the latest bid to fool internet users into downloading malware.
In an press state......
[more] UK soft on spam More must be done to fight junk emailers The UK government is embarrassingly soft on spammers. By its own admission, the Information Commissioner's Office (ICO) is requesting stronger powers to tackle spammers and stop them sending unsolicited email.
Some reports say the ICO has received 600 complaints of spam over the last year but others say only 300 of those are 'actionable'. But what does 'actionable' really mean?
The ICO's current version of 'action' is to write to naughty......
[more] UK failing to fight spam Anti-spam campaigners have branded the UK's anti-spam laws 'a waste of time and public money' as the Information Commissioner admits it hasn't prosecuted anyone for sending junk emails The Information Commissioner's Office (ICO) has admitted it fails to take legal steps against UK spammers while "successfully" enforcing regulations against 13 fax marketers.
The ICO, the UK's last official port of call to complain about spam, said it had received more complaints about il......
[more] F-Secure Adds Behavioral Analysis to Enterprise Antivirus Software "Antivirus vendors are helping customers to tackle unintentional employee errors by developing security lock-down and admission control features, such as Internet quarantine in F-Secure Anti-Virus Client Security 6.0," said Thomas Raschke, an analyst at research firm IDC. F-Secure has launched a new version of the company's antivirus software, called Anti-Virus Client Security, that integrates spyware and spam protection with po......
[more] Phishers and security firms in malware 'arms race' Conventional phishing attacks launched via spam messages are becoming eclipsed by sophisticated malware designed to steal identities, according to a study by Anti-Phishing Working Group (APWG). APWG's July 2005 phishing reports adds that fraudsters are developing approaches specially designed to neutralise counter-phishing technologies.
APWG researchers reported a "marked increase" in screenscraper technology by phishers, an approach designed......
[more] MSN blogs 'launch' spam, virus attacks Spammers have started using Microsoft's MSN blogging service to host malicious content used during spam and virus onslaughts, Internet security firm SurfControl said. MSN Spaces, which was launched at the end of last year, is a free content sharing and hosting service. Users are required to register for a Hotmail account, after which they can publish a blog and share files.
However, a relatively simple registration system means that spammers are exploiti......
[more] Hacker fear boosts IT security spending Fuelled by increasing fears of virus and hack attacks, global network security appliance and software sales continue to climb steadily, rising four per cent to $1bn between the first and second quarters of this year, according to newly published figures.
The latest Network Security Appliances and Software study from Infonetics Research also predicted that security appliance and software sales will grow by 23 per cent to $1.3bn by the second quarter of 20......
[more] Online scams emerge in Katrina's wake Hurricane Katrina has spawned more than misery and destruction--a new wave of scam e-mails and Web sites are exploiting the tragedy. Phony Web sites and e-mails, purporting to offer help to hurricane victims or provide more news on the destruction, are making their rounds on the Internet, security experts said Thursday.
One spam campaign that's circulating offers breaking news reports but tricks people into clicking a link that takes them to a bogus Web s......
[more] Yahoo! accused of hosting thousands of phishing sites Anti-spam group Spamhaus says Yahoo! won't take them down... Yahoo! is hosting thousands of fraudulent websites that have domain names containing the words "bank", "PayPal" or "eBay", according to a leading anti-spam group Spamhaus.
Spamhaus claims Yahoo! is hosting almost 5,000 domain names using these words, many of which are linked to phishing scams.
Richard Cox, CIO at Spamhaus, said: "They are hosted on Yahoo! I just took three hot wor......
[more] Microsoft security chief bitten by rogue dialler No-one is above the threat posed by rogue diallers, it seems: Microsoft's top security man in the UK recently found himself with a whopping BT bill Rogue diallers have claimed a high-profile victim — Microsoft UK's chief security advisor Ed Gibson.
Speaking to ZDNet UK on Tuesday, Gibson revealed that he has recently been hit by a £450 bill from BT after his computer was infected with a rogue dialler.
Rogue diallers are malicious applications......
[more] SurfControl's Internet Threat Database Exceeds 12 Million URLs SurfControl Adds One Million New Websites in the Past 30 Days, Driven by the Ongoing Explosion in Blended Internet Attacks SurfControl, a world leader in enterprise threat protection, today announced the Company's Internet Threat Database -- a core component of SurfControl's Adaptive Threat Intelligence(TM) Service -- has grown to more than 12 million URLs. SurfControl has added more than one million new URLs over the past 30 days.......
[more] Spammers Add Use of Legitimate Katrina Relief Websites to Growing Arsenal of Tools, Warns SurfControl SurfControl, a world leader in enterprise threat protection, today issued a security advisory to enterprise IT departments and individuals about an alarming rise in unsolicited Spam e-mail messages carrying URLs of legitimate donation websites. SurfControl's Global Threat and Analysis Center believes this is an attempt to condition people to respond to unsolicited e-mail without fear of harm, i......
[more] Spam and scam 'could make internet unusable' The boom era of the internet - symbolised by the likes of Amazon, eBay and Lastminute.com - will soon be a thing of the past unless coordinated action is taken to improve security, Microsoft has warned.
An estimated £1.4 trillion was spent on e-commerce last year, and in Britain more than 11,000 new users come online every day. But the information superhighway is becoming so choked by spam, viruses and fraud that some experts believe it could become......
[more] Sophos exceeds growth expectations Global security provider is set to build on its successes with forthcoming firewall and adware detection launches Sophos, a world leader in protecting business against viruses, spyware and spam, today announced an increase in annual turnover of 19.2% to £66.2 million ($122.6 million USD) for the year ending March 2005. Sophos has achieved year-on-year growth, ahead of the industry average, thanks to strong market demand for its integrated IT security solutions.......
[more] Sophos Defends Northern Ireland's Government Health Networks The Northern Ireland Department of Health, Social Services and Public Safety has deployed Sophos's complete suite of computer security solutions to defend the Health and Personal Social Services (HPSS) networks against viruses, spam, Trojans, worms and spyware. The Sophos licence, which now covers the Department's Directorate of Information Systems (DIS) and 27 HPSS sites, lasts for three years and was provided by Foursys, Sophos's UK......
[more] Microsoft releases Office SP2 Microsoft has released Service Pack 2 for Office 2003 which addresses reliability issues highlighted by customers. The updates include support for applications, security and performance improvements, and extend across Office client applications as well as servers.
On the security front SP2 includes an enhancement to Outlook to help prevent phishing attacks, the spoof emails that try to obtain private data. Outlook also has an improved spam filter. Junk messages a......
[more] Katrina Scams Proliferate Hurricane Katrina is still wreaking havoc online weeks after its initial punch. Katrina scams are showing up in inboxes and on Web sites, preying on the good-willed, the vulnerable, and even sometimes the greedy.
Scams include identity theft, Trojan horses, bogus investments, and credit-card fraud. Some experts warn of upcoming rip-offs like thousands of severely water-damaged (and smelly) cars from Louisiana being hawked online as in good condition.
Phishing Scams
T......
[more] U.K. town a global contender in bot battle Small town of Winsford has the world's highest rate of infected computers If you told residents of Winsford, England, that their personal computers had been turned into an invisible electronic army, they'd probably think you're mad.
But the 33,000-person town in northwest part of the country reportedly has one of the highest rates of computers infected with programs that receive and respond to commands from other remote computers. These "bot" networks......
[more] Sophos joins drive to cure virus-naming confusion Sophos has announced that it has joined the editorial board for the Common Malware Enumeration (CME) initiative, an industry group whose aim is to provide unique, common identifiers to new malware threats. Sophos has announced that it has joined the editorial board for the Common Malware Enumeration (CME) initiative, an industry group whose aim is to provide unique, common identifiers to new malware threats.
The CME initiative aims to mitigate c......
[more] Versign buys weblogs.com to takes on spam blogs Versign has acquired the assets of weblogs.com for $2.3m in cash.
The Weblogs service was set up by blog and RSS pioneer Dave Winer. It operates a so-called 'ping server' which allows blog operators to send out a notification that their site has been updated. Search engines and news aggregators can use this information to update their databases. Alternatively they would have to periodically scan each site, which could result in a time laps of sev......
[more] Anti-spam user authentication is 'worse than useless' Claims that user authentication schemes will reduce spam are not just wrong but "wrongheaded", a security researcher warned on Friday.
User authentication schemes such as SPF (Sender Policy Framework) and Sender ID check if machines are allowed to send email from a claimed domain - a kind of caller line identification (more here on email authentication). But "this doesn't tell you who the actual sender was or the spaminess of a message," Ni......
[more] "Internet Spam Gang" Hit With $37 Million Fine The Office of the Massachusetts Attorney General is looking for Leo Kuveyev, the leader of the "Internet Spam Gang," whose illegal spam operation was fined $37 million by a Boston judge this week.
“We believe he is in Russia,” said assistant attorney general Scott Schafer Thursday. “He continuously moves around.”
Kuvayev and six other persons with Massachusetts ties were named in a suit brought by Attorney General Tom Reilly in May and the court......
[more] UK becomes key spammer The nation which made the food 'spam' famous, is rapidly becoming a world centre for junk mail baring the name. According to security outfit Sophos, the proportion of spam coming from the UK has increased.
Apparently in Blighty you can get egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam; spam bacon sausage and spam; spam egg spam spam bacon and spam; spam sausage spam spam bacon spam tomato and spam.
The country is responsible for 1.......
[more] Phishing fight may be paying off The number of phishing sites on the Web hit a record high in August, but coordinators in the fight against the prevalent Web scams say they have made some progress. A total of 5,259 phishing sites were spotted in August, up substantially from 4,564 in July, according to the Anti-Phishing Working Group. At the same time, the number of spam e-mail campaigns to lure people to phishing sites decreased for the second month in a row, from 14,135 to 13,776, the APWG sa......
[more] FBI shuts down 'number one spammer' A man alleged to be one of the world's worst spammers has been put out of business by the FBI, according to reports.
Documents unsealed earlier this month show that Alan Ralsky, a US citizen based in Michigan, had his operations effectively shut down by the FBI when agents raided his home and the home of his son-in-law in September.
During the raids, the Feds seized documents, disks and hardware belonging to Ralsky.
Ralsky currently appears as the world's......
[more] Many UK firms 'ignore spam laws' A third of the UK's top companies are not complying with the European Union's (EU) regulations on unsolicited emails, or spam, a report has alleged. According to data management firm CDMS, firms are not asking people if they want to receive the emails.
Instead, when people sign up for promotional offers or competitions they often only get the option of opting out, or unclicking a pre-ticked box.
However, the body charged with policing the law said its powers......
[more] UK's 'worst' spammer banged up A man described as the UK's most prolific spammer was jailed for six years on Wednesday at Peterborough Crown Court.
Peter Francis-Macrae of Cambridgeshire was found guilty of fraudulent trading, concealing criminal property, threatening to destroy or damage property, making threats to kill and blackmail, after a six week trial.
Francis-Macrae was accused of defrauding thousands of people by tricking them into sending him money to register a dot-eu domain name o......
[more] Sophos Welcomes Specialist Cyber Crime Prosecutors Sophos, a world leader in protecting businesses against viruses, spyware and spam has welcomed news that the UK Crown Prosecution Service (CPS) plans to establish a network of lawyers to specifically tackle high-tech crime involving child pornography, computer hacking and identity fraud.
Sophos believes that the technical expertise of the new network of 110 barristers will better equip the courts to deal with such cases, by preventing defenda......
[more] Hackers to attack VoIP in two years Hackers will attack voice over IP (VoIP) telephone conversations with spam and malicious code within two years, equipment manufacturer Nortel has claimed.
Companies using VoIP and other multimedia services, such as videoconferencing, should plan to defend against unsolicited adverts appearing mid-conversation, the company said.
Atul Bhatnager, VP of enterprise networks, said: "VoIP attacks are still at an early stage but as hackers become more savvy you'll......
[more] Botnet operation controlled 1.5m PCs A recently foiled botnet operation has turned out to be 15 times larger that police initially thought.
On further investigation, authorities found that the operation had put about 1.5 million computers and servers under its control. The crime ring was thought to have created a botnet of 100,000 systems, which they claimed was the largest ever detected.
A botnet is a collection of computers infected with a computer worm which puts the system under the worm......
[more] From Hacker to Protector Now just 25, Ejovi Nuwere has already had plenty of experience in computer security. His new company aims to make Net calling safer. For many technically talented teens, computer hacking brings about a first brush with law enforcement. For Ejovi Nuwere, it was a ticket out of the poverty-ridden, sometimes violent streets of New York's Bedford-Stuyvesant neighborhood.
What started as a hobby at the age of 15 led in time to a computer security job with Lehman Brothers, a......
[more] UK firms flouting spam regulations EU rules for opt-in being ignored Over a third of UK firms are flouting EU regulations on email privacy, according to a report by data management firm CDMS.
The guidelines are designed to ensure that recipients have had the opportunity to opt-in to promotional emails.
Under the European Directive on Privacy and Electronic Communication it became mandatory to offer opt-in in December 2003.
The Information Commissioners Office (ICO), which monitors such activi......
[more] Provider blocks emails sent to Hotmail Broadband internet provider Comcast has temporarily prevented its subscribers from sending emails to Hotmail and MSN accounts.
For a period of three days, users trying to send messages addressed at the Microsoft owned internet services received an error message. The return email stated that: "The message could not be sent because one of the recipients was rejected by the server".
A spokesperson for Comcast did not return several requests seeking further......
[more] Microsoft takes on spamming botnets Single zombie PC sent out about 1 million spam messages per day Microsoft has filed lawsuits against 13 unnamed senders of spam email messages through botnets.
The actual charges were filed in August, but Microsoft only now unveiled details about the case.
A botnet is a collection of hacked computers (referred to as zombie PCs) that are at the disposal of the botnet operator. They rents the machines out to send spam, host illegal websites such as child porno......
[more] Spammers exploit bird flu fears Increasing amounts of spam offering drugs to deal with bird flu have been reported across the world's email systems.
Security firm Sophos is reporting a large increase in emails offering online purchases of Tamiflu, the drug manufactured by Roche that is the only known medicine for dealing with the human version of avian flu.
But according to Roche, which has investigated similar scams, it is unlikely that the drugs on offer are real.
"Spammers are not intere......
[more] Spam scams targeting smaller firms Think you're too small to be singled out? You could be just who the spammers are looking for... Most email users are familiar with large-scale spam broadcasts containing generic offers such as medications or financial services, or notorious scams sent out to random millions of recipients. But one security expert has warned that smaller companies are increasingly being singled out with highly targeted email scams.
Enrique Salem, senior VP security products at S......
[more] Programmer faces Greek jail over spam claims The Greek police have arrested a well known Swedish developer for sending spam, but he claims they have no evidence The Greek police have arrested a Swedish programmer, claiming that he advertised and sold pharmaceutical products on the Web, a police spokesperson confirmed to ZDNet UK on Friday.
But Rick Downes, the programmer in question, denied the charges and claimed that the Greek authorities have no evidence against him. He says that the only l......
[more] SurfControl Joins Anti-Phishing Working Group SurfControl, a world leader in enterprise threat protection, today announced its membership in the Anti-Phishing Working Group (APWG). SurfControl will bring to APWG their diverse threat research capabilities, a thorough understanding of multi-faceted blended attacks and a proven track record of identifying and stopping new Internet threats. The SurfControl Adaptive Threat Intelligence(TM) Service will support the APWG's efforts to eliminate the fra......
[more] Windows Update Trojan causes havoc Spoofed Microsoft patch catches unwary users Two newly discovered virus threats are circulating on the web, one attacking client machines and the other targeting web servers, web monitoring firm Websense warned today.
The first threat is a basic Trojan which masquerades as a Microsoft security patch. Recipients are urged to visit a spoofed URL based in Canada which uses a very similar design to Microsoft's own Update Centre and downloads a file named 'plugand......
[more] Pump-and-dump spam domains go silent after botnet closure Pump-and-dump spam domains have gone quiet since the closure of a major botnet operation earlier this month. The finding, by Alex Shipp of MessageLabs, suggests that a botnet (a network of compromised machines controlled by hackers) thought to be associated mainly with adware distribution was also used to distribute junk mail on a massive scale.
Spammers register pump-and-dump spam domains for use in spam runs. These domains are commonl......
[more] Malware effects inconsistent throughout British business The impact of spam and viruses varies radically across different key vertical sectors of U.K. business, new research has shown According to the latest figures released by email management firm Email Systems, some vertical sectors are suffering much more than others from malware attacks and a clear "sector hierarchy" emerging.
Along with the IT industry, which is one of those worst hit, the leisure and entertainment sector, including sport......
[more] Sober trio in the wild There are at least three new variants of the Sober worm spreading across the internet via email messages. The viruses are activated once a user clicks on an infected attachment.
The new variants of Sober, a worm that first appeared in 2003, are capable of disabling antivirus programs, according to Finland-based company F-Secure.
Antivirus company Kaspersky Labs said on its website that large numbers of infected emails have been intercepted. This confirms, said the compa......
[more] Bogus Liverpool Football Club emails aim to steal money from the unwary Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned internet users of a spam campaign which pretends that the recipient has won a lottery sponsored by Liverpool Football Club in an attempt to defraud computer users.
The messages prey on interest in the world-famous soccer team, and claim that recipients are one of 40 lucky winners to have won £500,000. The emails say th......
[more] Thanksgiving will bring a Sober hangover The largest virus outbreak this year will gain new momentum when the US comes back from its Thanksgiving break, say experts. IT managers should brace themselves The latest outbreak of the Sober worm will accelerate as US computer users turns the PCs back on after the Thanksgiving holiday, security firm MessageLabs warned on Friday.
Business users will return from the break and open mail that has been sitting in their inbox since the first hours of the a......
[more] 'Spam' e-mail filters getting better - FTC E-mail "spammers" are aggressive as ever but Internet providers are getting better at blocking junk messages before they reach users' inboxes, according to a U.S. Federal Trade Commission study released on Monday.
The FTC found that spammers continue to "scrape" e-mail addresses from the Web using automated programs that look for the telltale "@" sign.
But up to 96 percent of those messages were blocked by the two Web-based e-mail providers used by t......
[more] Blue Coat: Make spyware unprofitable A senior executive from the security vendor believes legislation won't curb the spyware problem; says that the only way is to ensure it is no longer profitable. The surefire way to eradicate spyware is to take away its profit motive, according to a top official from security vendor Blue Coat.
Speaking on the sidelines of the Asian Internet Security Summit last week, Nigel Hawthorn, Blue Coat's vice president for international channels and marketing, noted......
[more] ISPs Making Progress on Spam Internet service providers are making progress in slowing spam, according to a recent Federal Trade Commission (FTC) study.
The report found that spammers continue to harvest e-mail addresses from public areas of the Internet, but addresses posted in chatrooms, message boards, USENET groups and blogs were unlikely to be taken.
"Indeed, some chatroom operators took proactive measures to prevent the harvesting of e-mail addresses posted by the FTC staff," the stud......
[more] Holiday spam could reach one billion emails Email security vendor MailFrontier is warning that the number of spam and phishing messages could top 1bn this Christmas.
Last year 750m mails were sent over the Christmas period, with both bogus sales offers and phishing attacks. The company is also warning of new kinds of social engineering attacks that consumers may be susceptible to.
"The festive season represents a great opportunity for cynical fraudsters wishing to exploit novice online shoppe......
[more] Sophos: Gates will be proved wrong about spam Bill Gates' 2004 prediction that spam would be eradicated by 2006 is very unlikely to be fulfilled, Sophos has warned Bill Gates' prediction of January 2004 that spam would be "a thing of the past" within two years has virtually no chance of coming true, according to security company Sophos this week.
Sophos warned on Tuesday that spam will continue to be a major problem in 2006.
"Sophos believes that the rumours of spam's death have been greatly e......
[more] Timeshare spammer jailed Testimony from US ISP Earthlink has led to a one-year prison sentence for a notorious timeshare spammer. Peter Moshou was also ordered to pay $120,000 in compensation this week following his June conviction for violation of the CAN-SPAM Act. Moshou's criminal prosecution was among the first under US anti-spam legislation.
Moshou was charged with sending millions of spam emails in 2004 and 2005 seeking personal information by offering brokerage services for people inter......
[more] Spammers sell fake watches with Santa's Chocolate Sleigh Bell Cookies recipe Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have identified a new marketing trick being used by spammers in their attempt to sell fake luxury watches in the run-up to Christmas: they are sending cookie recipes.
The unsolicited email messages contain a detailed recipe, including ingredients and instructions, on how to make "Santa's Chocolate Sleigh Bell Cookies". The spa......
[more] November top spam month of 2005 November was the heaviest spamming month of 2005, a leading message security firm said this month. CipherTrust attributed the peak to the latest outbreak of the Sober worm, which the company said was responsible for more than 500,000 PC infections.
The firm cited a number of specific outbreaks as highpoints for spam volume during the month.
The Mytob and Bagle outbreaks on Nov. 3 resulted in an 8-percent spike in the amount of spam from the night before. Eighte......
[more] Microsoft ‘fuming’ after Dasher-B exploits old Windows flaw Microsoft has been “left fuming” after security experts warned of new malware that successfully exploits a Windows flaw that the Redmond firm first identified over two months ago, a security expert claimed. The Dasher-B worm exploits a vulnerability in Microsoft Windows Distributed Transaction Coordinator (MSDTC), first announced by the computer giant in October. The worm opens a backdoor on vulnerable computers and causes them to conne......
[more] Government sees the tide on spam turning The Federal Trade Commission has boasted that it gained a small victory in the battle over spam email messages.
"Spam has not, as once feared, destroyed the promise of email," the commission claimed in a report evaluating the effectiveness of the Can-spam act.
The "Controlling the Assault of Non-Solicited Pornography and Marketing" (Can-spam) act was adopted in 2003. The law among things prohibits emails with a forged 'from' address, and marketing ema......
[more] Virus Poses as Leaked MSN Messenger Beta Internet users are being warned about a new virus that poses as a leaked pre-release version of the MSN Messenger instant messenger program.
Unsuspecting Windows users who install the phony MSN Messenger Version 8 "beta" actually install an IM worm that spreads to their IM contacts, and connects their computer to a remote control "bot" network run by malicious hackers, according to F-Secure Corp., an antivirus firm based in Helsinki.
A Web site, msgr......
[more] Sophos: Gates will be proved wrong about spam Bill Gates' 2004 prediction that spam would be eradicated by 2006 is very unlikely to be fulfilled, Sophos has warned. Bill Gates' prediction of January 2004 that spam would be "a thing of the past" within two years has virtually no chance of coming true, according to security company Sophos this week.
Sophos warned on Tuesday that spam will continue to be a major problem in 2006.
"Sophos believes that the rumours of spam's death have been greatly......
[more] Aladdin eSafe Gateway Solution Protects Against New WMF Exploit Aladdin Knowledge Systems Ltd., a provider of security solutions, announced that its Aladdin eSafe integrated content security and anti-virus suite proactively protects organizations from the recently discovered WMF (Windows Meta File) exploit (MS05-053).
The primary attack vector for WMF comes from manipulated Web-based images and pop-ups that download spyware and Trojans, as a result conventional content security solutions are u......
[more] Claim back £300 per spam Net expert Nigel Roberts has won a landmark legal victory by chasing down a UK spammer and winning £300 in costs.
Roberts, who runs his own Internet business as well as the Jersey and Guernsey country code domains, used his legal know-how to apply EU legislation to a UK company, Media Logistics.
It is believed to be the first time the legislation has been used in the UK, and could open the doors for thousands of other cases.
Back in August, Roberts received several m......
[more] 2006: Year of the Hacker? "I've worked with viruses for 15 years and things have been getting progressively worse," said Mikko Hypponen, Chief Research Officer at computer security firm F-Secure. "This year is going to be bad." Computer hackers sought to create havoc on the Web last week by launching two attacks targeting Microsoft Windows users -- one circulating a virus disguised as the company's instant messenger client, the other exploiting a previously unknown flaw in its operating system.......
[more] Nazi worm author prepares Net meltdown A security headache is brewing as the payload of various Sober worms is activated tonight.
According to security experts that broke the worm's encrypted code, 5 January 2006 is the date set for it to download code from various Web addresses on the Net. As such, at the stroke of midnight, the worm's author may or may not choose to turn on various websites and causes widespread problems across the Internet.
The date coincides with the 87th anniversary of......
[more] Florida spammer fined $11bn A small Iowa-based ISP has been awarded $11.2bn (£6.5bn) in a record judgment against a Florida spammer. CIS Internet Services successfully sued James McCalla over claims he sent more than 280m illegal spam messages with fraudulent return addresses towards CIS accounts, punting mortgages, debt consolidation services, pornographic and gambling websites. The judgment by US District Judge Charles Wolle, issued in late December 2005, further bans McCalla from using the i......
[more] Dodgy domains spam message boards Bogus poker sites and their anonymous owners... Spammers appear to have found a new target of choice for 2006 - bombarding internet message boards with unprecedented ferocity.
The amount of message board spam has been escalating dramatically since mid-2005, according to experts and a search of Google shows a number of frequently recurring domains are appearing in bogus comments on message boards all over the internet.
Among the most common domains appearing on......
[more] More cracks appear in Windows Microsoft released two more critical patches on Tuesday - days after it released an emergency fix for a critical WMF vulnerability that has been exploited by hackers and virus writers. The two latest updates - which, unlike the WMF patch, came out as part of Microsoft's regular Patch Tuesday update cycle - fix a flaw in the way Microsoft Windows processes embedded web fonts (MS06-002) and a Microsoft Outlook and Microsoft Exchange Transport Neutral Encapsulation Fo......
[more] Spammer faces two years in jail Daniel Lin reaches plea bargain with US authorities An American spammer has reached a deal with prosecutors that could see him serving two years in jail for sending junk email from hijacked computers.
Detroit resident Daniel Lin was charged, along with three other men, of sending millions of emails in April 2005 from hacked computers belonging to the Ford Motor Company, Amoco, Unisys, the US Army Information Centre, and the Administrative Office of US Courts.
Th......
[more] Attacks mounting on 'Million Dollar Home Page' The wildly successful pixel-powered Million Dollar Home Page is coming under intense DDoS (distributed denial of service) attack.
University student Alex Tew, who created the site to finance his schooling, has been selling pixels for US$1 each since September and auctioned the last 1,000 pixels earlier this week on eBay. The technicolor site resembles a well-traveled suitcase covered with stickers, ranging from Che Guevara's image to a stop-smokin......
[more] 20 years of the PC virus If you saw someone buying 20 candles for a cake today, he or she could have been a hacker. That's because today marked two decades since the detection of boot sector virus “Brain” – regarded by many experts as the first PC virus. Brain's immediate family – boot viruses – were most common from 1986 to 1995, going extinct with the emergence of macro-viruses, which exploited vulnerabilities in Microsoft operating systems.
Brain's family tree has expanded rapidly, as there......
[more] Sophos Spam Data Shows China Still High Unsolicited Bulk Email Producer Anti-spam and anti-virus software company Sophos has published its latest report on the top twelve spam relaying countries for the last quarter of 2005. Sophos scanned all spam messages received in its global network of spam traps, and have revealed that although the United States still tops the chart, it has made significant reductions, and for the first time accounts for less than one quarter of all spam relayed. China ra......
[more] Two years after Gates prediction, spam still exists It has been two years since Microsoft's Bill Gates made the bold prediction that spam would be a “thing of the past," but the problem is still as bad as ever, according to new figures released. The research by anti-virus company Sophos found that the level of non-English spam has risen, with the vast majority now being relayed by "zombie" computers hijacked by trojan horses, worms and viruses under the control of hackers.
Sizeable increases a......
[more] Beware the rise of the bots The number of malicious bots appearing on the internet increased more than 175 per cent between 2004 and 2005, with more than 10,000 cases of the malware documented by security firm PandaLabs.
In all, bots represented more than 20 per cent of new malware detected in 2005. Bots are so called for their ability to infect and take up residence on the PC of an unknowing user where they await further commands.
But more worrying is PandaLabs' belief that this most recent......
[more] Sex assault spam duping college students Security analysts at Sophos have warned of a new trojan sent to colleges in North America and the United Kingdom disguised as a plea to help authorities locate an alleged campus rapist. The Troj/Sinx-N trojan spams emails with a subject line of "CCTV still of Rapist," "Do you recognize this person?" or "Campus Student Raped," Sophos said Friday.
Users who click on the attached files, which claim to be photographs of the suspect, will launch malware onto......
[more] Can 'scam sweeps' clean up the internet? Law enforcement's planning on it.. "I am looking for a trusted person to help transfer £100m in gold out of a secret account. In return you will keep £10m but you must tell nobody..."
Most people with email addresses have probably received an email like the one above - and the vast majority delete them straight off. But scams like this, which lure unwary internet users into parting with financial details or cash, are still finding victims.
The UK public......
[more] UK falls out of spam's 'dirty dozen' The US still tops the list of the spam-relaying countries, according to a report by Sophos, a provider of integrated threat management products. However, the US has made significant reductions and for the first time accounts for less than a quarter of all spam.
However, the UK has managed to slip out of the 'dirty dozen' - the top 12 spam-relaying nations. It is responsible for 1.6 percent of spam and now holds 14th position.
The report shows that the amou......
[more] Stamping down on spam Slapping a charge on email seems to go against the spirit of the Net, but it's a welcome sign that spam's reign of terror is ending Charging for email? The very idea seems wrong. AOL and Yahoo's announcement that they were going to start to put a tariff on emails that would be guaranteed to arrive intact caused a lot of ominous rumblings. Will AOL and Yahoo users be showered with extra spam? Would 'non-guaranteed' emails end up in the technological equivalent of the canal b......
[more] Nyxem claimed up to 946,835 victims Researchers examine worm's spread pattern Although the Nyxem.e worm was found to have caused very little actual damage, researchers estimate that the worm in total infected between 469,507 and 946,835 systems between 15 January and 1 February.
Nyxem.e was designed to overwrite several document types including Word and Excel files on an infected system on the third day of every month, beginning last Friday. The worm spreads through spam email messages promisin......
[more] Hacker Jailed For Ddos Attack That Affected Three Million Internet Users, Reports Sophos More than one third of Spanish computer users affected.
Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centres, have welcomed news that a hacker who stopped more than three million Spanish computer users from using the internet has been sentenced to two years in jail.
26-year-old Santiago Garrido used a computer worm to launch distributed denial-of-service (DDoS) attac......
[more] Bird flu spam spreads WMF trojan downloader Security experts have warned of a new malicious email that uses social engineering playing on the growing fear of an avian flu epidemic to trick users into visiting a malicious website. Users receive an email with the subject "Attention Bird Flu in England." The body requests users to click on a link to go either of two websites to get more information. The email also claims the government is trying to hide the facts on the flu.
Upon clicking on a lin......
[more] UK admits failure on spam No prosecutions against spammers in 2005 despite some 364 complaints The Information Commissioner’s Office (ICO) has admitted it made no prosecutions against spammers last year, even though it received 364 complaints.
The admission comes exactly one year after 13 European countries agreed to work together to share information and to prosecute people sending spam emails (Computing, 10 February 2005).
The ICO, which is responsible for enforcing spam laws in the UK, say......
[more] Gartner warning on corporate use of IM Gartner is warning enterprises to prepare carefully before they leap into the murky waters of public instant-messaging services, and should look at using new federated systems from the likes of Microsoft and IBM.
Such services show that IM networks designed for consumers are penetrating ever-deeper into the enterprise, Gartner says. While it is useless to resist the trend, companies need to be aware of the additional security risks, nuisance and expense......
[more] Be aware of the growing threat of botnets Botnets are a rapidly increasing risk to Internet security. These groups of compromised Windows computers are the tools of the trade for all manners of extortion and spam relay on the Internet, and they are growing in numbers. In this edition of Internet Security Focus, Jonathan Yarden examines this growing threat and discusses what it means for Internet security. 2005 was not an exceptional year for Windows security—or Internet security in general, for......
[more] Organized cyber criminals target Valentine’s Day surfers In the run-up to Valentine’s Day, security experts have warned that a recent jump in the number of online dating sites across the world can be at least partly attributed to the increase in malevolent websites used by cyber criminal as an opportune moment for phishing, spam and hacker attacks on unsuspecting victims. "Organized criminal units have in the past timed their attacks to coincide with popular celebration occasions in order to ach......
[more] Warning over Valentine's e-cards Valentine's Day could be a bonanza for malicious hackers, internet security experts are warning. Fake Valentine's e-cards and dodgy dating websites are among the tactics being used by fraudsters to relieve internet users of their money.
The government's Get Safe Online campaign is urging users to take care.
As well as e-cards harbouring viruses and spyware, the missives are being used for phishing, using fake links to get bank and credit card details.
Rogu......
[more] Sophos Makes First Foray into Email Appliances Anti-virus software vendor Sophos Plc is to take a first step into the appliance market with an email security device that guards against virus, spam and policy abuse. The new general-purpose ES4000 unit is said to be the first in a planned series of appliance launches, with separate versions targeted at the needs of small businesses and big business slated to follow. A combined web security and instant messaging appliance is also on the cards.
"Th......
[more] Aladdin eSafe Named Best Anti-Trojan Solution Receives the 2006 SC Magazine Award in the 'Best Anti-Trojan' category; the award stands as a prestigious honor within the information security industry. Aladdin Knowledge Systems, Ltd., a provider of software digital rights management (DRM) and enterprise security, yesterday announced that Aladdin eSafe, an integrated content security, spyware and virus protection solution for the Internet gateway, received the 2006 SC Magazine Award in the 'Best An......
[more] Spammers adopt stealth tactics Botnet controllers are switching to stealth tactics in a bid to avoid detection. Instead of mass mail-outs of spam and malicious code, they are adopting slower distribution tactics in a bid to avoid appearing on corporate security radars.
UK-based web security firm BlackSpider Technologies reports that one huge botnet, responsible for issuing 50m identical spam emails per day, compromises at least 150,000 distinct IP addresses. The use of a large number of machin......
[more] Botnet Creator Pleads Guilty, Faces 25 Years A 20-year-old California man pleaded guilty Monday to federal charges that he created a botnet of several hundred thousand PCs, then rented out the network to spammers and criminals. The conviction is the first in the U.S. against a botnet operator. Jeanson James Ancheta, of Downey, Calif., had been arrested in November by the FBI and charged with 17 counts of conspiracy, computer damage, fraud, and money laundering.On Monday, he pleaded guilty to fo......
[more] China plans spam crackdown... ... which will achieve absolutely nothing," claims Spamhaus China is launching an offensive on the problem of spam email - a problem with which it has become synonymous in recent years.But critics suggest it is going to achieve very little by way of limiting the amount of spam circulating within and leaving the country.New anti-spam regulation will be introduced by the Ministry of Information and the country has also established a centre for handling reports of spam......
[more] Spammers change distribution tactics Criminals using new ways to avoid detection, warn experts Internet criminals are changing the methods they use to send spam to businesses to remain undetected for longer, IT security experts have warned. According to research by UK security firm BlackSpider Technologies, spammers are developing stealth distribution tactics to bombard businesses with email advertising, and are using computer viruses to build vast networks of compromised machines to do their wo......
[more] Convicted data thief gets eight years A bulk e-mailer who looted more than a billion records with personal information from a data warehouse has been sentenced to eight years in prison, federal prosecutors said Wednesday. Scott Levine, 46, was sentenced by a federal judge in Little Rock, Ark., after being found guilty of breaking into Acxiom's servers and downloading gigabytes of data in what the U.S. Justice Department calls one of the largest data heists to date. Acxiom, based in Little Rock,......
[more] Clagger-H Trojan spammed out as message from PayPal Beware warning that your PayPal account is "temporally limited" Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned users to be wary of emails claiming that their PayPal account has been "temporally limited", after a Trojan horse was spammed to internet users. Sophos's global network of monitoring stations have sighted many instances of the Trojan since it was first discovered on Fri......
[more] India is top target for spam The rate of technological advancement has outstripped growth in security awareness in India, while the US is still the highest spam producer India's rapid adoption of new technology has left its PC users struggling to cope with very high levels of spam, according to a report released Wednesday. Ninety-one percent of email traffic sent to Indian PC users is spam, according to email security company MessageLabs, which warned that the rate of technological advancement h......
[more] Netsky still top of the virus charts February a quieter month overall as more users update definitions A roundup of the February virus and spam statistics has shown that Netsky is still the most common virus on the internet, despite all major software vendors having a signature file available for over a year.Sophos, Fortinet and SoftScan all put Netsky at the top of their monthly chart, and the virus accounted for an average of 18 per cent of all virus detections.Mytob has also proved commonplac......
[more] Spam Rates Rebound After several months of slipping spam rates, junk mail rebounded during February, message filtering company Postini said Tuesday. According to Postini's data, spam grew by two percent over the previous month."The increase in spam was due to an increase in tax preparation offers and other financial service offerings," said Andrew Lochart, Postini's senior director of marketing. It's usual to see a spike in financial-oriented spam during the run-up to the April 15 tax......
[more] Firefox to get phishing shield An upcoming version of Firefox will include protection against phishing scams, using technology that might come from Google. The phishing shield is a key new security feature planned for Firefox 2, slated for release in the third quarter of this year, Mozilla's Mike Shaver said in an interview Tuesday. "Everybody understands that phishing is a significant problem on the Web," said Shaver, a technology strategist at the company, which oversees Firefox dev......
