In an effort to generate large volumes of spam, a latest phishing attack is targeting South Carolina college students and staff, the FBI reports. The scam is asking for the student’s user ID and password which is needed for a server repair – do not respond.
Anyone suspect of any phishing scam should not respond to the email. They can report a suspicious email to the FBI at www.ic3.gov.
This latest warning reminds us that the spam industry is a lucrative business and we all need to be vigilant with regards to protection. The current volume of malicious emails flowing through the internet is above the 90% level. Obviously, we would recommend using managed email security company with advanced spam filtering as a first line of defense against these type of attacks.
Hurricane Bill is churning in the Atlantic and threatening Bermuda and the East Coast. Hopefully it will weaken and not cause any damage. Most businesses prepare to protect themselves from the damage these storms can inflict. However, there are numerous accounts of businesses being ill prepared to continue operating after the storm has passed because of an oversight in their business continuity planning.
Email is a preferred communication method. However, email continuity is often overlooked as part of the complete business continuity planning process. Hurricane winds, flooding, fire, etc., can knock an email server out of commission.
Mailprotector’s services – spam filtering and hosted exchange – provide business continuity in the event of mail server outages. Our Scan and Forward service provides mail queuing for up to 7 days if your mail server goes offline for any reason. Once your mail server is back online then your queued messages will be delivered. What if your on-premise mail server will be off-line for longer than 7 days or you need immediate access to your email? We can provide our Advanced Scan and Store service that gives you access to your email via a secure webmail console.
The value of our mail queuing was underscored by one of our customers back in July of 2007. England had been experiencing some of the worst flooding on record, and the shutdown of electricity substations in their region was ordered as a safety precaution. This meant that they had to power down all of their UK-based servers. Mailprotector’s availability protector kicked right in and bailed them out:
“Thanks to Mailprotector’s automatic message spooling we were able to build a replica environment in our US datacenter and be back up and running this morning without any customers experiencing loss of inbound emails.”
Mailprotector’s services are ideal for business continuity and should be made a key component for your business continuity planning.
As we approach the end of summer, Mailprotector Security Center reports that spam rates remain high. During the last four weeks, the spam rate for all email traffic flowing through the Mailprotector security system reached one of the highest levels at 96.1%. The report also notes that the preferred method of attack from spammers is the Dictionary Harvest Attack – DHA.
Also known as a “Directory Harvest Attack”, the DHA is becoming a much more frequent occurrence. The most important commodity for a spammer is a valid email address. As users become more cautious about the disclosure of their email address, valid addresses are becoming harder to come by.
In a typical DHA the spammer will use a “dictionary” of hundreds of thousands of common names and name combinations to continually query a non-secure email server. The spammer will not attempt to send a message, but simply ask the receiving server if it will accept a message for the particular address. The spammer then waits to see if an error message is returned. If one is not, then the spammer now has a valid email address that can be used and sold to other spammers.
As part of our exchange spam filtering service, Mailprotector provides comprehensive security from DHA and other SMTP-based server attacks. Head over to http://www.mailprotector.net to learn more about this and other services that Mailprotector offers.
Well, now that we have our winner in the Phone category, let’s look at the “smart” part of a smartphone which was originally centered around personal productivity. I’m going to focus on the three traditional apps – Email, Calendar, and Tasks.
First though, the winner in the Productivity category is:
iPhone
How’d this one break down you ask?
I have a combination of POP, IMAP and Hosted Exchange accounts. (By the way – if you aren’t using Mailprotector’s Hosted Exchange 2007 with unlimited mailbox storage, you should be!).
Blackjack I
The Blackjack I was my first experience with true over the air Activesync syncing of my contacts, appointments, and tasks combined with true push email and I was HOOKED. If you haven’t experienced it, you’re missing out. Windows Mobile did a good job of syncing my data in real-time. With full push syncing enabled I could go two nights use without a battery charge. I didn’t like though that I couldn’t increase the amount of email stored on the device. It always seemed I needed to see an older email that wasn’t on there.
