MailWasher Pro 2012 Free Today Only @ BitsDuJour – Save $29.95

Today only, the giveaway site BitsDuJour is offering MailWasher Pro 2012, the highly rated anti-spam utility – FREE. The free licensed product can be installed on up to three machines.

From the developer’s site:

MailWasher has deservedly earned its reputation as one of the worlds top anti-spam products. With over 8 million users around the world and features on both BBC and CNN you can be confident that it is one of the easiest ways to get rid of spam.

Spam can’t get to your inbox.

Remove spam from its source before it even reaches your computer. You’ll Never suffer from spam in your inbox again.

Read more..

Unbeatable spam detection tools.

Advanced spam detection technology and tools do all the hard work for you by automatically marking spam emails and flagging them for deletion.

Read more..

Preview all incoming mail before downloading it

Instantly preview all incoming email and decide what do do before it even reaches your computer. No more time wasted downloading annoying emails with huge attachments.

Read more..

No brainer setup. Quick and easy to use.

So easy to setup and use. Automatically pull down all your mail settings and contact information so you can start blocking spam like a pro in no time.

Read more..

Go to: Bitsdujour.com

Please follow the download instructions exactly.

Available languages: English, German, French, Spanish, Polish, Dutch, Hungarian, Bulgarian, Ukranian, Swedish, Russian, Czech, Norwegian, Armenian, Croatian, Danish, Japanese, Portuguese and Pirate!

Valentine’s “Love” In Your Inbox – Could Be Malware On Your Computer.

Valentine’s Day will be on us before we know it – so, it’s not too early to get ready for the deluge of  “I love you”, “Wish you were mine”………………., and of course, the customary – “Happy Valentine’s Day” emails.

Hopefully, you will have a Happy Valentine’s Day – but, that happy feeling could be ruined, if you fall victim to the explosion of “spam and scam” that’s aimed at lovers, this time of year –  every year. Much of it designed to take a swing at unsuspecting users machines – leading to a malware infection.

In previous years, starting  just about this time, we saw abnormally high rates of this type of spam and, since cyber crooks are opportunity driven; we’ll see much more of this type of cybercriminal activity this year, I expect.

Perhaps you’re a very cool person who’s significant other is always sending you neat little packages in your email. MP3 files, screensavers, cartoons, YouTube videos, and the like. Could be – you get them so often, that you just automatically click on the email attachment without even thinking. If, you are this type of person, here’s a word of advice – start thinking.

The hook, as it always is in this type of socially engineered email scam, is crafted around exploiting emotions. We’re all pretty curious creatures and, let’s face it, who doesn’t like surprises. I think it’s safe to say, we all find it difficult, if not impossible, to not peek at love notes received via email.

The unfortunate truth is, these spam emails often contain links that deliver advertisements, or worse – redirect the victim to an unsafe site from which malware can be installed on the victim’s computer.

Here’s a tip – If you see something along the lines of – This email contains graphics, so if you don’t see them, view it in your browser – consider very carefully – before you click on the link.

A couple of years ago, a friend, who is an astute and aware computer user, fell for one of these carefully crafted teasing emails. On opening the email, he was taken to a site which had pictures of hearts and puppies, and was then asked to choose which one was for him. You’ll notice that “choosing” involved opening an executable file – a cardinal sin.

Fortunately, he got his geek on in time – common sense prevailed, and he backed out of this site. If he had clicked on this executable file, he would have begun the process of infecting his machine with a Trojan. A Trojan which, in this case, connected to a remote command and control site – (effectively, turning over control of his computer to a cybercriminal). Nasty – I think you’ll agree.

Experienced users are on guard year round for these, and other types of scam/spam email.

You know what to do; right?

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar.

If they come from an untrusted source, simply ignore them, as they could take you to a web site designed to download malware onto your computer.

Cyber crooks have moved on from using just emails, as a malware delivery vehicle. So, be on the lookout for fraudulent Valentine’s Day greetings in:

Instant Messenger applications.

Twitter.

Facebook.

Chat forums, and so on.

This just in @ 11:56

Uzbekistan Government Cancels Valentine’s Day

That settles it – I’m not giving any Uzbek women my love in protest. Sorry ladies.   🙂

Tom Sanders SEO – A Bottom Feeding Specialist

Over the last 60 days or so, comment spam here has taken a huge jump. Not a big deal you might suppose – after all, with one or two clicks the damn stuff can be deleted. With 400 or more spam comments every day, I find that deletion is the only sane solution. Taking as little as 10 seconds to peruse each spam comment, would add roughly one hour of unproductive activity to an already full day.