[more] IT managers want security costs to reduce IT managers are requesting simpler applications that can deal with a range of threats at a lower cost, said the top executive of security vendor Sophos."At the end of the day, the IT administrator does not care if it is spam or a virus," said Steve Munford, chief executive officer. "All they care is there is bad stuff coming off the Internet... and they want one vendor to protect them."Gateway e-mail filtering is evolving. IT manager......
[more] United Nations calls for ISPs to police spammers Legislation should be put in place to force service providers to combat spam, according to the UN's telecommunications body The UN on Wednesday recommended enforceable codes of conduct for ISPs as a way to cut down on spam. The International Telecommunication Union (ITU), the UN organisation responsible for global telecoms standards, recommended that ISPs be required to enforce codes of conduct regarding their customers, and block spammers' email......
[more] F-Secure launches e-mail security appliance F-Secure has launched an e-mail filtering gateway offering spam and virus protection and a single management console for network administrators.The F-Secure Messaging Security Gateway P-Series is intended for use by universities, governments and large enterprises, the company said. Based on Linux, it uses anti-spam technology from Proofpoint Systems Inc. that analyses the structural content and attributes of messages to separate valid and suspicious o......
[more] BBC Radio 4 investigates the people who defend companies against virus attack Listeners to BBC Radio 4 had a chance to hear behind-the-scenes at SophosLabsTM, Sophos's global network of virus and spam analysis centers, in a documentary broadcast this morning.Reporter Quentin Cooper interviewed anti-virus experts, and victims of virus attacks such as the British CoastGuard who were hit by the prevalent Sasser worm in 2004.The documentary also charts the evolution of computer viruses from the flo......
[more] Enterprise Adoption of SurfControl RiskFilter Appliance Gains Momentum SurfControl, the world leader in Internet content protection, today announced continued momentum of its RiskFilter appliance to protect companies and employees against the ever-changing threat landscape. Westford Public School (Massachusetts, US) agrees that RiskFilter not only provides IT with the insight in to the evolving landscape, but it also supports the managers' growing requirement to understand and manage to the org......
[more] Friday, Sunday top spam reading days Friday isn't just the beginning of the weekend, it's also is the peak day for opening spam email, Kaspersky Lab said today. Sunday sees the second-highest amount of mass-marketing emails opened, the anti-virus firm said. According to a survey conducted by email mass marketer ExactTarget, 92 percent of all emails - and 96 percent of all campaign emails - are sent during the workweek. However, while Sunday sees only three percent of all sent emails, links in t......
[more] BBC Being Used to Exploit IE flaw The modus operandi is that computer users receive spam e-mails from hackers containing the abstract of a BBC news story. When they click on the link, "Read More," they are directed to a forged copy of BBC's Web site wherein keylogging software designed to capture financial information then attempts to exploit the Microsoft IE vulnerability. This software is designed such that it monitors activity on various financial Web sites, and transmits the data......
[more] Virus alerts 'as bad as spam' Alerts generated by antivirus software are as bad as the spam advertising messages that clog up users' email accounts, according to an industry analyst. "Many email security products or services will warn you if they detect a virus in an incoming message. The problem is that these days, most virus-infected email is sent not by users, but by other viruses," said Richi Jennings, an analyst at Ferris Research."It's effectively spam. The viruses will oft......
[more] Email authentication gaining steam A host of software companies, security firms and internet service providers met in Chicago on Wednesday to urge corporations and bulk message senders to adopt email authentication technologies.The technologies, known as Sender ID and DomainKeys, aim to allow email recipients to positively identify the sender of an email message and hold the promise of giving service providers the tools they need to effectively end spam and phishing attacks.Yahoo!, the creator......
[more] Australia nails first spammer An Australian spammer has become the first person to be successfully prosecuted under that country's anti-spam laws. The Western Australia-based spammer, Wayne Mansfield, and his company Clarity1, were found to have illegally sent more than 56 million spam messages to email addresses around the world during the 12 months since the act was introduced in April 2004. In April 2005, authorities in Australia raided offices in Perth, during which the contents of computer......
[more] Trojan Freezes Computer, Demands Ransom A new kind of malware circulating on the Internet freezes a computer and then asks for a ransom paid through the Western Union Holdings money transfer service.A sample of the Trojan horse virus was sent to Sophos, a security vendor, said Graham Cluley, senior technology consultant. The malware, which Sophos named Troj/Ransom-A, is one of only a few viruses so far that have asked for a ransom in exchange for releasing control of a computer, Cluley said.The......
[more] Russian student convicted for running virus distribution websites Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have welcomed the sentencing of a man who not only created his own malware, but ran two websites distributing over 4000 different computer viruses. Sergey Kazachkov, a Russian science university student from Voronezh, was found guilty of making available thousands of pieces of malware via two virus exchange websites. He was also said to ha......
[more] Spammers turn on anti-spam vigilantes An effort to force spammers to stop soliciting certain e-mail addresses went bad on Monday, after at least one spammer began sending large volumes of unsolicited e-mail to members of a "Do Not Spam" list run by Israeli firm Blue Security. In recent days, e-mail users who had registered for Blue Security's "Do Not Intrude" list have instead been the target of a spam campaign and received extortion e-mail messages threatening to continue t......
[more] Bounced spam messages hammer corporate networks More than 50 per cent of the largest US corporations have experienced mail service outages or delays because of bounced spam messages targeting their networks, according to a study by gateway security firm Ironport Systems.Spammers commonly forge the sender's email address so that some poor innocent - rather than a spammer - has to cope with the load of bounced messages sent to invalid email addresses. According to Ironport's study, these bounced......
[more] Trojan horse lurks in World Cup e-mail German fans have been complaining for sometime about a bug in their underperforming national soccer team ahead of the World Cup soccer tournament, which begins next month in the country. Now they're having to worry about a bug of a different kind, a Trojan horse, which is masquerading in a downloadable tournament game plan. The Baden-Württemberg State Bureau of Criminal Investigation (LKA) warned on Wednesday of an e-mail with a link to a self-extract......
[more] Two years after author's arrest, Netsky worm still tops virus chart Author of Sasser and Netsky worm arrested 24 months ago, but malware still spreads Two years ago today, on 8 May 2004, a German teenager was arrested in connection with the widespread Sasser and Netsky worm outbreaks. 18-year-old Sven Jaschan of Waffensen, North Germany, wrote a series of worms which hit tens of millions of computers around the world. Experts at SophosLabsTM, Sophos's global network of virus, spyware and spam an......
[more] US hacker gets five years in the slammer A US man has been sentenced to nearly five years in prison after he was found guilty of illegally controlling around 400,000 third party PCs for the purposes of launching malware attacks.Jeanson James Ancheta, 21, from California, rented out space on this zombie network of compromised machines for the sending of spam and malware, and also for launching denial of service attacks.Among the machines infected by Ancheta were computers at the US military test......
[more] World Cup Virus Season Kicks Off The FIFA World Cup 2006 tournament won't get underway in Germany until early June, but computer virus writers are already attempting to cash in on the planet's most popular sporting event with viruses aimed at deceiving eager soccer fans. Researchers at UK-based Sophos released notification of a new attack that infects Microsoft Excel files and has been disguised as a spreadsheet charting the national teams participating in the World Cup. Identified by the secur......
[more] Viruses still the biggest IT fear for U.K. firms The vast majority of U.K.-based small- and medium-sized enterprises (SMEs) believe that viruses are the biggest security threat to their IT systems, according to new research. According to a poll by IT reseller WStore, 84 percent of small firms rate viruses as their biggest security headache. The study also said viruses are feared by larger enterprises to almost the same extent, with over 70 percent citing them as "a major concern."......
[more] "Botmaster" gets nearly five years in prison A 20-year-old who prosecutors say highjacked computers to damage computer networks and send waves of spam across the Internet was sentenced on Monday to nearly five years in prison.Jeanson James Ancheta, a well-known member of the "Botmaster Underground" who pleaded guilty in January to federal charges of conspiracy, fraud and damaging U.S. government computers, was given the longest sentence for spreading computer viruses, federal prosecu......
[more] Virus leaks power plant secrets for second time in four months Experts at SophosLabs, Sophos's global network of virus and spam analysis centers, have reminded companies of the importance of computer security after it was revealed revealed that sensitive information about power plants has been leaked onto the internet from a virus-infected computer for the second time in less than four months. According to a Japanese media report, sensitive security information about a thermoelectric power plan......
[more] Zombie king suspect alleged to have sent 18 million spams per day Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis center, have welcomed the news that the South Korean authorities have arrested a man suspected of running a 16,000-strong network of zombie computers. According to the state-backed Korea Information Security Agency (KISA), the man is believed to have sent 18 million spam emails to 133 countries every day from his network (or botnet) of compromised......
[more] Botnet master jailed for five years A California man has been jailed for almost five years for running a zombie network of compromised PCs.Jeanson James Ancheta, 21, of Downey, California, used the botnets he controlled to display cash-generating adverts and as a resource he "rented" for hackers and spammers to run either denial of service attacks or junk mail campaigns.His network of thousands of zombie computers included machines at the Weapons Division of the US Naval Air Warfare C......
[more] World Cup 'a drain on bandwidth,' study says Organizations face a potential drain on bandwidth and employee productivity when streaming online coverage of the FIFA World Cup becomes available in two week's time, according to a recent poll. According to 266 IT managers who participated in the May survey, commissioned by St. Bernard Software, 85 percent of organizations do not plan to block workers' internet access to sites running World Cup footage, news and discussions.The most popular sporting......
[more] Barclays offers free F-Secure AV software The bank has signed a deal with the antivirus vendor to provide protection to online customers Barclays Bank has announced it will offer F-Secure's basic antivirus package to online banking customers for two years, starting on Friday. Barclays will offer F-Secure Anti-Virus to its 1.6 million active online customers, and has actually bought more than 1.6 million."We had to be flexible enough to offer all our customers protection, so we have ample li......
[more] F-Secure offers new security service through ISPs F-Secure is set to offer two security software packages that ISPs can market to customers in hopes of bolstering broadband fees. The Finnish security vendor said the services are for small- to medium-size ISPs and their private customers. The services are PC Protection, which includes virus and spyware detection and a firewall, and PC Protection Plus, which adds parental and spam control features. The two client-side services do not require inte......
[more] SurfControl Global Threat Experts Track Rapid Increase in Phishing Attacks SurfControl, the world leader in Internet protection, has released its latest findings on email threats and vulnerability. Using SurfControl's Adaptive Threat Intelligence (ATI) Service, SurfControl's Global Threat Experts have compiled threat trend data through the first quarter of 2006. ATI found a rapid increase in phishing attacks in the last several weeks, growing to 4.2% of total spam volume by the end of April 200......
[more] Spam deluge eclipses email virus threat May witnessed an all-time low for virus-laden emails and a record high for spam, according to stats from email filtering firm BlackSpider Technologies. Emails containing malware made up just 0.73 percent of all emails scanned by BlackSpider last month while junk emails represented 87.74 per cent. By comparison, the number of virus-infected emails reached 3.93 per cent of all emails in December 2005, a record high. The drop since then is reckoned to be dow......
[more] Sophos Anti-Virus wins its 32nd Virus Bulletin 100% award Sophos, a world leader in protecting businesses against viruses, spyware and spam, today announced that Sophos Anti-Virus has been awarded the VB 100% award by Virus Bulletin magazine. This is the 32nd time that Sophos Anti-Virus has won a prestigious VB 100% award, confirming its position as one of the most powerful virus protection products available. Virus Bulletin tested 27 different anti-virus products for their detection rates, lac......
[more] Domain 'kiting' threat on the rise Scammers using 'disposable domains' for criminal gain The proliferation of temporary websites being set up by criminals is a growing threat, according to web security firm MessageLabs. "Disposable domains are becoming a larger problem via a tactic known as 'domain kiting' in which cyber-criminals acquire domains without paying for them and use them for illegal gains," said Mark Sunner, chief technology officer at MessageLabs.Domain kiting regist......
[more] Man fined measly $2K over anti-spyware scam A New Hampshire man has been fined $2,000 for allegedly using Microsoft's name to lend credibility to false claims that users' PCs were infected with spyware. Seth Traub, of Portsmouth, New Hampshire, paid the modest legal costs and attorneys' fees to settle a lawsuit brought by the State of Washington over charges that he punted bogus warnings to persuade surfers to buy deceptively marketed software.Traub promoted Secure Computer's Spyware Clean......
[more] IM attacks on the rise in May The number of Instant Messaging (IM) attacks increased by 500 percent in May, Postini reported this week. The integrated message management firm also stated that it registered a 138 percent increase in corporate IM traffic, a statistic that testifies to the growing use of IM in the business world. "The fact that IM messages more than doubled in just one month shows the rate companies are adopting IM as a mainstream business communications tool," said Andre......
[more] Taiwan fingered as spam hub In research conducted in May, the e-mail security company found that 64 percent of machines sending out junk mail were in that country. Next was the US with 23 percent and third China, with three percent. CipherTrust also determined that unwanted e-mail traffic went up as much as 20 percent worldwide in May. The data was gathered using CipherTrust's network of fake "zombie" computers, among other sources, the company said. Spammers typically use networks of......
[more] World Cup spam kicks companies where it hurts Firms' should adopt strict policy to stop networks from being attacked, VAR claims PC World Business (PCWB) is advising businesses to adopt a policy on email usage to protect their networks from an influx of harmful World Cup spam.According to a survey by PCWB, one in three office workers in the UK has reported receiving World Cup-related spam - including screensavers, wallpapers, video clips, fixture calendars and fantasy football competitions - whi......
[more] Angola wins spam and spyware World Cup Angola may have a better chance of beating Brazil in the World Cup than the bookies first thought, if research from McAfee SiteAdvisor is correct. An analysis of screensaver pages associated with World Cup teams and players found that pages linked with Angola contained the highest percentage of risky websites. The study searched Google for each of the 736 World Cup players, adding the phrase 'World Cup Screensaver' to the search. The results......
[more] Fewer e-mails bear malware The proportion of e-mail messages that contain malware has fallen for the first six months this year compared to the same period last year, Sophos PLC said on Wednesday. Statistics released by Sophos show that about one in 91 e-mail messages contained a virus or other types of bad software, far less than the 1-in-35 figure of a year ago, said Graham Cluley, senior technology consultant. Sophos provides enterprise-level antivirus, spam, adware and malware protection pr......
[more] Spammed Trojan claims Bush/Blair Middle East oil cover-up Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of a Trojan horse that has been spammed out to email addresses disguised as a message claiming that George W Bush and Tony Blair are conspiring with oil companies to push up petrol prices. Other disguises being used by the hackers to distribute the Trojan horse include news reports that Osama Bin Laden has been killed or Michael Jackso......
[more] Coca-Cola lottery notification email is not the real thing Scam attempts to steal money and commit identity theft Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of an email scam that pretends to be notification of a lottery win from Coca-Cola. The emails, which have the subject line "COCA COLA PROMOTION", have been spammed out to internet users claiming that the recipient has won $2.5 million in a lottery held by Coca-Cola earlie......
[more] Bagle-KL email worm spreading via encrypted Zip file Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have announced the discovery of a new version of the Bagle worm spreading via email systems. The W32/Bagle-KL worm spreads as a Zip email attachment, encrypted with a password. The randomly generated numerical password is communicated to the recipient by embedding an image into the email. The worm spreads via email using a subject line randomly chosen......
[more] Met Police protects itself against spam The Metropolitan Police Service is upgrading its secure external gateway to cope with increasing volumes of spam.The upgrade will include procurement of a security solution to improve its email content filtering, anti-virus and anti-spam facilities for all Metropolitan Police Service (MPS) email addresses.The force needs to meet the demands of increasing email traffic and to provide a more resilient and secure interface with external networ......
[more] Phisher caught with 21 month jail term Microsoft scores its first victory against MSN phisher A 23-year-old phishing site operator from Iowa has been sentenced to a 21 month jail term and has to pay $57,294 in restitution. Following his release, Jayson Harris will be subject to supervised release for three years.Harris had earlier pleaded guilty to two counts of wire fraud and fraud.Harris between January 2003 and June 2004 operated a phoney MSN billing website. He guided visitors to the site th......
[more] Spammers pump and dump cosmetic firm's shares A "widespread spam campaign" has been uncovered that attempts to make money by encouraging users to buy stock in a company called Southern Cosmetics and illegally inflating its stock price.The emails, which consist of an embedded graphic in an attempt to avoid detection by anti-spam filters, tell recipients that savvy investors should buy stock in the company because of business deals it is making with cosmetics firm Naomi LLC.Since t......
[more] UK cyber criminals arrested Police have arrested three British men suspected of being part of an international gang of cyber criminals.The Metropolitan Police's Computer Crime Unit worked on a joint operation with the Finnish National Bureau of Investigation and the Finnish Pori Police Department, to arrest three suspected members of the virus writing gang 'Moop'. The men - a 63-year-old from Suffolk, a 28-year-old and a 19-year-old both from Scotland, have been detained in connection with a co......
[more] Chemical firm blocks spam and viruses Chemical firm BASF has signed a contract with IT firm Postini to manage email security across Europe.Postini is now managing email security across Europe and protecting more than 60,000 BASF employees from spam, email viruses and related spyware.The chemicals firm which operates in 170 countries decided to appoint the IT security firm to filter emails after witnessing a massive increase in email. Postini is already processing 370,000 messages a day or, on a......
[more] Word attack spammed out as malicious email attachment Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of a Trojan horse that has been spammed out in large quantities to email users around the world. The WM97/Kukudro-A Trojan horse has been spammed out in email messages, which can have a variety of subject lines including "worth to see", "prices", "Hi", and "Hello". The body of the message reads as fo......
[more] World Cup spam disrupts workers as football tournament heats up Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have reported that workers around the world are being disrupted by spam campaigns related to the World Cup as the international soccer tournament draws closer to its conclusion. World Cup-related spam campaigns seen by Sophos include notifications of bogus FIFA-sponsored lottery wins, deals to get cheaper phone calls until the end of the tou......
[more] Secrets of stock spam scams revealed Junk emails promoting false stock information have been proven to be surprisingly effective Spam that contains fraudulent stock information has been proven to influence the financial markets, German researchers have found. So-called "pump-and-dump" scams, where spammers send out false stock information to encourage people to buy shares, were found to both increase the traded volume and artificially boost the share price, said researchers from the Te......
[more] England's World Cup exit to thwart spam campaigns World Cup fever has led to a significant increase in the number of spam campaigns targeting businesses across the globe, according to a new report. Experts from Sophos have observed emails informing employees of bogus FIFA-sponsored lottery wins, World Cup mobile phone offers and even tickets to matches, as opportunistic cybercriminals look to exploit the widespread enthusiasm for the tournament. "Spammers are taking advantage of the fact t......
[more] Spam zombies give UK ISPs the fear The potential disruption of service and risk posed by compromised, zombie PCs spewing spam is putting fear in UK ISPs, according to a survey conducted by security firm StreamShield Networks.A massive 96 per cent of 50 ISP respondents cited the proliferation of botnets - networks of virus-infected PCs under the control of hackers - as a key business issue.According to industry analyst firm Gartner, seven in 10 items of spam originate from infected PCs.Other ite......
[more] Hong Kong drafts first anti-spam law Hong Kong is readying its first anti-spam laws, promising fines and long prison terms for serious offenders.The Chinese territory currently has no laws specifically outlawing junk email, and recent surveys looking at the sources of spam have included Hong Kong and China among the worst in the world. The proposed new law appears to threaten companies which knowingly use spammers to market their products if they are based in, or do business in, Hong Kong.......
[more] Botnet master jailed for five years A California man has been jailed for almost five years for running a zombie network of compromised PCs.Jeanson James Ancheta, 21, of Downey, California, used the botnets he controlled to display cash-generating adverts and as a resource he "rented" for hackers and spammers to run either denial of service attacks or junk mail campaigns.His network of thousands of zombie computers included machines at the Weapons Division of the US Naval Air Warfare C......
[more] U.K. ISPs to share data for spam study A new set of guidelines may pave the way for dozens of Internet service providers in the U.K. to participate in a research project into the problem of spam, estimated to comprise 60 percent or more of the world's e-mail traffic. The guidelines concern how ISPs should deal with sensitive issues such as customer privacy and data-protections laws, while cooperating to shut down machines propagating spam, said Martin Hutty, head of public relations for th......
[more] Sophos to reduce IT security overheads by 25% at DaimlerChrysler DaimlerChrysler UK, which is responsible for the distribution, sales and marketing for Mercedes-Benz, Chrysler, smart, Mitsubishi Canter, Jeep and Dodge in the UK, has successfully protected the email traffic at its nationwide dealerships, using Sophos's new email security appliance and industry-leading anti-virus and anti-spam software. This move is set to substantially reduce administrator and network overheads - saving th......
[more] Trojan spreads through Putin death spam A new spam campaign posing as a breaking news report about the death of Russian President Vladimir Putin is actually an attempt by hackers to infect computer users with a trojan. The spammed emails have the subject line "ATTENTION!!! President of Russia has dead" and a link to more information on the subject.Embedded in this spam is a hidden script that exploits the ADODB.Stream vulnerability in Microsoft Internet Explorer to secretly download th......
[more] Microsoft tool blocks URL scam engines Researchers at Microsoft have released a tool aimed at preventing Web spammers from exploiting Internet search engines to drive traffic to spam URLs. The tool, called the Strider Search Defender, identifies spam URLs that are being distributed through social networking, forum and blog-hosting Web sites, and can prevent those URLs from being indexed by search engines, said Yi-Min Wang of Microsoft Research. Instead of commenting on user pages of popular for......
[more] UK government looks at revising flawed anti-spam law The UK government has admitted that it may be forced to strengthen the much-maligned anti-spam legislation introduced in 2003.The Privacy and Electronic Communications Regulations came into force on 11 December 2003 but the legislation has been criticised by anti-spam campaigners and data protection watchdog the Information Commissioner's Office (ICO).The problem with the law is that while it bans the sending of spam to individuals, it does n......
[more] Open source phone system open to DoS attack Hackers could launch DoS attacks against telephone systems, new research has revealed. According to the findings of security company Internet Security Systems (ISS), two flaws in the open source public branch exchange (PBX) system Asterisk could allow hackers to disrupt a business's phone system or VoIP gateway by flooding the system with bogus calls, according to the ISS X-Force Threat Analysis Service, which discovered the vulnerability.The bugs were......
[more] Hong Kong proposes action against email spam Hong Kong's government has proposed wide-ranging laws to crack down on unwanted spam emails, with fines of up to a million dollars (128,000 US dollars) for offenders. The Unsolicited Electronic Messages Bill to be debated by legislators later this year proposes a system that would punish spam senders and allow email users to protect their computers from the scourge."The primary objective of the bill is to tackle unsolicited commercial electronic......
[more] How to solve the problem of spam Regular BBC News columnist Bill Thompson explains what it is like to fall victim to a "joe job" in which spammers abuse someone's good name and then leave them to clear up the mess. About two weeks ago I started getting a lot of bounced e-mails. Most of them were notifications that my e-mail could not be delivered because the recipient didn't exist. Others were from spam filters to tell me I'd sent messages they were unwilling to accept. It seems I've been pushi......
[more] GTA Expands Firewall Family with Gigabit Firewall Global Technology Associates, Inc., (GTA), today announced a high-powered firewall appliance, the GB-3000 Gigabit Firewall Appliance. The cost effective GB-3000 is designed for SME businesses with gigabit networks. The GB-3000 provides support for up to twelve network interfaces, ten of which can operate at speeds up to 1 gigabit per second. "Many SME businesses are moving to gigabit networks at their offices and the......
[more] US heads global spam league of shame The US remained at the top of the chart of spam-relaying nations during the second quarter of 2006, accounting for 23.2 per cent of the world's unsolicited email.The closest rivals to the US are China and South Korea, according to figures from IT security firm Sophos, although both of these nations have managed to reduce their statistics since the first quarter of 2006.But the US has failed to reduce its spam problem for the first time in more than two years......
[more] Database spam thief charged A man faces 55 years in jail for stealing database to sell on to spammers A US man has been charged with stealing the membership database held at the American College of Physicians (ACP) in Philadelphia, USA.William Bailey, Jr, of North Carolina, faces up to 55 years in jail and $2,750,000 in fines if found guilty of illegally accessing the database and downloading contact details of 80,000 members.46-year-old Bailey runs a web site called dr-411.com which sells......
[more] Spammers dust off their botnet passports Criminals who remotely infect PCs for the purpose of using them to relay spam messages are targeting new countries and regions in order to increase the number of machines they can enlist.UK and US internet service providers have seen their networks riddled with infected PCs in the last few years and those PCs have been used to relay vast spam campaigns. But as these networks - called botnets - get cleaned up, so they must be replaced.Now it seems the bot......
[more] Wishing you a Happy SysAdminDay Beleaguered sysadmins, rejoice! July 28 is System Administrators’ Day, when IT staffers are given the respect they deserve – and, one hopes, maybe some cake and ice cream or a nifty T-shirt. Systems Administrator Ted Kekatos, an IT manager for a small start-up, decided to create SysAdminDay in 2000 when he saw a printer ad that featured employees lining up to give gifts to the system administrator. He'd just bought printers from the same company. Why wasn't he sh......
[more] Email managers face up to spam problems A recent survey asking IT staff to rank issues relating to email suggests that spam and management are still causing difficulties.The annual research by email security specialist IronPort questioned 300 IT managers and found that availability of email systems was the top concern for third year running. Spam, viruses and management took the next three places. Legal compliance fell to seventh place from second last year.IronPort technical consultant Jason S......
[more] $2m 419 spam scammer in the slammer Police in Amsterdam today claimed that the ringleader of an email scam that stole up to $2m has been arrested in Lagos, Nigeria.This latest arrest follows the apprehension earlier this year of 12 Nigerians based in the Netherlands, who were believed to have tricked innocent people into investing in non-existent money-making schemes."Millions of computer users around the world see these bogus emails in their inboxes every day, claiming to offer fortunes i......
[more] JFK assassination secrets for sale in latest email scam Experts at SophosLabsTM, Sophos's global network of virus, spyware and spam analysis centers, have warned computer users to be wary of an email claiming to come from a dying KGB agent offering to pass on secrets of the John F Kennedy assassination. Sophos believes that the spammed email campaign is an attempt to lure unsuspecting lovers of conspiracy theories into handing over cash and confidential information to internet scammers. The ema......
[more] Worms exploit critical MS06-040 Microsoft security vulnerability Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned computer users of malware that is exploiting a critical security vulnerability in Microsoft software. The W32/Cuebot-L and W32/Cuebot-M worms spread via AOL instant messenger, exploiting the vulnerability described in Microsoft's MS06-040 security bulletin. "Microsoft only issued a patch against the security hole used by th......
[more] Image spam triples in three months Ever-resourceful spammers tripled the amount of image spam sent to users in the last three months, researchers announced today. Increasingly spammers are taking advantage in the weaknesses of traditional content filtering mechanisms by sending spam messages that have little to no text content, instead spreading messages embedded into images, said Paul Judge, chief technology officer for CipherTrust. According to researchers at CipherTrust, 30 percent of all spa......
[more] US companies accused of spamming children Two US companies are being sued for sending unsolicited emails about gambling and alcoholic drinks to childrens' email addresses. Michigan authorities are accusing RR Media Inc, based in California, and Data Stream Group, from Florida, of sending emails to children inviting them to visit gambling websites and promoting alcoholic drinks. According to Michigan Attorney General Mike Cox, the messages were sent to children's email addresses that were regist......
[more] Chinese company fined for bulk junk email A Shenzhen company has been fined for sending bulk junk email in what is believed to be the first case of its kind in China where more than 50 billion spam messages are received a year, state media said on Tuesday. China has a prospering cyber-world, hosting 111 million Internet users, 700,000 Web sites and fast-growing online business, but officials say 60 percent of the email Chinese people receive is spam, or electronic junk mail.The company in the s......
[more] Pretty girls try to hook victims via spam email Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned computer users to take greater care online, following an increase in the amount of spam email seen offering romantic contact. Sophos warns that such emails can have a number of purposes, including confirming that an email address is active - and thus more attractive to spammers. More sinisterly it can lead to a confidence trick that sees the rec......
[more] Volume of 'romantic' spam jumps sharply Security experts today reported a "sharp increase" in the amount of spam email offering 'romantic' contacts.Sophos warned that such emails can have a number of aims, including confirming that an email address is active and thus more attractive to spammers.More sinisterly, such spam can lead to a confidence trick that sees the recipient build up a 'relationship' with their new electronic friend and ultimately hand over money or personal informati......
[more] Spammers scam child protection group to propagate trojan Emails that appear sent by an anti-child pornography nonprofit group - but in fact are being delivered by spammers - are trying to use scare tactics to get unsuspecting recipients to download a trojan, a security firm warned today. The spam claims the recipient's email address was discovered in a "child porn database" discovered by the Los Angeles-based Association of Sites Advocating Child Protection (ASACP). In the message, the......
[more] Worm mutation breeds zombies Zombies proliferating thanks to modification of Mocbot worm The release of a modification of the Mocbot worm has led to an increase of 23 per cent in the total number of zombies detected this week, according to security firm CipherTrust. An average of 265,000 zombies per day have been identified since the release of the Mocbot worm, which is exploiting the MS060-040 Windows vulnerability announced on 8 August.Ed Rowley, technical consultant at CipherTrust, said:......
[more] Fire And Rescue Service Deploys SurfControl Across 95 Remote Fire Stations SurfControl, the global leader in Internet protection, today announced that Highlands and Islands Fire and Rescue Service has deployed SurfControl Web, Email and ETS filters across 95 remote fire stations, in order to improve communications and support professional development.The Highlands and Islands Fire and Rescue Service has doubled the size of its IT network, extending access from its headquarters in Inverness to i......
[more] Malicious image spam entices users with soft porn Hackers are taking advantage of image spam techniques and lusty minds to spread a new Trojan horse, experts at SophosLabs warned today. A new spate of email messages are being sent to Australian users claiming to be from a woman visiting the country looking for a sex partner. Similar to most run-of-the-mill image spams the message contains no text, with the message completely embedded within an image. The missive embedded within the image entices......
[more] Vicky's sex partner graphic email points to malicious Trojan horse Experts at SophosLabsTM have warned that hackers are stealing the tricks used by image spammers to infect computer users with malicious code. Experts based in Sydney, one of Sophos's global network of virus, spyware and spam analysis centers, have discovered email messages are being sent to Australian computer users claiming to come from a young woman visiting the country. Unusually, the malicious emails contain no text, but an......
[more] Virus levels double in August Virus levels have doubled and account of 1.02 per cent of total emails sent, according to a survey conducted in August by SoftScan . Some 89 per cent of all viruses stopped were classified as phishing attempts. The percentage of phishing emails detected has increased dramatically in the last few months, but SoftScan believes this is as a result of improved or additional detection by anti-virus scanners rather than any real increas......
[more] Hackers Renew Windows 'MS06-040' Attacks An upswing in activity related to a potential Windows Server vulnerability dubbed with a most-dangerous label in early August has been detected by security companies and organizations. That earlier vulnerability came to light August 8, amid Microsoft's release of a dozen security bulletins. These included MS06-040, which patched a critical vulnerability in Windows' Server service. At the time, security analysts warned that the bug might be exploited by a......
[more] Firms targeted in spam share scam Spammers hoping to manipulate the stock market have begun approaching firms, offering to raise their share price in exchange for a percentage fee. Security experts at Sophos say they have uncovered an e-mail offering a free one-day trial to company bosses. So-called "pump-and-dump" spam asks recipients to buy cheap shares, which then rise in value, making money for spammers who already hold stock. Sophos says the scam has grown from 0.8% to 15% of spa......
[more] Spam laws fail to measure up Microsoft has bypassed criminal anti-spam laws and reached an out-of-court settlement with a UK spammer after bringing a civil case against the man for breach of Hotmail terms and conditions.Spam laws introduced in 2003 have yet to produce a single criminal prosecution, and critics say this case highlights the alternative routes businesses are having to take to combat the problem.Figures from campaign group Spamhaus show almost 75 per cent of all email is now spam.M......
[more] Samsung Web site hosts password stealing trojan Samsung's US Web site is hosting a Trojan horse that logs keystrokes, disables antivirus applications and steals online banking access codes, according to Internet security firm Websense. Visitors to the Web site are not affected by the malware and Websense believes Samsung's Web server has most likely been compromised in order to serve malware to users that receive spam messages or malicious IM messages.Joel Camissar, Australian country manag......
[more] Trojan lurks in fake news.com.au site Australian banking customers have been targeted by a new security threat that takes the form of an online news article warning that local banks will be closed for a week.The email appears to be a link to a news story on News Ltd's news.com.au site, but according to Australian Computer Emergency Response Team, Auscert, when a user connects to the spoof news website, a malicious Trojan is automatically downloaded.The subject bar of the email reads: "News......
[more] Australian link to two billion spam emails probed Australian authorities are investigating a man accused of sending out more than two billion spam emails -- most of them touting Viagra. The Australian Communications and Media Authority (ACMA) said it had searched a home after a tip-off from Dutch authorities."Preliminary analysis of the email messages contained in the spam campaign has identified that over two billion emails were sent," acting authority chair Lyn Maddock said."An......
[more] Microsoft sues British spammer for Hotmail breach Microsoft has won what it described as the largest reported civil award against a spammer in Europe. The software giant says it won a court order requiring spammer Paul Fox to pay £45,000.Rather than pursue a case under Britain's limited anti-spam laws, Microsoft filed a complaint that Fox had breached the terms and conditions of its Hotmail service. It conditions state: "You may not use any [Microsoft] Services to send Spam. You also......
[more] New trick adopted by spammers to harvest email addresses Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned computer users to think before forwarding chain letters after discovering a new scam being used by spammers to collect email addresses. A spammed email campaign, seen by Sophos, poses as a research project into chain mail and joke messages that are frequently sent between email users around the world. Chain letters and jokes can easily......
[more] Researchers believe spam should be fought at network level A pair of Georgia Tech researchers suggested this week that internet service providers (ISPs) might be able to fight junk email more efficiently at the network level rather than using message content filters. "Content filters are fighting a losing battle because it's easier for spammers to simply change their content than for us to build spam filters.," said Nick Feamster, a Georgia Tech assistant professor of computing. "......
[more] Spammers use 'video tributes' to trick users Security vendor Sophos has issued a warning about a recent spam campaign designed to harvest email addresses by attracting readers to websites offering topical "video tributes".The sites offer a range of teasers for video tributes to 9/11 victims, Anna-Nicole Smith and Steve Irwin, "The Great Crocodile Hunter".To view the full videos, users need to provide their email address - something which seems harmless enough unless they vis......
[more] Spammers cycling more quickly through domains Usually spam messages contain links to Web sites where recipients can purchase advertised wares. Because anti-spam companies filter for these URLs, spammers are constantly buying new domains and abandoning old ones to get through spam defenses. According to a report released by McAfee on spam trends during August, major spam campaigns are going through 72 percent more domains per hour than one month ago. Additionally, McAfee Avert Labs found recentl......
[more] Surfing a bigger risk than spam to company networks Company networks are now more likely to pick up malicious software via employee Web surfing than from e-mail attachments, according to a new study. Nearly 40 percent of the 200 Danish companies surveyed said their systems had been infected by a virus or worm, despite the fact that 75 percent had implemented a security policy, IDC Denmark said in its report, released Wednesday. But the malicious software in question is no longer primarily makin......
[more] Web hosts mined by spammers Spammers have found a way to mine free Web-hosting services for cash. Online scammers have long used free hosting services such as Yahoo Geocities or Tripod as a way to get around e-mail filters that might otherwise recognise their spammy Web sites. But now some enterprising spammers have begun selling each other these free Web pages, according to security vendor McAfee. For $25 per week a spammer will sell 50 Web-hosting accounts that can be used to redirect Web tra......
[more] IE Vulnerability Spreads To Email The VML exploit found earlier this week could prove to be a severe problem because it can take initiative without requiring any action on the part of the user. But so far Microsoft does not appear to be a big rush to fix the problem. Microsoft has acknowledged reports from antivirus and anti-spyware vendors of the vulnerability in the Vector Markup Language (VML) used in Windows. For now, Microsoft has published a Security Advisory, which provides steps cu......
[more] Spam can hurt your financial health Pump-and-dump schemes on the rise as email spammers prey LONDON (MarketWatch) -- Spam e-mail is more than just annoying, it can seriously harm your financial health, a recent study has found.So-called "pump-and-dump" schemes, where an unscrupulous spammer hypes up a stock via email in the hope of boosting the share price, can cost people who fall for the scam up to 8% of their investment in just two days.In fact, the impact of stock touting can be so......
[more] Spam trail uncovers junk empire An investigation into a seemingly routine series of spam messages has revealed how sophisticated the business of online crime has become. The story begins with the junk mail messages themselves that were sent during April and May of 2006. Outwardly, said Patrick Peterson, chief technology officer of security firm Ironport who led the investigation, the messages hawking pharmaceuticals looked like the billions of other junk mail messages swilling around the net. T......