The calendar function was also a bit clunky. I never could operate it fast enough to schedule an appointment while talking to someone and it was difficult to scan calendar information.
Apple iPhone Gs
Apple definitely got the email interface right with the iPhone. I love the ability to control how much email is stored on the device and to easily switch to other Exchange folders. Since most of us use our email box as a bit of an information store this comes in very handy. I can always find what I need.
All my contacts stay sync’d just like Windows Mobile but I don’t seem to access them as much and the Calendar function is awesome. The interface is easy enough to use that I can search the calendar and schedule an appointment without delaying a conversation. The other day I scheduled a follow-up dentist visit while checking out and it didn’t require a conversation pause.
The one drawback I’ve seen with the iPhone is substantial battery drain with my hosted Exchange account in direct push mode….barely makes it through a day. I’ve put in on a 15 minute fetch and don’t really notice any delay.
Lastly regarding the iPhone, I have to say that if there were a OneNote app for iPhone it would be Da Bomb! for productivity. I know there are other apps out there but I absolutely love OneNote and how it has organized all my random ideas and notes. I have heard some rumor that a couple of MS partners are working on one. If it is a true over-the-air OneNote sync app then watch out.
Blackberry Bold
With Blackberry email I’m not sure I can give you the best analysis because I was too insulted by the monthly price to send all of my mail through BlackBerry’s single point of failure that has had more than one outage. Microsoft has the model with ActiveSync. So, I used a third party product based on SyncML (which ActiveSync is as well) called AstraSync. It handled over the air contact and task syncing nicely but would not handle Notes like Windows Mobile.
The Bold didn’t display HTML email like the iPhone but I understand that is coming. It seemed the BlackBerry display was somewhat “unix”-like too. It was very boring while the iPhone display made it easy to scan messages. I have to say though I did LOVE the little blinking light on the BlackBerry. I could tell if I had a new message without picking up the device or activating it.
The BlackBerry calendar wasn’t bad. It was hard to create a new appointment but the calendar scanning was easier than Windows Mobile.
One other thing…
Finally, I have to mention the keyboards since this tends to be the place we use them most. My Blackjack ‘tic-tac’ keyboards were good. I could write an SMS or very short email comfortably. I have to say I’m still getting used to the iPhone screen based keyboard. The auto-learning auto-correct software is good but it’s still making best guesses about what you ‘meant’ to type instead of being easy to type what you mean. I guess that’s the trade-off for the screen real estate In other applications. I do have to say that the BlackBerry Bold keyboard is unbelievable. I could type all day on it. I found myself banging out long emails with ease. Definitely the best thing BlackBerry has going is that Rolls-Royce of a keyboard.
Ok, that’s it for today. I know I didn’t mention much about tasks but I just don’t use an electronic task list much. A small flip pad is still my best management there. Stay tuned for tomorrow’s take on these devices in the Entertainment category.
Today we’re going to look at our three smart-phones and how they perform as well…a phone. For me, this is the most important category since I want a phone in order to talk to other people. For some, this one is down the list but tops in my book.
The winner by a hair in the phone category is:
Window’s Mobile (Blackjack I & II).
Here’s how it all went down:
Call Quality:
The overall call quality of the Blackjack I and II was great. I never had dropped calls or static, always heard the other party well and basically could forget I was using a device and just talk.
I would have to say the iPhone is a close second. The only factor that took it down slightly is that sometimes I have trouble positioning the listening speaker at the right spot on my ear so I have a little trouble hearing the caller.
The BlackBerry was horrid. On my first device I would answer calls to dead air even though the caller could hear me. Or, as I was talking the earpiece would develop static and go dead while the other party could still hear me. If I called them back, no problem. AT&T did switch out the unit and the second was a little better, but I still experienced an unusual number of dropped calls.
Dialing:
This is probably one of the most important aspects of the phone after the calling issue is settled. This is also why I chose Window’s Mobile as my favorite. WM has the easiest and most intuitive dialing interface. As I would start to dial a number/name the display would populate with matches from my contact list and winnow the list down as I continued until I was ready to scroll to the name and select the number. A nice feature was that it prioritized the list with the most recent inbound/outbound calls. It just always seemed that whomever I wanted to call was no more than about three buttons away.
