Today marks the 26th birthday of the computer virus. On November 10th 1983 Fred Cohen, a University of Southern California graduate student, provided a proof-of-concept during a security seminar at Lehigh University. 26 years later the computer virus is still going strong.
My first virus
I recall my first computer virus experience, “Melissa“, back in 1999. I was working for another company in London at the time and we started getting lots of email with the same subject line from multiple European and far eastern affiliates. Before long, many of our users were sending loads of email out that they never initiated. Our network admin “pulled the plug” on our local Exchange server until he could resolve the issue. I called our US headquarters to give them a heads-up but they still had numerous users opening and infecting their mail systems. That was a wake up call and dealing with email-borne malware provided an experience that I’ll never forget.
My how you’ve grown!
Email malware has gotten a lot nastier since then. It presents huge problems for users and admins. Computers can be hijacked and used for nefarious purposes. Information can be stolen and bank accounts drained. The FBI has released a warning about the threat to online cyber fraud. Some figures estimate cyber fraud losses to be upwards of $100 million year-to-date.
About Mailprotector
Mailprotector’s services have been squashing spam, viruses, Trojans, phishing attacks and other email-borne malware for nearly 10 years. It’s affordable, easy to set up and simple to use.
Two Romanians were just extradited to face charges related to a phishing scheme. The phishing scheme targeted customers of some well known financial institutions.
Plead “not guilty”
FBI officials announced on September 29 that Petru Bogdan Belbita, 25, of Craiova, Romania, and Cornel Ionut Tonita, 28, of Galati, Romania, were brought to the US to face charges of conspiracy and aggravated identity theft. They have pleaded “not guilty” to these charges.
Trail of evidence
The pair were caught after an investigation was launched about a complaint of a fraudulent email made to appear as if it came from Connecticut-based People’s Bank. The email directed users to a compromised computer in Minnesota that hosted a counterfeit web site for People’s Bank. As the investigation unfolded it was determined the duo also engaged in similar phishing schemes targeting customers of Citibank, CapitalOne, JP Morgan Chase & Co., PayPal, and others.
Roundup
The two men, as well as five other Romanian citizens, were indicted by a grand jury in 2007. Belbita was arrested in Canada on Jan. 24, 2009, and brought to the United States Sept. 25. He appeared before a federal judge in Connecticut Sept. 29 and pleaded not guilty. Tonita was arrested in Croatia in July and extradited to the United States Sept. 4. He pleaded not guilty six days later. The other five Romanians indicted in this scheme are looking over their shoulders now. It shouldn’t be long before they face the music (cue Hawaii Five-O theme).
Keeping their buddies away
Mailprotector’s services mitigate the risk of phishing attacks. Whether you host your own mail server or need us to do it for you it’s a given that you need advanced email security to prevent phishing, Trojans, spam and other malware from reaching your inbox.
Have you ever been on the receiving end of a recorded call that starts off “Your car’s warranty is about to expire….” The first time I got one of those calls it scared the daylights out of me. I had thoughts of my transmission dropping out while driving my kids around. My kids aren’t mechanics and neither am I so we’d be in quite the pickle. The calls keep coming to your phones, home and mobile. How annoying is that? All I could think was that these guys are spamming me through my phone.
Well, there’s good news. Next Tuesday the feds will make it illegal for telemarketers to use robocalls. “American consumers have made it crystal clear that few things annoy them more than the billions of commercial telemarketing robocalls they receive every year,” FTC Chairman Jon Leibowitz said in a news release. You got that right! Just like spam we don’t have the time or patience to deal with this junk. The feds also enacted CAN-SPAM a few years back to deal with spam messages. It’s estimated that close to 90% of all email traffic is junk mail. Hopefully, the robocalls perpetrators won’t decide to move their operations offshore and use crazy call-routing schemes to keep the pressure up to persuade consumers they need new car warranties.
After next Tuesday I can rest a little easier. I won’t have to screen my calls as diligently as before. I only wish this law had included the annoying political phone calls that come around each election cycle. Oh well, no law is perfect but it’s a start.
In an effort to generate large volumes of spam, a latest phishing attack is targeting South Carolina college students and staff, the FBI reports. The scam is asking for the student’s user ID and password which is needed for a server repair – do not respond.
Anyone suspect of any phishing scam should not respond to the email. They can report a suspicious email to the FBI at www.ic3.gov.
This latest warning reminds us that the spam industry is a lucrative business and we all need to be vigilant with regards to protection. The current volume of malicious emails flowing through the internet is above the 90% level. Obviously, we would recommend using managed email security company with advanced spam filtering as a first line of defense against these type of attacks.
As we approach the end of summer, Mailprotector Security Center reports that spam rates remain high. During the last four weeks, the spam rate for all email traffic flowing through the Mailprotector security system reached one of the highest levels at 96.1%. The report also notes that the preferred method of attack from spammers is the Dictionary Harvest Attack – DHA.
Also known as a “Directory Harvest Attack”, the DHA is becoming a much more frequent occurrence. The most important commodity for a spammer is a valid email address. As users become more cautious about the disclosure of their email address, valid addresses are becoming harder to come by.
In a typical DHA the spammer will use a “dictionary” of hundreds of thousands of common names and name combinations to continually query a non-secure email server. The spammer will not attempt to send a message, but simply ask the receiving server if it will accept a message for the particular address. The spammer then waits to see if an error message is returned. If one is not, then the spammer now has a valid email address that can be used and sold to other spammers.