[more] Scammers adding layers to image spam Email users should be on the lookout for an advanced type of image spam featuring a new technical wrinkle, researchers said today. Spammers are now using multiple frames within animated .gif files to hide messages. The technique bypasses most anti-spam gates now in use, according to Internet Security Systems (ISS). Hackers often use multiple, layered frames to disguise their message in this new form of image spam, experts said. Gunter Ollman, director of ISS'......
[more] Stock Spam Makes Up 15% of All Spam The spam wars are hardly over. Testimony to this is a new version of junk mail that seems to bypass many otherwise efficient spam blockers. It’s called stock spam, emails sent out recommending penny stocks from energy and mining companies. Research has shown that stocks touted on mass mailed out emails experience noticeable activity on the stock market, making stock spam highly successful. According to Sophos.com, an internet security company, 15 percent of al......
[more] 'Geek spam' emerges as spammers play new trick Hosted security firm Messagelabs claims geeks are being targetted explicitly by spammers using new techniques to subvert spam filters. It says that over the past few weeks it has seen a new spamming trend arise, which uses 'technobabble' to confuse spam filters into trusting spam mail. MessageLabs is calling it 'geek spam'.While gateway-level antispam systems can clean out a lot of unwanted mail, workers can improve on this and employ Bayesian rule......
[more] Irish PCs being hijacked to relay spam PCs sitting on broadband networks in Ireland and the UK have emerged among the major sources of email spam, new research from IE Internet has revealed. The owners of these PCs are unaware their machines, otherwise known as ‘Typhoid Mary' PCs, are being used.Ken O'Driscoll, chief technology officer with IE Internet, told siliconrepublic.com that the research has identified several unique sources of viruses and in some cases spam that have been circula......
[more] Virus infections drop, spam on the up The number of viruses hitting Irish inboxes has fallen but spam continues to rise, according to figures from IE Internet.The Irish email monitoring firm found that the rate of virus infection in the mails that it filtered for its customers fell to 11.65 per cent in September. This reverses the brief rise seen in August 2006, when the rate of infection rose to 15.15 per cent.The Mytob virus is still heading the pack, responsible for 40.52 per cent of infecte......
[more] Tracking down hi-tech crime If every hour a burglar turned up at your house and rattled the locks on the doors and windows to see if he could get in, you might consider moving to a safer neighbourhood. And while that may not be happening to your home, it probably is happening to any PC you connect to the net. An investigation by the BBC News website has established the scale of the dangers facing the average net user. Using a computer acting as a so-called honeypot the BBC has been regularly lo......
[more] Increasing Security Needs of Enterprises to Fuel Growth in the World Content Filtering Market The content filtering landscape is witnessing several changes. Traditionally, the Web, e-mail and instant messaging (IM) filtering markets have evolved separately. The uptake of solutions, especially in the e-mail filtering market, has been successful. As a result, the content filtering market is maturing and existing vendors are expanding and diversifying their product and service portfolios.Although......
[more] Time travelling spam tops e-mail inboxes In a simple twist of tactics, spammers are sending large amounts of unsolicited e-mail that has been date stamped one month in the future -- in order to guarantee their messages remain at the top of the recipients' inbox. This twist is another advancement in the ongoing battle between spammers and the anti-spam filtering firms.Joel Camissar, country manager at Internet security firm Websense, said the change in tactics may be a simple one, but it has prov......
[more] Spam used to boost stock prices Spam is no longer simply a tool for mass-mailing unsolicited advertising, it is now being used in some cases to drive up certain prices on the stock market. According to PandaLabs, there has been a series of mass-mailings containing stock market information, advising users to buy stocks in certain companies.PandaLabs has analyzed one of these cases and found that stock prices in one of the companies mentioned increased significantly over a period of a few days -e......
[more] Spam Buster unleashed by BT BT is implementing a fully-automated ‘spam buster' system to track down and tackle professional spammers and ‘botnet'-infected customers on the BT broadband network. The new spam detection system selected by BT - Content Forensics from StreamShield Networks - scans millions of e-mails a day, providing BT with detailed reports on the location and size of spam-related problems originating from the BT network. Not only does the StreamShield Networks' solutio......
[more] SurfControl Warns Internet Users of a Malicious Web Site Posing as Italian Google Site SurfControl (LSE: SRF), the leading provider of global on-demand, network and endpoint IT security solutions, is currently tracking a malicious Web site posing as the Italian Google site. The spoofed Web site utilizes typosquatting, a technique that mimics a legitimate looking domain and delivers a fraudulent Google page that looks identical to the original. The fraudulent Google site attempts to install Acti......
[more] Sophos launches new suite of it security solutions for small businesses Sophos announced the availability of its new integrated security solution for small- to medium-sized enterprises (SMEs). The launch of the product coincides with research discovering that most small businesses are failing to adequately protect themselves from malicious attack.Sophos Security Suite provides an all-in-one defence against threats on Windows and Mac computers, laptops and servers. The software has been designed......
[more] Haxdoor Trojan claims thousands of UK victims Metropolitan Police have revealed that the Trojan responsible for infecting thousands of users is Haxdoor, a particularly 'nasty' piece of malware. The FBI is working with the Met to catch the offenders The Metropolitan Police have revealed that cybercriminals used a particularly malicious piece of malware called the Haxdoor Trojan to steal data from thousands of UK users. Over 2,300 people have been infected with a variant of Haxdoor, which installs......
[more] Spam campaign attempts to phish MySpace music fans, warns Sophos "Money money money" drives music store spam attack Experts at SophosLabsTM, Sophos's global network of virus, spyware and spam analysis centers, have warned of an aggressively distributed spam campaign that uses the name of the popular MySpace social networking site in an attempt to phish information from music lovers. The emails have been spammed out to hundreds of thousands of computer users around the globe in the last week, lur......
[more] MySpace phishing scam targets music fans Con-men have developed a phishing attack targeting MySpace music fans that highlights the evolving use of social engineering techniques in money-making spam emails.Junk emails featuring the attack have been spammed out to thousands of computer users around the globe in the last week, to trick them into visiting one of a series of bogus websites that pose as an online music store. The emails typically pose as MySpace contact emails, increasing the chances......
[more] Spam Trojan Installs Own Anti-Virus Scanner Veteran malware researcher Joe Stewart was fairly sure he'd seen it all until he started poking at the SpamThru Trojan-a piece of malware designed to send spam from an infected computer.The Trojan, which uses peer-to-peer technology to send commands to hijacked computers, has been fitted with its own anti-virus scanner-a level of complexity and sophistication that rivals some commercial software."This the first time I've seen this done. [It] gets......
[more] HBOS to change website after security alert HBOS is changing its Bank of Scotland internet banking website in response to a security company's claims that the site was vulnerable. But the bank says the supposed risk did not pose any dangers to customers.Information security company heise Security issued a report a month ago warning that many banking sites were vulnerable to phishing attacks. It has just issued a new report saying that four out of the seven banks analysed in the first report wer......
[more] McAfee warns botnets could threaten infrastructure Researchers with McAfee released a whitepaper today that claims botnets could feasibly threaten most countries' infrastructures. Written by McAfee researchers Ken Baylor and Chris Brown, the whitepaper examines the growing problem of botnets through the lens of experience gained while protecting an unnamed Central American country. Botnets had repeatedly attacked the county's national telecommunications company, bringing its infrastructure to it......
[more] First company prosecuted under Australian spam laws The first company to be convicted under Australia's tough anti-spamming laws was fined £2.2 million today for sending 280 million spam emails. The Australian Communications and Media Authority successfully prosecuted Clarity1, and its director, Wayne Mansfield, under the Australian Spam Act 2003.The Federal Court fined the Perth based business £1.8 million and its director £404,600 for illegally sending millions of spam messages adv......
[more] Tricky new malware challenges vendors Worm propagates via e-mail, can then download new versions of itself every 30 minutes A tricky malicious program has become more prevalent in spam, but experts don't know what its creators plan to do with it.Many vendors are rating the malware -- called "Warezov," "Stration" and "Stratio" -- as a low risk. But they also say that it is tricky to deal with. The malware is a mass-mailing worm that affects machines running Microsoft......
[more] Mass spam uses BMW to dupe users Hey, you've won €950,000 and a brand new BMW 5 Series Spammers are using the lure of a BMW car to trap users into falling for their latest scam, security firm Sophos has warned. The spam emails state that the recipient has won a BMW lottery and is entitled to €950,000 and a brand new BMW 5 Series car.The bogus message advises recipients to contact the 'claims department' and includes a fake corporate address, email address and telephone number to enhanc......
[more] Island domains hijacked to send spam Spammers are co-opting the top-level domains (TLDs) of obscure island nations as a new tactic to avoid spam filters, according to McAfee. In the past, spammers have ordinarily used sites with well-known TLDs such as .com or .info to advertise their wares. But McAfee's researchers began to notice a steep rise in the number of junk emails using .st domain names, .st being the TLD for Sao Tome and Principe, islands off Africa's west coast. Digging further, they......
[more] Spammers gear up for pre-Christmas blitz Security report reveals sophisticated online tricks A sudden increase in spam has been identified in the latest security report issued today, as cyber-criminals gear up for a pre-Christmas blitz.Spammers are using new weapons to evade detection by conventional security software and increase their success rate, according to the October 2006 Intelligence report from security firm MessageLabs. One of these is a 'dropper' variant of the Warezov virus, w......
[more] Hackers use Wikipedia to spread malware Hackers are using online encyclopaedia Wikipedia to spread malware, according to a security firm. Sophos discovered that hackers had created an article on the German edition of Wikipedia containing false information about a new version of the Blaster worm, along with a link to a fix. However, the fix is actually a piece of malicious code designed to infect visitors' PCs.Wikipedia is built from user contributions, allowing anyone to create or edi......
[more] Macarena Mac OS X malware - no need to panic Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have advised Mac OS X users not to panic following the discovery of a new proof-of-concept virus. The worm, dubbed OSX/Macarena, has caused headlines in the press because new Macintosh malware is so rarely encountered compared to malicious code designed for Windows PCs. At the time of writing Sophos has received no reports of any customers who have encountered......
[more] Postini Ranked as Top Vendor for Securing Law Firm Communications 48 Percent of Law Firms Surveyed Use Postini's Services to Make Their Electronic Communications More Compliant, Secure, Productive and Reliable Postini, the industry's leading provider of on-demand Integrated Message Management services that make electronic communications like email, instant messaging and the web more compliant, productive, secure and reliable, announced it has again been rated the top choice for securing email c......
[more] Spam more annoying than junk snail mail Unsolicited email seen as more intrusive Most people find spam emails more intrusive and irritating than junk mail landing on their doormat.A new study by the Grady College of Journalism and Mass Communication at the University of Georgia found that most people are less irritated by unsolicited junk mail than by spam."Spam is definitely regarded as more annoying, irritating and intrusive than postal direct mail," said Mariko Morimoto, assist......
[more] Spam volumes jump 'with a vengeance' Spammers came out in force last month generating a deluge of unsolicited email that "severely threatened corporate networks", a monitoring report claimed today.According to Postini's analysis of almost 70 billion emails from September to November, there was a 59 per cent spike in spam over the period.The firm reported that unwanted email currently represents 91 per cent of all email, and that the daily volume of spam has risen by 120 per cent over......
[more] Worm spreads fake news of presidential deaths and nuclear war Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of a new email-aware worm that poses as breaking news of the death of US President George W Bush, but is really an attempt by hackers to break into infected computers. The W32/Dref-N worm may arrive in an email message with the following characteristics: Subject line: chosen from White house news!READ AND RESEND ASAP!NEWS!ATTN TO E......
[more] Webwasher 6.0 Delivers Industry's Most Advanced, Proactive IT Security Web Gateway Security Solution Integrates TrustedSource Global Reputation System; Introduces Proactive Anti-Malware Protection Secure Computing Corporation, a leading enterprise gateway security company, today announced Webwasher 6.0, a new and enhanced version of its award-winning Web Security Gateway, protecting enterprises from inbound and outbound security threats. Webwasher 6.0 marks the initial integration of CipherTrus......
[more] Spam, spam, spam, spam... you've got mail HERE'S the latest hot tip for the stock market! Or do you fancy improving your performance in bed? A "spam tsunami" is deluging computers worldwide with nine out of 10 e-mails now comprising junk advertising. While the government and computer firms have pledged to crack down on unwanted e-mails, the spammers are sending more than ever. In the past five months the amount of spam has almost trebled. Daniel Druker, a vice-president at Postini, an......
[more] 'Tis the season to send spam Mass e-mailers traditionally bump up their activity as the year winds down. But this year, the amount of junk messages could be unprecedented, companies that make spam-busting tools say. And senders of unsolicited ads are already celebrating the close of the harvest season and the approach of Christmas. "Just as legitimate vendors began stocking their shelves with holiday decor and gifts before Halloween, spammers started sending spam messages tailored to the h......
[more] Pump and dump blues Spammers seem to be having little luck pushing up prices of thinly traded stocks.The idea of so-called "pump and dump" scams is to buy stock at low prices and then try to drum up excitement in order to inflate the price.Penny stock promotions have tripled in the last few months, according to estimates. One internet security firm says stock-related spam already accounts for 15 per cent of all junk email, compared to less than one per cent two years ago."The obs......
[more] Small businesses have few resources for network security Protecting home computer networks against security threats is as problematic as managing a small business, according to former White House cyber security advisor, Howard Schmidt. Speaking today at the Claranet forum to discuss ‘zero-downtime/always on' for internet services, Schmidt, who is now the president and chief executive of R&H Security Consulting, said defending home networks against information security threats - includi......
[more] Brussels urges fight against Internet spam invasion The European Commission urged member states to beef up the fight against unwanted Internet "spam" messages and malicious spyware, citing the Dutch approach to the problem as an effective model. "Follow the Netherlands," said commission media spokesman Martin Selmayr, "they have a very efficient blocking mechanism to reduce spams by 85 percent, and they have done that with a very minimal reinforcement of... regulation l......
[more] Most surfers still ignoring IT security Most web surfers are at risk of potentially devastating hack attacks because they have failed to take basic IT security precautions. About three in four US online adults (74 percent) have not installed a hardware firewall, and about half (53 per cent) have neglected to install a software firewall, research conducted by Harris Interactive on behalf of Check Point claimed today.The report found that less than one in four (22 per cent) have installed a secur......
[more] Malware wars: Are hackers on top? The money made from malware is eclipsing the revenue of anti-virus vendors, a leading net security vendor claims. Raimund Genes, CTO of anti-malware at Trend Micro, cites FBI figures that IT security problems cost the economy $62bn last year against IDC estimates that the anti-malware market was worth $26bn in 2005.The FBI figures include the cost of clean-up operations, not just the profits accrued by the bad guys. Even taking this into account Genes reckons c......
[more] Word wiped out by hack attacks Microsoft has warned about a new, unpatched memory corruption hole in Word that has already been targeted by hackers. The bug can be exploited by adding a string of characters in a Word file that corrupt a PC's memory and allow an attacker to run unauthorised software on the system, Microsoft said in a security advisory. The bug affects Word 2000, 2002, and 2003, the Word Viewer 2003 and several versions of Microsoft Works. It has been rated critical but most worr......
[more] Postini predicts more spam headaches for 2007 Over 90 percent of messages on the internet now spam, says messaging security vendor Messaging security specialist Postini has warned that firms without state-of-the-art protection from messaging threats and those which try to deal with the problem in-house risk being swamped by spam, as levels continue to rise into 2007.Nearly 93 percent of messages on the internet are spam, and the last twelve months has seen a rise of 147 percent, 73 percent since......
[more] Postini Announces Top Five 2007 Messaging Security Predictions Spam Still on Rapid Rise Representing Nearly 93 Percent of All Email; Companies Without Proper Protection Could Face Email Meltdown Postini, the global leader in on-demand communications security, compliance and productivity solutions for email, instant messaging and the web, today announced that the recent spam explosion, which Postini reported in November, continues to grow at unprecedented levels.Spam now represents nearly 93 perc......
[more] Watch out for festive scams 'TIS the season to receive Christmas cards and a growing number of them, conveniently, will come via the internet. There's only one problem: some of the emails promising an e-greeting from a friend or family member may instead be from a scam artist intent on obtaining your bank or credit card information.Stu Elefant, senior product manager for anti-virus company McAfee, says the danger is at this time of year people are more likely to click on these greetings in their......
[more] Botnets pose growing online threat Botnets account for 22 per cent of all malware, up from three per cent in 2004, according to research published last week.Security vendor McAfee's Virtual Criminology Report says botnets are the UK's fastest growing online threat, compromising 12 million computers worldwide.A botnet is a number of hijacked computers that forward spam and viruses over the internet to other computers without the user's knowledge.Charlie McMurdie, detective chief inspector at the......
[more] Microsoft wins UK ruling to ban spam list sales Microsoft has stopped a man from selling lists of email addresses which were being used for spam. A court has granted a summary judgment against Paul Martin McDonald, stopping him from selling the lists.Microsoft owns and runs Hotmail, a free, web based email service. It sought a summary judgment from the English courts to stop McDonald from operating his Bizads business, which offered for sale lists of email addresses of people which were used as......
[more] Windows Vista used as bait in aggressive image spam campaign Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have reminded computer users of the threat posed by image spam following a new campaign which purports to offer a cut-price edition of Microsoft Windows Vista. Image spam, which uses a graphic embedded in an email rather than regular text, has grown in popularity amongst spammers attempting to communicate their marketing messages to internet us......
[more] Spamty Claus is coming to town Although statistics for spam e-mail landing in Irish inboxes won't be released until January, experts are predicting we could see a surge in the proportion of junk e-mail that businesses need to filter out of their inboxes. Ken O'Driscoll of monitoring firm IE Internet says holiday seasons are prime time for spammers who take advantage of the fact that most network administrators have a break over Christmas. "Spammers know it's a holiday for most of the weste......
[more] 2006 Declared Year Of The Zombies Broadband-connected computers commandeered by spammers drove a 30% increase in the amount of spam headed to consumer e-mail boxes and corporate networks, an e-mail security firm says.Remotely controlled armies of computers, called zombies, spread to all regions of the world in 2006, with as many as 8 million computers spewing billions of junk e-mails on any given day, Commtouch said Wednesday in its 2006 Spam Trends Report.New sophisticated spamming techniques......
[more] New Year's, Christmas malware targeting inboxes Email users are again getting the electronic age's version of coal in a stocking - holiday-season spam and malware. Researchers from F-Secure have warned of a handful of just-discovered malicious files posing as Christmas and New Year's Day greetings. One New Year's scam is part of a new spam run distributing the Warezov worm. Using a fake "Happy New Year" greeting, the scam emails contain a malicious attachment, postcard.zip, and urge re......
[more] Microsoft: Botnets top cyber-threat Armies of compromised computers are behind such scourges as spam, phishing and denial of service attacks If there's one thing that Aaron Kornblum would like to quash, it's the botnet armies.These are the remote-controlled PCs that have been taken over without their user's knowledge. Symantec counted more than 4.5 million of them during the first six months of the year, and according to Kornblum, they are the backbone of today's cybercrime. "Botnets are re......
[more] Email worm offers unhappy new year An email worm that masquerades as a new year greeting to catch out workers returning to work is spreading quickly.Messages containing files named 'postcard.exe' and 'postcard.zip' actually hide a mass-mailing worm called Dref-V, antivirus companies have warned. "This started spreading on 30 December and accounted for a whopping 93.7 per cent of all infected email in the last two days of the year," Graham Cluley, senior technology consultant at S......
[more] Microsoft Sees Botnets as Top Cyber-Threat If there's one thing that Aaron Kornblum would like to quash, it's the botnet armies.These are the remote-controlled PCs that have been taken over without their user's knowledge. Symantec counted more than 4.5 million of them during the first six months of the year, and according to Kornblum, they are the backbone of today's cybercrime."Botnets are really where it's at for serious cyber criminals, because of their concentrated power," said Ko......
[more] Google blacklist sheds light on phishing tactics An analysis of Google's blacklist of suspected phishing sites found that eBay, PayPal and Bank of America together account for almost two in three (63 per cent) of suspected scam sites.Security researcher Michael Sutton also discovered that Yahoo! hosts a significant number of bogus websites - as identified by Google's blacklist) - that try to trick surfers into handing over Yahoo! login credentials. Information from the list is used by anti-phis......
[more] Proposal for porn domain revived Plans to create an internet domain for pornographic websites have been resurrected. The proposal for the .xxx domain was rejected in May 2006 by the overseer of the net's addressing system over fears about how it would be run. But the proposal has won approval following promises by the domain's backer to actively police any site that signs up to use the .xxx suffix. The plan has come under fire from pornographers and politicians. History lesson The idea of creat......
[more] Trojans posing as rare Saddam Hussein execution videos Keeping with their practice of tailoring malware-toting email for current events, malicious users are mass mailing what they claim is a rarely-seen video of the execution of Saddam Hussein. Researchers at F-Secure have found three Hussein-related malware embedded in the emails, named video_sadan.exe, saddam.morto.scr and sadan.exe. The three files are actually the viruses W32/Banload.BSW, W32/Banload.BSX and Trojan-Downloader.Win32.Delf.ACC,......
[more] Security company issues 7 threats for 2007 A leading internet company has announced its top seven security threats for 2007. According to Vernier Networks, the use of Zero-Day attacks, botnet software which controls computers remotely, is set to increase during the next 12 months. Business-oriented social networks, such as LinkedIn and ZoomInfo, were earmarked as facing security attacks in the coming year. Meanwhile, Vernier claimed attacks from hackers, spam zombies and phishers were also like......
[more] Burglar-Proof Windows? Vista's new security features may be annoying, but they're good for you The Microsoft marketing hoopla set off by the Jan. 30 launch of Windows Vista will focus on the software's spiffy new look and enhancements such as greatly improved search abilities (see BusinessWeek.com, 1/15/07, "Vista: Upgrade-Or Trade Up?"). But the really important changes, mostly hidden, aim to improve Windows' leaky security. What you see of this may be annoying, but trust me, it's go......
[more] Scam contract killer email blackmails recipients with death threat Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of a spammed-out email that pretends to come from a professional hitman, hired to kill the recipient, but are really interested in stealing money. The emails claim that the recipient has been stalked by a hired assassin for 10 days, but that the hitman is prepared to drop the contract if he is paid a total of $80,000. Upon rec......
[more] Spam volume to double soon Email traffic levels set for massive spam-based boom Email traffic volumes are set to double within the next few months if the recent growth rate in spam messages continues, according to a warning issued by email management firm Email Systems. While spam has been an ongoing problem for many years, Email Systems said the rate of growth in spam messages has suddenly accelerated since July 2006, leading to total email traffic growing by between 25 and 35 percent each mont......
[more] Spam campaign uses assassin facade to steal money Hackers have launched a new spam campaign claiming to come from a professional assassin in an attempt to steal money, security experts warn. Users receive an email which states that the assassin is stalking them. However, the message claims the killer will drop the contract if they pay them £40,000. Upon receiving an initial payment of £10,000 the assassin asserts that he will produce taped evidence of the contract to murder the email......
[more] Nearly seven in ten junk emails are images Spammers use graphics to fool text scanners - and they are eating up your bandwidth Spam using images rather than text now accounts for most junk email, according to McAfee.The change began in late 2005 to counter aggressive spam filtering which blocks emails containing certain words or phrases. By last October 40 percent of spam was image-based, and by the end of the year the proportion had risen to 65 percent.As an image spam......
[more] Security whistleblowers should act responsibly, says Sophos Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have called on the internet community to act responsibly when exposing security issues, after details of a widescale MySpace phish were published that could have endangered thousands of users. Today, several media reports indicate that MySpace users are the latest victims of a phishing scam. Approximately 60,000 users were recently targeted and......
[more] Storm worm batters internet Spammers have taken advantage of Thursday's heavy weather across Europe to infect thousands of systems with a Trojan horse, allowing the systems to be taken over by criminal gangs. According to F-Secure, the attack was launched in the early hours of Friday morning, European time, taking the form of a wave of spam bearing the Small.DAM Trojan. Mikko Hypponen, F-Secure's chief research officer, said the attack shows gangs are using every technique available to spread m......
[more] Sophos:Infected attachments replaced by malicious links While the percentage of infected emails declined significantly, the diminished risk was undone by an even more significant rise in Web-related threats, reported the experts at Sophos this week. Sophos released its Security Threat Report 2007 on Monday. Key to the findings was the fact that malicious attackers are using different means to attack individual users and corporations, said Ron O'Brien, senior security analyst for the company.&quo......
[more] U.S. still world's spam leader While the percentage of infected emails declined significantly last year, web-related threats rose significantly, reported researchers at Sophos this week. Sophos also reported this week in its Security Threat Report 2007 that the United States continues to lead the world in spam production. Ron O'Brien, senior security analyst at Sophos, told SCMagazine.com today that attackers are switching methods. "There was a significant reduction in viral emails in 2006,......
[more] Malware hosting surprise for Dutch A recent report on sources of malware from Sophos puts the usual suspects at the top of the list; between them, the top three, the US, China and the Russian Federation, are home to over 70% of viruses, trojans and other nasties hosted online. Fourth place however goes to an unlikely candidate - the Netherlands, recently singled out for praise in a report on spam reduction by the European Commission. The Dutch anti-spam agency OPTA has had considerable success......
[more] New zero-day Word attack threatens users Hackers are exploiting an unpatched vulnerability in Microsoft Word that could allow them to take control of a victim's PC. That's according to security company Symantec, which has said that the zero-day vulnerability is the fourth in Microsoft's Word 2000 software that has not yet been patched. Danish security vendor Secunia also reported the vulnerability, and rated it as "extremely critical," its highest-level warning. The attack comes via a......
[more] Porn lands spammer heavy fine A US porn outfit has been fined $465,000 fine for sending explicit e-mail, the U.S. Federal Trade Commission (FTC) has announced. The settlement with TJ Web Productions LLC is the fifth after the FTC announced a crackdown on sexually explicit spam in July 2005, when the agency charged seven companies with violating a U.S. law requiring warning labels on sexually explicit e-mail. Including the TJ Web settlement, the FTC has collected more than $1.6 million in civil......
[more] Dutch botnet herder fined €75K for sending 9bn spams A Dutch spammer who used compromised PCs to spamvertise web sites has been fined €75,000 ($97,000) by Opta, the Netherlands telecoms regulatorThe man - named only as Mr X - used 600-700 compromised PCs to send about nine billion spam messages promoting penis pills, pornographic websites and other assorted tat. X's 14-month junk mail campaign reportedly earned him an estimated € 40,000 before he was collared in November 2005.Firms th......
[more] Dutch spammer hit by record fine A Dutch spammer has been hit with a €75,000 fine from regulator OPTA, one of the largest ever levied in the Netherlands. The unidentified spammer,who sent more than 9 billion e-mail advertisements, was fined such a large amount because of the sheer volume of e-mail and the use of several hundred "zombie" computers. The fine tops the €42,000 levied by the Dutch regulator in 2004. Dutch authorities were alerted to the spammer by various compute......
[more] Act of God hampers spam Mother Nature may be hitting back at the scourge of spam-filled inboxes, according to IE Internet.The web hosting and monitoring firm believes the recent earthquake that hit Taiwan in late December may be responsible for a reduction in spam and virus rates for January, although a monstrous 53.12 per cent of emails were spam - above last year's average of 52 per cent.A quake measuring 7.1 on the Richter scale badly damaged around eight submarine fibre-optic cables on the......
[more] AppGate Network Security secures and filters web traffic from smartphones With the increasing adoption of smartphones, more and more users now have the opportunity to surf the Internet using their phones. Companies, on the other hand, want access via mobile phone to be as secure as it is for all other devices. AppGate Network Security has developed a way to secure and filter web traffic from smartphones by routing traffic through the AppGate server. This way a company can control and secur......
[more] Zhelatin mutants storm virus charts The Zhelatin virus is challenging Bagle and Warezov for the dubious honour of number one virus after eight new variants were detected in the past four days, security experts have warned.Kaspersky Lab said that Zhelatin.s, .t and .u were detected on 8 February, while Zhelatin.v was detected on 9 February. Four more variants, .w to .z, were detected during the weekend of 10-11 February.The most significant of these is Zhelatin.u, which Kaspersky Lab currently r......
[more] Australian PM's heart attack faked by hackers Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have reminded computer users to be wary of unsolicited emails posing as breaking news reports, following the widespread distribution in Australia of a malicious message which claims that Prime Minister John Howard is fighting for his life after a heart attack. The emails pretend to be a link to a news story from The Australian, a daily newspaper, and start as......
[more] Malicious Ikea spam knocks flat German email users Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned German computer users to be on their guard against a malicious email which claims to come from home furniture giant Ikea.The emails, which have been widely spammed out, pose as a communication from Ikea Deutschland, but opening the attached file launches the Troj/Clagger-AZ Trojan horse. "Users may be so surprised to receive an unexpecte......
[more] Mac users 'still lax on security' Apple Mac users are still too lax when it comes to security matters, an independent researcher has said. Kevin Finisterre caused ripples in the Mac community when he started a website in January revealing a different bug in Apple systems each day of the month. While some observers dismissed the survey, Apple recently issued a patch to plug holes outlined by Finisterre. Apple owners' attitude to security was "one of the main reasons we started the campaign,......
[more] Man pleads guilty to spreading Trojan via IRC A Washington-state man pleaded guilty to one felony count of computer fraud relating to charges he spread malware to users of an internet relay chat (IRC) channel. He faces up five years in prison and a $250,000 fine when he is sentenced in early May.Using the user ID Fyle, Richard C. Honour infected IRC users with a program known as WindowsMedia.exe, according to a plea agreement on file with the federal court in St Louis, Missouri, where servers f......
[more] Webmaster pays $3,300 to settle malware charges A webmaster is to surrender $3,300 in ill-gotten gains and refrain from making misleading claims, to settle federal charges he deceived consumers into installing spyware, dialer programs and other types of malware.Nicholas C. Albert lured unwitting computer users into installing the payload by promising a file that allowed bloggers to stream free songs on their websites, according to a complaint (PDF) filed in late 2005 by the Federal Trade Commis......
[more] Spam levels rise again For the fifth consecutive month spam levels have increased with 77.8 per cent of all emails sent in February being junk mail.The increase has been linked to the predictable focus on Valentine's Day-related messages. February also saw a hike in seasonal hijacking threats, including the 'For My Valentine' malware with attachments such as 'Greetings Card.exe', according to vendor MessageLabs.'While it is routine to see the bad guys use seasonal tactics to exploit unsusp......
[more] Storm Worm refuses to die Phishing threats remained at the top of the danger list of reported malware in February, Fortinet has reported.The security firm warned that the most notorious threat remains the Tibs worm, otherwise known as Storm Worm, accounting for 3.91 per cent of all detections.Fortinet added that, according to its monitoring, no fewer than 36 variants of the Storm Worm have been active this month, although one variant accounted for nearly 60 per cent of related detections.Storm......
[more] Solaris worm blasts its way through telnet flaw Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have warned of an internet worm that is exploting a recently announced vulnerability on Sun Solaris servers. The Unix/Froot-A worm (also known as Wanuk) exploits a vulnerability in both x86 and SPARC versions of version 10 of Sun's operating system, attempting to open a backdoor which could allow hackers to gain remote access to computers. Under certain con......
[more] Firm 'ordered to pay spam costs' A British company has been ordered to pay damages for sending spam. Gordon Dick took Transcom to Edinburgh's Sheriff Court for sending an unwanted advertising email, which he claimed was a breach of anti-spam laws. He was awarded £750 in damages plus legal costs of £616.66 through a "decree in absence" after Transcom did not appear in court. But a spokesman for Transcom denied any intentional wrong-doing, and stated: "We are not spamme......
[more] Scotsman wins £1,300 settlement against spammer An Edinburgh man has obtained damages of more than £1,300 from British-based spammer.Gordon Dick was granted the order against Transcom Internet Services Ltd of Henley-on-Thames at a January hearing in Edinburgh's Sheriff Court. Although he hasn't received any money yet, even after sending a debt collector around to Transcom's premises, the lawsuit is a landmark in the fight by consumers against UK spammers. This is the first action of its k......
[more] Blogger.com 'riddled' with malware Blogger.com, home of the weblog publishing system owned by Google, has been infiltrated by a number of phishing sites, security watchers report.In some cases, the Stration mass mailer is being used to drive traffic to these fraudulent sites. One such scam is a "storefront" for Pharmacy Express, which redirects from a Blogspot.com (now Blogger.com) link. The site is designed to harvest the personal information of prospective marks.Beyond the problem o......
[more] Spam hits records levels in February Spam continued at record levels in February 2007, making up 93 per cent of all email traffic monitored by internet security firm Postini. The continued surge is primarily down to the increase in botnets, millions of hijacked PCs infected with malware designed to steal personal information and distribute spam and viruses.Total spam levels have risen 222 per cent since November 2005, and 125 per cent of this increase has been recorded in the past six months.Ma......
[more] News site hit by trackback spam Companies have been warned of potential difficulties with trackbacks on their websites after an outbreak of trackback spam — which pointed to adult sites — hit a Filipino news site late last week. The Newsbreak.com.ph site was targeted on Friday, prompting staff to disable the site for nine hours. "The spammers used the trackback feature to flood our site with links to various porn sites," said a Newsbreak.com article. "We found over 27,000 trackbac......
[more] Many net users 'not safety-aware' Fewer than half of the UK's 29m adult internet users believe they are responsible for protecting personal information online, a survey suggests. One in six of the 2,441 people surveyed felt responsibility rested with banks. The research, for a government-backed online safety campaign, found 12% had suffered online fraud in the last year - at an average loss of £875. The same number (5%) had experienced fraud while shopping online as had had their bag, wal......
[more] Trojan horse targets Skype users Miscreants have again adapted the Warezov Trojan horse to target Skype users, Websense Security Labs warned last week. The attack is similar to threats that target instant-messaging applications. A targeted Skype user will receive a chat message with the text "Check up this" and a link to a malicious executable called "file_01.exe" on a Web site, Websense said in an alert. If the user runs the file, several other files are downloaded and run,......
[more] Image spam fattens junk mail The bandwidth occupied by spam is increasing as spammers punt products with pictures or graphics instead of just text.Email filtering firm SoftScan said on Monday that the average size of a spam message has increased from 6.62Kb to 11.76Kb (a rise of 77 per cent) since September last year with no sign of a let-up. Although still relatively small in size, the sheer volume of spam messages many firms receive means even a slight rise can have a significant effect.The i......
[more] PayPal asks ISPs to block unsigned email PayPal is trying to persuade e-mail providers to block messages that lack digital signatures, which are aimed at cutting down on phishing scams, a company attorney has said. So far, no agreements have been reached, but the idea is one that PayPal would like to see from other e-commerce businesses, said Joseph E. Sullivan, PayPal's associate general counsel, at the International E-Crime Congress in London. An agreement with, for example, Google for its Gm......
[more] MySpace sues 'Spam King' for phishing Social networking site MySpace announced today that it has filed a lawsuit against "Spam King" Sanford Wallace for spearheading a phishing scheme to steal login credentials. Wallace, who claimed in 1998 that he was quitting the spam business, allegedly used that information to create profiles, groups and forums to spam users into visiting deceptive websites, according to a statement. MySpace - one of the world's most heavily trafficked websites with more tha......
[more] Proposal for porn domain rejected Plans to create an internet domain specifically for pornographic websites have been rejected. The proposal for the .xxx domain was voted out by the overseer of the net's addressing system, seven years after the ideas was first put forward.Board members said they were concerned that approval would put the agency into the position of a content regulator. Backers of the .xxx domain said they were disappointed by the decision and would pursue the matter further. It......
[more] MS plans emergency update to fix blinking cursor bug Widespread exploitation of an unpatched Windows vulnerability involving cursor animation files over the weekend have prompted Microsoft to announce plans to release an out-of-sequence patch on Tuesday. A stack buffer overflow flaw in Windows' handling of animated cursor (.ANI) files, discovered last week, allows hackers to inject hostile code into unpatched systems. Internet Explorer can process ANI files in HTML documents, so web pages and H......
[more] Netsky still spam malware king Although protection has been available for more than three years, the Netsky family of worms still accounted for almost a third of all malware detected during the month of March, 2007. According to Sophos, the Netsky family had the biggest impact on computer users last month. Interestingly, just 0.18 percent - or one in 555 of all email - was infected in March, yet Sophos detected 8,835 new threats, bringing the total to 231,548. Sophos senior security consultant,......
[more] Postini overhauls hosted security Postini has added investigation management, encryption, and better threat protection to its suite of managed security services. The new and upgraded services, set to come out this quarter, are designed to help large organisations protect themselves from threats as well as manage and archive email and instant messaging. Enhancements to Postini's archiving services include a new investigation management feature designed to ease the legal discovery process - and c......
[more] Spam makes users turn away from email The increasing volume of spam email messages is driving users to look for alternative media such as instant messaging and low cost VoIP calls, analyst firm IDC predicts in a new study."Spam volumes are growing faster than expected due to the success of image-based spam in bypassing antispam filters and of email sender identity spoofing in getting higher response rates," said Mark Levitt, program vice president for IDC's Collaborative Computing and......