The iPhone is close but seems to take longer to look up and dial a number. First, since there is no dedicated keypad you have to activate the device, unlock it, click home screen and click phone. Then click keypad, contacts , etc. Or you can scroll to the search function (which we’ll talk about later this week) from the main screen. I keep my phone screen on “Recent” which handles most of my direct calling fairly well. For a phone there are a bit too many clicks to get to the number. What I’ve found though is that I use the voice dialing about 80% of the time with excellent accuracy. I don’t have to look down at the phone, keep my eyes on the road and it is RARELY wrong. Without this feature I would have serious reservations about the iPhone as a well designed mobile phone.
Finally, the BlackBerry. Honestly, I don’t know how anyone uses it. I’ve almost buried myself under more 18-wheelers trying to call someone on this phone. As you begin to type, it too brings up a list of contacts but does NOT prioritize them. You end up typing almost the whole name or scrolling through the list. But wait, it gets worse. When you start scrolling, the list dynamically expands and collapses the calling options for each contact as you pass the name. So, you can’t look up at the road and look back down at the screen in the same spot to find where you left off because it is changing the line position of each contact around. The dialing on the BlackBerry was so bad I finally found myself just dialing in the whole number each time.
So, there you have it in the Phone category. Of course there are many more features that I could have delved into, but those are the critical basics. Stay tuned for tomorrow’s run-down in the Personal and Productivity Manager category.
I know there are already hundreds of comparisons and reviews for these three products out there but this one will be a little different. Unlike just about every other review I read before I bought these devices I’m not going to give you a run down of each little feature, click, and button and how it compares to the other.
Instead I’m going to compare the outright usability of these three devices. And by usability I mean, how well does it do what it’s suppose to WITHOUT an inordinate amount of reading, learning or figuring out. Just like you, I’m busy…very busy and I don’t have time to study my phone’s instruction manual.
So, stay tuned everyday this week for a working comparison of the iPhone 3Gs, Blackberry Bold, and Windows Mobile on a Samsung Blackjack II in the following areas:
1. Phone
2. Personal Information and Productivity Manager
3. Entertainment Device
4. Overall Platform
Finally, let me say that I’m not an ‘evangelist’ of any of these. I want a tool that will make my life easier and I don’t care whose logo is on it.
The other day I got an instant message from a friend who franticly told me “I keep getting spam from myself!” He went on to explain that his torch and pitchfork-carrying co-workers were also seeing the same thing.
One thing led to another, paranoia grew into pandemonium, and before they knew it everyone was throwing around the “R” word. Thankfully, before they “reformatted” every computer on their network with hopes of closing the door on the supposed hacker, my friend wisely called on me (his buddy in the email security business) to offer some insight. “Worry not my friend. Worry not.” I confidently exclaimed . “All you’re seeing is a spoofed email address, nothing more.” As I went on to tell him about the ins and outs of email spoofing, his mind was put at ease and his company’s network-wide reformat was safely averted. But what exactly is email spoofing? I’ll explain to you as I did to him.
What is email spoofing?
Email spoofing is a tactic that spammers use to make your email server think that you are sending a message to yourself, therefore it is “OK” to let the message through. In actuality the messages are not from you…it just looks that way. Wikipedia explains it well:
E-mail spoofing is a term used to describe (usually fraudulent) e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. The result is that, although the e-mail appears to come from the address indicated in the From field (found in the e-mail headers) it actually comes from another source. (http://en.wikipedia.org/wiki/E-mail_spoofing)
How common is email address spoofing?
Spoofed addresses are extremely common because of the high rate of successful delivery when sent to unprotected email addresses. A quick check of my own spam quarantine shows that in the past 30 days alone, Mailprotector’s spam filter caught 52 spam messages that look as though they were sent from my own email address. These messages account for over half of all the spam in my quarantine for that time period. Thanks to Mailprotector I have never received even one of these annoying pieces of email in my inbox, but my friend and others like him don’t fare so well. Many email users get spam from a spoofed address that looks like their own on a daily basis.