So, the solution to this aggravation is simple enough (or, so it seems) – but, the downside to hitting the “Empty Spam” button is an increased risk of seemingly ignoring a reader’s comment which has been spam trapped. In terms of “blogging sins” – ignoring a reader’s comment, ranks well up on the list of grievous offenses.

The screen capture shown below (taken from my blog’s Dashboard several weeks ago), shows 259 spam comments awaiting moderation.

I have little doubt, that trapped within these fake comments (such as the one shown below), were bona fide readers’ comments which (as they normally do), would have expanded the scope of the relevant article. The power of reader comments to enhance, and round out an article, is a key feature of blogging in my estimation.

Which brings me to Tom Sanders (if that’s his real name). Tom is in the business of pissing people off. Tom, like so many of his competitors in the search engine optimization (SEO) business, is an unethical twit – a parasitic ignoramus who is content to feed off, and potentially damage, the works of others.

Sanders, and others like him, ignore the impact their SEO schemes (as illustrated in the following email dated October 13), are likely to have on web content providers. Slimy, sleazy practices, such as this, inevitably lead to an onslaught of spam email which the content provider is then forced to deal with.

Tom Sanders tom193@seo-service.com to me (show details 6:32 AM (47 minutes ago)

Hi,

My name is Tom and I am a link builder. I sell blog comment links for website owners at low price.

Blog comment links can help you in a number of ways. Here are three major advantages:

– Increase link and IP popularity
– Direct traffic to your site
– Higher rankings in search engines

I can do thousands of blog comment links for your site in a couple of days, and they get indexed very fast. If you would like more details about my offer, or would like to ask me anything you’d like regarding this matter, then feel free to reply with a YES.

Best regards,
Tom

Normally, I wouldn’t bother writing an article on what might be perceived to be a “so what” internal issue. Except, my good buddy Michael F., questioned me this morning as to whether I was knowingly rejecting his comments. Which, immediately raised the question – “how many other readers have encountered the same ‘rejection’ issue?”

If you have commented here, and then failed to receive an acknowledgement from me, please accept my apology. Tom Sanders (in reality, just another cyber criminal), and his leech-like SEO industry operatives, have created a bottleneck in the free flow of reader comments. Another obstacle to overcome – created by the marginal morons who slither through the Internet.

Just a passing note – There are bloggers (known to me), who regularly post “edited” spam comments passed off as legitimate comments. Sleeping with the enemy just about covers that. You (and you know who you are), need to give your head a shake.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Gmail Scammers Still On The Make

Email spammers/scammers are masters of the well worn “carrot or stick” school of motivation. They seem to bounce from “this is what you’ll get” versus, “this is what you’ll lose” – with some regularity.

Some samples of each motivational technique taken from my spam honeypot Gmail account in the last few days.

The carrot:

Hi
It`s Kerri again. Will you ever contact me?
I made those nude pictures especially for you and I won’t write to you again!
If you wanna see them just drop me a line at – – – – – – –

and the following heavily edited example.

Robert S.Mueller
FBI Director

Check: To be deposited in your bank for it to be cleared within three working days. Your payment would be sent to you via any of your preferred option and would be mailed to you via UPS. Because we have signed a contract with UPS which should expire by August 20th you will only need to pay $150 instead of $420 saving you $270 So if you pay before August 20th, 2011 you save $270.

Oh yeah, don’t forget to send us your name/address; sex/age; cell number; and –  a scanned copy of your driver’s license.

Yes, I’ll get right on that  

Both of the above are just too preposterous to be taken seriously. Although, as difficult as it is to believe, there are those who are laughably loony enough to  respond.

The stick is a little different, and a good example of this is the various forms of the “Your Gmail account needs verification to avoid being shut down ” phishing attack.

Unaware webmail users are much more likely to respond to the threat of losing their email privileges than you might imagine. If the notice looks convincing enough (and, they often do), some Gmail users are bound to be taken in.

The stick:

If you expand this graphic to its original size, you’ll notice the sender is googleemail.com – close, but no cigar. As well, if you’re a WOT (Web of Trust) user, you’ll see that WOT has cleared the “Sign in” link as being safe.

A rather confusing mixed message. Googlee is not Google, but WOT marks the link as safe.

Unfortunately, this “green light” is a shortcoming in WOT’s reputation assessment since the rating reflects the reputation of the the principal domain, and not a subdomain – which, in this case, the link resolves to.

Sadly, average users are generally unaware that Gmail provides a simple tool to view message headers which contain tracking information for an individual email.

In this case, checking the headers (as shown in the following screen capture) reveals this email actually came from prajim.siaminterhost.com – obviously, not Google.

Of course, I didn’t response to this password phishing attempt and click on the enclosed link. But, those users who fall for this type of crafty scam, are often redirected to a forged version of Gmail’s login page where they can happily provided the requested information.