[more] World War III spam dupes users Hackers have tried to infect users' PCs with malware by pretending World War III had broken out. A weekend spam run tried to dupe recipients into downloading the infamous "Storm Trojan" by attaching files that posed as videos of a missile strike by the US against Iran. The email arrives with provocative subject lines that include "Missle [sic] Strike: The USA kills more then [sic] 20000 Iranian citizens," "USA Declares War on Iran," a......
[more] UK drops out of spam dirty dozen The top twelve nations for creating and distributing spam emails have been named by security experts. The UK, which this time last year was number 10 in the list in terms of generating unsolicited email, has dropped to 13th place for the first quarter of 2007, according to statistics compiled by Sophos. The list is headed by the US, which accounts for nearly 20 per cent of all spam email sent worldwide. China is in secondly place, and Poland surprisingly rounds......
[more] Storm worm variant ignites e-mail virus deluge Thursday likely marked the largest proliferation of e-mail virus attacks in more than a year, according to security company Postini. Postini said that two variations of the Storm worm virus, which originally spread across the Internet in January, have quickly driven global virus levels 60 times higher than their daily average. E-mail users should be on alert for messages with "love"-related subject lines and an executable attachment that......
[more] Worst week for viruses in a year? The largest proliferation of email virus attacks in more than a year is likely to have occurred last Thursday, according to security company Postini.Postini said two variations of the Storm Worm virus, which originally spread across the internet in January, have quickly driven global virus levels 60 times higher than their daily average. Email users should be on alert for messages with "love"-related subject lines and an executable attachment that wou......
[more] Hotmail still riddled with spam Microsoft has admitted that up to 98 per cent of messages sent to Hotmail addresses are spam. The company's own research found that between 40 and 98 per cent of messages sent to users of Hotmail, now being rebranded as Windows Live Hotmail, are unsolicited or fraudulent in nature. The findings will disappoint Microsoft chairman Bill Gates, who predicted at the 2004 Davos World Economic Forum that spam would be "eliminated" within two years.&n......
[more] Spammers Are Due For A Surprise Some of the worst spammers in the United States could be in for a rude surprise shortly, as Unspam Technologies has taken the first steps in tracking them down, with help from the ISPs. The company filed a lawsuit yesterday in the Eastern District of Virginia seeking the identities of spammers under the U.S. CAN-SPAM Act and the state of Virginia's own anti-spam statue. The suit seeks damages that could potentially reach $1 billion, but Unspam said it would be ha......
[more] Taking botnets down For many years, malware authors have been using the web to assemble infected computers into botnets (networks of malware compromised machines), and security professionals and law enforcement systematically work to take these botnets down. Malware authors have clear objectives: stealing personal information, sending spam, conducting distributed denial of service (DDoS) attacks and other such criminal activity for profit. Increasing success in disabling botnets by security pro......
[more] Glastonbury hippies force-fed spam It seems that data protection and music festivals don't dance merrily off into the sunset together.Cries of "I didn't tick any box" have been flooding into Vulture Central with many readers telling us they had only registered for this year's Glastonbury festival via the official website.Despite this, lots of people still received spam from Mean Fiddler, the organisers behind the Latitude festival.See Tickets, the booking agent for both Glasto and Lat......
[more] United States of Spamerica Over 60 percent of all e-mails sent to Irish inboxes during April were unsolicited, according to new figures released on Thursday. Web hosting and monitoring firm IE Internet, which intercepts thousands of e-mails everyday, said 61.94 percent of e-mails during the month contained spam, down by more than 2 percent on the preceding month. IE Internet's statistics are based on monitoring over 35,000 Irish businesses. "Our latest figures show that the United States an......
[more] Image spam lures recipients by hook-er by crook, warns Sophos IT security and control firm Sophos is warning internet users of a new image spam campaign offering the services of an online prostitute finder. The emails, which contain the subject line 'How about finding a girl in your town who is ready to help you take the pressure off?' include an image containing a weblink, which must be typed in manually by the recipient, as well as several sentences of seemingly random text. Sophos experts no......
[more] Firms hit rivals with web attacks Legitimate businesses are turning to cyber criminals to help them cripple rival websites, say security experts. The rise in industrial sabotage comes as some suggest cyber criminals are turning away from using web-based attack tools in extortion rackets. Experts suspect this is because of the risks involved in mounting such an attack on a web shop or retailer. Instead the tools, usually hijacked home computers, are being used to pump out junk e-mail. Cash call......
[more] Phishing moves into more new areas The latest social-engineering methods being put to use by phishers show no let up in the evolution of online scams, with several new twists on old ideas being sent via mass mail in the hopes of hooking yet more gullible victims. Banks and financial institutions are among the biggest targets for phishing, with online banking login details becoming as useful as credit card details. Mal-Aware.org has released details of a new scam targeting Bank of America custom......
[more] Image spam: In the picture Spammers are finding new ways to bypass filters, but that doesn't mean you have to let them bombard your inbox. Rob Buckley reports Need pain releif (sic)? Some Cialis, perhaps? Or maybe you'd like to invest in China YouTV Corp (CYTV)? You've probably received at least a few emails offering some of these things because they managed to sneak past your spam filters. Rather than using a simple text-based email, these spammers have embedded their kind offers into images, m......
[more] Google searches web's dark side One in 10 web pages scrutinised by search giant Google contained malicious code that could infect a user's PC. Researchers from the firm surveyed billions of sites, subjecting 4.5 million pages to "in-depth analysis". About 450,000 were capable of launching so-called "drive-by downloads", sites that install malicious code, such as spyware, without a user's knowledge. A further 700,000 pages were thought to contain code that could compromise a......
[more] Spammers stuff PlusNet email accounts Gaffe-prone ISP PlusNet has had its email database stolen and its users' accounts bombarded by spammers.The attack first surfaced yesterday, when PlusNet punters reported that previously spam-free email addresses were being filled with unsolicited discount pharmacy marketing. Some forum posters report that a few of their webmail contacts have received more spam too.In a statement, BT-owned PlusNet said: "It has come to our attention that a number of cu......
[more] New spam-fighting system for France A group of public bodies and private companies have joined forces to implement a new system allowing French email users to report spam email to a centralised system for evaluation and blacklisting. The project, Signal Spam, also provides data to ISPs hosting spamming systems and opt-out information for users receiveing unwanted but legitimate bulk emails. The Signal Spam project is backed by several French public and governmental institutions, including the p......
[more] Is this the end of spam and spoof email? Yahoo!, Cisco: 'We have the DomainKeys... ' Spammers, phishers and other internet fraudsters, be warned.A key internet standards body has given preliminary approval to a powerful technology designed to detect and block fake email messages.It's called DomainKeys Identified Mail, and it promises to give internet users the best chance so far of staunching the seemingly endless flow of fraudulent junk email.Cisco Systems, PGP Corporation, Sendmail and Yahoo!......
[more] DomainKeys approved as anti-spam standard The Internet Engineering Task Force has granted preliminary approval to DomainKeys Identified Mail (DKIM). The industry standard promises to curb spam by preventing spoofing, the forging of the sender's email address to make it appear as if the message originated from a reputable company instead of a spammer.DomainKeys attaches an encrypted digital signature unique to the sender to each email when it is sent. If the sender's address does not match......
[more] Standards Group OKs E-Mail Validation Spec The Internet Engineering Task Force (IETF) has adopted a vendor-developed specification designed to detect e-mail with bogus header information. The technology could help reduce spam and phishing attacks that clog Internet traffic. Yahoo was the initial developer of the spec, called DomainKeys Identified Mail (DKIM), but other participants joined the effort, including Cisco, Sendmail and PGP Corporation for later revisions. The hope is that the specifi......
[more] Microsoft sues over spam sent through Hotmail Three John Does are named in the suit, who allegedly sent spam e-mail messages to millions of people, including Hotmail users, making up a story about certain stock prices headed on the way up. It's a tactic known as "pump and dump". Individuals buy volume quantities of cheap stocks and then try to artificially inflate their prices. According to PC World, it's the fastest growing kind of spam.While Microsoft has no legal......
[more] Attackers get chatty on VoIP The hacker attacks happening via Skype will become more severe and sophisticated as businesses start adopting VoIP technologies, analysts say The recent spate of malware attacks propagating throughout the user base of the Skype Internet calling system illustrates a broader trend toward cyber-criminals moving to take advantage of VoIP platforms as they become increasingly popular. Security researchers tracking the latest pack of worm viruses to wriggle their way thro......
[more] Beware of slow and quick viruses When the Internet had only barely begun, the only way of spreading viruses was via floppy disks. This is a very slow means of propagation, particularly in comparison to the speed at which viruses spread nowadays. To get an idea, the infamous ‘Friday 13' virus (whose name originates from the day in which it deleted all .exe files on computers) took a long time to spread, and was infecting computers for several years.In the past, when virus creators planned......
[more] New type of image spam hides in e-mail wallpaper Pump-and-dump scammers behind innovation; malware attacks could be on the way A new type of image spam found this week is able to bypass many filters by presenting a message as wallpaper within an e-mail, according to the vendor Secure Computing. Image spam uses text embedded in an image to foil traditional spam filters that catch spam by scanning messages for key words and by using other text-based techniques. Normal image spam is delivered as an......
[more] Four deadly security sins Organisations should not rely on their staff to ensure their network is secured as employees are not infallible and one slip is all it takes for cybercriminals to launch a vicious attack. "If you are an organisation that is relying on your employees to do the right thing with respect to security, you've already made a number of mistakes," said Scott Montgomery, global vice president for product management at Secure Computing.Montgomery noted that end users are......
[more] The Top Five Digital Threats To Your Business While the Internet, mobile computing and online advertising can help small fries compete with larger rivals, these digital tools also invite plenty of risk. Our advice: Don't be a Luddite, but don't lie awake at night, either. Do something about it. Fraud, for example, is a risk any business must deal with. Last year, North American merchants lost $3 billion because of online payment fraud (purchases made with stolen or unauthorized account informat......
[more] Five billion spams pump German stock A pump and dump spam attack hit email users with over five billion emails yesterday. A major spam outbreak hit the internet, causing the stock to jump significantly in trading volume, according to security company IronPort. The spam blast, which IronPort says was one of the ten largest so far this year and represents 8 percent of all spam sent in the past day - roughly 5 billion messages - was designed to get people to buy a German stock. That stock rose in......
[more] Duo found guilty of international spam campaign Two men have been found guilty for their part in an international spam gang, which bombarded internet users with explicit adult material. A court in the US convicted the pair on multiple charges including conspiracy, fraud, money laundering and transportation of obscene materials.James Schaffer from Arizona and Jeffrey Kilbride from California, both 41-years-old, sent spam messages to promote pornographic websites, which netted the duo more than $2......
[more] Hackers launch PDF spam campaign Hackers have launched a widespread "pump-and-dump" stock spam campaign using PDF files, anti-virus researchers have warned. In a change of tactics, the attackers have hidden the spam content within a PDF file instead of attaching an image file to plug the stock, according to a security advisory on the McAfee website.The spammers are sending the PDF files with randomly generated subject lines, sender names and a blank message body. The stock spam is believed to ha......
[more] Net predictions revisited INTERNET security firm McAfee has revisited its top 10 predictions for threats this year and found that, as expected, data-thieving phishing web sites are on the rise. McAfee Asia Pacific director Michael Sentonas says: "Professional and organised criminals continue to drive much of the malicious net activity the net. We were surprised mobile malware and image spam has tapered off." In reviewing its predictions, McAfee found that password-stealing web sites ar......
[more] Rival malware gangs wage turf war Security researchers have uncovered evidence of a turf war between rival criminal enterprises connected to two of the most sophisticated malware toolkits in current use.Like competing gangs in the Mafia - for those who followed the HBO series The Sopranos, think the New York-based Lupertazzi crime family and its sometimes enemy the DiMeo crime family, which Tony Soprano ran from New Jersey - the malware groups are fighting for turf and control.But rather than c......
[more] Storm Trojan returns as Fourth of July spam Email users are being warned to be wary of 4 July malicious spam messages playing off the American day of independence by security experts. The Threat Research and Content Engineering (TRACE) team at email and Internet content security provider, Marshal, has identified a new spam greeting card that invites recipients to retrieve a greeting card that someone has sent them. The recipient is asked to click on a web link in the message to access their gre......
[more] iPhone links full of spam, says McAfee SiteAdvisor warns against submitting your email address McAfee has posted a security warning about Apple iPhone ads. The post says "the scammers are up to their old tricks again". Potential purchasers are warned not to try and use a search engine to find a deal on the new gadget. That's after tests by the company's SiteAdvisor service found that submitting your email address to vendors meant hundreds of spam emails. "Our inbox averaged 66 e-m......
[more] Google bags hosted security firm Postini for $625m Google has announced a plan to acquire on-demand web security firm Postini for $625m cash. The deal, which is subject to regulatory approval, is expected to close by end of the third quarter 2007, after which Postini will become a wholly-owned subsidiary of Google. Postini's services - which include email filtering, archiving, encryption, and policy enforcement - are used to protect customers' email, instant messaging and other web-based commun......
[more] Facebook found pimping crudware Facebook has become the latest website to be found pushing services that deliver highly deceptive security warnings designed to trick users into buying software.Purveyors of this scam are making use of Facebook Flyers, small ads that get posted on Facebook pages associated with a specific region. At 5,000 impressions for just $10, it's a bargain.We spotted a Flyer targeted at Facebook users in the San Francisco region that purportedly advertised a dating service.......
[more] Email security vendors see PDF spam spike Email security vendors reported a spike in PDF spam this week that, because of the size of the messages, increased global spam traffic by as much as a third. Researchers at Commtouch first reported on Wednesday that PDF spam spiked over a 24-hour period, accounting then for 10 to 15 percent of all spam messages. Because PDF spam messages are as much as four times the size or traditional spam, the spike increased global spam traffic by 30 to 40 percent, a......
[more] Suspected phishing gang arrested in Italy More than 20 men have been arrested in Italy on suspicion of carrying out an international phishing campaign. The group - 18 Italian citizens and eight Eastern Europeans - were captured after an investigation by Italian police. Officers from the operation, dubbed "Phish & Chip", monitored the men following a widespread phishing campaign that targeted internet users of an Italian postal operator, Poste Italiane.The gang is accused of sending......
[more] Postini to boost Gmail's enterprise appeal Google's proposed acquisition of email security firm Postini will boost the credibility of the search giant's Gmail offering among enterprises, Gartner predicts.The analyst firm noted that Google's agreed offer of $625m in cash for Postini, which represents a price premium of close to 10-times revenue, was a relatively high price to pay.Gartner describes Postini as one of the "most successful" of the hosted email hygiene vendors, competing pr......
[more] Critical IM bugs hit Yahoo and Trillian Yahoo Messenger and Trillian instant messaging clients are both subject to critical security vulnerabilities, researchers say. The Yahoo Messenger bug, which was posted to the Full Disclosure mailing list by Rajesh Sethumadhavan, is a buffer overflow flaw that can be exploited with a specially crafted address book entry. Messenger immediately crashes when it encounters the malformed entry, Sethumadhavan said, but it may also be susceptible to code executi......
[more] Former Spammer: 'I Know I'm Going to Hell' "Ed," a retired spammer, built a considerable fortune sending e-mails that promoted pills, porn and casinos. At the peak of his power, Ed says he pulled in US$10,000 to $15,000 a week, storing the money in $20 bills in stacks of boxes.It was a life of greed and excess, one that preyed especially on vulnerable people hoping to score drugs or win money gambling on the Internet. From when he was expelled from high school at 17 until he quit his......
[more] Charity fights against overzealous spam filters VSO suffers some unique problems in sending emails Charity Voluntary Service Overseas (VSO) has overcome some unique spam filtering problems by switching suppliers.The international development organisation has volunteers working in 70 countries with a high dependency on email for communication. But the blocking of genuine emails and increasing spam volumes were hampering operations.‘The nature of our work, such as running HIV and AIDS projec......
[more] Europe leapfrogs US in spam league Europe now relays more spam than the US, according to security vendor Sophos.The US is still the biggest signle-country source of spam and has been the dominant region for production and relaying of junk emails, but that is starting change as spamming becomes more global.'While the US remains top spam dog, the latest chart emphasises the urgent need for joined-up global action to combat this growing problem,' said Carole Theriault, sen......
[more] D'oh! Spammers exploit interest in The Simpsons Movie Springfield's favorite family used by cybercriminals trying to confirm email addresses are "live" Sophos, a world leader in IT security and control, has reminded computer users of the importance of not responding to unsolicited email surveys following the discovery of a spam campaign exploiting interest in "The Simpsons Movie", due to be released in cinemas this month. The spammed emails claim that recipients will receive a $500 Vis......
[more] Net criminals shun virus attacks Hi-tech criminals have found novel ways to carry out web-based attacks that are much harder to spot and stop, warn security experts. Some cyber criminals have exploited file-sharing networks and popular webpages to attack targets. The malicious hackers have turned to these methods instead of going to the trouble of hijacking home PCs. Using these methods the hi-tech criminals have staged some of the biggest attacks security experts have ever seen. Attack pa......
[more] Spammers dump images, switch to PDF files Foiled by increasingly accurate corporate spam filters, spammers have dumped pictures for PDFs in their bulk e-mailings, according to the latest data from security firms. Image spam, which at the beginning of the year accounted for nearly 60 percent of all junk e-mail, has plummeted and now accounts for only about 15 percent of spam. Taking its place, the number of junk e-mail messages using an attachment in the Portable Document Format (PDF) has steadi......
[more] Businesses fail to cope with image-spam Half of all medium to large organisations in the UK are failing to cope with the growing problem of image-based spam, new figures show. While 97 per cent of respondents have anti-spam solutions in place, 50 per cent are not managing to deal with image-based junk messages, according to the latest research by email security firm PineApp.The survey also found that 48 per cent of those businesses surveyed said the burden on bandwidth caused by image spam is a......
[more] Spammers move onto spreadsheets The first case of a new type of spam which uses Excel spreadsheets to circulate was discovered over the weekend.Security firm Sophos said that the emails come with an Excel spreadsheet file labelled 'invoice.xls'. It then uses an embedded image to deliver the spam.While it is possible to write malware that exploits Excel, no malware has been included in the emails so far. Sophos believes that this could be a sign that "we're winning the war against spam"......
[more] Vendors disagree on PDF spam volumes PDF spam, the most prevalent spam method currently used by hackers globally has decreased in numbers over the last two weeks, claims data security vendor BitDefender, but fellow security experts are disagreeing. BitDefender researchers have revealed that its detection rates for PDF spam are reducing and attributed the change to the relative ineffectiveness of the method, stating it requires more user interaction than usual e-mail spam. According to Vlad Valc......
[more] Researchers spot ZIP spam spike Spammers have turned to ZIP files to push pump-and-dump scam emails past filters, researchers have warned. Commtouch's lab disclosed on Tuesday that spammers are distributing email runs with ZIP files containing a text file with a stock promotion. The attachments are sometimes password-protected, according to Commtouch.The files, however, cannot be opened by common ZIP file utilities built into Windows operating systems, and require compression tools like winrar.......
[more] Kitten photos deployed in anti-spam battle Microsoft is working on ways to use photos of kittens, among other solutions, to help solve the spam problem. Kevin Larson, a researcher at Microsoft's advanced reading technologies group, has found that asking a user to identify the subject of a photo, like a kitten, could help block spam programs. Currently, services like Hotmail require new users to read and type in a string of distorted letters as proof that they're human rather than a computer. Ca......
[more] Boffins find way to fight spam scams US computer scientists today published research that reveals "striking differences" between the infrastructure used to distribute spam and the infrastructure used to host the online scams advertised in these unwanted email messages.The boffins from University of California, San Diego (UCSD) Jacobs School of Engineering reported that, while hundreds or thousands of compromised computers may be used to relay spam to users, most scams are hosted by in......
[more] Fake e-cards signal massive DDoS attack Security researchers are reporting a sharp increase in the number of machines infected by the Storm Worm, prompting speculation that its authors, who so far have limited their activities to spam, intend to use it for more destructive purposes, such as launching massive denial of service attacks.In June and July, internet security provider SecureWorks counted 1.7m unique hosts carrying the Storm Worm, compared with just 2,817 from January to May, according......
[more] Spammers outwitting computer security Purveyors are hiding faux greetings, ads in unwanted e-mail Just when it appeared tech companies had gained the upper hand, spammers have unleashed new forms of the meddlesome e-mail to trick filters. Spam in the form of popular PDF e-mail attachments and electronic greeting cards is confounding e-mail security systems and annoying consumers. The recent Storm e-mail virus and several pump-and-dump stock scams are clogging inboxes and snookering consumers int......
[more] Cyber-criminals unleash spam Storm Experts warn of 'confirmation spam' outbreak Security experts have warned of an outbreak of malicious spam emails that use log-in account confirmation details as a hook to get users to visit an infected website.The Marshal TRACE threat research team said that the emails appear to come from a legitimate organisation and provide recipients with temporary log-in confirmation details for a website.The spam uses text like 'for security purposes, please login and cha......
[more] Spam to reach all-time high Spam levels are heading toward an all-time high of 90 percent of all e-mail, according to a Secure Computing report. In a statement released Thursday, the security vendor said that spam volume has risen by over 30 percent this week, and looks set to reach record levels last seen in December 2006. The security vendor attributed the spike to the resurgent Storm Worm which returned with a twist earlier this month. Secure Computing said that the Storm Worm currently has......
[more] Fake Gates Foundation malware spreads A malicious spam is in circulation which pretends to be from the Bill and Melinda Gates Foundation. It has the subject line 'Life for Life' and leads with the recent news that the Northern Territory Library has received the 2007 Access to Learning Award from the Bill and Melinda Gates Foundation. This information is true but the link inviting you to read more about the award takes you off to an infected Web site in Korea, according to Paul Ducklin, Asia-Pac......
[more] Spammers dump PDF attachments Security experts have reported a "dramatic decrease" in the amount of spam emails using PDF file attachments to spread unsolicited messages.Research compiled by SophosLabs reveals that levels of PDF spam have dropped from a high of nearly 30 per cent of all spam earlier this month, to virtually zero."If PDF spam email messages have all but disappeared, there can only be one reason: they are not working," said Graham Cluley, senior technology con......
[more] Aladdin eSafe Secure Web Gateway Blocks 100 percent of Anonymous Proxies Anonymous proxies, or anonymizers, are Web sites that allow Internet users to connect to the Web through an external Web site, thereby bypassing any restrictions typically enforced on the local network. This bypass mechanism, though originally designed for safe, anonymous Web surfing, proves extremely dangerous for businesses, schools and other organizations. It opens any computer to all malware that is usually filtered ou......
[more] Beyonce, Rihanna, Kelly Clarkson video emails spread ecard Trojan horse Sophos, a world leader in IT security and control, has warned internet users about the latest disguise being used by malware authors in their attempt to infect people's PCs: an email claiming to point to music videos of popstars like Beyonce Knowles, Kelly Clarkson and Rihanna. Experts at SophosLabs have proactively protected customers against the latest wave of malicious emails which pretend to be links to new music videos......
[more] Malware authors change tack Malware in the form of email attachments has dropped heavily in the last month, according to security software specialist Sophos.In August there was an average of one infected message in every 1,000 emails, compared with one in 322 during the first six months of 2007.Criminals are finding other, more effective ways of spreading malware, such as spam campaigns directing people to infected webpages, said Sophos senior security consultant Carole Theriault.'Most malware......
[more] Spammers add a new dimension to junk mail Spammers have added a fresh dimension to the fight against junk mail with the creation of image spam rendered in a pseudo 3D layout.The use of images as opposed to simple junk messages as a way to punt penis pills, refinancing offers and the like has being going on for months. The approach is designed to fool basic spam filters and is, these days, seldom effective. In order to have any hope of success, spammers must use the computing power of compromise......
[more] Monster warns victims and pledges better defense Monster Worldwide, the owner of employment search site Monster.com, last week began notifying the estimated 1.3 million users affected by a breach that leaked résumé information and pledged to beef up network monitoring and defenses to prevent such a leak from happening again.As reported by SecurityFocus, a malicious Trojan-horse program dubbed Infostealer.Monstres accessed résumé data using stolen, but valid, employer......
[more] SurfControl adds reputation to email filter SurfControl has upgraded to its email security software with reputation services and regulatory compliance features. SurfControl E-mail Filter 6.0, available now, includes the company's own reputation service - previously only available as part of its hosted email security service - that automatically drops connection requests from IP addresses with a history of sending spam, according to Dave Tripier, senior vice president of product management for S......
[more] Spam up, PDF spam down Spam rates were up in August, despite the fact that PDF spam appears to have peaked. Junk email reached nearly 70% of all messages sent last month. According to Symantec's spam report for August, unwanted email accounted for 69% of all mail sent, up 3% from July. Spam volumes are creeping up toward the levels reached last October when image spam inflated junk mail to 73% of all messages sent. In August, image spam had little impact, accounting for less than 10% of all spa......
[more] Pfizer PCs used to relay Viagra spam Spammers have hijacked computers at drug manufacturer Pfizer, causing them to send junk emails advertising the company's product Viagra. At least 138 of Pfizer's IP addresses are being used to send the spam after being loaded with Trojan software, it emerged this week. Aside from Viagra, the spam advertises penis-enlargement drugs, fake Rolexes and shares, according to botnet-tracking company Support Intelligence, which said that those IP addresses have now b......
[more] IT security teams must cooperate to defeat threats IT security experts must pool their resources and work together more efficiently if they are to combat the increasingly converged nature of enterprise security threats, according to the latest bi-annual threat report from Symantec.The report notes that criminals are "refining their methods and consolidating their assets" to incorporate several different attack methods in so-called " multi-staged attacks".There are also toolk......
[more] Hackers hit US stockbroker TD Ameritrade US stock broking firm TD Ameritrade has revealed a breach to one of its databases resulting in the theft of user data.The company confirmed that, while online account numbers and passwords were not compromised, customer names, email addresses and phone numbers had all been stolen.The database also contains Social Security numbers, although TD Ameritrade claimed that there is no evidence to suggest that the numbers were among the stolen data.A spokesperso......
[more] Malware becoming more sophisticated, warns IBM IBM has reported an increase in malware volume and sophistication as part of its security statistics report for the first half of the year. So far this year, its X-Force research and development team has identified and analysed more than 210,000 new malware samples, which is more than the total number of malware samples observed over the entirety of last year. According to IBM, the "exploits as a service" industry continues to thriv, with......
[more] PayPal claims that it's stemming the tide of phishers Rather than relying on consumers, PayPal is blocking e-mails unless they can guarantee that they are signed PayPal Inc. Chief Information Security Officer Michael Barrett isn't ready to claim a victory in the fight against phishing schemes, but he said that his company is slowly turning the tide using a set of new partnerships and technology. Along with its parent company eBay Inc., the online payment processor has long held the inauspicious......
[more] UK IT managers waste 5.85 million hours a year sifting through spam UK IT managers could be spending more than five million working hours, worth more than £140m a year, searching for valid e-mails caught in spam filters, according to a survey commissioned by web-based email management service provider, Mimecast. Research firm e-Media surveyed more than 100 IT managers and found that 26% checked their e-mail quarantine every day and 12% checked it twice a day. Using E-Skills figures of 270,000 IT......
[more] Cyber-criminals turn to smaller botnets Online criminals setting up botnets are downsizing their networks of enslaved machines in an attempt to counter security software firms.Virus writers typically try to build the largest possible botnet to make it more powerful and therefore more valuable to rent out to criminals. But researchers have reported seeing these large groups broken down into smaller units."Most botnets are controlled by internet relay chat," said Mika Stahlberg, of F-Se......
[more] Porn links found on British school's website A British school closed its website after links to hardcore pornography and impotence drugs were discovered on the parents' forum.Other links guided parents towards online casinos and indecent images of US singer Britney Spears.Cath Scallon, the deputy headteacher at Sandown High School on the Isle of Wight, off the mainland's south coast, said spam rather than parents or pupils appeared to be to blame."It was the parents' forum which was affect......
[more] F-Secure sees smaller botnets on the rise Cybercriminals are downsizing their botnets to make it harder for software security companies to track and contain botnet operations, researchers say. Computers infected with a virus unknowingly become "zombies" in a botnet--which is a network used to send out spam and to mount further attacks on other machines. The zombie army can be controlled remotely, with the botnet creators usually trying to build the largest possible botnet of compromise......
[more] Google adds Postini to business apps Google is to add the email services it acquired when it bought Postini last month, to its business-grade online services at no extra charge. The company will add email security, compliance and recovery to Google Apps Premier edition, potentially making it more attractive to larger organisations. The services include email controls for Apps Premier administrators like configurable spam and virus filtering, setting and management of usage policies, and recover......
[more] Websense Completes Acquisition of SurfControl Websense, Inc. today closed its acquisition of SurfControl plc, as the scheme of arrangement relating to the recommended offer for SurfControl plc, at a price of 700 pence per share, has now become effective. The final purchase price is approximately pounds Sterling 204 million, including deferred compensation and stock option expense. The acquisition represents a major milestone in the execution of Websense's growth strategy to expand its security......
[more] Storm builds the world's biggest botnet Storm may not be the most creative or malicious piece of malware ever written, but it's on track to become the most productive; threat researchers' recent estimates put the number of PCs it has infected at more than 1 million. First showing up on researchers' radars about a year ago, Storm is defined by some as a worm, others as a Trojan Horse. Though it has gone by many names, Storm - referring to the spam blasts it has been behind that mention storms -......
[more] Angelina Jolie 'nudes' fuel malware spike One in every 833 emails in September were infected with malicious attachments compared to one in every 1,000 during August, new research reveals.The jump in malware attachments was primarily due to a coordinated campaign by hackers to spam out the Pushdo Trojan during the second half of September, according to security firms. The emails, which offered naked pictures of Hollywood actresses such as Angelina Jolie and Holly [sic] Berry, carry a malicious p......
[more] Spammers hit YouTube's email servers Spammers are using YouTube's servers to send massive quantities of unsolicited email, according to security firm Marshal. The company has warned email users to be wary of messages carrying YouTube invites which appear to derive from the video-sharing site's 'Invite Your Friends' feature, claiming the compromised servers are sending out spam messages from the service@youtube.com address. "YouTube users have a facility where they can invite their friends......
[more] Security expert: Storm botnet 'services' could be sold The owners of the Storm botnet, whose identities are as yet unknown, could be preparing to sell off the "services" of segments of the network, according to Joe Stewart, a researcher from managed security services company SecureWorks. Stewart claimed in a blog post on Sunday that the latest Storm variants now use a 40-byte key to encrypt their peer-to-peer traffic, meaning each node will only be able to communicate with nodes that use the sa......
[more] Two Men Get Five Years For Sending Pornographic Spam Spammers Kilbride and Schaffer will also forfeit more than $1.1 million in illegal proceeds from their spam operation. Two men convicted of sending pornographic spam under the Can-Spam Act have been sentenced to serve more than five years in prison, the U.S. Department of Justice said Friday. Assistant Attorney General Alice S. Fisher of the criminal division and interim U.S. Attorney Dan G. Knauss of the District of Arizona said that Jeffrey......
[more] Trojan horse dupes Skype users, steals usernames and passwords Skype Ltd. again warned users of its software that malicious code targeting the voice-over-IP (VoIP) and instant messaging service was on the prowl, the second such alert in the past five weeks. A Trojan horse posing as a Skype add-on is stealing log-on credentials, the company\'s online spokesman, Villu Arak, said yesterday in a blog posting. Calling itself Skype Defender, the malware installs if users download and run the executab......
[more] Pump-and-dump MP3 email spam warning An outbreak of pump-and-dump email spam this week is using bandwidth-sapping MP3 voice file attachments to promote certain stocks.The MP3 attachments, which range from around 85KB to 147KB in size, feature a poor sound quality audio blast with a barely audible synthetic female voice promoting a specific stock. The voice is heavily distorted to avoid detection by signature-based anti-spam security.Email security company Email Systems said it detected a global......
[more] Spammers turn to web redirection to avoid detection Spammers are ramping up their use of redirection techniques to try to get around many anti-spam filters, a security firm warned today.The latest flurry started about 10am Tuesday morning and by 11am represented an estimated 4.3 per cent of the spam on the internet, according to anti-spam firm Mail-Filters.com.The technique, most commonly found with pharmaceutical spam, sends a user to a web page and the user is then automatically redirected to......
[more] Microsoft desperately seeks fix for 'massive' Russian PDF attack Microsoft said it is working around the clock on a patch for a Windows flaw that is partly responsible for an ongoing attack wave of infected PDFs. The company has updated a security advisory to reflect the fact that exploit code is in the wild, but it may be too late for many. Security researchers said hackers have ramped up attacks using malicious PDF files that target the vulnerability. F-Secure called the surge in spam carryin......
[more] PC stripper helps spam to spread A virtual stripper is helping to defeat anti-spam security checks. Spammers have created a Windows game which shows a woman in a state of undress when people correctly type in text shown in an accompanying image. The scrambled text images come from sites which use them to stop computers automatically signing up for accounts that can be put to illegal use. By getting people to type in the text the spammers can take over the accounts and use them to send junk mail......
[more] 'We're not scared' of Storm, say researchers Reports that security researchers are running scared from hackers responsible for the Storm trojan are overblown, say some of the people who have dug into the complex malware. Last week Josh Corman of IBM's Internet Security Systems said that Storm, a multifaceted Trojan Horse that has been used to gather a substantial army of bots (or compromised computers), strikes back using distributed denial-of-service (DDoS) attacks when it senses probes of its......
[more] Storm Trojan dupes users with Halloween jig The latest holiday-inspired spam by the botnet-building malware in progress The Storm Trojan is flooding e-mail in-boxes with a Halloween spam blitz, security companies said this morning. This is just the latest example of the bot-building malware's knack of capitalizing on current events to dupe people into infecting their PCs. The newest campaign arrives in messages with subject heads such as "Dancing Bones" and "The most amazing danci......
[more] Halloween spam spirits away personal data Security experts have intercepted an attempt by spammers to hijack Halloween festivities to grab personal information from innocent internet users.Sophos has identified a spam email campaign that tries to lure recipients into handing over a wide range of personal information with the promise of a gift voucher worth $250.The email uses a variety of puns associated with the spooky celebrations on 31 October.Examples include: 'A $250 MasterCard Gift Card-t......
[more] Macs seized by porn Trojan Miscreants have released a sophisticated Trojan into the wild that targets Mac users, according to Intego, a company that markets security software that runs on OS X.The malicious Trojan, dubbed OSX.RSPlug.A, is making the rounds on several porn websites. When Mac users try to view some videos, the site feeds them a page that says QuickTime is unable to play the file unless a special codec is installed first. If the user proceeds, a form of DNSChanger is installed tha......
[more] Researchers dig for hidden links in spam Filtering spam messages is a thankless job for software. For every 100 spam e-mails, one message usually gets through, an irritating pitch with links to Web sites selling questionable drugs or sketchy Rolexes. The links contained within spam are one indicator in determining whether it should be blocked. Often after a large spam run, the addresses of spammy Web sites will be added to blocklists that are used by antispam software to cull future messages wi......
[more] Hackers field malware from fake US election sites Hackers have taken advantage of mounting interest in next year's US presidential elections to create fake websites that serve up exploits.Anti-spyware firm Webroot said that it has tracked hundreds of fake sites that lure visitors into downloading malicious files. Surfers may encounter these fraudulent websites after unknowingly selecting a dodgy URL from a list returned from a search or (more likely) after mistyping the name of a legitimate sit......
[more] Hosting firm claims to beat MP3 spam A web hosting firm claims to have developed spam filtering technology that can weed out MP3 attachments.The announcement follows a sharp hike in the volume of MP3 spam that typically features Dalek-like voices touting pump-and-dump scams and other get-rich-quick schemes. Such spam is estimated to account for 10 per cent of all email traffic.Strato, Europe's second largest web host, has developed a modular spam filtering system in partnership with Humboldt Un......
[more] Googlewhack trick used to slip junk mail past spam filters Advanced features in Google's search engine are being used by spammers to disguise the URLs of spamvertised sites. Hackers have been using Google search functions to hunt for vulnerabilities. Now their peers in the junk mail business are getting into the act, Symantec reports.Google supports a variety of advanced query words that are capable of narrowing the scope of a search. Spammers have latched onto this functionality as a means to......
[more] F-Secure safeguards US General Motors Dealer Equipment customers from Internet security threats GM dealerships rely on the Internet for day-to-day business operations. In order to ensure that business can continue without interruption, the dealerships must protect their desktop computers and networks from the devastating effects of malicious viruses, spam and other malware threats. However, individual dealerships do not always have the IT resources needed to maintain a high level of security.F-......
[more] Storm botnet sweeps thorugh Yahoo GeoCities The Storm Trojan is using Yahoo's GeoCities service as an attack vector to infect PCs, according to security researchers.Long-time clients of the Russian Business Network (RBN), a notorious hacker network that mysteriously vanished last week after moving from St Petersburg to Shanghai are involved, said Paul Ferguson, network architect at Trend Micro. Trend watched as bots controlled by Storm were seeded with new spam templates that included links to......
[more] Reports show October spam increase October was a scary month for IT administrators in charge of filtering spam, according to a pair of reports from messaging security firms. Research from St. Bernard Software showed a 33 percent hike in spam and virus activity compared to September. The San Diego-based company, citing its October Threat Center results, attributed the rise to the beginning of the school year and an increase in the victimization of college students' computers. The report also note......
