Anti-Spam: SPAMfighter News

Here are the latest updates for raplist.antispamsite@blogger.com

"SPAMfighter News" - 3 new articles

Spam Mails Now Sent Concealed in Legitimate Sites
Spam Pledge Launched to Eradicate the Spam Problem
E-mail Scam Attacks Syracuse University
Search SPAMfighter News

Spam Mails Now Sent Concealed in Legitimate Sites

Unified Threat Management PLUS solutions creator, Cyberoam, in partnership with Commtouch, on April 28, 2008, reported that spammers and malware distributors are trying to hide their unsolicited messages inside legitimate looking e-mails and Websites.

Joshua Block, Vice President of North American Operations, Cyberoam, stated that the most recent e-mail intimidation, as revealed in the study report, clearly testified that spammers are creating an artificial sense of confidence among potential victims by leveraging actual resources, as reported by MarketWire on April 28, 2008.

The tactics are varied including camouflaging of pharma spam as Hotmail welcome messages, redirecting blogspot to malware infected sites, hiding infected sites in URL search results, hosting image spam on Flickr accounts and using Yahoo! and Google Calendar standards for spear-phishing scams.

Researchers at Cyberoam pointed out that each of these ways employ social and psychological engineering tricks to exploit user trust. On an average, over 350,000 compromised PCs were freshly activated every day for the purpose.

A sharp increase in the use of social engineering tactics on user behavior was observed in Q4 2007, when spammers staged attacks with discounted gift and easy cash scams. Unfortunately, the existing security programs were not able to check them, pushing spam volumes to an alarming rate of 94% of the total e-mail till date in 2008.

Also, malware and spam generators, during this period, leveraged current events to make their messages appear more relevant. In late January 2008, when the US Federal Reserve reduced interest rates to deal with the acute mortgage problem, the move allowed eligibility for refinancing to millions of US mortgages. Spammers capitalized on this by pumping out huge volumes of mortgage-related spam, leading to a high of 10% in spam levels in that quarter from an earlier 2%.

The increase in the mortgage spam also prevented or delayed correspondence between the lending institutions and people applying for loans, as technologies failed to distinguish between the valid loan seeking e-mail and the spam.

Researchers also indicated that while spam outbreaks continued robustly during holidays like Valentine's Day, April Fool's Day and St. Patrick's Day, most of the anti-spam programs could not block the e-mails as they ended up in creating false positives.

• Email to a friend • Related •

Spam Pledge Launched to Eradicate the Spam Problem

On the 30th anniversary of junk mails, Sophos, a security firm, introduced a Spam Pledge, requesting the Internet users to help in crushing the curse of spam.

On May 3, 1978, an employee of DEC (Digital Equipment Corporation), the computer giant of that time, mailed a message, which is considered as the first spam mass mail.

The message, mailed to about 393 Arpanet users, a provider of the Internet service, invited users to see the future and listen about the DECSYSTEM-20 FAMILY at the presentation of their two products in California during the same month.

An increase can be witnessed in the problem caused by spam to a great extent. Currently, about 120 Billion spam mails are sent everyday, which means it is a multi-billion dollar business and it exerts huge burden on e-mail servers as well as on other parts of the Internet infrastructure. According to an evaluation, about 80 to 90% of e-mail traffic is caused by spam.

Moreover, spam filtering technology has developed very much in last three to four years, but eradicating the spam problem seems more difficult than actually imagined.

Sophos' Senior Technology Consultant, Graham Cluley, said that 30 years back when Gary Thuerk mailed the mass mail, he never thought of what he is initiating. Presently, across the globe, almost every Internet user faces spam problem blocking their mail inbox, as per the reports published on May 1, 2008 by vnunet.

Many spam mails are malicious and try to install spyware or get financial information, which is the worst. The Internet users, who purchase goods through spam, prolong the spam problem and it should be stopped.

The Spam Pledge is launched due to a request from Web users to oppose clicking on links or answering to the spam mails.

For promotion of the pledge, Sophos created a Facebook group named 'The Sophos Spam Pledge' and a You Tube video, depicting people taking oath to not to open or click on links attached to unsolicited e-mails.

Meanwhile, apart from computers, spams are also appearing on other platforms, like cell phones. ITU's (International Telecommunication Union) research revealed that about 80% of mobile phone users across the world receive spam on their cell phones.

• Email to a friend • Related •

E-mail Scam Attacks Syracuse University

On April 17, 2008, around 300 Syracuse University (SU) students, faculty members and staff got a warning from a phishing mail that their accounts would be deleted in 3 days if they do not respond to the message with their usernames and passwords.

Phishing is an email scam operated by cyber crooks for stealing private data of internet user through fake mail messages. They possess an appearance of an authentic source like bank, technology supports services and friends and they want the users to respond with private data like passwords and usernames.

The mail, which the students and faculty members received, was sent from a supposed syr.edu address, which appeared to have come from Webmaster team of SU. Surprisingly, SU's ITS (Information technology and Services) informed that they did not send the message and said that like many other colleges in 2007, SU has been attacked by a phishing scam.

The computer security staff of the University said that a user lodged a compliant about receiving this kind of a mail. Any of the users who have either replied or opened the mail has been advised to change the password as soon as possible to avoid any sort of internet attacks.

The security officers also informed that ones the attackers gain access to such accounts, like the SU one, those accounts will be used to send more fake and spam mails. Further, it's called "spoofing" the mail account and it becomes tough to detect the source of phishing.

SU spam filters sort through 7 Million to 9 Million mails everyday sent to SU accounts. IT Architect and UNIX Manager, Christopher Croad, who also controls the e-mail system and anti-spam efforts, said that on an average almost 90% of those mails are reported to be spam, as reported by THE DAILY ORANGE on April 28, 2008.

The SU is one of the 85 universities that have been attacked by the phishing scam. The officials have also asked the users to have strong passwords and also advised to use unique and different passwords for different accounts. The users were also recommended never to display their private information online.

• Email to a friend • Related •