Advice worth repeating:

If you have any doubts about the legitimacy of any email message, or its attachment, delete it.

Better yet, take a look at the email’s headers. Check the initial “Received from” field in the header, since this field is difficult to forge. Additionally, the mail headers indicate the mail servers involved in transmitting the email – by name and by IP address.

It may take a little practice to realize the benefits in adding this precaution to your SOP, but it’s worth the extra effort if you have any concerns.

If you have a webmail account other than Gmail, check out this page for instructions on finding headers for your specific provider.

Google provides excellent advice on their page – Messages asking for personal information, from which the following has been taken.

Here’s what you can do to protect yourself and stop fraudsters:

Check the email address of the sender of the message by hovering your mouse cursor over the sender name and verifying that it matches the sender name.

Check whether the email was authenticated by the sending domain. Click on the ‘show details’ link in the right hand corner of the email, and make sure the domain you see next to the ‘mailed-by’ or ‘signed-by’ lines matches the sender’s email address.

Make sure the URL domain on the given page is correct, and click on any images and links to verify that you are directed to proper pages within the site. Although some links may appear to contain ‘gmail.com,’ you may be redirected to another site after entering such addresses into your browser.

Always look for the closed lock icon in the status bar at the bottom of your browser window whenever you enter any private information, including your password.

Check the message headers. The ‘From:’ field is easily manipulated to show a false sender name. Learn how to view headers.

If you’re still uncertain, contact the organization from which the message appears to be sent. Don’t use the reply address in the message, since it can be forged. Instead, visit the official website of the company in question, and find a different contact address.

If you enter your Google account or personal information as the result of a spoof or phishing message, take action quickly. Send a copy of the message header and the entire text of the message to the Federal Trade Commission at spam@uce.gov. If you entered credit card or bank account numbers, contact your financial institution. If you think you may be the victim of identity theft, contact your local police.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Why Comment Spammers Shouldn’t Use Google Translate

Comment spam has the potential to be dangerous – if it’s allowed to be blindly posted. I’ve written a number of articles dealing with the hows/whys of comment spam in the past, so I won’t belabor the point. If you wish you can checkout – Comment Spam Is Dangerous BS!

By its very nature, comment spam is a pain in the ass – but, I have to admit – there are those rare moments when I get my morning coffee up my nose, when the unintentional humor of a spam comment catches me unaware.

The following comment on Close Security Holes In Windows With Microsoft Baseline Security Analyzer,  from a Chinese spammer (juangonzaloangel), caused one of those “coffee up my nose” moments. I’ve deleted the web links hidden in the comment.

Undeniably think for which you suggested. The best good reason were via the internet easy and simple matter to find out. I say to you, My spouse and i surely have irritated when people take into consideration anxieties they accomplish never understand. Anyone was able to click all the toe nail with the top part in addition to explained out of whole thing without needing unwanted effect , persons could take an indication. Will probably be time for read more. Bless you.

Not to put to fine a point on it – this is a major Google Translate FAIL. One would think, that if a spammer went to all the trouble of writing a complex spam comment, he’d a least get it right.  But hey, it did accomplish something positive – I started my day with a great big laugh. 

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Fake URL Shortening Services –Spammers Latest Weapon

According to Symantec’s May 2011 MessageLabs Intelligence Report, released several days ago, spammers are now employing their own fake URL shortening services to redirect users to the spammer’s Web site. It’s hardly surprising that this new technique has directly contributed to rising spam rates.

MessageLabs Intelligence reports that “shortened links created on these fake URL-shortening sites are not included directly in spam messages. Instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites. These shortened URLs lead to a shortened-URL on the spammer’s fake URL-shortening Web site, which in turn redirects to the spammer’s own Web site.”

Key findings from the May 2011 report include:

Spam: In May 2011, the global ratio of spam in email traffic from new and previously unknown bad sources increased by 2.9 percentage points since April 2011 to 75.8% (1 in 1.32 emails).

In the US 76.4 percent of email was spam, 75.3 percent in Canada, 75.4 percent in the UK, and 73.9 percent in Australia.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 222.3 emails (0.450 percent) in May, a decrease of 0.143 percentage points since April.

Endpoint Threats: The most frequently blocked malware targeting endpoint devices for the last month was the W32.Ramnit!html, a worm that spreads through removable drives and by infecting executable files.

Phishing: In May, phishing activity was 1 in 286.7 emails (0.349 percent), a decrease of 0.06 percentage points since April.