[more] YouTube Dragged Into Spam Runs Again! The most popular name in online video sharing, YouTube, is again being used by phishers. Spammed e-mail messages contain an obscure thumbnail of what looks like intertwining limbs, with the video description, 'A touching tale of how two lovers found their heart'. Trend Micro, a secure content and threat management company, has detected YouTube Spoof Site Serving Malware and advised users to be wary of such spam messages. Should users fall for the social engi......
[more] Consumers not confident about web security The risk of identity theft is a serious concern for users of internet services, with 70 percent of adults saying it has changed their online behaviour. This is one of the findings of a new survey which interviewed 2,000 people across the UK about online security. Almost two thirds of those spoken to said they believed organisations should take more responsibility for protecting their personal details online. Out of all online service providers, banks a......
[more] Despite filters, tidal wave of spam bears down on e-mailers Why, in 2007, is spam worse than ever? Let exasperated consumers count the ways: PDF spam. MP3 spam. Pump-and-dump spam. E-card spam. "Two years from now, spam will be solved." - Microsoft's Bill Gates, 2004, World Economic Forum in Switzerland. It may sound like a broken record, but spam continues to do just that - break records. This year marks the first time the total number of spam e-mail messages sent worldwide, 10.8 tril......
[more] Subverted search sites lead to massive malware attack in progress Trojans, rootkits, password stealers hit users who click on a bad link after a search. A large-scale, coordinated campaign to steer users toward malware- spewing Web sites from Google and other Internet search engines is under way, security researchers said Tuesday. Users searching Google, Yahoo, Microsoft Live Search and other engines with any of hundreds of legitimate phrases -- from the technical "how to cisco router vpn......
[more] 20bn spam buckling inboxes Internet users in Britain get 20billion spam e-mails every day – double the amount of junk mail sent a year ago. Up to 120billion spam messages are sent daily worldwide - that's 20 for each person on the planet - and 49 out of 50 e-mails are junk. Next year, social networking websites such as Facebook and MySpace will become prime sources of personal data for spam gangs, a report claims today. '2007 marked a turning point for threats,' said Jason Steer of IronPort Sys......
[more] Chinese Trojans steal data from organizations Finjan Inc. has recently conducted a study prompted by the increased volume of attacks coming from China. The study maps how users PCs are being infected by Trojans distributed from China that then steal data from organizations and details some of the sites that are involved in the process. Finjan's Malicious Code Research Center (MCRC) have detected malicious activity by groups that distribute their content using obfuscated code and a network of we......
[more] Malicious software: what 2008 has in store When malware writers targeted adverts on some of the web's most trusted sites, they gave a glimpse of the future of cybercrime Last month, scores of popular websites were hit with a nasty surprise. Visitors to sites run by The Economist, Major League Baseball and Canada.com, to name a few, were greeted by adverts pushing antivirus software. The software, of course, was a hoax. What customers were clicking on (and it was hard to avoid) was a type of Tro......
[more] Top 10 stories of 2007: Age of realignment 2007 was a big year for IT, and we look back at the biggest stories, from the iPhone to Windows Vista to the growth of consolidation in the software market This year has been a time of realignment and redefinition as Apple launched its second zeitgeist-defining product of the new century, Dell and Intel battled to regain their former dominance, the software sector consolidated, Google rallied industry heavyweights around a common mobile device platform......
[more] Boom times for hi-tech criminals Starting a career as a cyber criminal got much easier in 2007. So say security experts looking back on 12 months in which hi-tech gangs took control of the net's underground. The economy supporting these groups has matured so much that now everything from virus-writing kits to spam-spewing zombies are available for rent or hire. This has helped to fuel, say security professionals, rapid growth in the methods criminals use to catch out PC users and steal saleable......
[more] 'Diehard' virus variants flexing muscle New Windows-based "downloader" malware known as Trojan-Downloader.Win32.Diehard has surged to the top of Kaspersky Lab's "Virus Top Twenty" list for December because of its "explosive propagation," the security firm said Wednesday. A downloader is a type of malware, which loaded onto a victim's machine, can enable the attacker to download many other types of malicious code to exploit and control it for activities ranging from spam to information theft. Th......
[more] Execs on Facebook are 'easy to dupe' Corporate executives should think twice about the information they disclose on social networking sites such as Facebook, a Hong Kong-based security company has warned, after duping gullible chief executives and finance directors into revealing personal details that could be used for highly targeted spear phishing attacks. Network Box, which makes threat prevention appliances, recently conducted an experiment to see how difficult it would be to glean importan......
[more] Nugache worm kicking up a botnet Storm Although the infamous Storm worm enters 2008 with a reputation as the world's most dangerous botnet, security experts say there's an up-and-comer called Nugache that could give it a run for its money. Nugache was first sighted about two years ago as a worm designed to work with chat protocols, says Paul Henry, vice president of technology evangelism at Secure Computing. As such, it did not propagate virulently. But last month, hackers believed to be ti......
[more] Spam your printer from the Web? Researcher shows how Aaron Weaver has made a discovery the world could probably do without: He's found a way to spam your printer from the Web. By using a little-known capability found in most Web browsers, Weaver can make a Web page launch a print job on just about any printer on a victim's network. The Web site could print annoying ads on the printer and theoretically issue more dangerous commands, like telling the printer to send a fax, format its hard drive,......
[more] BETT: Brunel tackles harrassment with anti-spam Violent, threatening emails are now quarantined and trackable at Brunel University, letting the IT team prevent online harrasment and track those guilty to help protect their students. In a six-figure investment, the West London university signed up for Secure Computing's IronMail system just over three years ago in order to help them manage the deluge of incoming email, but it was quickly put to a more specific use when one of their 13,000 studen......
[more] 40% of US SMBs do not believe their networks are secure Despite having anti-virus and anti-spam software as well as a firewall installed, four in 10 small and medium sized companies in the United States still do not believe their networks are completely secure, a new survey shows. In a poll of 455 IT executives in US SMBs, 42% said their networks were not secure even though 96% and 93% of respondents respectively said they had anti-virus and a firewall installed. 80% said they also used spam fi......
[more] Trojan 2.0 era about to begin: Finjan Cyberattackers are on the verge of creating trojans that take advantage of social networking websites and Web 2.0 technologies, according to researchers at Finjan. Calling the new genre of malware "Trojan 2.0," the San Jose, Calif.-based company predicted that attackers will capitalize on end-users' trust of social networking sites -- and the legitimate web services they offer -- to launch corporate espionage, spam and phishing attacks this year.......
[more] Ikea closes global spam hole The global furniture company Ikea has closed a serious security hole that for an unknown period of time gave hackers and phishers a free rein to exploit the company's mail server. The security gap made it possible for anyone to create a potent spam service, using the company's international mail server in Sweden as the sender. The reason is that the contact template on the company's home page was not adequately secured, making it possible to insert alternative e-......
[more] Researcher 'cracks' Yahoo anti-scam feature A security researcher has claimed that Yahoo's system for blocking automated access to its systems - the CAPTCHA image-recognition system - has been effectively cracked. CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) systems are used by Yahoo, as well as Google, Microsoft and others, to stop automated systems from registering web-based email accounts, filling blog comments sections with spam and guessing passwords......
[more] Skype pulls features in face of critical flaw Skype has temporarily disabled a feature that allows hackers to hackers to exploit vulnerabilities in it VoIP software. However, it has not responded to claims of a second, potentially more serious vulnerability that could allow attackers could target Skype users at public wireless hot spots. Last week, noted Israeli researcher Aviv Raff had spelled out what he called a "cross-zone scripting vulnerability" in Skype that could be leveraged......
[more] Hackers target aspiring Internet scammers In a twist, security researchers have discovered a group of hackers who are exploiting a new category of victims: aspiring Internet scammers. A Moroccan group called "Mr. Brain" is offering free phishing kits on a Web site hosted in France, said Paul Mutton, Internet services developer at Netcraft, a security company in Bath, England. The software packages make it easy to quickly set up a fraudulent Web site mimicking a known brand in order to trick peo......
[more] Spammers cloak scams by redirecting through Google services Spammers are using thousands of Google accounts to camouflage their scams from anti-spam filters, a security researcher said Friday. He dubbed the practice "Spam 2.0." Rather than inserting links to the actual pages touting their products, some junk mailers are sticking in links from domains registered with Google Page Creator - the search engine's free web page maker - or accounts with Google's Blogger.com service, said Dan Hubbard, v......
[more] New Word attacks pose as news about Tibet New attacks using rigged Microsoft Word documents have been launched, a security company said today as it warned users to be leery of mail touting news about Tibet. Phony e-mails purporting to contain news about Tibet and its government in exile are making the rounds, according to Trend Micro Inc., which explained that the messages carry attachments that are malformed Word documents designed to exploit a vulnerability in parsing the popular word process......
[more] Three plead guilty in Nigerian spam scheme Three people have pleaded guilty to charges related to spam e-mail that promised U.S. victims millions of dollars from an estate and a lottery, the U.S. Department of Justice announced Wednesday. In one scenario, the defendants sent e-mails purporting to be from an individual suffering from terminal throat cancer who needed assistance distributing approximately $55 million to charity, the DOJ said. The three defendants, two from Nigeria and one from Se......
[more] Sex beats romance, say security experts Romance is out and sex is in, according to security experts who said the Mega-Dik botnet has ousted the infamous Storm as the most prolific sender of spam. The Mega-D botnet, which offers discounted sexual enhancement pills to users, delivers a whopping 30 percent more spam than Storm, famous for delivering malicious Valentines cards. It is the largest botnet on record, according to security firm Marshal, and has exceeded Storm's highest spam output in Se......
[more] Crime fears as cheap PCs head for Africa What if the plans to spread low-cost One Laptop Per Child (OLPC) and Intel Classmate computers to the developing world work? What if in a few years there are hundreds of millions of them out there? Many might applaud. But among computer security experts, there's growing concern that those scheme could inadvertently lead to a huge increase in computer crime. Initiatives such as the OLPC and the Classmate are intended to help bridge the digital divide. But......
[more] Automated crack for Windows Live captcha goes wild Spammers are using a sophisticated piece of software that can create thousands of Windows Live email addresses by cracking the protections designed to prevent the large-scale creation of fraudulent accounts. According to security firm Websense, the bot is surreptitiously installed on the PCs of end users. It then establishes a connection to the registration page of the Microsoft-owned mail service. About a third of the time, the software is abl......
[more] Epson puts smartcard reader on laser printer Epson has announced an extreme solution to the problem of users who print sensitive documents to network queues but then forget to pick them up - a printer that requires a smartcard before it will print. Documents to be printed using the EpsonNet Authentication Print system are first stored on a server much as they would be with any network print queue. But where a conventional print queue simply spools the documents in the correct driver format, the......
[more] FBI warns of Valentine's Day 'Storm' The Valentine's Day campaign that the bot-building Storm Trojan horse has been running for weeks is running at such volume that even the FBI issued a warning yesterday. "With the holiday approaching, be on the lookout for spam e-mails spreading the Storm Worm malicious software," the FBI said in an alert posted to the home page of its Web site yesterday. "The Storm Worm virus has capitalized on various holidays in the last year by sending milli......
[more] Hackers spread malware with 'Hilary Clinton' spam Cybercriminals may have weighed risk and reward and figured that the first isn't worth the second if they try to exploit the 2008 U.S. presidential campaign, a security researcher at Symantec Corp. said today. At least for now. "We've now seen just two instances of spam using political candidates to spread malicious code," said Oliver Friedrichs, director of Symantec's security response team and a writer on electoral cybercrime. "I......
[more] UK banks hit by phishing assault UK banks were the second-most targeted in the world last month, following the emergence of phishing attacks via the Storm botnet, according to a new report from RSA. UK financial institutions accounted for 15 percent of all banking brands targeted, according to a report from RSA's Anti-Fraud Command Center (AFCC) last week. They followed on from US banks at 61 percent. RSA's findings are roughly consistent with those of other security firms. McAfee, for instance......
[more] Spammers crack Gmail Captcha Spammers, fresh from the success of cracking the Windows Live captcha used by Hotmail, have broken the equivalent system at Gmail. Internet security firm Websense reports that miscreants have created bots which are capable of signing up and creating random Gmail accounts for spamming purposes, defeating Captcha-based defences in the process. It reckons the same group of spammers are behind both attacks. Captcha (Completely Automated Public Turing test to tell Comput......
[more] 'Out of office' messages turned into spam relays Spammers have found a new trick that gets around many current anti-spam filters: abusing the "out of the office" auto-respond feature found in legitimate webmail services. Security firm McAfee has come across several instances of the trick, the company said this week. The spammer first signs up for a legitimate webmail account, switching on its auto-respond feature, with the spam text in place of the "out of the office" message. The spa......
[more] Risk management: Calculated risk Sociologists claim that the element of risk is disappearing from our everyday lives, and that this is forcing increasing numbers of people to take up "extreme" sports. But business risk is a less-publicised issue, and information risk is playing an increasingly central role in this area. It's becoming a major part of compliance measurement and will soon be coming to an IT department near you - so what do you need to know about information risk management (IRM)?......
[more] Link hack redirects MySpace visitors to phishing site Security researchers at Websense have uncovered what they called a "link hack" that bypasses the attempts of social networking website MySpace.com to control and filter the links on its pages. The perpetrator of the link hack has found a way to avoid MySpace.com's "parsing" of all links on its pages, Stephan Chenette, manager of Websense's security labs, told SCMagazineUS.com. This parsing normally redirects all links on a MySpace.c......
[more] Health care organizations see cyberattacks as growing threat Health care organizations feel under increasing attack from the Internet, while security incidents involving insiders and disappearing laptops with sensitive data are piling up. On top of that, there's now the prospect of a surprise audit from the federal government agency in charge of overseeing the HIPAA security and privacy rules. Health care organizations are stepping up efforts to protect electronic patient information as they wi......
[more] Most spam caused by only six botnets Six botnets were responsible for 85 percent of all spam in February, the first time so few botnets have been responsible for so much spam, according to security provider Marshal's Threat Research and Content Engineering team (TRACE). One botnet alone, dubbed Srizbi, was responsible for the largest amount of spam at 39 percent. It was followed by the Rustock botnet (20 percent) and the Mega-D botnet (11 percent) which returned with a vengeance after the disco......
[more] Chelmsford council deploys hosted e-mail security platform to cut costs Chelmsford Borough Council has selected the hosted Websense E-mail Security system to protect its network and reduce costs. The three-year contract covers about 1,000 users and will help the council prevent spam and e-mail-borne threats. Websense Hosted Email Security is now fully deployed following a brief evaluation for testing. The service identifies and stops spam and e-mail-borne viruses, phishing attacks and other mal......
[more] Spammers still defeating CAPTCHAS Spam originating from Google Inc.'s Gmail domain doubled last month, indicating that spammers are still defeating the CAPTCHA, the distorted text used as a security test to thwart mass registration of e-mail accounts and other Web site abuse. Gmail spam went from 1.3% of all spam e-mail to 2.6% in February, according to data released today by e-mail security vendor MessageLabs Ltd.The new statistics are another nail in the coffin for CAPTCHA, which stands for C......
[more] What firewalls do and don’t do Over the last few years, security threats to companies have grown and altered dramatically and so have the defences. Traditional firewalls, installed over three years ago, are often not best suited for current threats and don't protect against a number of newer threats. What firewalls doA firewall is a system designed to prevent unauthorised access to or from a private computer network. Firewalls are frequently used to prevent unauthorised Internet users from acce......
[more] Spam blights e-mail 15 years on Spam continues to blight e-mail exactly 15 years after the term was first coined and almost 30 years since the first spam message was sent. The term is thought to have been coined by Joel Furr, an administrator on the net discussion system Usenet, to refer to unsolicited bulk messages. More than 90% of all e-mail is spam, according to anti-spam body Spamhaus. "Spam is a real life arms race," said Mark Sunner, chief analyst at online security firm Messag......
[more] Internet has a trash problem, researcher says Between 1% and 3% of all traffic on the Internet is meaningless packets of information, used in distributed denial of service attacks (DDOS) to knock Web sites offline. Those are the findings of Arbor Networks, a network traffic analysis company that recently looked at traffic flowing among more than 68 Internet service providers to see how much of it was malicious."The thing that's surprising is it's consistently 1 to 3 percent," said Dan......
[more] Move over Storm - there's a bigger, stealthier botnet in town Researches have unearthed what they say is the biggest botnet ever. It comprises over 400,000 infected machines, more than twice the size of Storm, which was previously believed to be the largest zombie network. Machines from at least 50 Fortune 500 companies have been observed to be running the malicious software that's at the heart of "Kraken," the botnet that security firm Damballa has been tracking for the last few week......
[more] Bot breaks Hotmail's CAPTCHA in 6 seconds A new bot can crack defenses erected by Microsoft Corp. to keep spammers from creating large numbers of accounts on its Live Hotmail service within seconds, a security researcher said today. Dan Hubbard, vice president of security research at Websense Inc., said the bot broke Live Hotmail's CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) within six seconds, on average. CAPTCHA is the name given to the distorted, scra......
[more] China worries hackers will strike during Beijing Olympics While CNN recently faced distributed denial-of-service attacks from Chinese hackers angry about the cable television network's coverage of a recent Chinese crackdown in Tibet, Chinese security officials remain worried hackers will strike while the Olympic Games are being held in Beijing. "Based on historical experience, many hackers seeking to make a name for themselves view the Olympic Games as a challenge and a target, and the Bei......
[more] Spyware targets frustrated GTA IV gamers Gamers desperate to get their mitts on Grand Theft Auto IV are being targeted in an opportunistic spyware scam. Spam emails offer prospective marks free entry to a draw offering a PlayStation 3 loaded with the much-anticipated game as a prize. In reality, these illicit emails are loaded with spyware designed to swipe personal financial information from compromised PCs.Grand Theft Auto IV for the PS3 and the Xbox 360 was released today to delirium from av......
[more] Microsoft botnet-hunting tool helps bust hackers Botnet fighters have another tool in their arsenal, thanks to Microsoft. The software vendor is giving law enforcers access to a special tool that keeps tabs on botnets, using data compiled from the 450 million computer users who have installed the Malicious Software Removal tool that ships with Windows. Although Microsoft is reluctant to give out details on its botnet buster - the company said that even revealing its name could give cyber crimin......
[more] 30 years of Spam - and we ain't finished yet Spam celebrates its 30th birthday on Saturday (3 May). On that day in 1978, 393 Arpanet subscribers were sent what's reckoned to be the first ever spam email in history (the message itself was written on 1 May 1978). DEC marketing rep Gary Thuerk came up with the wheeze which produced a fierce backlash from Arpanet (military) administrators, as well as a small number of sales.After first appearing on Arpanet, unsolicited bulk commercial ads moved ove......
[more] Breaking Google's audio CAPTCHA Recent research is suggesting that Google's audio capture is the latest in a string of CAPTCHA's to have been defeated by software. CAPTCHA or Completely Automated Public Turing test to tell Computers and Humans Apart, is the squiggly hard to read letters that many sites now have you enter to prove you are human. Image CAPTCHAs for Google, Windows Live, and Yahoo! have been broken in recent months, and this is believed to account for the increasing levels of spam......
[more] Google adwords fuel new URL attack Google adwords account holders are being targeted by criminals out to trick them into handing over credit card information using a clever URL spoof that has gained popularity in recent weeks. On the face of it, the scam follows a traditional attack route involving the sending of spam emails to random Internet addresses in the hope of finding users who have purchased adwords. The email claims that the user's account payment has failed and asks them to "upd......
[more] MySpace hit by application spam Like Facebook before it, MySpace is having to take corrective steps to curb spam from applications built by external developers using its new application development platform. In a posting to the official MySpace Developers blog on Tuesday, MySpace president Tom Anderson announced changes to the application guidelines intended to prevent developers from building self-promotional features into their applications that result in intrusive and deceitful behavior, suc......
[more] Social networking faces EU regulation call Europe's top Internet security agency, ENISA, has called for new legislation to police social networking sites such as Facebook and MySpace. "Social networking sites are very useful social tools but we must make recommendations for how to better protect people from the risks these sites create," said Andreas Pirotti, executive director of ENISA (European Network and Information Security Agency). He suggested that EU legislation be expanded &q......
[more] Storm worm resurfaces, tries love angle again After a hiatus, the gang behind the Storm worm is attempting to exploit people's curiosity about a fictional love interest to tempt users into downloading the malware, according to security training organisation the Sans Institute. Donald Smith, a security expert from the Sans Institute, warned on Tuesday that a Storm worm download site had been detected by security researcher 'DavidF'. A link that contained the site's IP address was being spammed o......
[more] Why we're losing the war on Spam The war against spam has not come to a swift and just conclusion. Ever since Bill Gates' proclamation in 2004 that spam will be "solved" within two years, the problem has gotten worse, with no light at the end of the tunnel. As with any conflict, it's instructive to understand how and why it started, how it is being fought and what we can expect. Spam started primarily as a marketing vehicle. Sending email to harvested lists was the most cost-effecti......
[more] Akonix Tracks 10 New IM Attacks in May Akonix Systems Inc., a provider of unified policy management products for instant messaging (IM) and unified communications, announced that its IM Security Center researchers tracked 10 new malicious code attacks over IM networks in May, bringing the 2008 total to 73. New IM worms identified in May include Flocker, Foto-nue and Mondez. LdPinch was the most common with two variants. In addition, attacks on P2P networks, such as Kazaa and eDonkey, increased......
[more] Six burning questions about network security Security issues often seem to smolder more than burn, but these six are certainly capable of lighting a fire under IT professionals at a moment's notice. Handle with care. Is server virtualization worth the risk? The benefits of moving away from traditional servers to virtual-machine (VM) arrangements are the cost savings in hardware consolidation and remarkable flexibility. But less-welcome consequences can be security gaps and virtual-server spraw......
[more] Microsoft hires anti-phishing crusader Microsoft has hired Paul Laudanski, the man behind the anti-phishing Castlecops.com Web site, to help with the software company's phishing and spam investigations. Laudanski, a former volunteer firefighter, announced the move on Castlecops.com last week, saying that he's looking to find someone else to run the site that he founded in 2002. With his new job at Microsoft, he simply doesn't have time to keep up with the Castlecops work, he said in an intervi......
[more] Seeing through the VoIP security hype There’s a lot of debate around the security of converged communications at the moment; discussions of new and existing threats bringing down the “business critical” voice network when it hits the converged network on which everything rides. As an organisation that has been using a Cisco converged network for VoIP and, indeed, the even more critical streams we use for radio broadcasting, the security aspect of this is something we think of as paramount. Howev......
[more] 'Security threats have moved to the Web' The world is not new to threats arising out on the Internet but its magnitude has left everyone stumped and this with security architects working round the clock to ensure that you are safe in the virtual world. But each year, newer weapons are being unleashed only to leave you surprised and annoyed. Jim Haskin, CIO, Websense Inc speaks to Prasad Ramasubramanian of CyberMedia News on the latest trends that his company is seeing and how one can be left wel......
[more] IT Directors unprepared for emerging Web-based attacks An IT Director survey conducted by Secure Computing Corporation uncovers a rising concern of insider threats and widespread acknowledgement of being unprepared for emerging Web-based attacks. When asked whether they believed insider or outsider threats posed a bigger problem to their organisation, more than 80 per cent of the 103 Directors surveyed prioritise insider threats (defined as either unintentional data leakage or deliberate data t......
[more] Fake Microsoft patch spam A new spam attack falsely alerts users to download a Microsoft patch, but when responded to, the user is directed to a page that installs malware on the user's computer. According to a report from Websense, the message tells users that their Windows version is vulnerable to a critical security issue and directs them to a download page. The link actually uses an open redirect to a legitimate shopping site. From there, the redirect forwards users to a URL with a pop-up b......
[more] Secure Computing warns Olympic Fever could impact your network The 2008 Beijing Olympics are nearly upon us. And for the first time employees will be able to watch the games via live streaming through a local host – Channel Seven will be streaming over 100 hours of footage from the Games via Yahoo!7. But Eric Krieger, Secure Computing's country manager for Australia and New Zealand, warns that the interest generated by the Olympics could have significant effects on an organisation's productivit......
[more] Cyber-crooks celebrate independence Malware writers are looking to cash in the upcoming 4th of July weekend, say security experts. With the US gearing up to celebrate its Independence Day on the 4th and the release of the iPhone scheduled for the 11th, the first two weeks of July could be a busy time for malware, according to security firm MX Logic. The company predicted in its monthly threat forecast that both events will be used as bait for attackers. MX Logic noted that the 4th of July was......
[more] Fortune 500 lacking in email spoofing basics DKIM and SPF, two things that companies can do you help lower, not stop, but at least lower, the types of attacks that can be pulled off using their name. Recent research by Secure Computing shows that just over two hundred of the Fortune 500 fail to use either one of the forgery countermeasures. This is in contrast to the Sendmail findings that about ninety percent of the Fortune 1000 use SPF or DKIM to fight fraud. SPF (Sender Policy Framework) or......
[more] Fake Storm Worm blast claims World War III is here The U.S. Army has just invaded Iran, sparking World War III -- or at least that is what the latest Storm Worm spam campaign wants you to believe. Fresh off a July 4 Storm Worm spam surge, the resilient yet predictable botnet is back -- this time spreading bogus emails that the United States and Iran are at war. The latest wave is similar to the weekend's Independence Day-themed spam, according to internet security firm Websense. Messages a......
[more] Detroit Knocks Out Email Threats and Improves Citywide Communication With Websense Hosted Email Security The "Motor City" of America, known for its legacy of developing fast automobiles, recently saw its city government email system slow to a crawl, plagued with email servers overrun with spam and computers infected with viruses. That's when the City of Detroit Information Technology Services (ITS) decided to replace their server-based anti-spam solution with Websense® Hosted Email Security acro......
[more] Ameritrade Hack Settlement: $2 Per Victim, $1.8 Million for Lawyers A proposed agreement to settle a class action lawsuit to compensate as many as 6.3 million TD Ameritrade customers whose data was stolen by hackers would cost the Nebraska online brokerage firm less than $2 per victim and at least $1.8 million in fees to the attorneys who brokered the deal, according to an analysis of federal court documents filed Friday. "The settlement provides the class members with fair, reasonable and......
[more] Texas Bank Dumps Antivirus for Whitelisting Brent Rickels, senior vice president at First National Bank of Bosque County, had grown tired of dealing with antivirus software. He was tired of regularly updating virus signatures, tired of hackers constantly tweaking malware, and tired of worrying about what users had downloaded onto their PCs. So Rickels dumped the bank’s AV software for a whitelisting product and in the process, become one of its first commercial customers. First National Bank o......
[more] Kiwi botmaster escapes conviction despite guilty plea An NZ teenager who became notorious for masterminding the creation of one of the largest cybercrime networks has escaped conviction, despite admitting computer hacking and fraud offences. Owen Thor Walker (AKA AKILL), 18 and from Whitianga, pleaded guilty to six cybercime offences in late March, but Justice Judith Potter dismissed the charges at a sentencing hearing this week, and instead ordered the teenager to pay damages and costs of NZ$1......
[more] Will you be ditching your antivirus app anytime soon? For the last few months, I've been hearing some well-regarded security people tell me they are considering ditching their antivirus protection all together. They haven't done it, but these individuals feel the days of having a special application scan to remove malware on your desktop are numbered. Malware has changed, but the applications to ferret them out have not. Antivirus programs, as we know them today, are based on 20-year-old techn......
[more] Storm feels the credit crunch Security researchers have warned of recent spam campaigns propagated by the notorious Storm botnet that focuses on the recent economic gloom. Emails that play on widely-held fears about the current 'credit crunch' have been spotted by security firm Trend Micro. A link in the message leads recipients to a variant of the Storm worm which infects the PC and links it to the Storm botnet. The emails also contain a reference to the North American Currency Union (NACU), a......
[more] Banking Trojan hides in fake Alonso F1 crash story Fabricated news of a supposed car accident involving Formula One star Fernando Alonso is being used to distribute a new banking Trojan. The fake news story, supposedly from Spanish daily El Pais, has two-time motor racing champion seriously injured on Tuesday in an accident in the norther city of Bilbao. The bogus story, distributed via spam emails, links to a video clip depicting what appears to be a spectacular blaze. The clip installs malware......
[more] Mid-year security report: Web sites, open source, social networking at risk IBM and Websense are separately issuing their semiannual security trend reports this week, and the picture isn't pretty for Web sites, open source software and social networking programs. The IBM Internet Security Systems "Midyear Trend Statistics" report tracked 3,534 disclosed vulnerabilities in software for the first half of the year, a 5% increase from the first half of 2007. When it comes to the ......
[more] Cybercrooks get faster, further and sneakier Cybercrooks are becoming faster at utilising newly-discovered browser exploits. More than nine in ten of all browser-related exploits occurred within 24 hours of an official vulnerability disclosure, according to a survey by IBM's X-Force security division. The cyber-threat survey, which looked closely at information security events that happened during the first half of 2008, also revealed that attacks targeting flaws in browser plug-ins are increas......
[more] Akonix: Steady Uptick in IM/P2P Attacks Akonix Systems, Inc., the leading provider of unified policy management products for instant messaging (IM) and unified communications, today announced its IM Security Center researchers found steady growth in IM and P2P threats through the first seven months of 2008. With 40 unique threats in July on the heels of the year's peak month of 51 threats in June, the current trendline shows a projected growth of 107% for the year. New IM worms identified this......
[more] With rise in China's Internet use, more security threats seen Don't look now but the rise in Internet usage in China, the popularity of social networks and the proliferation of mobile phones may soon give rise to new Internet security threats the likes the world has never seen, according to Steve Chang, founder and former CEO of security firm Trend Micro Inc. In a forum for top IT students at UP Diliman, Chang warned that the convergence of viruses, trojans and computer worms is changing the ve......
[more] 8 ways to fight spam filter frustration Spam. It fills our in-boxes, wastes our time and spreads malware -- and it's only getting worse. According to Ferris Research, which studies messaging and content control, 40 trillion spam messages are expected to be sent in 2008, costing businesses more than $140 billion worldwide -- a significant increase from the 18 trillion spam messages sent in 2006 and the 30 trillion in 2007. In theory, e-mail filtering software and appliances allow "good"......
[more] The top 10 celebrity spammers No one will deny the global celebrity of Angelina Jolie. She's on the cover of magazines, stars in blockbuster movies and is a ratings bonanza each time she appears on TV. Now that she's had twins, she's got triple the appeal for some fans. The spammer community loves her too: On average, about 2.28% of the total global daily e-mail volume contains subjects like "Angelina Jolie naked," "Angelina Jolie nude movie," and "Angelina Jolie naked......
[more] Spammers Go for Olympics Gold Spammers and cybercriminals are fanning the flames of the Beijing 2008 Olympics frenzy in a bid to get a cut of the take. And enterprises need to act now to avoid getting hammered. The latest attack saw 57 e-mails containing press release and media information that appear to be from the International Olympic Committee (IOC) hitting 19 domains, according to MessageLabs, which provides managed secure electronic communications services. These e-mails have an Adobe Ac......
[more] Managing Access to Facebook: A Good Idea? The increased use of social-networking sites by businesses has given IT managers greater cause for concern as a growing number of these sites lure users to share sensitive information. Indeed, many sites like Facebook have warned their users to be on the lookout for spam and other vulnerabilities. Nevertheless, the reality is that these sites are getting more and more users, which increases the likelihood of spam, phishing and other security threats infi......
[more] Facebook quashes malware attack Facebook has blocked links between its social networking site and malware-infested websites to where malicious hackers have been trying to lure Facebook members. "We've identified and blocked the ability to link to the malicious websites from anywhere on Facebook. Less than .002 percent of people on Facebook have been affected, all of whom we notified and suggested steps to remove the malware," wrote Max Kelly, Facebook's head of security, in a blog post early Fri......
[more] Olympics news sites hit with attacks Hackers are using SQL injection attacks to infect websites with updates on the Olympics, according to a Sophos blog post. Graham Cluley, senior technology consultant with security vendor, Sophos, said that the SQL injection attack was designed to install malware onto users' computers. The attack drags malware from a third-party Russian site, turning personal computers into bots. Apparently, several sites that received a news feed from Agence-France Presse, w......
[more] Hackers spoof MSNBC alerts in new twist on massive malware ruse Hackers trying to plant malware on PCs have switched from touting news supposedly from CNN in come-on messages to pushing breaking stories said to be from rival network MSNBC, security experts said today. The fake messages pose with subject headings that include the phrase "Breaking News," along with phony headlines, such as "Jerry Yang relinquishes control over Yahoo," "Mary-Kate Olsen responsible for Heat......
[more] Education, Security Software Best Way to Protect Against Computer Hackers Computers, despite being sophisticated machines, are vulnerable to attacks. Cyber criminals are constantly inventing new ways to invade computer systems — using spam, malicious Web content, spyware and botnets, among other techniques. Most computer-related crimes involve data alteration or destruction and theft of intellectual property. Wikipedia’s entry for “cybercrime” notes that, according to a study......
[more] 5 million fake news spams per hour There's a good chance that you've seen at least one of the spoofed CNN or MSNBC spam messages that are doing the rounds - as many as 5 million of them are being sent per hour. The spoofed messages are modelled on CNN and MSNBC alerts and feature headlines that are calculated to attract attention by tapping interest in celebrities, politics and other current issues. Some of the headlines used are are outlandish, but there seems to be a trend to make them more b......
[more] Olympians Connect with Fans through Blogs In a move that advocates say will bring Olympic athletes closer to fans, a Raleigh, North Carolina-based PC company is reporting the rapid spread of on-site blogging by competitors in the Beijing games. Officials at Lenovo reportedly say that more than 100 athletes are participating in their “Voices of the Olympic Games” blogging program, generating 1,374 athlete postings on the forum and reaching more than 8.5 million fans through third-par......
[more] Broadband subscribers targeted for piracy hoax Security researchers at Trend Micro have stumbled upon a false spam campaign that is conning innocent broadband customers into thinking that they have been accused of illegal activities. Attached to the email is a file that is touted as being a report of illegal activities in the last six months. However, the file is merely malware. This new spam tactic comes after several ISPs agreed with the music industry that they would send out warning letters......
[more] Brazilian bot herder to be extradited to U.S. A federal grand jury in New Orleans has indicted a Brazilian man on charges he operated a botnet that was used to deliver spam. Leni de Abreu Neto, 35, was charged with one count of conspiracy to cause damage to computers, according to a U.S. Department of Justice statement. The indictment alleges that more than 100,000 computers worldwide were compromised. If convicted, Neto faces up to five years in prison and fines of up to $250,000.He was indicte......
[more] FedEx managed security threat spotted A managed security threat using the name of FedEx to deceive internet users into downloading dangerous malware has been identified.The spam wave has been recognised by IT security firm BitDefender, which claims the malware is engineered to steal sensitive e-banking data.According to the company, an email message claims FedEx was not able to deliver a postal package sent one month ago and asks users to download and print an attached invoice containing a ZBot......
[more] The A to Z of spamming exposed While it used to be thought that the section of the address after the '@' was most important to spammers, research by Richard Clayton, an insecurity expert from Cambridge University's computer lab shows that the info before the '@' is equally as important. Clayton's report shows that those with names higher up the alphabet are actually more likely to receive spam than those lower down - so Anne can expect to get around 35 percent of spam email, while Zack may only......
[more] Spammers use free Web services to shield links Spammers are abusing free Web services to make their spam links look more legitimate, according to e-mail security vendor MessageLabs. One of the services, a photo-hosting site called ImageShack, lets people upload different types of photo formats, including Flash files, said Paul Wood, a senior analyst with MessageLabs. Flash files, which have the extension ".swf", can be used for animated graphics and can also be used to automatically r......
[more] Warning over Obama sex scandal spam Web monitoring firms are warning IT administrators to update their spam filters after a massive new spamming campaign was detected. Emails are filling up with spam claiming to have a link to a web site that carries video footage of a sexual scandal committed by presidential candidate Barack Obama. It alleges to show footage of him having sex with Ukrainians after a visit to the country last year. “Users who click the link are shown a pornographic video......
[more] XP Security “Scareware” Scams Skyrocketing More users than ever before seem to be falling for scams being levied by fraudsters looking to make a quick – and lucrative – buck from bogus security applications. It’s sad to see people get scammed from their money when they’re seeking some level of protection from Internet threats – but instead they end up paying to install software that does nothing, at best, or is in fact itself malware. At least one security firm says criminals are raking hundreds......
[more] Researchers uncover new tool for building fake YouTube pages Researchers on Thursday discovered a new application that cybercrooks can leverage to create real-looking YouTube pages to serve as the launching pad for malware attacks. “It has the classic-looking square box that you're about to view a YouTube video but you get a pop-up that you're missing a component to view the video,” Ryan Sherstobitoff, chief corporate evangelist at Panda Security, told SCMagazineUS.com.But when user......
[more] Protecting your business from insider threats Business managers are aware of the dangers inherent within an organisation from disgruntled, or more likely just disorganised or unthinking employees. These insider threats can either open up the network to abuse from outside or can inadvertently cause mischief. There are some simple tips which if implemented will enable businesses to efficiently manage their enterprise security:1. Write and publish an IT use policy, then ensure your employees sign......