Is email spoofing dangerous?
Not always, but it definitely can be. Spoofing an email address is as easy as putting a forged return address on a package or envelope, and (in much the same way) it’s the contents you have to watch out for. Messages that use email spoofing to get from point A to point B may contain content that’s simply annoying, such as links to canadian pharmaceutical websites. On the flip side such messages may also contain viruses, trojans, worms, or links to phishing websites that are standing by to automatically install harmful malware as soon as you click.
How to stay safe from email spoofing
The best practice when it comes to spoofed email addresses is to simply never open an email if it’s from your own address. Just delete that sucker and move on. Even better yet, use a good email security service to filter out emails that use advanced address spoofing tactics. If you go with a managed solution such as Mailprotector, they will be blocked before they ever even get to your email server. Nice.
by Bruce LaFlam on July 30, 2009
At Mailprotector, we have seen the technically savvy spammer community become more sophisticated and operate in ways that require swift response. With the ability to respond quickly to threats, it makes sense that cloud based or hosted spam filtering companies are growing at at rate faster than the other potential email security solutions: software and appliance.
At the Black Hat Vegas security conference this week, Cisco chief security officer, Patrick Peterson, confirms what we see on a daily basis – spammers are fast.
“Cybercriminals hunt prey with a velocity that’s impossible for legitimate businesses to match”
With hosted email security, businesses can be sure that there is a team of security professionals monitoring and adjusting to threats 24/7.
Byron Acohido in a USA Today story shares more from the Black Hat Security Conference. You can read his story here.
by Bruce LaFlam on July 24, 2009
In recent months, our company which provides a spam filter and hosted exchange service has been investing resources into social media. With marketing dollars (and time) in limited quantities these days, it’s important to ask “is social media here to stay and will there be a return?” In a story posted on USAToday.com, Forrester Research shares some insight into the future of social media. Read the entire article here.
The money that businesses spend on social media now is growing faster than any other form of online marketing. Some 25% of small businesses surveyed by Ad-ology Research said they would spend more on social networking in 2009, beating the numbers who’ll spend more on e-mail, blogging or company websites. Forrester Research projects the $455 million that companies spent on social networking in 2008 will balloon to more than $3.1 billion by 2014, a growth rate more than three times what it forecasts for e-mail marketing.
USA Today
So, marketing decision makers should be comfortable knowing that social media will be growing strong for years to come.
by Jeremy Nigh on July 23, 2009
According to a mid-year report from TRACElabs, spam is at it’s highest level ever. Previously the highest level recorded was in July of 2008, so this trend suggests that spammers really kick things into high gear during the summer months, and they don’t care one bit about the actions being taken against them.
“The clear message spammers are giving us is that they are unimpeded by the efforts of law enforcement and the security community,” says TRACElabs senior researcher Phil Hay.
With the recent FTC crackdown on Mocolo and 3FN the volume of spam did slow considerably. However, these latest reports show that spammers have hunkered down and brazenly developed better and more resilient systems for keeping themselves in business. According to Hay, “The crime groups running the Waledac, Rustock, Pushdo and Grum spamming botnets continue to be very strong.”
The report also shows that:
- More than 30% of all spam last week came from Asian countries after Vietnam overtook traditional spam powerhouses China, Turkey and Russia for the first time ever.
- Brazil continues to dominate with over 15% of all spam, followed by the USA with 10%.
- Just three specific institutions were the focus of 99.5% of all phishing activity last week: eBay, Bank of America and Comerica.
So despite the fact that organizations are investing more time, money, and resources into the spam problem, the spammers continue to relentlessly pound the unprotected email user with wave after wave of unsolicited messages. These high numbers serve as a reminder that the spam epidemic is not going to disolve anytime soon, so this blogger recommends that you find a good email security service and ride out the storm in comfort.
- Just three specific institutions were the focus of 99.5% of all phishing activity last week: eBay, Bank of America and Comerica.
