The mass email written by senior presidential adviser David Axelrod contained a heavily biased message that defended President Obama’s health care proposals and encouraged supporters to help rebut criticism circulating on the Internet.

Opponents of President Obama’s health care plan who received this and other spam messages from the White House have argued that they never signed up to receive email from the White House, and have been outspoken with their concerns regarding their privacy. After a few days of silence in regards to the email list, the White House finally released an official statement to Fox News on Sunday which stated:

“The White House e-mail list is made up of e-mail addresses obtained solely through the White House Web site. The White House doesn’t purchase, upload or merge from any other list, again, all e-mails come from the White House Web site as we have no interest in e-mailing anyone who does not want to receive an e-mail,” the statement said. “If an individual received the e-mail because someone else or a group signed them up or forwarded the e-mail, we hope they were not too inconvenienced.”

Some recipients of the spam have said that they have never even browsed to the official White House Web site. The White House claims that the email may have been sent to such unwilling recipients as a result of on-line petitions from advocacy groups. On-line petitions can contain both the name and email address of the those who sign the petition, and the White House may have added the email addresses from submitted petitions to the White House distribution list.

The White House has stated that it’s Web site managers will seek out and block on-line petitions so that those who wish to receive email from the White House may sign up to do so on an individual basis only.

No related posts.

It’s no secret that spammers and malware creators can always be counted on to deliver a bevy of non-benevolent business when a phenomenon such as this reveals itself. At only 50 years old, nobody (least of all the average spammer) expected MJ to die so suddenly. Subsequently, Micheal Jackson email scams got off to a slow start,  but over the past weekend attacks have ramped up significantly. Have a look at an actual Mailprotector quarantine page to see some of the spam we’ve stopped over the past 3 days:

A quick Mailprotector quarantine search for the words "Michael Jackson" yields quite a few results.

It’s not really surprising. Spammers have always had a propensity to follow the buzz of current trends and hot news stories. They’ve learned what works, and focusing on current events works very well for them. The Michael Jackson death story is the latest “easy target” scenario, but be forewarned that spammers never stop looking for creative ways to get to your inbox, so it’s important to take proper measures to ensure you’re protected from the Bad stuff.

The best way to keep safe is to use an email security service (such as Mailprotector) that provides an exchange spam filter, which tells spam messages to Beat It before they even get to your email server. If such a service is not an option for you, however, you can always take the common-sense approach to protect yourself:

• Always be very careful to only open email from trusted senders
• Never click links in emails that seem even remotely suspicious

Better safe than sorry is always the way to go when dealing with potentially harmful email. The Michael Jackson spam attacks will subside, but if history is any indicator the next spam-inducing current event is just around the corner, and for those of us in the email security industry it promises to be one heck of a Thriller.

No related posts.

We know that The State newspaper in Columbia has had email purportedly between Governor Sanford and this Argentinian woman since as early as December of last year. The paper says that it did not publish the story because there was no way to corroborate the authenticity of the messages. While there are many important specifics we don’t know, The State says it was sent the emails “from the governor’s personal e-mail account by an anonymous person.”

Given this revelation, its easy to see why The State held the story. Let’s take a look at a couple of email basics:

1. An email is just like a letter in the sense that you can write whatever you want on the return address and there is no way to determine if that information has any relation to the real sender. (Yes, we do have some newer options to help like SPF and domain keys but they aren’t foolproof and you have to be in control of the receiving server to use these tools).
2. Sending a regular email message is just like sending a postcard. If anyone at the post office (or in this case any person in control of any router at any ISP that the data stream is routed through) wants to flip it over and read the back, they can.
3. If you have truly sensitive information, it should be encrypted using TLS or another email encryption technology.
4. Even if you encrypt a message, if someone has username and password access to your email client they’re going to be able to read your mail.

Now, lets pick our story back up. If The State was sent these messages by an anonymous person, the authenticity of the messages would be no more reliable than the credibility of the person producing them as he or she could have easily forged the information and created them out of thin air. So, it seems reasonable for The State to have sat on the story with no other corroborating data.