[more] Hackers prevent research on malicious code Cybercriminals are randomizing content served from malicious web pages so that they can prevent security researchers from doing proper analysis. According to Websense Security Labs, malware tracking is becoming more difficult because IP addresses and user-agents are being tracked rigorously and often, when pages are served, the content is randomized.Following analysis of malicious Flash files, the company investigated a situation where upon receiving a......
[more] Brad Pitt Tops Charts For Most Celebrity Malware Sites Hollywood actor Brad Pitt has bumped Paris Hilton off the top of the list as the most dangerous celebrity to search for on the Web, according to McAfee researchers. Altogether, fans surfing the Web for "Brad Pitt," "Brad Pitt downloads," and Brad Pitt wallpaper for items like screen savers and images have an 18 percent chance of becoming infected with online security threats such as spyware, spam, phishing, adware and vi......
[more] Secure Computing Highlights Three Major Spam Campigns Secure Computing Corporation has released its monthly report on spam for September 2008 that highlights the spam trends along with three dominant spam surge during August 2008.According to the company, of the three spam outbreaks, CNN/MSNBC News spam was most dominant. Recently, the new spam tactic employed to dupe users into downloading a fake flash player has attracted a great deal of attention. This attack included sending of e-mail messa......
[more] Facebook Malware Campaign Targets New 'Friends' Security researchers discovered a new malicious social-engineering spam campaign Monday designed to lure victims and distribute malware by impersonating the Web 2.0 social networking site Facebook. Capitalizing on the popular social networking site, attackers spoofed the domain facebookmail.com, the official domain used by Facebook for outbound e-mails when alerting users about an upcoming event. Initially, the attack is implemented as a message t......
[more] Record number of active viruses measured August was the worst month for cybercrime, with threats increasing by 51 percent Network Box said that the company's August alert status was at four out of five, indicating a "critical threat" status throughout the month.Virus activity peaked with more than 14,600 new viruses seen on that day alone. All told, 1,080,899 threat signatures and 1,374,666 spam signatures are active in the company's database.Simon Heron, internet security analyst at N......
[more] BBC email list leak highlights dangers of mailing lists Security consultancy Global Secure Systems (GSS) says this week's revelations that a BBC mailing list had been hacked and the users on the list spammed with scams and/or computer viruses, highlights the dangers that spam poses modern companies. "Whilst it's likely that many of the people who signed up to this list were using their personal email addresses, it's a sure-fire bet that some were using their business addresses. And th......
[more] 'Malware-friendly' Intercage back among the living A day after security experts celebrated the death of a network provider accused of hosting a large concentration of the world's cybercrime, California-based Intercage appeared to be among the living again.IP transit provider UnitedLayer agreed to provide upstream service to Intercage about 36 hours after its last transit provider pulled the plug. UnitedLayer's move, which is sure to prove unpopular in some circles, came after Intercage agreed t......
[more] SPIT anti-SPAM For VoIP SPIT is the unfortunate acronym for Spam over Internet Telephony, a relatively new addition to the world of unwanted male enhancement creams and millionaire making schemes from Africa. Most spam arrives by email but increasingly spam is being generated in VoIP communications, and the more VoIP grows, the more attention it gets from “We need you Barclay’s password” cybercriminals intent on annoying users of the system. The problem with SPIT is the diffic......
[more] Phishers cash in on banking crisis Phishers are exploiting confusion over consolidation in the financial industry to extract victims' personal and banking details. Security firm SonicWall said on Thursday that it has been seeing emails that attempt to lure people to fake bank websites, where they are asked to reverify their personal and bank information due to a merger. In one example that targets people affected by the Chase acquisition of Washington Mutual, the email asks recipients to click......
[more] Spammer campaign exploits email read receipts A new wave of malicious spam relies on requests for delivery confirmations for unsolicited emails. According to security firm BitDefender, the technique uses multiple cons. First, a "read receipt or notification" link attempts to trick the recipient, whose response will verify that the targeted email address is valid and active. If the recipient does not send a read receipt, the spammers deploy a secondary layer of confirmation techniques that uses......
[more] Storm botnet goes quiet The creators of the Storm botnet have either ceased sending out spam or have moved on to a newer botnet, security researchers have concluded. Marshal, a security vendor that specialises in spam protection, on Tuesday noted a marked downturn in the amount of spam attributed to hosts infected with Storm within the past month. For the past few weeks other researchers have also noticed the sharp decline. "We don't know what happened here, if somebody put the kibosh on t......
[more] Link spammers set up shop on GMTV sofa website The website of breakfast TV station GMTV was colonised by spammers over the weekend after its domain lapsed. Instead of offering information on presenters or topics to be covered on the show the site became a showcase for links to dating and debt consolidation websites. GMTV - best known for its brightly coloured sofa-filled set and bland interviews conducted with celebrities by Lorraine Kelly - became a link farm for spammers after its domain came......
[more] Websense detects new 'Better Business Bureau' spam campaign Websense has detected a new round of ‘Better Business Bureau' spam emails. The Websense Security Labs ThreatSeeker Network has identified the spam which uses social engineering tactics to entice readers to follow a link in the message in order to ‘register new software and update contact information'. It claimed that tens of thousands of messages had been sent, and from appearance, looks like it has been sent by the same phishers who t......
[more] Financial malware gets smarter An analysis into the use of financial malware has shown that despite a fall in the number of new programs detected criminals are still managing to beat security measures designed to stop fraud. The study found that discoveries of malware aimed at banks and other financial groups is trending downwards this isn’t reflected in a reduced threat. Rather the threats are increasing as malware writers are getting smarter.“Financial institutions around the worl......
[more] Security firms report new statistics on spam Two security firms have revealed that spam attacks have increased in the last quarter. Secure Computing revealed in its Q3 2008 Internet Threat Report that malware which targets users of social networking sites had become the main source of spam. It also highlighted the rise in panic-inducing ‘bank failure spam' intending to capitalize on the current financial crisis. ‘Scareware' programs also spread rapidly, while election-related spam s......
[more] Hackers leverage Obama win for massive malware campaign Hackers have seized on the results of the U.S. presidential election to launch a major malware campaign that tries to trick users into installing an update to Adobe Systems Inc.'s Flash, but actually plants a Trojan horse on unprotected PCs, security experts warned today. The malware blitz stems from spam messages touting Sen. Barack Obama's victory last night, and offers up a link to what is supposedly a site sporting election results. W......
[more] UK savers warned of Icesave scam risk Customers trying to claim deposits from a collapsed Icelandic bank could be at a higher risk over the next few weeks of falling victim to phishing scams, according to security analysts. Icesave, the British branch of Landsbanki of Reykjavik, Iceland, was declared in default on October 8, leaving more than 200,000 customers without access to upwards of £3 billion ($4.8 billion) in deposits. The UK government has said it will refund consumer and retail......
[more] Now that the election's over, holiday season spam begins Spammers have unsurprisingly launched their 2008 holiday season spam campaign using email to tout pharmaceutical products and casino spam with a Christmas angle. In its November State of Spam report released today Symantec found that spam levels averaged 76.4 percent of all messages scanned by Symantec during October. The figure represents a year on year increase of nearly six percent.Of the spam messages, the economy, the US Presidential......
[more] Web helps Obama with transition Barack Obama is turning to the web as he prepares to become US president. Via a website called Change.gov, the Obama campaign plans to provide a guide to the transition process. The site also solicits suggestions from US citizens about their vision for America, and lets them apply for a post with the new administration. On its transition website, the US governmental watchdog has listed the 13 most urgent issues that will soon confront President-elect Obama. Job a......
[more] Study shows how spammers cash in Spammers are turning a profit despite only getting one response for every 12.5m e-mails they send, finds a study. By hijacking a working spam network, US researchers have uncovered some of the economics of being a junk mailer. The analysis suggests that such a tiny response rate means a big spam operation can turn over millions of pounds in profit every year. It also suggests that spammers may be susceptible to attacks that make it more costly to send junk mail.......
[more] ICANN to terminate notorious registrar's credentials after all After a brief delay, the non-profit group that oversees the internet's address system has decided to proceed with plans to revoke the credentials of EstDomains, a domain name registrar with a reputation for catering to cyber criminals. In a notice posted Wednesday, the Internet Corporation for Assigned Names and Numbers said EstDomains would lose its registrar accreditation on November 24. It cited the conviction of EstDomains Presi......
[more] Spam plummets as gang leaves net The closure of a web hosting firm that is believed to have had spam gangs as clients has led to a drastic reduction in junk mail. Two US internet service providers have pulled the plug on the firm McColo following an investigation by the Washington Post newspaper. Anti-spam firm Ironport has seen junk mail levels drop by 70% since McColo was taken offline on 11 November. But, it warned, it will be a temporary respite from the menace of spam. Plug pulled "It......
[more] Woman loses $400k in huge '419' fraud A woman in the US is reported to have lost $400,000 (£270,000) after falling under the spell of one of the most extraordinary Nigerian 419 scams ever uncovered. Janella Spears, who lives in Oregon, is said to have sent the eye-watering sums to criminals over a two-year period, mostly in amounts in the low thousands, after being contacted in a spam email by criminals offering her a cut of a $20.5 million fortune.There was no fortune, of course, but that didn......
[more] Spam drop could boost Trojan attacks The dramatic fall in spam traffic reported last week after alleged rogue ISP McColo Corp. was taken offline will only be a temporary reprieve and could actually generate a new wave of Trojans, experts have warned. ISPs disagree on the global percentage drop in spam caused by the shuttering of San Jose-based McColo last Tuesday, with estimates given by those contacted by Techworld ranging from 50% to 80%. But even the lower figure is still an unprecedented fa......
[more] How much does spam cost you? Google will calculate How much is spam costing your company? Google unveiled a nifty little calculator Wednesday to help you add it up. It's part of a marketing campaign for Google Message Security, the online spam-filtering service based on the Postini technology Google acquired last year. "We know in these tougher economic times that companies are trying to figure out how they can save," said Adam Dawes, a Google product manager. To figure out the cost of spam, yo......
[more] Spam has gone from being an annoyance to carrying malware Spam has been around for 30 years now and we’ve grown use to the irritating messages that can at times outnumber the valid ones in our inboxes. Whether they’re offering incredible deals on credit cards, telling us we can earn big money just by giving our bank account details or promising to cure just about any medical ailment, spam messages hit pretty much all of us at one time or another and although spam filtering technologies have come......
[more] Spam on rise after brief reprieve In the world of spam, what goes down must come up. Two weeks after the shutdown of web hosting firm McColo, which saw a two-thirds drop in spam worldwide, spam numbers are creeping up again. Industry experts disagree on the degree to which spam has returned, but most say that prior levels will soon be reached. Some 450,000 infected computers have been spotted trying to connect to the largest of the networks McColo hosted. Messaging security firm IronPort System......
[more] Anti-fraud site targeted in Joe Job attack Fraudsters have upped the ante in their fight to discredit a respected UK-based anti-fraud website. The email address of Bobbear.co.uk, which fights phishing fraud by exposing groups attempting to recruit money mules, was spoofed in obscene emails. The Joe Job attack represents a further attempt to make life difficult for Bobbear.co.uk, which operates on a voluntary basis, and site administrator Bob Harrison. Just over a week ago the site came under a......
[more] Christmas malware comes early Desperate high-street shops aren't the only ones cashing in on Christmas before December's even arrived - malware writers are taking full advantage too. Websense Labs claims to have detected the first piece of seasonal malware. The campaign masquerades as an electronic Christmas greetings card from postcards.org. The email shows an animated Christmas scene, but links through to a file called postcard.exe that leads to a Trojan backdoor that's been used in previous......
[more] From phishing scams to pharming Recent press abounds with new, ‘innovative’ spam and phishing attacks. For years it was just email that organisations had to fear, but this has changed rapidly with attacks now appearing from all directions. Instant messaging, message boards, blogs and, of course, social networks are now all prime spam and phishing waters. In November, for example, the press recognised the true scale of Facebook as a phishing medium and the increasing number of users being target......
[more] ISP chops last head off Srizbi bot An Estonian ISP that temporarily hosted the command-and-control servers for the notorious spam-spewing Srizbi botnet, has cut off those servers, according to computer security analysts. Starline Web Services, based in Estonia's capital Tallinn, had hosted four domain names identified as the control points for Srizbi, according to researchers from computer security firm FireEye. Hundreds of thousands of PCs around the world infected with Srizbi, a difficult-to-......
[more] SonicWall users exposed by license server breach A technical problem in a license management server at SonicWall Inc. created havoc last week for users of the company's firewall and e-mail security products, leaving many companies temporarily unprotected against spam, phishing and malware threats. It wasn't immediately clear how many customers were affected by the license server glitch, which began early last Tuesday and wasn't resolved until that afternoon. But numerous users posted angry mes......
[more] Botnets crawl back after McColo shutdown Mega-D botnet creators have set up new command and control servers and re-established their connections with bots just three weeks after the closure of spam hosting provider, McColo. According to Marshal8e6's TRACElabs, the spammers have restored the affected connections and Mega-D, which was one of three major global botnets shut down, is now back spamming again. US-based web-hosting firm McColo was shutdown by its ISP on November 11 following a journal......
[more] Vulnerabilities play only a minor role in malware spread, says researcher Computer users are their own worst enemies, a security company warned today, as it released data that shows software bugs were the source of just 5% of the past year's infections. The majority of the attacks carried out by 2008's top 100 pieces of malware were caused by users surfing to malicious sites and then accepting some kind of download, Trend Micro Inc. researchers said today. From Jan. 1 to Nov. 25, the top 100 a......
[more] Websense predicts the future of web security The cloud will become dangerous, good sites will be used to hide bad data, and rich internet applications will turn on their users. These are some of the predictions from Websense Security Labs, which has compiled a security forecast for 2009. First, Websense Country Manager for A/NZ, Phil Vasic, predicts that the cloud will increasingly be used for malicious purposes.“Cloud-based services, such as Amazon Web Services (AWS), Microsoft Azure, an......
[more] Update: Chinese team mistakenly released unpatched IE7 exploit Chinese security researchers mistakenly released the code needed to hack a PC by exploiting an unpatched vulnerability in Microsoft's Internet Explorer 7 browser, potentially putting millions of computer users at risk -- but it appears some hackers already knew how to exploit the flaw. At one point, the code was traded for as much as US$15,000 on the underground criminal markets, according to iDefense, the computer security branch o......
[more] Nine in ten emails now spam Nine in ten emails are now spam with an estimated 200bn junk mail messages a day clogging up the internet, according to a new report by networking and security giant Cisco. Drive-by download attacks - planting redirection scripts on legitimate sites that lead onto hacker controlled websites full of exploits - have become a popular method for spreading all forms of malware, including botnet clients that turn PCs into spam-churning zombies. The US is the single biggest......
[more] Biggest IT Issues Of 2008 When we look back at the biggest IT issues of 2008, we remember a number of hot topics that helped shape the way data centers run. It depends on who you talk to, of course, but according to popular opinion, we’ve come up with a few of the biggest IT issues of 2008: security, virtualization, and power consumption. Security According to Dave Bull, product marketing manager at Secure Computing, there have been several top network security concerns in 2008 tha......
[more] 'Boom year' for hi-tech criminals If 2007 was witness to the rise of the professional hi-tech criminal, then 2008 was the year they got down to work. "The underground economy is flourishing," said Dan Hubbard, chief technology officer at security company Websense. "They are not just more organised," said Mr Hubbard, "they are co-operating more and showing more business savvy in how they monetise what they do." Statistics gathered by firms combating the rising tide of compute......
[more] Microsoft kicks fake security software off 400,000 PCs In the second month of a campaign against fake security software, Microsoft Corp. has booted the rogue application "Antivirus 2009" from almost 400,000 PCs, the company recently claimed. December's version of the Malicious Software Removal Tool (MSRT), a free utility that Microsoft pushes to Windows users as part of Patch Tuesday, targeted one of the most popular phony security app, Antivirus 2009. According to Microsoft, the MSRT erased......
[more] Fake Christmas, holiday greetings spread new malware New malware is spreading via Christmas and holiday greetings, security researchers said today, a tactic reminiscent of those used last season by the notorious Storm Trojan horse. Researchers at the Bach Khoa Internetwork Security Center in Hanoi, Vietnam, reported today that a new piece of malware, dubbed "XmasStorm" by the center, is spreading through holiday-themed spam. Touting subject lines such as "Merry Xmas!" and "Merry......
[more] Many workers in the office environment do not pay attention to security because of a false sense of confidence Cybercrime refers to criminal offences committed with the aid of communication devices, usually over the Internet. Anyone with a smattering of online knowledge should know something about some of these online dangers, even if they don’t fully understand them. The general public has been well advised not to respond to spam, not to open emails from unknown contacts, and only to shop on s......
[more] Mobile operators anticipate increased mobile spam attacks but are slow to protect against them According to a recent survey from Cloudmark, 100% of the top 12 mobile operators across Europe anticipate mobile spam volumes to rise as adoption of mobile social networking and mobile email increases. Remarkably however, only 16% are considering how to best guard against spam through mobile internet and email. As the use of mobile messaging continues to surge, users of text and multimedia messaging a......
[more] The State of Spam: What to Expect in 2009 Spam, oh spam -- can we ever get rid of you? 2008 saw a promising blow to the endless sea of junk mail, but the relief didn't last for long. Now, spam experts say new forms of annoyances are on the way for the new year. "Some battles have been won in 2008, but the war is far from over," says Martin Thorborg, co-founder of SPAMfighter , a software development and spam research company.So far, junk mail has managed to infiltrate only about 22 p......
[more] Spam poses as CNN story about Israel-Hamas conflict Cybercriminals are leveraging the Israel-Hamas conflict in Gaza to dupe users into visiting malware-laden websites through spam claiming to be from CNN. Upon visiting one of the scam websites, users are directed to update Adobe Flash Player to view a video about the two-week-old war – but the download is actually a trojan “SSL stealer” that seeks to capture financial and personal information, according to a blog post by the RSA FraudAction Rese......
[more] Next-gen botnet armies fill spam void The demise late last year of four of the world's biggest spam botnets was good news for anyone with an email inbox, as spam levels were cut in half - almost overnight. But the vacuum has created opportunities for a new breed of bots, some of which could be much tougher to bring down, several security experts are warning. New botnets with names like Waledac and Xarvester are filling the void left by the dismantling of Storm and the impairment of Bobax, Rusto......
[more] Do not skimp on your IT security framework even in a recession “When the economic tide goes out, you see who’s been swimming without any clothes on.” This famous dictum (from the pen of the world's richest man Warren Buffet) sums up in a nutshell the argument why organisations need to increase the effectiveness of their information risk management activity as early in an economic downturn as they can. Those organisations concentrating on a search for cost cuts in their risk and business continui......
[more] Most Popular Sites Were Hacked in '08 It's no secret that legitimate sites infected with malware or redirections to malware-laden copycat URLs have become one of the biggest problems in the world of cyber-security - but the sheer ubiquity of the issue has become pretty staggering. In a report published by filtering specialists Websense earlier this week, based on the company's sensor network - which claims to scan over 40 million URLs per hour - a whopping 70 percent of the Web's top 100 most p......
[more] Spam surges again despite McColo takedown Spammers have regrouped and are finding ways to send more junk mail despite recent efforts by security experts. Spam levels dropped by almost half when rogue ISP (Internet service provider) McColo was taken offline in November. But some new botnets and even older ones are churning out more spam. "At the current rates, we'll be back at those pre-McColo takedown levels probably within the next three to five weeks," said......
[more] Bot software peers at victims' screens Bot masters are now watching their prey more intently. While malicious programs typically monitor what the victims does on their computer, a bot program, known as Ozdok, snaps screenshots of what's on its host's screen and sends it back to a server on the Internet, security firm SecureWorks stated in a research note last week. SecureWorks' researchers gained access to a command-and-control server for Ozdok, also known as Mega-D, and culled between 1,000 a......
[more] Malicious program for mobile phones with Symbian operating system steals money from mobile accounts Apart from in Russia, which has seen a number of documented cases in the past, the rest of the world has largely managed to avoid the threat of mobile phone-based malware. Whilst mobile phone users haven’t traditionally been a primary target for cybercriminals, recent appearances of malicious programs such as Trojans, viruses and spam on mobile devices have raised fears that this kind of criminal......
[more] Websense acquires Defensio Websense has acquired Defensio, a technology company which focuses on the problem of spam on the Web. The acquisition enhances the Websense ThreatSeeker Network by highlighting spam posted as comments on social Web sites, including blogs, user forums and social networking sites. The company will also benefit from Defensio Web services so third-party Web 2.0 developers can embed Websense into their applications.“This acquisition puts Websense years ahead of the s......
[more] Email worm spreads under guise of Valentine's Day greetings Valentine's Day may still be nearly three weeks away, but spammers already are sending a not-so-loving email to inboxes worldwide. Cybercriminals behind the Waledac worm, distributed last week in exploits related to the presidential inauguration, have modified their tactics and are now sending out Valentine's Day-related malicious spam that is leading to the malware, Ryan Sherstobitoff, chief corporate evangelist at Panda Security, told......
[more] The 7 dirty secrets of the security industry Do you ever get the feeling your security providers are failing to tell you the whole truth? We entrust the industry to protect us from unacceptable risk. But we must confront the underlying truth: The goal of the security market is to make money. Here are the seven dirty secrets of the security industry and practical ways to command honesty from your trusted security providers.1. Antivirus certification omissions. The dirt......
[more] Office staff admit to watching porn and being drunk while at work A third of staff have admitted to watching pornography on their computer in the office while more than a half claimed to have been drunk at work. According to research by Proofpoint, staff can be irresponsible where workplace technology is concerned. Based on the responses from 400 UK office workers, 56 per cent admitted to having returned to work drunk from a lunchtime session, while 33 per cent of staff admit to having watched p......
[more] IBM report: Security vulnerabilities going unpatched More than half of the security vulnerabilities disclosed during 2008 had no patches available from the vendor by the end of the year, according to a report released on Monday by IBM's X-Force research group. Meanwhile, 46 percent of vulnerabilities from 2006 and 44 percent from 2007 still had no patch by the end of 2008, the 2008 X-Force Trend and Risk report said. X-Force documented a record number of 7,406 new vulnerabilities last year.......
[more] China muscling in on spam market The number of spam messages originating from computers in China has surged over the past month, and security experts are warning that the country may emerge as a spamming superpower. The rise in spam volumes ends what had been an encouraging period for China. Security firm McAfee reported in December that state enforcement agencies had cracked down on spammers, causing many messages to appear with the malware links already taken down. In January, however, McAfee......
[more] Phishers use TinyURL to trick users into accessing fake sites Phishers are using the TinyURL function to hide destinations from unsuspecting users. Joey Costoya, advanced threats researcher for Trend Micro, claimed that phishers are now using TinyURLs to shrink long URL strings and hide destinations from users. In one example of a spam email, the link given is deliberately long, so the TinyURL function is used to protect the identity of the phishing site. The phishing page is disguised to look......
[more] Websense introduces hosted email and web security services Websense is to launch new email and web security services. Websense Hosted Email Security and Websense Hosted Web Security enable protection from emerging Web 2.0 and converged threats. With recent claims made that the cloud can be a potential host for malware, the email service will clean a message in the cloud before it reaches its destination. Additionally, Websense claimed that if a user attempts to click on a malicious link in an e......
[more] Spammers break Hotmail's CAPTCHA yet again The battle by Microsoft to secure its Live Hotmail system from spammers appears to have failed yet again with the news that the latest version of its CAPTCHA authentication system has been broken. According to a detailed analysis of the latest hack by security company Websense, spammers have come up with a new scheme to fool the CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) that takes possible attack scenarios to......
[more] Global financial crisis brings rise in 'bargain' spam Messages promising cash-savings and discounts are becoming an increasingly popular tool for spammers, according to McAfee. Researcher Micha Pekrul said that the company's Avert Labs had received reports of a new malware attack which uses the lure of coupons to infect users with a piece of trojan software. The spam comes in the form of a short message which contains a hyperlink claiming to offer coupon bundles. Upon clicking the link, the use......
[more] Hackers: Ideology trumps profit when it comes to Web site attacks A study of 57 Web site hacks from last year showed that 24 percent were aimed at defacing a site rather than financial gain. The figures from the latest Web Hacking Incidents Database Annual Report suggest that stealing money and data is not always the overriding motivation for hackers, although it has been a rising trend in recent years. "While financial gain is certainly a big driver for Web hacking, ideological hacking ca......
[more] An eye on security for 2009 There were several fundamental challenges in the security field last year, and this year will be no different, according to Websense's Phil Vasic. There were several fundamental challenges in the security field last year and Essential Information Protection proved to be one of the most critical aspects. Whether it's customer records or intellectual property, information is now the lifeblood of the modern enterprise, and data is available on demand to employees, custo......
[more] Websites' business logic ripe for exploitation Flaws in the business processes that underlie websites can compromise security in the same way that cross-site scripting does, according to the CTO of a web security company. Exploiting errors in websites' business logic could prove highly profitable to hackers, require little skill to exploit and are sometimes technically not illegal to take advantage of, said Jeremiah Grossman, CTO of WhiteHat Security, at the Source Boston Security Showcase. &qu......
[more] BBC may face legal challenges over Click programme's hacking feature The BBC could face legal challenges if any botnet computers used for the Click programme were located in Finland. Olli-Pekka Niemi, leader of Stonesoft's virus research team claimed that while the BBC purchasing a botnet for around £6000 (A$12800) from a cybercriminal to send spam is unethical, the problem is that it used the 22,000 computers without permission. In Finnish law, this is illegal, and Niemi said that there was no......
[more] Holes in the machine Malicious software may just be a property of the network, says regular contributor Bill Thompson. "The Conficker worm will be active again on 1 April, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA." " This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member "botnet" o......
[more] New Waledac spam falsely warns of bomb blasts Normally capitalizing on current events and holidays to spread its seed, the Waledac trojan now has turned to the message of fear. Security companies warned Monday of a new malware campaign in which the Waledac botnet creators are distributing emails that falsely claim the recipient's city has been the site of a bomb blast. The emails contain a link that leads to a malicious -- but real looking -- site, complete with the logo for news agency Reuters......
[more] Spam attacks focus on victims' economic gloom The economy remains the main topic spammers focus on to lure users into opening emails with malicious links, according to Symantec's March 2009 "State of Spam" report. “It's something the spammers are latching onto to get into a victim's inbox,” Dermot Harnett, principal analyst of anti-spam engineering at Symantec, told SCMagazineUS.com. One of the more egregious spam messages Symantec found looked like a rejection letter. It said: &ldq......
[more] Worm burrows into Church of England email system The Bishop of Manchester has been unable to send or receive email messages for ten days following a computer virus infection. The Rt Rev Nigel McCulloch's PC was hit by malware on March 3. Wider malware-linked problems with the diocese's email systems mean that a sizeable chunk of the 6,000 messages the bishop dispatched over the last ten months may have never have reached the internet, much less their intended recipients, the Manchester Evening N......
[more] Final countdown to Conficker 'activation' begins Security watchers are counting down to a change in how the infamous Conficker (Downadup) worm updates malicious code, due to kick in on Wednesday 1 April. Starting on 1 April, Windows PCs infected by the latest variant of the Conficker worm (Conficker-C) will start attempting to contact a sample of 50,000 pre-programmed potential call-home web servers from which they might receive updates, a massive increase on the 250 potential web server locale......
[more] Spam back up to pre-McColo levels Four months after ISPs disconnected hosting provider McColo, the global volume of junk e-mail has apparently returned to its previous levels, Google stated in an analysis posted on Tuesday. Using data collected from its filtering of spam on behalf of 15 million business users, the search giant found that, by the latter half of March, the seven-day average level of junk e-mail climbed to pre-McColo levels. In addition, the first quarter of 2009 had a higher sp......
[more] Lights may go out, but e-mail stays on for CLM Small businesses are having a rough ride. On top of global business threats such as the skills shortage, the recession and increasing costs, there are South Africa-specific issues like the ever-present threat of Eskom power outages and the very real and continued problem of Telkom cable theft. CLM is a small/medium business (SME) that provides the construction industry with positioning productivity solutions such as laser machine control systems th......
[more] Spam levels soar as Easter approaches Spam levels rose by a third last month to reach nearly 85 per cent of all email traffic, the highest since the McColo shutdown last year, according to the Threat Forecast and Report (PDF) from email and web security firm MXLogic. Healthcare promotions were the most prevalent type of spam in March, and some spammers used cutting-edge geo-location techniques to localise the message for specific recipients. The trend of using social networking sites to persuad......
[more] Security policies should now include Twitter As part of a series of 'securing social media' guides from Network Box, the company has claimed that businesses should review their security policies to include Twitter. The company claims that the most significant security threat to users posed by the micro-blogging site is the sharing of links between groups of followers – often masked by URL shortening tools such as tinyurl or bit.ly. These links can be exploited to download malware, or launch a p......
[more] Conficker begins stealthy update The Conficker worm has started to update infected machines with a mystery package of data. Computer security firms watching the malicious program noticed that it sprang into life late on 8 April. The activity on its update system delivered encrypted software to compromised machines. It is not yet clear what the payload contains. The Conficker virus variants are thought to be present on millions of PCs around the world. Spam connection The......
[more] Spam spurt fuelled by booming underground economy The expanding underground economy is fuelling an identity price war, with unskilled crooks now able to buy full personal identities for pennies, according to the latest edition of Symantec's Internet Threat Report. The study, published on Tuesday, reports that credit card details, names, addresses and date of births of targeted individuals can be bought for as little as 50 pence. However, the range of prices varies widely, with more prized ident......
[more] Spam comes with huge carbon footprint In a report on the state of the spam industry security software vendor McAfee has estimated that spam emails use 33 terawatt hours (TWh) of power each year. The report states that last year 62 trillion spam emails were sent in 2008 and the energy used to sent and delete them could power 2.4 million American homes. Each spam email generates 0.3 grams of carbon, both from the power to send it and from the recipient to delete it. The company estimates that spa......
[more] Botnet 'ensnares government PCs' Almost two million PCs globally, including machines inside UK and US government departments, have been taken over by malicious hackers. Security experts Finjan traced the giant network of remotely-controlled PCs, called a botnet, back to a gang of cyber criminals in Ukraine. Several PCs inside six UK government bodies were compromised by the botnet. Finjan has contacted the Metropolitan Police with details of the government PCs and it is now investigating.......
[more] One bot-infected PC = 600,000 spam messages a day Some bot-infected PCs can crank out as many as 25,000 spam messages per hour, new research released today claimed. Orange, Calif.-based Marshal8e6 deliberately infected machines in the lab of its research arm, TRACElabs, with the malware responsible for the world's nine biggest spam botnets, then observed the PCs' behavior, including each bot's top-end spam capacity. "One of the our objectives over the past few years has been to emphasize t......
[more] Swine flu causes spam fever Just days after news surfaced of a swine flu outbreak in Mexico, spammers are exploiting the news to advertise online pharmacies. Researchers have tracked several new spam runs which make reference to the outbreak, using such headlines as "swine flu worldwide' and "first US swine flu victims." Other message claimed that actress Salma Hayek and pop star Madonna had contracted the illness. The messages themselves contained links to online pharmacies which peddled drugs......
[more] Coping with the malware deluge The struggle between computer security firms and hi-tech criminals has often been likened to an arms race. By Mark Ward Technology Correspondent, BBC News website Any improvement in the way computers spot malicious software is matched by a change in tactics by the criminals that undermines that better protection. One particular tactic that has proved successful for the criminals is the pumping out of ever more copies and variants of their malware. The numbers of ma......
[more] Phishers hit Twitter again By Robert McMillan, IDG news serviceTwitter users who thought friends were directing them to a "funny blog" got caught up in a phishing scam. The microblogging service was hit by two different rounds of phishing, as criminals tried to take control of user accounts and then use them as a springboard to attack others.Both Twitter and Facebook have been hit with phishing attacks in recent days. "The social networking attacks are becoming increasingly commo......
[more] Spammers target corporates with new technique Spammers seem to be working a little bit harder these days, according to Symantec, which has reported that unsolicited email made up 90.4 percent of messages on corporate networks last month. That represents a 5.1 percent increase over last month's numbers, but it's nothing out of the ordinary. For years, spam has made up somewhere between 80 percent and 95 percent of all email on the Internet.Symantec reported that nearly 58 percent of spam is now......
[more] Spammers find new way to bust filters Spam is on the rise once more, thanks in part to a new technique. Unsolicited email accounted for 90.4 percent of all messages received on corporate networks during April, an increase of 5.1 percent from the previous month according to Symantec's MessageLabs Intelligence unit.Adam O'Donnell, a researcher at Cloudmark, a provider of anti-spam tools, noted that in addition to using botnets, spammers in recent months have been experimenting with a new wa......
[more] MP 'devastated' over Facebook profile hack 'Outlawed from cyberspace and unable to communicate with my cyber friends' A backbench Tory MP was left "devastated" after his Facebook account was hacked.Michael Fabricant, 58, spoke of his anguish in a posting on his personal website last week. The Lichfield MP's Facebook profile was suspended after his account was pwned by hackers and used to send malicious spam to his 1,500 contacts.The malicious messages said "Look at this!" and......
[more] US cuts off 'criminal' net firm An American ISP allegedly involved in distributing spam and images of child abuse has been thrown off the net. The US Federal Trade Commission asked for Pricewert LLC's net links to be severed after it had gathered evidence of the firm's 'criminal' connections. The FTC alleges that Pricewert had created one of the "leading US-based havens for illegal, malicious, and harmful content". Pricewert denied the allegations and said it would fight them in court.......
[more] Spam drops after latest ISP closure The US Federal Trade Commission's recent takedown of an Internet service provider thought to be a safe haven for spammers has reduced spam volumes, but only by a little. According to email security vendor Marshal8e6, total spam volume dropped by about 15 percent last week, as the FTC got a court order to pull the plug on a notorious ISP named Pricewert. "We noticed quite a drop-off mid to late last week," said Phil Hay, a threat analyst with Marshal......
[more] Security group converges to fight Internet abuse As cybercrime continues to proliferate on the Internet, one industry security group is hoping its work will help stem the tide of spam and scams. The Messaging Anti-Abuse Working Group (MAAWG) held a three-day meeting in Amsterdam this week, discussing spam, network security, the DNS (Domain Name System) and other topics. Industry professionals traded ideas on stopping abusive online behavior. Much of MAAWG's work is done behind closed doors. The......
[more] Air France crash prompts spam, malware outbreak As expected, spammers and malware writers are trying to cash in on the Air France disaster. Spammers have begun falsely promising news on the Air France crash as a way of tricking recipients into opening messages promoting Canadian pharmacy products. Junk mailers this week began pushing a new campaign that included subject headings such as "Last seconds of plane" or "A-330 blackbox record" as a means of enticing users into open......
[more] Spammers cashing in on Twitter, Iran, new iPhone Spammers are never far from a hot story, it seems, and in the past day they've been flooding Twitter with phoney messages about Iran and the latest iPhone 3.0 operating system. In one campaign, the spammers apparently took their lead from a Mobile Crunch article about 20 things to check out in iPhone 3.0. They've set up fake Twitter accounts and posted Twitter messages that link to a Web site promoting male enhancement products. The Twitter messa......
[more] Fake Microsoft "critical update" spam propagating trojan A new outbreak of spam claims to be a critical update for Microsoft Outlook, but the message really aims to infect users with the information-stealing trojan ZBot, security firm Trend Micro warned this week. First detected on Friday, the message reads: “This update is critical and provides you with the latest version of Microsoft Outlook/Outlook Express and offers the highest levels of stability and security.” The email instru......
[more] Michael Jackson's death exploited by cybercriminals Always quick to capitalize on major headlines, spammers have begun sending out messages related to the deaths of Michael Jackson and Farrah Fawcett, security researchers said. Jackson's death is being exploited by cybercriminals hoping to infect users with a trojan or to trick curious spam recipients into unwittingly revealing their personal information. Shortly after Jackson's death was confirmed, the SANS Internet Storm Center predicted that......
[more] Botnets pushing up spam loads Botnet-controlled PCs are responsible for some 83 per cent of all spam messages, according to a recent report. Security firm MessageLabs said in a recent report that despite efforts to shut down service providers notorious for hosting shady operations, spam vendors are continuing to send out huge loads of junk mail through the use of botnet-infected systems. Researchers estimate that in June spam levels have reached 90 per cent of the total global email load, holdi......
[more] PCs hit by Michael Jackson malware It didn't take long. Security researchers are reporting that hackers have begun to use the death of pop star Michael Jackson to infect people's PCs, just as they predicted. Starting late last week and continuing today, messages posing as breaking news alerts from the likes of CNN and the Los Angeles Times have been reaching users' mailboxes, said several security companies, including Sophos, Symantec and Trend Micro. Some of the messages, which have appeared o......
[more] Malware authors hit by recession too The recession might be having at least one positive effect - it has started cutting the volume of malware. According to an analysis by German software security company G Data, the number of unique malware signatures dropped by 30 percent between May and June, a fall the company thinks is not a natural lull caused by the holiday season. G Data's Ralf Benzmüller interprets the drop to be caused by the same economic forces that have hit legitimate parts o......