As part of our exchange spam filtering service, Mailprotector provides comprehensive security from DHA and other SMTP-based server attacks. Head over to http://www.mailprotector.net to learn more about this and other services that Mailprotector offers.
by Jeremy Nigh on July 29, 2009
A recent report from Messagelabs shows that spammers are now utilizing automated translation services to translate their messages into other languages, allowing for them to target more countries with the same content with little extra effort on their part.
Free, online translation services have become a favorite of 419-type advance-fee fraudsters. Only recently though, have general spam senders also adopted these tactics as their own. Some countries who have enjoyed better email security before now are seeing a dramatic rise in the level of spam due to the translation of messages into their native tongue.
Spam levels in Germany and The Netherlands have risen by 13% since May of this year, with spam now representing over 95% of all email traffic globally. According to the report, “…in Germany 46.5% of all spam is in German and 2.5% in French. In The Netherlands, 25% of spam is in the Dutch language while in France, 53% is in French and 4% in German. In Japan, 62.3% of the spam is found to be in Oriental non-English languages and in China, this number is 54.7%.”
Despite the influx of non-English spam, however, the report also shows that around the world most spam is still targeting the English language. In July only 1 in every 20 spam messages was in a non-English language.
by Jeremy Nigh on July 22, 2009
Does spam actually return any profit to companies that hire spammers to push their product? Believe it or not it does. Why? Because a decent percentage of individuals actually click spam messages in their inbox.
Recently the MAAWG (Messaging Anti-Abuse Working Group) asked North Americans if they had ever responded to a message they believed to be spam (note: we’re assuming their respondents did not have an email security solution in place). Out of the 800 people surveyed 12% confessed to doing so because they were actually interested in what the spam had to offer. “Big red button pressers” represented 6% of the total respondents, saying that they have clicked on spam “just to see what would happen”, while another 13% said they “unknowingly” clicked spam.
That’s a 31% click-through rate! With such a high rate of success, I think it’s safe to say that spam is going to stick around for a while.
by Jeremy Nigh on June 30, 2009
Michael Jackson’s death last week left a mourning fan base of gargantuan proportions. Fans of the “King of Pop” (one of which this writer is not) have expressed their grief and sentiments through email, youtube, twitter, and various other social and Internet-related media in a way rarely seen before. But for many, their state of sadness has left them vulnerable to email and web-based attacks.
It’s no secret that spammers and malware creators can always be counted on to deliver a bevy of non-benevolent business when a phenomenon such as this reveals itself. At only 50 years old, nobody (least of all the average spammer) expected MJ to die so suddenly. Subsequently, Micheal Jackson email scams got off to a slow start, but over the past weekend attacks have ramped up significantly. Have a look at an actual Mailprotector quarantine page to see some of the spam we’ve stopped over the past 3 days:
A quick Mailprotector quarantine search for the words "Michael Jackson" yields quite a few results.
It’s not really surprising. Spammers have always had a propensity to follow the buzz of current trends and hot news stories. They’ve learned what works, and focusing on current events works very well for them. The Michael Jackson death story is the latest “easy target” scenario, but be forewarned that spammers never stop looking for creative ways to get to your inbox, so it’s important to take proper measures to ensure you’re protected from the Bad stuff.
The best way to keep safe is to use an email security service (such as Mailprotector) that provides an exchange spam filter, which tells spam messages to Beat It before they even get to your email server. If such a service is not an option for you, however, you can always take the common-sense approach to protect yourself:
- Always be very careful to only open email from trusted senders
- Never click links in emails that seem even remotely suspicious
Better safe than sorry is always the way to go when dealing with potentially harmful email. The Michael Jackson spam attacks will subside, but if history is any indicator the next spam-inducing current event is just around the corner, and for those of us in the email security industry it promises to be one heck of a Thriller.
Ok, this one is a little off the email security topic but I think it’s a fundamental marketing question worth exploring.
I walked in my bank the other day (I like the smaller local banks because I like knowing who’s messing with my money) and they have this big display for Coke on the main table in the lobby. As I walk up to the teller window and start chatting I see that they are offering a free 2 liter of Coke with any new account. So, after my obligatory joke about what happened to the free toasters I had to ask if they really thought offering a $.99 two liter of Coke was going to make one iota of difference in anyone’s decision making process about whether to open an account or not. Needless to say, most in this branch agreed that it made a nice looking display but a pretty ineffective marketing tool.
I left the bank and passed the experience off as one of those little amusements of life. Until yesterday, that is, when I open a local business paper and see another bank who has designed and paid for an entire ad around the enticement of a free box of cookies for opening a new account. This made me start to doubt my own logic now. Are there really people out there saying to themselves “Hmmm, can’t decide which bank to use. Do I want the cookies or the Coke?”
From the very first day of Mailprotector’s launch I made sure that we offered a fully functional 30 day demo without any credit card numbers or other upfront obligations. I always felt like the best way for our customers to know if Mailprotector would work for them is to actually use it. Especially for something as critical as a spam filtering service. I never really thought of it as a marketing gimmick or freebie. Maybe banks should do the same. Let us try their online banking for a while. Let us see if their tellers really are that friendly and their hours convenient.
Please tell me there’s a difference between the cookies and our demo. If not, we may just switch out the demo with a box of doughnuts…