But, how did they get Gov. Sanford’s email messages in the first place? By “personal email account” we’re going to have to assume this was not an email account under control of the SC State Government since all of those messages would be subject to archiving and state disclosure requirements as well as under the control of an IT administration department. We assume the Governor must have known this and was using some other email account.

Given this assumption we have to conclude that the ‘anonymous’ person was either 1) a rouge admin at an ISP (seems highly unlikely) or 2) someone with close personal knowledge of the situation that had access to Governor Sanford’s email. I’ll have to leave that with you to ponder until we know more about ‘anonymous’. In the mean time, here are a few email security tips to safeguard the content of your email:

1. Always use TLS encryption on your email server. If you don’t host your own, be sure your provider uses TLS to transmit your messages across the Internet.
2. If you connect to your email server using a web client, make sure you use a secure connection such as SSL (look for the ‘https’ in the address bar of your browser)
3. If you connect with a client such as Outlook make sure you are using a secure connection as well.

   And finally,

4. Whatever you do, don’t use “password”, “pass” or your username as your password. Create a password that is a combination of numbers, letters and symbols.

No related posts.

“A typical cloud-based security application does not require user interaction. There is no need for user training. IT does not have to install it on workstations. There is no downtime on the user’s workstation,” he says. The result is a more productive workforce.

Other tips included: take a holistic approach, get a cheap tune-up, and outsource non-core applications. To read about the tips visit the Processor Magazine story here.

No related posts.

Spammers use their botnets not only for sending unwanted email to SMBs, but also for gathering new email addresses and bot recruits. “They are after sensitive data, as well,” says David Setzer, CEO of Mailprotector, an email security service provider. They want to recruit a new spam relay/bot, but they also throw in a keylogger to sniff for usernames and passwords, and try to grab as much lucrative sensitive data as possible, he says.

“It’s kind of a Swiss Army knife of malware…[they figure] they might as well get all the goodies they can out of [the SMB],” Setzer adds.

While Setzer says he can’t pinpoint any specific botnets that focus on hitting SMBs, more SMBs tend to get hit because they don’t have the horsepower to handle the threats. A DSL line or DS3 connection can be no match for a botnet spamming and waging a directory attack, he says.

While the big botnets and spammers stick with the widespread attack strategy rather than targeting companies, some SMBs are getting hit with targeted phishing attacks in order for the attacker to gain a foothold in their networks.

“What we see more often is a whaling-type attack where you have somebody targeting someone at a small- to medium-size business for a specific reason –maybe a smaller brokerage,” he says. “It’s some human making a cognitive decision to go after [a firm].”

One of Mailprotector’s small-business customers was once hit by a massive spam run and directory attack delivering more than 100,000 messages from more than 10,000 distinct IP addresses. “It was a spam and a directory-harvesting attack where they were going through and trying to harvest names and email addresses from the directory,” Setzer says. “[The customer] didn’t know about the attack until their regular log review because our systems had shut it down…it would have crashed their email.”

Many SMBs run multiple services on their servers, and an email server may run other applications, as well. “So when a big denial-of-service or wave comes in, the server can’t handle the load or bandwidth,” he says.

Check out the full article here.

No related posts.

What you have to do is ensure your email server is protected from these threats for the sake of securing your corporate data, confidence of your customers and to minimize downtime by employees deleting spam.

If you host your own email, on a server, which I do not recommend for most small businesses, you’ll probably have some degree of email security and spam protection built into the server. These solutions are good. However, you might want to consider outsourcing your email security to a vendor who scans your email before it ever reaches your network.

If you just consider spam alone, some companies are so inundated with spam, their employees are wasting time deleting it or the influx of spam is a drain on the company’s servers.

The benefit of having your email protected by an outsourced mail “cleaning” service, according to Mailprotector is:

• Few, if any, malicious emails can penetrate the corporate networks
• No internal resources are needed to maintain the email system. This cuts down on the internal staff needed to manage email applications.
• In the event of an outage, the customer has a copy of all emails sent and received because everything is routed through the “cleaning service”. I’m not sure if all email security companies offer this service, but Mailprotetor does.

Managed email security:, as the service is sometimes called, is all part of a philosophy you should consider, in consultation with your local IT consultant to outsource as much of your technology (and other business processes) to experts who can provide what you need at an aggressive price and highest quality.

No related posts.