[more] Cybercrooks descend on Twitter with spam, attacks Cybercriminals are rapidly using Twitter— the popular Web-messaging service — to direct users to websites that sell porn and fake drugs and trigger promotions for fake anti-virus subscriptions. "We're starting to see a groundswell of attacks," says Dan Hubbard, chief technology officer at Websense, an Internet security firm. "Spam is usually the first bad thing we see before it escalates to things more nefarious."An escalatio......
[more] Forget spam - tackle e-mail holistically When your mission is to be the pre-eminent empowerment stockbroker on the Johannesburg Stock Exchange (JSE), but you need relocate your premises, move to a new Internet service provider, figure out how to provide business continuity while being plagued by the nuisances of spam and viruses, you need to look at innovative software as a service (SaaS) solutions to make it happen. Unified E-mail Management (UEM) to solve the company's spam and e-mail headach......
[more] Short URLs on spammers' hit-lists Email security provider MessageLabs said on Tuesday it saw a dramatic spike in the number of spam emails that include shortened URLs. Shortened URLs, which allow spammers to hide the real web address from web surfers and are commonly used on social media sites like Twitter where message character length is restricted, began a sharp rise last week and now appear in more than two per cent of all spam caught in the company's spam trap, according to MessageLabs. Ma......
[more] One in six consumers acts on spam, survey says About one in six consumers have at some time acted on a spam message, affirming the economic incentive for spammers to keep churning out millions of obnoxious pitches per day, according to a new survey. Due to be released Wednesday, the survey was sponsored by the Messaging Anti-Abuse Working Group (MAAWG), an industrywide security think tank composed of service providers and network operators dedicated to fighting spam and malicious software. Eigh......
[more] Phone Trojan 'has botnet features' A piece of mobile malware has the capacity to enable a hacker to build a botnet of phones, according to security vendor Trend Micro. The Symbian Trojan, which Trend Micro detects as SYMBOS_YXES.B, poses as a legitimate application called ACSServer.exe and calls itself 'Sexy Space'. It steals the user's subscriber, phone and network information, and connects to a website to send that information back to a hacker. It can also target the victim's contacts with sp......
[more] Website infected every 3.6 seconds Infected websites have been the single biggest threat over the past six months, and the threat vectors that have seen the most growth are Web 2.0 and social networking technologies, according to a report released this week by security firm Sophos. Approximately 23,500 infected webpages are discovered every day - which amounts to a new infection every 3.6 seconds - according to the report. That infection rate is faster than in 2008, during which the first half......
[more] Language-specific spam begins to hit the web Spammers are using translation services and templates to develop multiple versions of spam in various languages. According to the July 2009 Intelligence Report from MessageLabs, some countries are experiencing levels of spam in excess of 95 per cent. The report attributes this partially to the success of one technique, predominantly used in non-English language countries, which involves automated translation services and templates enabling spam runs......
[more] Botnet armies driving spam to new heights More than 150,000 computers being infected every day, says McAfee. Spam volumes have increased by 140 per cent since March, according to new figures from security giant McAfee, which has recorded its longest run of increasing monthly spam levels. The McAfee Q2 Threats Report, released today, said that the rise had been driven by surging growth in botnet activity. Some 14 million new computers were recruited this quarter, an increase of 16 per cent over......
[more] Twitter now blocking bad URLs, but imperfectly Hoping to deal with a growing problem, Twitter has quietly introduced a feature to prevent users from posting links to malicious Web sites. But security experts say that it can be easily circumvented. The feature was first noticedMonday by Mikko Hypponen, chief research officer with security company F-Secure. When someone tries to post a link to a malicious Web site, Twitter pops up a short notification saying "Oops! Your tweet contained a URL......
[more] After links to cybercrime, Latvian ISP is cut off A Latvian ISP linked to online criminal activity has been cut off from the Internet, following complaints from Internet security researchers. Real Host, based in Riga, Latvia was thought to control command-and-control servers for infected botnet PCs, and had been linked to phishing sites, Web sites that launched attack code at visitors and were also home to malicious "rogue" antivirus products, according to a researcher using the pseudonym Jart A......
[more] Scareware package mimics Windows Blue Screen of Death Miscreants have developed a scareware package that mimics Windows' infamous Blue Screen of Death. Prospective marks are presented with a seemingly crashed system, along with a text warning that they need to buy "security software" to clean up their systems. But the SystemSecurity rogue package on offer has no utility other than scamming people out of their money. Variants of SystemSecurity have been around since at least February 2009. Howev......
[more] FAQ: The ins and outs of DoS attacks Thursday's denial-of-service attack that knocked Twitter offline for a few hours and affected Facebook, LiveJournal, and Google Sites and Blogger wasn't your average attack. Typically, someone who has a bone to pick with a specific Web site will round up some hijacked PCs and use them to try to shut the site down. In this case, whoever was responsible was trying to block access to a specific user's accounts and not the sites themselves. Denial-of-service at......
[more] USA continues to relay more spam than any other country Sophos' report on the latest trends in spam reveals the top twelve spam-relaying countries for the second quarter of 2009. By scanning all spam messages caught in SophosLabs’ global network of spam traps, researchers have identified the top ‘Dirty Dozen’ spam relaying nations between April and June this year. During the second quarter of 2009, the USA continued to relay more spam than any other country – the nation’s 15.6 perce......
[more] Campaign Monitor reels from hack and spam attack Australian email marketing application developers Campaign Monitor warned on Tuesday that it had been the victim of a hacking attack over the weekend. Unidentified miscreants broke into servers last weekend and accessed some accounts. These compromised accounts were used to send spam, using lists already in the account and those imported by miscreants. Campaign Monitor has contacted the people whose accounts were used. It has also begun a securit......
[more] July sees spam continuing to dominate emails as websites are compromised Threat reports for July show that spam continues to be sent at a high level with image spam and phishing still in high figures. Websense's July threat report claimed that there was a series of compromises of high-profile websites in a month it claimed was 'huge for zero-day attacks and critical vulnerabilities'. Websense Security Labs claimed that both the Center for Defense Information and Torrent Reactor websites were co......
[more] Yahoo pitches paid email to slow spam Yahoo is proposing a new paid mail service as a way to sidestep spam. The company is trying out a new service known as CentMail, which allows users to purchase packs of 500 virtual stamps at a cost of $5 (£3), or one cent per stamp. Proceeds from the sales are then given to a participating charity selected by the user, and each of the email stamps carries the logo of the charity.Yahoo is also hoping that the programme will cut down on spam. By adding the un......
[more] Spammers test filters with obscure formats Spammers are adopting obscure file formats to get attachments passed security filters, Symantec researchers have warned. According to Symantec, spammers have taken to using two formats in particular, the electronic fax format, eFax, and the Internet Explorer web archive format, MHT, in a bid to sidestep aggressive filtering for better known file types. The attacks detected by the company are standard in every way except the file format used for the att......
[more] London hospital recovers from Conficker outbreak An east London hospital has confirmed its computer systems were infected by the Conficker worm earlier this month. Whipps Cross University Hospital NHS Trust stressed that the outbreak affected only administrative systems, causing minor inconvenience, and did not affect patient care. Systems have since been restored to normal. Around one in 20 computers were affected by the outbreak, the Leytonstone-located NHS hospital explained in a statement.......
[more] Spammers are using translation services to easily develop multiple language spam runs According to Symantec Corp.'s MessageLabs Intelligence Report, spammers have been using translation services and templates to easily develop multiple language spam runs, and web-based malware writers take a break as less that one percent of web malware in July is new. With spam levels globally continuing to stay at a two-year high of approximately 90 percent, some countries are experiencing levels in excess of......
[more] Phishing attacks down in 2009 Spam-based phishing attacks declined noticeably during the first half of the year according to IBM. However, it's not all good news, cyber-criminals may simply be shifting to other technologies said IBM in its semi-annual security threat report . "The decline in phishing and increases in other areas (such as banking Trojans) indicate the attackers may be moving their resources to other methods to obtain the gains that phishing once achieved," is the expla......
[more] Anti-spam smackdown finds best junk filter McAfee has claimed the crown in a run-off of anti-spam products organised by Virus Bulletin, the independent security certification body. A total of 12 products took part in the anti-spam comparative review, which rated the effectiveness of the products against each other rather than against a fixed standard. The latest edition of the bi-monthly VBSpam tests compared the effective of each of the submitted products in filtering emails from Virus Bulletin......
[more] Rogueware traps users with "green" promise A new rogueware menace is playing the environmental card, seeking to trap users into buying and downloading useless security software by claiming that donations to an environmental program will be made with every purchase. “Green-conscious people, beware!” Mary Grace Timcang, security analyst at Websense, said on the company's Security Labs blog. “Just as the scare tactics of rogue AVs have already taken their toll, yet another......
[more] WordPress warns of wayward worm Users of the WordPress blogging platform need to beware of a worm making the rounds of Web sites, if they have not updated their software in the last month, the developers of the popular blogging software said over the weekend. The malicious program affects blogs that use WordPress, and which have not installed either of the two latest updates, released on August 3 and August 12. The worm attacks Web sites by registering itself as a user, exploiting the flaw to......
[more] Case study: The Salvation Army wins the fight against spam The Salvation Army has turned to a cloud-based security service to tackle the problems caused by the fact that 90 per cent of its inbound email was spam. The charity opted for a hosted application from supplier Mimecast to support the London headquarters of its UK and Republic of Ireland arm, and the 18 divisions that make up the organisation.
The Salvation Army's IT resources were coming under tremendous strain trying to process 3,000......
[more] Spammers turn to fake non-delivery reports Online fraudsters are ramping up spam attacks through emails designed to look like automated responses to undelivered messages, according to recent figures from PandaLabs. The cloud security firm saw a 2,000 per cent increase in the number of malware laden non-delivery report (NDR) messages in August, compared to the average monthly number in the first six months of 2009.
Legitimate NDRs are automated messages sent to someone by a mail server when it c......
[more] Websense warns of web-based malware epidemic The growing threat to businesses from the web was put into sharper focus today, after security vendor Websense reported a whopping 671 per cent rise in the number of malicious sites during the past year. The firm's biannual State of Internet Security (PDF) report is compiled using email and web site scanning data collected by Websense Security Labs. The report found growth not only in the number of malicious sites but in the continued activity design......
[more] Zbot evades most anti-virus programs The banking trojan Zbot, which is one of today's most prevalent financially-motivated trojans, is not detected or removed by most anti-virus programs because of its ability to morph, according to a report issued by internet security firm Trusteer. A study of 10,000 Zbot-infected computers conducted this month revealed that a majority were running an up-to-date AV program, Mickey Boodaei, CEO and founder of Trusteer, told SCMagazineUS.com. 55 percent of Zbot-......
[more] Facebook and YouTube malware magnets says Websense A staggering 95% of all "user-generated comments" for blogs, chat rooms and message boards online are spam or malicious, according to a new Websense report on security threat trends. "That's the first time we started monitoring that," says Patrick Runald, Websense senior manager for security research, about the level of spam and malware ploys carried out around blogs and chat rooms.
The Websense Security Labs "State of Internet Security Q1 - Q2......
[more] Brute-force attacks target two-year hole in Yahoo! Mail Scammers are exploiting a two-year-old security hole in Yahoo's network that gives them unlimited opportunities to guess login credentials for Yahoo Mail accounts, a researcher said. The vulnerability resides in a web application that automates the process of logging in to the widely used webmail service. Because it fails to carry out a variety of security checks followed by the login page Yahoo! Mail users typically use, it's providing cr......
[more] 7 Ways Security Pros DON'T Practice What They Preach IT security pros are often driven to drink -- literally -- over the daily battles of their job: bosses unwilling to accept the rationale for some new security investment, employees who regularly infect their computers by doing things that have nothing to do with their jobs, and vendors who don't understand the company's needs. But in a recent, unscientific and informal poll CSOonline conducted over such social networks as Twitter and LinkedIn,......
[more] Malicious Monopoly game spreads via social networking A new spam campaign that lures users into a malicious game of Monopoly has been detected. Websense Security Labs claimed that the campaign is targeting players via social networking techniques. The spam uses a social networking technique to ‘invite' you to play the online board game. It then provides a link to the fake Monopoly game download site, which downloads a Trojan. Websense's email honey pot systems detected over 30,000 Monopoly spam......
[more] Social Networks Breed Malware Infestation Web 2.0 has been great for the development of online communities. But its benefits come with a downside: Hackers are using the interactivity of social sites to spread their malware. A recent study by security software supplier Websense finds that 95 percent of the comments posted to blogs, chat rooms, and message boards are spam or malicious software.
OK, the message comes from a vendor with a vested interest, but it rings too true: Websense Inc. says i......
[more] Alton is the UK's most spammed town, but why? Alton is the most spammed town in the UK, according to an analysis by messaging service provider MessageLabs. But why does so much spam head to an innocuous town of 17,000 people in Hampshire? The 2009 spam top ten reads, in order, Alton, Teddington, Havant, Cirencester, Brighton, Barking, Dundee, Swansea, Bromley, and Marlow. Last year's most spammed town, Egham, is now at number 14. The company also records the towns with the ‘lowest' levels......
[more] Security firms battle world's biggest spam campaign Computer users in the US are finding there's someone to fear even more than the tax man. They're being spammed by criminal gangs, preying on users' fears of the tax authorities, leading them to install malicious software. Security researchers estimate that the campaign has already enriched criminals by millions of dollars. The spam campaign, entering its third week now, is showing no signs of slowing down, according to Gary Warner, director of......
[more] Microsoft confirms phishers stole 'several thousand' Hotmail passwords Microsoft today confirmed that thousands of Windows Live Hotmail account usernames and passwords had leaked to the Internet, but said the credentials were "likely" stolen in a phishing attack. The company denied that its Web-based e-mail service had been hacked and the account log-in information stolen because of some lapse on its part.
Earlier today, Neowin.net reported that more than 10,000 accounts had been compromised an......
[more] Spam gets meatier as attached files grow The overall volume of bad bits being pushed across the Internet soared in 2009, primarily due to an increase in image spam and malicious documents attached to junk e-mail, Google's Postini group said in an analysis published last week. More than half of the messages are fake notices of underreported income from the U.S. tax authority, the Internal Revenue Service, and another third are fake package tracking tickets, Google stated in an analysis posted on......
[more] Web mail scam propagates itself The industry-wide phishing scam that has affected popular web mail services such as Hotmail and GMail, is spreading, according to experts. Security firm Websense says it has noticed a sharp rise in spam e-mails from Yahoo, Gmail and Hotmail accounts. This is because infected accounts are sending personalised e-mails to contacts suggesting shopping sites, which are in fact fakes.
Security expert Carl Leonard warned people to be on their guard.
He advised people to......
[more] Hotmail 'phishing' campaign is small peanuts Access to the 10,000 compromised Hotmail accounts at the centre of a high profile breach might be obtained for as little as $90 on the black market. Rik Ferguson, a security researcher at Trend Micro, argues that the importance of the online publication of 10,000 Live ID login credentials on developer website PasteBin.com and that the subsequent upload of thousands of assorted Gmail, Yahoo, and AOL passwords and usernames has been grossly exaggerated.......
[more] Password breaches lead to rise in email spam A huge spike in webmail spam has been detected after passwords were published last week. Following news that thousands of Hotmail, Gmail and Yahoo passwords were stolen and posted online, Websense Security Labs has detected a marked increase in the number of spam emails which have been sent from Yahoo!, Gmail and Hotmail accounts over the last few days. It claimed that the spam emails are being sent from user accounts to contacts in their address boo......
[more] Top tips to ensure network and endpoint security 2010 can be a safer year if you follow these detailed tips such as limiting access to those who need it, ensuring that systems are secure before connecting them to the Internet, testing the disaster recovery plan, and control the use of portable devices on the network. 1. Limit access to those who need it
In SMBs it is often the case that most people tend to be given full privileges and access to the network and to devices that they do not need t......
[more] 95% of user-generated comments to blogs and forums are malicious Asking users to report inappropriate content a "largely ineffective" method. A huge majority of user-generated comments to blogs and forums are malicious. Websense's biannual "State of the Internet" report revealed that 95 per cent of user-generated comments to blogs, chat rooms and message boards are spam or malicious. Websense Security Labs also identified a 233 per cent growth in the number of malicious websites in the last six......
[more] Q&A: Websense threat research manager, Carl Leonard V3.co.uk sat down with Carl Leonard to discuss his role as head of the Websense threat labs in Europe, and the state of the threat landscape. Carl Leonard discusses Web 2.0, user-generated content and the dangers of drive-by malware. V3.co.uk: As head of the Websense European threat research team, what does your role entail?Carl Leonard: The security labs division is made up of a strong team of experts located globally. Our main aim is to deve......
[more] Fake antivirus attacks PCs with ransom demand The Fake antivirus phenomenon has taken an unpleasant turn with the discovery of a Windows program that not only cons users into buying an unnecessary license but appears to lock files and applications on the victim's PC. According to security company Panda Security, rogueware program Total Security 2009 starts out in conventional fashion with the ‘discovery' of a non-existent malware infection for which it demands an unusually ambitious $79.9......
[more] Social networking - deny or allow? The business world is connected. Not because organizations are moving their brands to the social networking scene, which almost ends up looking like Spam anyway, but because the employees are social networking users. One way or another, companies will have to deal with Facebook, Twitter, LinkedIn, and others. So should they fight this trend or allow it? At the Gartner Symposium in Florida this week, Carol Rozwell, a Gartner vice president, gave a talk about the......
[more] New Halloween-themed spam just the first fright With Halloween nearing, users should be on alert for spam and other attacks exploiting the holiday, and experts expect social network websites to serve as a major vector this year. So far, one Halloween-themed spam campaign offers readers the opportunity to earn money from home, according to anti-virus vendor Trend Micro.
"Happy Halloween!" the message reads. "Make it even sweeter with some EXTRA CASH in your candy bag!"
The message contains a lin......
[more] Spam email campaign that purports to be from Facebook sees heavy detection A new spam email campaign has been detected that claims to be a password reset confirmation from Facebook. The email features a spam address 'support@facebook.com' in the from section on the message, with a .zip file attachment with an .exe file inside. Websense's threatseeker network claimed that the .exe file currently has a detection rate of about 30 per cent on VirusTotal, and it claimed to have seen up to 90,000 of t......
[more] Twitter warns of new phishing attack Twitter warned users Tuesday of a new phishing scam on the social networking site. It's the latest in a series of scams that have plagued the site over the past year, designed to trick victims into giving up their user names and passwords. "We've seen a few phishing attempts today, if you've received a strange DM and it takes you to a Twitter login page, don't do it!," Twitter wrote on its Spam message page.
The message reads, "hi. this you on here?" and incl......
[more] Pirate Bay clampdown prompted file sharing site spike Attempts to shut down notorious torrent tracker site The Pirate Bay have spurred a four-fold increase in the number of file sharing websites during the third quarter of 2009. At least some of these sites are primarily designed to distribute scareware and other types of malware rather than pirated content. Net security firm McAfee reports that a 300 per cent increase in file sharing sites that offer music and films has been accompanied by a s......
[more] Malware writers bank on Google Wave interest Malware writers have are now exploiting interest in Google's new Wave service, according to researchers. In a recent report, security vendor Symantec explained that a new wave of Trojans had been crafted to take advantage of the heightened interest in the new invite-only collaboration service. Researchers uncovered trojan applications connected to the Xrumer spam tool which were masquerading as a tool to automatically generate invites for the wave se......
[more] Why can't we do anything about spam? So I open my inbox this morning to find spam from an outfit calling itself Broadcast-info.com. Nothing new there. What was different about this one is that I also had a dozen messages from various other recipients of that spam niblet, trying to unsubscribe. Near as I can figure, the incredibly clueless spammer who sent this one out set it up so that replies went to everyone on the mailing list. That domain doesn't have a site attached to it, and the domain r......
[more] Zeus botnet pushes fake MySpace update Spam has been detected as being sent from the Zeus botnet that prompts users to update their MySpace account. Trend Micro senior security advisor Rik Ferguson claimed that the spam is similar to the Facebook-related spam seen last week, with the user ‘required to update' their MySpace account with a link provided. Ferguson said: "The link in the mail leads to a standard fake MySpace login page, so of course your account details are stolen. Once you have &l......
[more] One year later, McColo bust does little to slow spam On the one year anniversary of the McColo shutdown, spam levels have more than recovered, according to experts. Recent figures released by security firm McAfee indicate that spam levels are at an all-time high. When the notorious hosting provider was shut down in November of 2008, spam levels immediately plummeted. Though experts were sceptical that the shutdown would deal a lasting blow to spammers, there was hope that levels would at least......
[more] Companies must educate employees about the risks of online shopping and remind them of their security policy The potential danger of shopping online is that it can open the door to viruses, spam and phishing attacks that invade the workplace and cost enterprises thousands per employee in lost productivity and potentially millions in destruction or compromise of corporate data. Employees plan to spend nearly two full working days (14.4 hours) on average shopping online from a work computer this......
[more] Cybercriminals leverage swine flu threat Cybercriminals are making millions from the public panic-buying counterfeit Tamiflu medicine. Following warnings about buying Tamiflu over the internet, a report by Sophos claims that panic-buying Tamiflu over the internet will not only line cybercriminals' pockets with millions of dollars, but also grant them access to sensitive personal data to be used for other crimes. Detailed in a whitepaper entitled "The Partnerka - what is it, and why should you c......
[more] 3 Basic Steps to Avoid Joining a Botnet Banging the drum for security awareness never gets old. As much as CSOs try to get folks to bone up on safe practices (both online and in the office), there are always going to be some who need reminding. Online, the biggest battle these days is against botnets: networks of infected computers which hackers can use -- unbeknownst to the machine's owner -- for online crimes including sending out spam or launching a denial of service attack. Unfortunately, t......
[more] Large Hadron Collider spam carries virus Security experts are warning of a malware attack disguised as a video of the Large Hadron Collider in action. The bogus video link arrives in an email, which security firm Sophos said is "dodgy from the start". The message reads: 'Wow, don't ask me how I get this video, but it's realy [sic] cool,' followed by a mytinyurl.net web link.
The scammers claim in the email that thousands of people have already enjoyed and bookmarked the video, but that it requi......
[more] Raunchy spam targets online gamers Security experts are warning of a new malicious spam campaign designed to harvest the login credentials of online gamers. According to a blog posting by security vendor Sophos, the spam emails arrive with the subject line “Do you like to find a girlfriend like me?” and contain the following message: Wish to have a boyfriendBe able to protect me, take care of meIntolerable lonely night and would like to have your care.do you Willing?This is my photos.
Attached......
[more] Call sounded for anti-spam collaboration Security testing firm Virus Bulletin (VB) is calling on anti-spam vendors to work with one another to beat spam. The company said on Monday that its latest round of spam tests suggested that vendors could provide better protection for all users if they were to collaborate when developing anti-spam tools. VB said that the results of the latest round of anti-spam tests showed that if vendors were to share data on blocked messages everyone would benefit.
Th......
[more] Extra spam and malware security for bit.ly Bit.ly has partnered with security firms to bolt improved anti-spam and malware protection onto the URL shortening service. VeriSign’s iDefense IP reputation service will be used to screen against links that point to blacklisted sites hosting exploits, malicious code, botnet command and control servers or other nefarious activity. Websense Threatseeker cloud service will be used to peer behind the web content behind bit.ly links in real time, using beh......
[more] Swine flu botnet causes chaos A spam campaign that poses as a message from the Centers for Disease Control (CDC) asking people to register for H1N1 vaccinations continues to be a major problem, according to a security researcher. The messages lead unwary users to a convincing-looking CDC site where they're asked to create a profile in order to receive a vaccination for the swine flu , which has made headlines for both its aggressive spread and a lack of vaccine. The site urges users to download......
[more] Stronger botnets and increased spam detections in 2009 Cybercriminals learn lessons from McColo shutdown. There has been an average rate of 87.7 per cent in detected spam in 2009, as a small number of botnets have become stronger. According to the MessageLabs intelligence annual security report for 2009 from Symantec, cybercriminals have sharpened their survival skills and operated a volume and variety approach over the past 12 months.
It showed that there was a high of 90.4 per cent of detecte......
[more] Businesses need to understand the security issues of Web 2.0 and Social Networking The adoption of Web 2.0 makes the job of keeping email and the web free from attacks, malware and spam even more difficult. Yet, simply closing access to unapproved tools can be short sighted as unhappy employees drift to rival businesses with more enlightened policies. Web 2.0 is growing with increasing momentum and businesses seem to be harnessing some of its benefits to bring them closer to their customers and......
[more] McAfee warns there will be no repeat of McColo shutdown The anti-spam community is unlikely to have any future successes on the same scale of the McColo shutdown, as botnet herders have learned from their mistakes to make botnets harder to track and close, according to McAfee. In the security giant's monthly spam report released today, technology lead Adam Wosotowsky and director of product marketing Elan Winkler argued that "McColo has taught botnet owners a lesson".Advertisement
"As a result,......
[more] Honeynet research lifts the lid on spam trends Stats from the one billion spam messages blocked by Project Honey Pot over the last five years provide an insight into junk mail trends and spamming practices. The Honey Pot project was formed by a community of web administrators as an alliance against online fraud and abuse back in 2004. The group now numbers 40,000 members in 170 countries, making it the biggest effort of its kind on the web. Last week, the group trapped its one billionth spam em......
[more] The 12 Cons of Christmas While the risk of being hacked, conned or having sensitive information stolen is possible all through the year, most security experts agree that the holiday season brings a spike in fraudulent activity, both online and off. CSO compiled a list of twelve dirty tricks to avoid this holiday season (or any time). Product come-ons
After a day of shopping, you log on to Twitter and 'tweet' about how hard it is to find a Zhu Zhu Pet, this season's hot toy, for your daughter. S......
[more] 'Donbot' launches pump-and-dump run A huge botnet credited with launching an attack on Twitter and Facebook last month has moved into pump-and-dump spam attacks. The Donbot network has recently been connected by researchers to a rash of stock-related spam messages that attempt to persuade users to invest in a low-priced stock. Once demand for the stock has inflated its price, the spammer then sells at a profit. Researchers at MessageLabs said that the attack is unique because pump-and-dump scam......
[more] 2010 predictions: Security The security landscape is a complex, multi-layered one that changes more subtly and indefinitely than the seasons. It is therefore hard to predict security trends with any degree of certainty. That said, by looking back at the security developments of the past year and talking to security experts, we believe we have come up with a list of key trends that any IT leader worth his or her salt would be wise to keep an eye out for in 2010. Spam, botnets, social networks -......
[more] Waledac spreading through fake New Year's e-cards Cybercriminals behind the Waledac botnet have begun using a New Year's-themed campaign to capture more victims, security experts warned. The botnet is spreading spam messages that contain the subject line “Happy New Year 2010” and provide a link for what the email claims to be a New Year's greeting card, Mikko Hyppönen, chief research officer at anti-virus provider F-Secure, told SCMagazineUS.com. The campaign began last week. If followed, the......
[more] SpamAssassin '2010' bug blocked email across world If you sent an email in the first few hours of 2010, there is a chance that it never reached its recipient thanks to an embarrassing ‘2010' bug buried in the open source SpamAssassin anti-spam engine used by many Internet Service Providers. According to a UK-based techie who first blogged on the issue, the fault lies with the ‘FH_DATE_PAST_20XX' rule used in conjunction with many others by the program to score the likelihood of an email......
[more] Spammers taking advantage of free online hosters Security giant McAfee warned today that spammers are increasingly exploiting online hosting companies that provide free domains and web hosting, in order to bypass anti-spam filters. In the vendor's December 2009 Spam Report, McAfee Labs anti-spam technology lead Adam Wosotowsky and director of product marketing Elan Winkler argued that the trend has turned into "an all-out gold rush".
"Using a free hosting service is a good tactic for spammers b......
[more] ISPs could cut spam easily, says expert Two simple techniques could be used to strangle botnets, a security expert has claimed. First, block email port 25 by default. Second, tell users when they are spewing spam from compromised PCs. According to Trend Micro's CTO, Dave Rand, who is leading a campaign to reform the way ISPs approach the matter of botnets and spam, the two countries that adopted such techniques, The Netherlands and Turkey, have seen a huge reduction in the numbers of botnetted......
[more] Websense unveils security suite for Facebook Internet monitoring firm Websense has announced new software designed to counter security threats on Facebook. The Defensio 2.0 code works with the companies existing Web Security Gateway and can be configured to block certain content from appearing on Facebook. Users can block phishing sites, spam and restrict the ability of people to posting on pages with inappropriate content. "Other Web security technologies that try to address uncategorized Web......
[more] Europe's spam war hits stalemate Europe's ISPs are just about holding their own against the global spam barrage, a Europe-wide report has found. Put another way, things are not getting better, but are not getting any worse either. Judging from the 2009 ENISA (European Network and Information Security Agency) spam survey of ISPs across 27 EU states, ISPs spend substantial sums trapping spam before it gets to the end user, mainly because they have to to keep customers. Small providers spend at l......
[more] New spam campaigns see sustained levels in new year Spammers have launched new campaigns in January to sustain the high levels of spam experienced towards the end of 2009. According to the January 2010 MessageLabs Intelligence Report, spam related to the New Year accounted for 7.7 per cent of all spam on a single day. More than 50 per cent of New Year-related spam was sent by the Grum and Cutwail botnets combined. Since the New Year passed, it claimed that spammers are now moving away from the......
[more] Security firms warn of iPad scams Interest in Apple's new iPad tablet will likely touch off a wave of new online scams in the coming weeks, according security experts. The attacks, which have already begun to appear, include search-engine poisoning attacks designed to direct users to attack pages. According to security firm WebSense, such attacks began to appear within hours of the iPad's unveiling. The company noted that specially-crafted sites were being loaded with keywords in order to appea......
[more] Valentine's Day spam starts to appear Valentine's Day still is nearly two weeks away, but the lover's holiday is already attracting the attention of the web's criminal element. Researchers at Trend Micro said they have spotted two spam campaigns - one promoting a fake gift card promotion, the other counterfeit watches - in the wild. Maria Alarcon, an anti-spam engineer, said in a blog post that as Valentine's Day nears, internet users should expect the scams to get more malevolent. "Every speci......
[more] File-sharing scam targets Twitter Twitter has identified a scheme that uses compromised file-sharing sites to steal the log on information of users. The service said it had discovered a number of compromised "torrent" sites that had been set up specifically to skim usernames and passwords. Torrent sites acts as indexes of links to TV, film and music files.
Scammers were then able to use the data to gain access to Twitter and other sites because many people use the same logon for multiple service......
[more] Small drop in Christmas spam but rates still rising McAfee’s latest threat report for the fourth quarter of 2009 saw a drop in spam over the period, although the year ended with overall amounts rising. In the last quarter of the year spam levels dropped from a record of 175bn per day in the third quarter to 135bn, a decline of 24 per cent. However spam levels are likely to rise again, especially given a 40 per cent rise in one day, December 14th, as spammers looked to scoop last minute shoppers.......
[more] Google Buzz attracting spammers already Despite only being launched this week, spammers are already targeting Google Buzz, the search engine's social network, says Websense. Websense said that when Twitter launched it took a little while before it was targeted by spammers. However, in an indictment of how rapidly spammers are learning to abuse social networks, it took only two days before they started to hit Google Buzz. "It's worrying that spammers have an improved knowledge of social networks......
[more] Almost 2,500 firms breached in ongoing hack attack Criminal hackers have penetrated the networks of almost 2,500 companies and government agencies in a coordinated campaign that began 18 months ago and continues to steal email passwords, login credentials, and other sensitive data to this day, a computer security company said. The infections by a variant of the Zeus botnet began in late 2008 and have turned more than 74,000 PCs into remote spying platforms that have siphoned highly proprietary......
[more] Security tips for large and small businesses Whether your business is a big fish or a small-fry home office, you can get hacked just the same, and the stakes are higher than a few canceled credit cards. Here are a few tips to protect your users and your networks--steps that even enterprise-class security specialists may slip up on. Know Who Might Be Targeted - and How and Why
With the recent news of attacks on US companies including Google, many business owners might be thinking, "That wouldn't......
[more] Microsoft shuts down global spam network Microsoft has won court approval to shut down a global network of computers which it says is responsible for more than 1.5bn spam messages every day. A US judge granted the firm's request to shut down 277 internet domains, which it said were used to "command and control" the so-called Waledac botnet.
A botnet is a network of infected computers under the control of hackers.
The firm said that closing the domains would mean that up to 90,000 PCs would stop......
[more] Microsoft to target other botnets with legal weapon Microsoft has several other botnets in its crosshairs, and believes it can use the same legal tactic against them that it deployed last week to strike at the Waledac botnet's command-and-control centers. But the company also admitted that it had not yet severed all communications between the controllers of Waledac and the thousands of compromised Windows computers used by hackers to pitch bogus security software and send a small amount of spam......
[more] Record high for phishing in January January marked a record high for the number of phishing attacks, seeing a 21 per cent increase over the month before, according to the latest figures from security vendor RSA Security. The firm's monthly Online Fraud Report showed that recorded phishing attacks reached an all-time high of 18,820, more than double the figure of a year ago.Fast-flux attacks in January accounted for 24 per cent of phishing incidents, up 4 per cent from December. Standard phishin......
[more] Zeus botnet dealt a blow as ISP Troyak knocked out Internet service providers linked to the notorious Zeus botnet have been taken down, knocking out a third of the command-and-control servers that run the network of hacked machines. Two ISPs, named Troyak and Group 3, were home to 90 of the 249 known Zeus command-and-control servers. Zeus Tracker, a Web site that tracks the botnet, noticed the steep drop in servers on Wednesday morning.The Troyak network was itself an upstream provider to six n......
[more] Trend Micro updates hosted email security platform Trend Micro today announced a new version of its Hosted Email Security Platform, which is designed to deliver cost-effective protection against mail-borne threats and malware. "Email security is mission-critical for our customers," said Trend Micro small business product marketing manager, James Walker. "Trend Micro's new Hosted Email Security 2.0 ensures customers receive 100 per cent service uptime, effective spam blocking and zero email......
[more] Warnings made of backdoor Trojan disguised as a download for a Skype Email Toolbar Websense has warned of malware that claims to be a download for a Skype Email Toolbar. It claimed that there is currently a 'very low' anti-virus detection for the spam email message, which contains a file attachment named SkypeToolbarForOutlook.zip that contains a backdoor Trojan. Carl Leonard, security research manager at Websense Security Labs, whose ThreatSeeker Network discovered the new wave of email attack......
[more] Phone networks try new spam abuse system Mobile phone companies are trialling a new abuse reporting system that could make it much easier for networks to spot and block spam reported by consumers across the world. Co-ordinated by the GSMA (GSM Association), the global Abuse Reporting Service will streamline the way consumers report spam, feeding reports directly from consumers into a larger database run by security provider Cloudmark, which has made its name filtering Internet spam.Once analyse......
[more] Bogus UPS spam wrecks Windows XP A new wave of bogus UPS shipping spam is being used to push a piece of malware which can render PCs unbootable, security company Webroot has warned. The company's warning relates to a Trojan downloader called 'tactilol' that appears to turning up either as a zipped attachments with stock UPS shipping confirmation spam, or as a Facebook update. The attack will undoubtedly have a number of different payloads, but the one that caught Webroot researcher's attention......
[more] South Korea accounts for third of the world's malware Almost a third of global internet viruses are being sent from South Korea. According to Network Box, in March it accounted for 31.1 per cent of the world's malware, a leap from February's 8.9 per cent. The US is the second most prolific producer of viruses, holding steady from February at 9.34 per cent, followed by Brazil at 6.04 per cent, China at 5.05 per cent and India at 3.86 per cent. Simon Heron, internet security analyst at Network Bo......
[more] Great firewall of News Limited saves $5.5M a year Blocking people from accessing unproductive Web sites has saved News Limited an estimated $5.5 million a year the company's top security professional estimates. Just as the federal government hatches its plans to implement the great firewall of Australia in the form of Internet filtering, News Limited has seen success by blocking employees from accessing public Web services it deems unproductive. News Limited's national IT security manager Bob H......
[more] Gmail spam uses fake addresses to spread malware Gmail spam is on the rise. Spammers are using fake Gmail accounts to clog up inboxes, making "Gmail.com" the most abused domain name, according to Commtouch's quarterly Internet Threats Trend Report, released Wednesday. Only 1% of spam emails sent from Gmail addresses are actually from real Gmail accounts, and "this small percentage is likely to represent a mix of spammers and compromised Gmail accounts," Commtouch says.Overall, "b......
[more] FIFA World Cup bookings spurs cyber crime An increase in web bookings for accommodations and tickets for the World Cup in South Africa has spurred local online users to warn about an uptick in cybercrime in the region. Africa is currently facing an increase in phishing attacks in which criminals try to extract bank account information in order to steal money from unsuspecting bank customers. Meanwhile, South Africa is hosting the World Cup from June to July this year, with millions of people al......
[more] Drug-dealing Spammers Hit Gmail Accounts Google is investigating a growing number of reports that hackers are breaking into legitimate Gmail accounts and then using them to send spam messages. The problem started about a week ago but seems to have escalated over the past few days."The Gmail team takes security very seriously and is investigating the reports we've seen in our user forums over the past few days," Google said Tuesday in an e-mailed statement. "We encourage users who......
[more] Linux machines linked to spam Although Linux holds only a small market share, Linux computers appear to send a disproportionate amount of spam compared to other operating systems, according to new research from Symantec's MessageLabs messaging security division. Symantec looked at spam from November 2009 through March and broke down what kind of operating system is on the computer that sent the spam. Analysts do that by a method called passive fingerprinting, which involves analyzing the netwo......
[more] Technology security myths debunked Bursting the security bubble Think you can hide behind the privacy of an "unlisted" cell phone number? Think again. Maybe you believe you don't need security software on a Mac or iPad. You'd swear that Firefox is the safest browser in town. Wrong on both counts.Most of us don't think about security for our digital devices until something goes wrong, or it's time to renew an antivirus subscription. But what the security experts like to call the threat......
[more] Fifa World Cup spam strikes again Security vendor Trend Micro is warning users of yet another spam campaign using the forthcoming Fifa World Cup 2010 tournament as its bait. The unsolicited mail in question carries a .PDF file attachment which containing details about a lottery which the recipient allegedly won. It also instructs the recipient to give out personal information and send them to the contact person or email sender before the prize can be claimed. "What was interesting about th......
[more] The true extent of insider security threats Internal employees are responsible for as much as 80 percent of the malicious attacks at organizations -- at least according to the stats I've seen cited around the Internet. Yet that figure seem to be much higher than what I've observed in my professional IT management and consulting experience over the past two decades. Out of at least 100 security incidents -- a conservative number -- I've seen, only a handful were caused by employees. In light of......
[more] McAfee: USB worm is biggest PC threat A worm that is spread via USB flash drives has been named the biggest security threat to PC users by McAfee. According to the security vendor's Threats Report: First Quarter 2010, an AutoRun related infection was also the word's third biggest PC threat, while the rest of top five biggest PC threats were made up of password-stealing Trojans. The report revealed that Spam rates have maintained steady.However, there has been an increase in diploma spam, or spa......
[more] Trend Micro warns of 419-style World Cup scams Security experts are warning of yet more internet related scams designed to capitalise on this summer's World Cup tournament in South Africa by parting unsuspecting users from their cash. Gelo Abendan, of Trend Micro's technical comms team, wrote in a blog post of two separate spam runs exploiting the upcoming event.The first arrives in a .doc email attachment informing recipients of a 'Final Draw' competition run in part by the FIFA Organising Com......
[more] Facebook the new battleground for spam, malware: Sophos Facebook and Twitter users beware. Hackers and spammers are focusing on social networking sites, according to security firm Sophos. In the early days of the Internet, email used to be the major carrier of spam messages on the web. Today, according to Sophos, spammers have shifted to social networking sites - where users are many and prevalent - in carrying out their dastardly deeds. Compromised social networking accounts are just like PCs......
[more] The biggest botnets: Is your PC part of one? There are hundreds of botnets, ad hoc networks of Windows PCs that are infected with one or more programs to let them do the bidding of their controllers, some are far more trouble than others. While you can't afford to ignore any botnet threat, here are some of the worst of the worst. "When it comes to botnets, size does matter," said Scott Emo, head of endpoint solutions at Check Point, a network security company. That's because "the......
[more] Cybercriminals are using the 2010 World Cup to snare their victims WatchGuard security analysts have seen an explosive growth of online threats relating to the 2010 World Cup, which kicks off tomorrow and runs to July 11. IT administrators should be aware of these World Cup threats and take appropriate action to mitigate their effects. Key threat findings:Spam - WatchGuard sees a global increase in spam using World Cup as the theme. In addition to traditional marketing spam, there is an increas......
[more] Cloud-based scanning service introduced by Watchguard Watchguard has announced the launch of a cloud-based web security service to couple with its XTM and XCS security appliances. Reputation Enabled Defense (RED) protects against web-based threats to protect users against next-generation threats and delivers highly secure web browsing via a cloud-based reputation lookup that scores URLs as good, bad or unknown. The company said that the lookup leverages a dynamic global database that aggregates......
[more] World Cup continues to drive spam The World Cup is continuing to play a major role in global spam loads, according to Symantec. The company said in its monthly MessageLabs Intelligence report that throughout the month the football tournament had been popular not only for pushing spam related to the event, but also for getting unrelated spam messages through filters. Researchers have for weeks been warning that the event would be a popular lure for scams and malware attacks as cybercriminals loo......
[more] Asprox botnet causing serious concern Security researchers are warning of a rapidly growing number of web sites infected by the Asprox spam botnet. Asprox is capable of launching SQL injection attacks, and has more than doubled its appearance on application service provider (ASP) sites from 5,000 to 11,000 overnight, according to M86 Security. The firm has tagged the botnet with a 'high severity' badge, meaning that it is particularly serious.M86 Security threat analyst Rodel Mendrez said in a......
[more] Spammers still hot for Michael Jackson One year after his death, pop star Michael Jackson is still being used as a target for spammers. An anti-spam researcher at Symantec is reporting a series of new spam emails that push products related to the death of the man known as the 'King of Pop'. Symantec researcher Dermot Harnett said that the messages are titled "The Official Michael Jackson Commemorative Anniversary Coin In Loving Memory of Michael Jackson," and advertise a collectable c......
[more] Kraken botnet re-emerges 318,000 nodes strong Kraken, a large and difficult-to-detect botnet that peaked in 2008 and was dismantled by early 2009, is back, and anti-virus solutions are struggling to detect it, according to researchers at Georgia Tech Information Security Centre. The botnet reappeared in April and, as of last week, was made up of more than 318,000 unique IP addresses, or about half its 650,000 maximum size in 2008, Paul Royal, research scientist at the Georgia Tech centre told S......
[more] Online crims not just 'speccy geeks', researchers warn Misconceptions about the nature of cybercrime are affecting the fight against online economic skulduggery. Widespread beliefs that e-crooks are likely to be either "geeks with glasses" or digital pranksters are well wide of the mark, according to researchers from Trend Micro, which reckons the majority of cybercrooks would be indistinguishable from the man in the street. Cybergangs are located around the world. Russia, the Ukraine and China......
[more] Top 10 social networking threats Social network tools have changed the way we interact in our personal lives and are in the process of transforming our professional lives. Increasingly, they play a significant role in how business gets done. But they're also high risk. With hundreds of millions of users, these tools have attracted attackers more than any other target in recent years. Here, according to Palo Alto Networks, are the top 10 social network threats/risks that enterprises must consid......
[more] Users still failing on basic security patching A report into the state of internet security has found patching is still woefully poor among computer users. Of the top ten exploited vulnerabilities in M86 Security's analysis of the first half of 2010 only one had been patched this year, while one fix was issued in 2006 and the majority were at least two years old. Half of the flaws were in Microsoft products, namely Internet Explorer, Access Snapshot and in video streaming controls. "The at......
[more] Coventry is top of the UK spam charts Coventry has claimed the dubious honour of being the most spammed place in the UK, according to the latest stats from Symantec Hosted Services, which estimates that the average inbox in the area comprises 92.8 per cent spam. The security firm analysed the geographical location of its customers to compile the list, which places Ipswich as the least spammed location with an average of just 85.2 per cent.However, spammers are unlikely to be targeting specific......
[more] Malware distributors incorporate well-known brands in their email spam to deliver dangerous programs to unwitting victims An ongoing campaign where malware distributors use email spam to deliver dangerous programs to unwitting victims has begun to change its tune, switching the scam to incorporate different brands. In the latest scam, the message appears to be an order confirmation from Amazon.com for the purchase of an expensive consumer electronics item, or a contract (spelled, tellingly, 'con......
[more] Spam attacks to rise 30 per cent in 2010 Spam attacks will rise by a whopping 30 per cent in 2010 compared with 2009, presenting a continued threat to the security of enterprise networks and corporate information, according to Cisco's 2010 Midyear Security Report. The company said that most spam originates from the US, followed by India, Brazil, Russia and South Korea.The report also found that the growth of social networking is having a major impact on organisations' abilities to maintain effe......
[more] Shortened URL spam shows big rise The tendency of spammers to use shortened URLs to evade detection has gone from last year's clever exploit to this year's mainstream tactic, MessageLabs has reported. In the second quarter of 2009, emails using shortened URLs exceeded 1 in 200 emails only once, the company's July 2010 Intelligence report notes. During the same period this year, its figures showed that this threshold had been breached on 43 days. On 10 of these days, the volume of shortened hype......
[more] Police nab six in UK online banking fraud sting Six people have been arrested for allegedly running a phishing operation that netted at least £358,000 (US$569,000) and compromised more than 20,000 bank accounts and credit cards, the Metropolitan Police in London said today. Five men and one woman between the ages of 25 and 40 were arrested on suspicion of conspiracy to commit online banking fraud and violations of the Computer Misuse Act, said the Police Central e-crime Unit (PCeU). The s......
[more] Microsoft delivers monster patch batch Microsoft today issued a record 14 security updates to patch a record-tying 34 vulnerabilities in Windows, Internet Explorer (IE), Office and Silverlight. "Don't get mired in the details," recommended Andrew Storms, director of security operations for nCircle Security, as he acknowledged that the sheer number of updates and patches could easily overwhelm users. "There are so many patches here that you could go in all kinds of different directions,&quo......
[more] Facebook 'dislike' scam warning Facebook users are being targeted in a scam that offers them a chance to install a "dislike" button. The scam tricks users into allowing a rogue application to access their profile page, which then posts spam messages. It also attempts to lure people into completing an online survey, for which the scammers are paid money.
The social network already offers a "like" button that allows people to rate other user's comments and posts.
Graham Cluley of security firm Sop......
[more] Hackers bait Zeus botnet trap with dead celeb tales Hackers are using tales of dead celebrities to build out Zeus botnets by duping users into compromising their own PCs, security experts said today. The list of celebrities -- actors and singers for the most part, with an occasional sports star tossed in -- range from Anniston (Jennifer) and Cruise (Tom) to West (Kayne) and Z (Jay), said Symantec. According to the spam that carries the malware, the personalities perished along with 34 others whe......
[more] 2010 smashes vulnerability records Vulnerability disclosures reached record levels in the first half of 2010,according to the latest report from IBM‘s X-Force security team. The team's mid-year trend and risk report documented 4,396 disclosed software vulnerabilities in the first six months of the year, a 35 per cent increase on 2009. This was attributed to software vendors disclosing more data and the increased number of security researchers now focused on finding flaws in code. "Thr......
[more] Sophos warns of fake anti-virus spam campaign Security vendor Sophos is warning of a major spam campaign designed to trick users into downloading fake anti-virus software. In a blog post, Sophos senior technology consultant Graham Cluley explained that the unsolicited emails arrive with subject lines such as "You're invited to view my photos!", "Appointment Confirmation", or "Your Bell e-bill is ready". "Opening the attached HTML file, however, redirects your w......
[more] Advanced instant messenger threat discovered Warnings have been made about worms that are spreading via instant messaging (IM) clients. Kaspersky Lab said that the new family of worms are multilingual and capable of infecting users via several IM clients simultaneously, including Yahoo! Messenger, Skype, Paltalk Messenger, ICQ, Windows Live Messenger, Google Talk and the XFire client for gamers. Kaspersky said that four variants of IM-Worm.Win32.Zeroll have been detected so far. Kaspersky Lab sa......
[more] Security-as-a-service growing When you ask IT professionals if they use cloud computing or software-as-a-service, most start by saying "no". But if you ask some follow up questions, you will quickly find out about "that one application" that is a SaaS application. In security, this effect is even more pronounced. Companies don't think they use security-as-a-service or "cloud" security. Yet, many do, in the form of messaging security: e-mail antispam and antivirus. T......
[more] Global spam hits all-time high Spam hit an all-time high this year, with more unwanted messages pouring in from a smorgasbord of countries, thanks in part to globalization. Such are the findings of a recent and comprehensive report on all things security-related from IBM X-Force. The typical spam message has sources as diverse as the spam lunch meat; it's sent from a machine located in the United States, India, or Brazil, and it contains a .ru URL (Russia's top-level domain) that's hosted in Chi......
[more] Botnet takedown may yield valuable data Researchers are hoping to get a better insight on botnets after taking down part of Pushdo, one of the top five networks of hacked computers responsible for most of the world's spam. Thorsten Holz, an assistant professor of computer science at Ruhr-University in Bochum, Germany, said his group is working on an academic paper focused on methods to figure out what type of malicious spamming software is on a computer that sent a particular spam e-mail. They l......
[more] Spammers crash Apple's Ping party Security firm Sophos is warning that Apple's Ping social networking service has been blighted by spammers just days after launch. Graham Cluley, senior technology consultant at Sophos, said that Ping is failing to block fraudulent messages posted by spammers, and urged users to be on their guard. Ping was announced this week and went live for approximately 160 million iTunes users who were instantly able to read and post comments and build up social networks aro......
[more] Facebook glitch let spammer post to walls A clever spammer found a glitch in Facebook's photo upload system and used it to post thousands of unwanted Wall messages this week. Facebook confirmed the bug Friday, after notifying affected users of the issue. Andrew Jones was one of the victims. He thought that his Facebook account had been hijacked Sunday after a friend pointed out a spam message on his wall. He quickly changed his password, but worried that some of his other e-mail accounts might......
[more] Spammers exploit second Facebook bug in a week Facebook today said it has fixed the bug that allowed a spamming worm to automatically post messages to users' walls earlier this week. The flaw was the second in the past week that let spammers flood the service with messages promoting scams. Last week, Facebook quashed a different bug in its photo upload service that let a spammer post thousands of unwanted wall messages. The newest worm was noticed Monday by researchers at a pair of antivirus ven......
[more] Anti-US hacker takes credit for 'Here you have' worm A hacker who claims he was behind a fast-spreading e-mail worm that crippled corporate networks last week said that the worm was designed, in part, as a propaganda tool. The hacker, known as Iraq Resistance, responded to inquiries sent to an e-mail address associated with the "Here you have" worm, which during a brief period early Thursday accounted for about 10 percent of the spam on the Internet. He (or she) revealed no details abo......
[more] New emails containing Zeus malware detected Warnings have been made of a new wave of malicious email messages that carry a Zeus payload. According to Websense Security Labs, the campaign is related to pharmaceutical spam messages, except that it combines an HTML or ZIP attachment with a social engineering technique. Detection found that in the case of an HTML attachment, criminals are using an obfuscated JavaScript and content is encrypted with a commercially available HTML obfuscation tool. Web......
[more] Twitter 'antibodies' help kill worm, says researcher Social-networking services like Facebook and Twitter have a natural defense against hardcore hackers, a security researcher said Tuesday. The remarkable speed with which several worms spread on Twitter on Tuesday may have sent opportunistic spammers scurrying to exploit a quickly patched vulnerability, but cybercriminals looking for ways to hijack PCs essentially steered clear. Why? "Social networks have built-in antibodies...their users,......
[more] Researchers see an increase in Russia-registered spam domains Researchers are seeing an uptick in the number of spam-related domains from Russian registrars, a sign that cybercriminals are choosing those providers due to lax enforcement. An analysis of spam messages over the last month showed that more than a third of domain names connected with spam are ".ru" ccTLDs (country code Top Level Domains), according to e-mail security vendor M86. Spam messages advertising products typically......
[more] LinkedIn users attacked by deadly Zeus spam Networking site LinkedIn is being used as the lure for a huge spam campaign designed to infect UK and US businesses with the data-stealing Zeus/Zbot Trojan, Cisco has reported. After appearing on 27 September, by 11am BST (6am eastern), spam featuring a bogus LinkedIn reminder accounted for up to a quarter of all spam detected by the company in a 15-minute period. Users are asked to review the contact request for a fictitious user by clicking on an emb......
[more] Malware Targeting Top News Sites, Message Boards Malware is all around. Indeed, according to research from information security firm Websense, "no matter how careful you are, today's Internet user is only two short clicks away from malicious content and an infected computer or network," at least for the Internet's top 1,000 websites. That "two degrees of malware separation" applies to 70% of top news sites, 70% of leading message boards, and 50% of social networking sites.......
[more] The 7 most attacked applications Which are the software world's most attacked applications? All applications are attacked to some extent but as time has gone on a favourite list has started to emerge based on two fundamental weaknesses: how widely used that application happens to be and how many software vulnerabilities, known and unknown, have been uncovered in it. The more popular an app, the larger the number of potential targets, and the more incentive there is to research its vulnerabilitie......
[more] Facebook hit by new iPhone spam attack Facebook users are being warned about a new spam scam that tries to tempt users into visiting a website with the promise of a free Apple iPhone. It's a pretty basic nuisance scam as such things go. According to security company Sophos, the following message appears on a user's message wall: "Anyone want my old phone? Claimed my free iPhone today, so happy lol... If anyone else wants one go here [link]." Clicking on the link brings up an ‘al......
[more] Sick PCs should be banned from the net says Microsoft Virus-infected computers that pose a risk to other PCs should be blocked from the net, a senior researcher at software giant Microsoft suggests. The proposal is based on lessons from public health, said Scott Charney of the firm's trustworthy computing team. It is designed to tackle botnets - networks of infected computers under the control of cybercriminals.Putting machines in temporary quarantine would stop the spread of a virus and allow......
[more] Fighting to keep bad stuff off Facebook Not all of the 19 million Facebook "fans" of superstar Lady Gaga have her interests at heart. During a recent one-week period, 93 malicious links were posted on Lady Gaga's Facebook site to try to trick visitors into downloading dangerous malware. Plus, 372 postings were just pure spam and 1,717 "fans" were mouthing profanity. That's according to Websense, which this week is announcing general availability of a service called Defensio......
[more] This Facebook Password Will Self-Destruct in 20 Minutes Facebook members using unfamiliar computers to log on can now do so using disposable passwords, skirting security problems sometimes found on public PCs. If the member has a phone number registered with Facebook, he or she can request a temporary password via SMS that remains usable for just 20 minutes. Questions about the system's effectiveness have been raised, however. Facebook has unveiled new measures to keep members secure when they l......
[more] US tops botnet charts The US is home to the greatest arsenal of botnets, according to reports from Microsoft and Sophos. According to Sophos, US computers dumped 18.6 per cent of the world's spam between July and September this year. When the whole continent was taken into account, North America only came third behind Asia. It was Europe that topped this list as the source of a third of the world's spam.It was not surprising, therefore, that Microsoft's study of the botnet population also placed......
[more] UK web sites to blame for spam epidemic One in 10 UK web firms is sending unsolicited email to customers, contributing to a spam landscape that is spiralling out of control, according to spam monitoring firm Spam Ratings. The firm's 12-month study of 10,000 web sites and 150,000 emails found that spam has increased dramatically, and that the main source of the messages is web sites. The volume of spam coming from web sites rose by 110 per cent between October 2009 and September 2010, according t......
[more] Did Dutch police break the law taking down a botnet? Dutch police took unprecedented action in taking down a botnet on Monday: They uploaded their own program to infected computers around the world, a move that likely violated computer crime laws. The program causes a computer's Web browser to redirect to a special site set up by the Netherlands Police Agency, where users are informed their computer is infected with Bredolab, a password-stealing malicious software program. Dutch police did that......
[more] Businesses under all-out cyber attack, says Websense Cyber criminals are mounting an all-out attack on businesses, which is likely to continue, according to the Websense 2010 Threat Report. The report shows that in the past year, 52% of data-stealing attacks were conducted over the Web, 9% of data stealing attacks happened over e-mail, and 90% of all unwanted e-mails contained links to spam sites or malicious websites, up 4% on 2009. Most of today's blended attacks are considered "zero-day,......
[more] Malware threats quadruple since 2007 Malware levels have quadrupled since 2007 with 60,000 new pieces of malicious code discovered every day, according to the latest stats from McAfee. The security vendor's latest quarterly threats report (PDF) said that new malware is at its highest ever level, and that 14 million unique pieces were discovered in 2010, one million more than the same time last year. Koobface and AutoRun malware attacks appear to have levelled off, but cyber criminals are still h......
[more] UK among the top spammers in Europe The UK is among the top 10 western European countries for sending malicious spam, according to the latest threat report from Trend Micro. The report found that 9.77 per cent of spam messages originate in the UK. The most frequently sent type of message is commercial or advertising spam offering work from home schemes or weight loss treatments, for example. Weight loss offers account for a quarter of all scam mails, while 'business opportunities' account for ar......
[more] Golden rules for secure instant messaging As time progresses, cybercriminals are refining their techniques to lure potential victims to visit malicious hyperlinks. Instant messaging is a very effective way for malware to stay active and thrive. Last week, an unnamed computer worm forced Microsoft to temporarily suspend active links in its Live Messenger 2009 to prevent the aggressive instant messaging (IM) worm spreading. Mak James, technical manager at ESET UK comments, "This is quite a s......
[more] First hour of a phishing campaign the most effective Taking down sites after five hours pointless. Half of the victims of phishing attacks respond within an hour of receipt of the scam message. Calling this the ‘golden hour' of a phishing site's existence, Trusteer CTO Amit Klein noted that a typical phishing campaign takes at least one hour to be identified by IT security vendors. Within five hours, more than 80 per cent of the total pool of potential victims have responded, a figure that......
[more] A short history of e-mail's future Scarcely a year goes by without someone making radical predictions about the future of e-mail. Only a few have even been right. Facebook has reopened the topic with predictions of how the new Facebook Messages product will shape e-mail's future - a scant five months after the social network's chief operating officer predicted the death of e-mail. Both predictions echoed similar musings from decades past. Predictions of the death of e-mail go back to e-mail's be......
[more] Hack attack on Gawker spawns Twitter spam An attack on online gossip site Gawker Media has enabled spammers to take over thousands of Twitter accounts. Gawker said on Sunday its servers had been hacked and 1.3 million user account passwords compromised. A file containing those details was then published on a file-sharing site by a group allied to the notorious image board 4Chan. That enabled spammers to break into thousands of Twitter accounts where users had used the same passwords.Gawker publi......
[more] Beware: 7 Scrooge-worthy scams for the holidays The holiday scam season is upon us. For Beth Jones, a senior threat researcher with Sophos, this time of year means an upswing in fraudulent activity online. Between malware authors looking to infect machines, and identity thieves hoping to con consumers out of credit card information, this is the prime month for behavior that qualifies for the naughty list. "The two-week mark before Christmas is when things start to ramp up out of control,&qu......
[more] 2010 tech snapshot: IT security This year has seen an almost unparalleled buzz of activity in the security space, from big name mergers and acquisitions activity to allegations of state-sponsored attacks and most recently, the rise of the hacktivist. Alongside this are the continued threat of spam, the growing sophistication of malware and changing trends among the workforce such as mobile working and the use of social networking, which are exposing the enterprise to new and dangerous threats. S......
[more] Sudden spam drop leaves experts baffled Spam volumes appear to have dropped to averages last seen in 2008 after an expected surge in bogus email over the Christmas period failed to materialise. Estimating real spam volumes is a notoriously difficult exercise thanks to a tendency of spam to naturally ebb and flow over time and the fact that no agency has a single view on the phenomenon. However, figures revealed in recent weeks by a number of companies that have compiled stats make curious readin......
[more] Sophos warns over fake MS update worm Security firm Sophos is warning Windows users to beware of a fake security update scam that installs a worm in target machines. The attack arrives in the form of a spam email that appears to come from Microsoft, warning users to update their operating system. Anyone opening the email is advised to follow instructions, which involve installing the attached KB453396-ENU.zip file.Microsoft never sends out such emails, instead using its own update system, but So......
[more] A third of all malware in history created in 2010, says report More than a third of all malware that has ever existed was created by criminal gangs in 2010 alone according to the latest PandaLabs Annual Report. To be precise, the company found that 34 percent of all existing malware has been concocted by cyber-criminals in the last year, banishing forever the image of the disgruntled geek creating viruses in his bedsit. It's not all bad news however, there's been a dramatic slow-down in the rate......
[more] Facebook riddled by 'my first ever status message' scam app A new survey scam has hoodwinked thousands on Facebook. Users are being induced into filling out a worthless survey on the false promise of a dubious reward - a reminder of their first ever status message on the social networking website. These false promises appear as status messages from already fooled surfers, touting a rogue application. Surfers who install the application grant it account privileges - thus allowing it to post from......
[more] Security experts warn of PayPal phishing scam Security experts at Sophos have warned PayPal users to look out for fraudulent emails about 'account limitations' that attempt to harvest log-in details. Graham Cluley, senior technology consultant at the vandor, said in a blog post that the bogus emails claim that accounts have been temporarily limited, and ask for user log-in details to remedy the 'problem'. "Plenty of people have been targeted by an attack which uses the subject line 'Your ac......
[more] Spam back on track with UK in fifth place The UK is fifth in a list of the worst spam relaying countries, with unwanted email continuing to plague inboxes across the globe despite a recent drop in levels, according to a new report from security firm Sophos. The UK remained in fifth place despite having decreased its percentage of total spam output. The proportion of junk mail coming from UK servers fell from five per cent to just over 4.5 per cent. The US has retained its pole position in the ra......
[more] US sends out most spam at end of 2010 A Sophos report has found that the US sent out the greatest amount of spam between October and December 2010, with India, Brazil, the UK, and Russia making up the rest of the top five. Europe remained the continent responsible for sending out more spam than any other, with a 32.11 per cent share. Asia was just behind on 31.89 per cent. Whilst there was not much of a shake-up in terms of countries, spammers' tactics have altered a little."Spam is certain......
[more] Waledac botnet wakes up in 2011 with new run of pharmaceutical spam A new variant of the Waledac botnet has reappeared, with pharmaceutical spam being distributed. The botnet reappeared at the end of 2010, sending out a New Year themed spam email where a URL in the email asks the recipient to download a fake Adobe Flash player, however this campaign ended on January 4. The new pharmaceutical campaign also uses redirections via compromised legitimate sites with the links not just sending the user......
[more] Sophos warns of surge in social network attacks Users of social networking sites have seen a dramatic increase in spam and phishing attacks over the past year, according to the latest report from security vendor Sophos. The Security Threat Report 2011 provides an analysis of cyber crime in 2010, warning that social networking hacks have increased in frequency, and affect consumers and businesses alike. Sophos found that 40 per cent of social network users had been sent malware, an increase of ar......
[more] Kama Sutra PowerPoint named as one of the threats of the last three months, as new warnings made on malware that bypasses cloud-based anti-virus The Kama Sutra virus has been named as one the largest threats of recent months. In Cyberoam's 2010 internet threats trend report for Q4, the Trojan downloader associated with a Kama Sutra presentation titillated recipients into downloading a PowerPoint presentation of sexual positions, but left their PCs infected with a malicious code that opened a bac......
[more] Google answers critics on spam and search results Google has defended itself against criticism of search result quality and has said that it will be taking more action to stop vendors spamming on the engine. In a blog post Matt Cutts, Google principle engineer, said that following a spate of articles claiming Google's search results are slipping the company had checked and found no problems. "Reading through some of these recent articles, you might ask whether our search quality has gotten......
[more] MyDoom the most destructive malware of the decade The 2004 MyDoom malware infection was the most costly piece of malicious software deployed in the past decade. Security vendor McAfee ranked the infection as the most destructive malware of the 2000s in terms of monetary damages. The company estimates that costs from lost productivity and commerce from the infection's massive spam campaigns mounted as high as $38bn ultimately. At its peak, MyDoom-related spam slowed global internet traffic by 10......
[more] Major downturn in spam output in 2011 The slowdown in global spam at the start of 2011 was reminiscent of the shutdown of the McColo botnet in late 2009. According to the Symantec MessageLabs Intelligence Report for January 2011, following a two-week decline in spam levels, spam now accounts for 78.6 per cent of all email traffic, which is the lowest rate since March 2009. The volume of spam in circulation in January 2011 was 65.9 per cent lower than for the same period one year ago in January 2......
[more] Egypt's internet block causes huge spam drop Spam levels in Egypt have virtually vanished, showing the almost complete block on internet activity which the authorities have managed to engineer in the country since Thursday night, according to the latest figures from security vendor Sophos. Although according to some reports the Noor Group ISP is still online, probably because it hosts the Egyptian Stock Exchange, all of the major service providers were ordered to cut their services at around mid......
[more] Researchers pry open Waledac, find 500,000 email passwords Researchers have taken a peek inside the recently refurbished Waledac botnet, and what they've found isn't pretty. Waledac, a successor to the once-formidable Storm botnet, has passwords for almost 500,000 Pop3 email accounts, allowing spam to be sent through SMTP servers, according to findings published on Tuesday by security firm Last Line. By hijacking legitimate email servers, the Waledac gang is able to evade IP-based blacklisting t......
[more] Sophos goes virtual with email security appliance Sophos has expanded its range of email security and data protection products with a virtual email security appliance, designed to offer enhanced inbound and outbound threat protection with simplified management at a low cost. Available immediately for VMware virtualised environments, the Sophos Virtual Email Appliance integrates data loss prevention with email encryption and proactive spam and malware protection. The appliance features the vendor......
[more] Botnets claim 7-fold increase in victims Botnets used in banking credential theft and other criminal enterprises made huge gains in 2010, claiming more than seven times as many victims as the previous year, according to a report issued by a security firm that follows the large networks of infected machines. The dramatic increase was fueled by improvements in DIY botnet construction kits, which allowed internet-based fraudsters to construct new networks that quickly gained traction, the report fr......
[more] The true cost of cybercrime According to a recent UK government report, the overall cost to the UK economy from cybercrime is believe to be £27bn per year. The UK government report demonstrates that businesses need to take the threat from cybercrime seriously. In addition to spam and malware attacks, businesses need to be aware of the risk from cybercriminals gaining remote access to company systems, spying on sensitive activities and stealing information. However, the report does not prov......
[more] Germany provides a secure way to deal with spam In theory, stopping spam is easy: just make it uneconomic to send millions of messages by charging for each one sent, or make senders authenticate their identity to stop address spoofing and simplify blocking. In practice, that would involve building a secure, parallel email infrastructure linking electronic authentication with real-world identities: a daunting task. Yet that's just what Germany is about to do. De-mail -- a play on the country-code......
[more] Major spam network silenced mid-campaign The sudden drop in activity of a major spam producer looks to be the result of the largest co-ordinated attack on spammers. At 15:30 GMT on 16 March, a network of spam-producing computers, known as Rustock, suddenly stopped. It also appears that the infrastructure needed to control the spam network has been disrupted. Security researchers said that would make it the largest ever take down of a cyber crime network.In 2010, the Rustock botnet - a coll......
[more] Hackers target business secrets Intellectual property and business secrets are fast becoming a target for cyber thieves, a study suggests. Compiled by security firm McAfee, the research found that some hackers are starting to specialise in data stolen from corporate networks. McAfee said deals were being done for trade secrets, marketing plans, R&D reports and source code. It urged companies to know who looks after their data as it moves into the cloud or third-party hosting centres."Cy......
[more] Junk mail down 1/3 since Rustock botnet takedown Global spam volumes dropped by a third following the takedown of the infamous Rustock botnet earlier this month, according to MessageLabs. Prior to the dismantling of its command and control servers on a takedown operation led by Microsoft, Rustock accounted for 13.82 billion spam emails daily, the majority of which advertised unlicensed pharmaceutical websites. In the days after the takedown on 17 March, global spam volumes fell by a third. Junk......
[more] RSA gives details of SecureID attack methodology RSA has been briefing analysts on the attack vectors used by the hackers seeking access to SecureID technology, and how the break-in was stopped. The company said that the initial attack came in the form of emails sent to groups of low ranking employees entitled "2011 Recruitment Plan," which contained an Excel spreadsheet with malware using an Adobe Flash exploit. The bulk of these were shifted into spam folders, but some were opened an......
[more] Phishing attacks could hit bank customers after Epsilon security breach, experts warn Security experts warned Monday that banking customers should worry about a wave of spearphishing attacks utilising the recently-breached email database stolen from marketing firm Epsilon. The email addresses leaked during the breach could be used to send targeted attacks to the customers of Epsilon's clients, which include a host of financial services providers such as Barclays Bank of Delaware, CapitalOne, Cit......
[more] Hack data provided by RSA in exchange for customer secrecy RSA has started providing more detail into the mid-March attack on its SecurID token-based authentication system, but to get a fuller story you have to be an RSA customer willing to sign a nondisclosure agreement (NDA). An NDA means that you agree to keep secret what RSA would be willing to tell you. Sources say RSA is reaching out to its largest customers, especially those in sensitive industries, to get IT executives to sign such NDAs.......
[more] M&S customers hit by Epsilon e-mail hack Marks and Spencer customers have been warned to expect an increase in spam e-mail after hackers stole their details. The company has contacted users of its online service to warn them about the data breach, which was part of a wider attack on marketing firm Epsilon. A number of American companies also had their mailing lists compromised, including the hotel chains Marriott and Hilton, as well as several banks. Marks and Spencer said that customers' financ......
[more] Epsilon attack - a turning point for the online marketing industry? Last week, consumers in the US were bombarded with email messages warning them of what may be the most widely felt data breach in US history. A company that most of them had never heard of, Epsilon Interactive, had been compromised and their names and email addresses had been stolen. For a few days, it seemed that almost everyone was getting a warning message. The notes all struck the same tone: "Email files have been acces......
[more] Scammers quick to capitalise on death of Bin Laden Online criminals have been quick to exploit the death of Osama Bin Laden, and the event is being watched by the security industry as a case study in news exploitation. The security industry was getting ready for attacks related to the event within hours of the news becoming public, as spammers and scammers have proved increasingly adept at using significant events to fool internet users. "Recently, we saw that the rogues either anticipated,......
[more] Privacy matters again, so you'd better prepare After two decades of lingering in near obscurity, privacy issues are finally returning to the computer security big table. This shift comes thanks to high-profile cases concerning mobile devices tracking users, massive data breaches, and countless other instances of data being repurposed in ways users never intended. Companies need to be careful now of how they handle user privacy, lest they come under attack not just from hackers but also the media......
[more] Microsoft: One in 14 downloads is malicious The next time a website says to download new software to view a movie or fix a problem, think twice. There's a pretty good chance that the program is malicious. In fact, about one out of every 14 programs downloaded by Windows users turns out to be malicious, Microsoft said Tuesday. And even though Microsoft has a feature in its Internet Explorer browser designed to steer users away from unknown and potentially untrustworthy software, about 5 percent o......
[more] McAfee sees progress in slowing cybercrime Increased efforts amongst law enforcement and security research groups have helped to slow the tide of cybercrime. Security firm McAfee highlighted a series of police actions and raids in its most recent quarterly threat report. The report highlighted efforts including operations which brought down fraud and money laundering operations as well as high-profile botnet takedowns. McAfee Labs principal engineer Adam Wosotowsky told V3.co.uk that the latest......
[more] China says it is not to blame for global hacking problems China has said that its internet community should no longer be blamed for the world's hacking problems, and has called for collaboration between national law enforcement authorities to shore up the world's cyber defences. China's ambassador to the UK, Liu Xiaoming, gave a speech at the Worldwide Cybersecurity Summit on Wednesday outlining how China has helped to tackle global cyber threats, and the reasons why the country should not be se......
[more] DNS agility leads to botnet detection Online criminals have evolved their tactics to harden their botnets against takedown using a variety of tactics, including fast-flux networks and Conficker-like dynamic domain generation. Yet, such tactics can also pinpoint when such networks are being created by bot operators, according to research from the Georgia Institute of Technology. The research found that dynamically detecting changes in the domain name system (DNS) can lead to the early detection o......
[more] Travelodge customer data stolen Travelodge is investigating an apparent hacking attack on its customer database. A spokesperson for the hotel chain said that a "third party" had managed to obtain names and e-mail addresses. The company warned users of its online service to be on the lookout for spam e-mails. The incident has been reported to the UK's information commissioner who can fine businesses for poor data protection.A letter to customers, signed by the Travelodge's chief executi......
[more] Security researchers discover 'indestructible' botnet More than four million PCs have been enrolled in a botnet security experts say is almost "indestructible". The botnet, known as TDL, targets Windows PCs and is difficult to detect and shut down. Code that hijacks a PC hides in places security software rarely looks and the botnet is controlled using custom-made encryption. Security researchers said recent botnet shutdowns had made TDL's controllers harden it against investigation.The......
[more] Spelling mistakes 'cost millions' in lost online sales An online entrepreneur says that poor spelling is costing the UK millions of pounds in lost revenue for internet businesses. Charles Duncombe says an analysis of website figures shows a single spelling mistake can cut online sales in half. Mr Duncombe says when recruiting staff he has been "shocked at the poor quality of written English".He says the big problem for online firms isn't technology but finding staff who can spell.The c......
[more] Jay Leno is top spam scam lure, security company finds US talkshow host Jay Leno, singer Madonna, actress Cameron Diaz and President Barack Obama share an unpleasant secret their publicists are powerless to do anything about. A new analysis by security company BitDefender has identified these celebrities as the most commonly-used lures in US spam campaigns, usually combined with bogus and sensational headlines designed to pique the interest of naive Internet users. These four names were connecte......
[more] If you need more information about Spam, please feel free to contact us with your Spam questions using our contact form.