Web security: Analysis of Web security activity shows that approximately 3,142 Web sites each day were harboring malware and other potentially unwanted programs including spyware and adware, an increase of 30.4 percent since April 2011. 36.8 percent of malicious domains blocked were new in May, an increase of 3.8 percentage points since April. Additionally, 24.6 percent of all web-based malware blocked was new in May, an increase of 2.1 percentage points since last month.

The May 2011 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available here.

Reading this type of report (or at least the highlights), can be a major step in expanding the sense of threat awareness that active Internet users’ require.

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Kate Middleton Nude – As If!

I’m an easy mark when it comes to pomp and circumstance, so like millions worldwide, I just finished watching the Royal Wedding. An impressive occasion, to say the least. Now, I need to relax and get over my Royal Wedding media hangover.

The media frenzy surrounding the wedding is likely to remain at a fever pitch far into the future however, as will the level of cyber criminal activity hooked on to Prince William and Kate Middleton. Hardly surprising, when one considers the size of the “market”. Scoping out  “the royal wedding” on Google returns an amazing 53 Million search results – and cyber crooks love a big market.

Cyber crooks don’t miss a trick when it comes to leveraging events surrounding popular personalities, and along with the usual schemes – inbox spam, phony search results, Twitter and Facebook misdirection …….., – Kate Middleton comment spam, as illustrated by the following examples posted here in the last few days, has not been neglected by these parasites.

The first:

kate middleton naked
easy-share.com/1914927081/Kate_Middleton_-_Nude_P…
Givliani@gmail.com
184.82.196.132 – Submitted on 2011/04/27 at 12:19 am

Clicking on the link leads to a 90 MB compressed download hosted at Easy Share. I have no doubt that downloading this file would lead to a very painful experience.

The second:

This is actually my personal complete nude and semi-nude picture collection of Kate Middleton I collected over the last 10 weeks. http://www.megaupload.com/?d=8KKIJIWT Caution: Don’t leak this pack outside of this website or I will eliminate this comment and also chase you down to hell!

Clicking on this link leads to a similar 90 MB compressed download.

The third:

prince william wedding
netload.in/dateimQ5jcAXATn/Kate_Middleton_-_Nude_…
Kingwood@yahoo.com
69.162.162.130 – Submitted on 2011/04/27 at 12:19 am

Download and view this entire pic series of Kate Middleton along with pretty much all the unclothed as well as naughty images one can locate on the world wide web. http://www.fileserve.com/file/xnj2k2Q Caution: Don’t leak this pack outside of this site or I will delete this post and hunt you down to hell!

A similar set up – clicking on the link leads to a 90 MB compressed download.

If you’ve ever wondered why comments on this site, and many other sites for that matter, are held for moderation by a site administrator, the simple answer is – comment spam, as illustrated, can be extremely dangerous.

The amount of time required to effectively control comment spam is not insignificant. For example, since I first setup this site, I’ve dealt with over 55,000 spam comments.

Conservatively, it takes 10 seconds to check each spam comment (spam filters are not perfect) – that amounts to 152 hours, or 4 plus weeks, of wasted time. Needless to say – I consider comment spammers to be far down on the human evolutionary scale.

Same old – same old:

Be cautious when following links contained in comments on any web site.

Be particularly cautious of comments, on any web site, where the writer is describing a problem with recommended software and offers a link to alternative software.  This is a favorite technique employed by cyber-criminals.

Be cautious when following any link contained in any web site, since the latest reports indicate there are 5.8 million individual web pages infected across 640,000 compromised websites. Cyber-criminals are finding it easier than ever to inject malicious content into legitimate sites.

Be cautious following links on web forums. Forums can often be a source of dangerous links.

Since the majority of infected sites are infected with Java based scripts, consider using Firefox with the NoScript add-on active. NoScript offers superior protection.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/Firefox add-on, that offers substantial protection against questionable, or unsafe websites.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Government of Nigeria “tortures” 419 Scammers – If Only!

I’m not advocating the torture of cyber criminals and spam scam artists, although ….

This morning, when I received an email (ostensibly), from The Federal Government of Nigeria (The Advance Fee Fraud section), in which it was made clear that – “some scam Syndicates were apprehended in Lagos, Nigeria few days ago and after several interrogations and tortures, (my) details were among those mentioned by some of the scam Syndicates as one of the victims of their operations” , it momentarily entered my mind that torture might be an appropriate penalty. Especially for those involved in this latest “wolf in sheep’s clothing” scam.

I’ve covered the wolf in sheep’s clothing scam here a number of times, including

1051 Site Dr. Brea, CA – Not An Address You Want To Go To!

A Helpful Spam Scammer – A Wolf in Sheep’s Clothing

This particular spam scam is highly instructive, and it illustrates the lengths to which these crooks will go to entrap the unwary and gullible. Unfortunately, the description “unwary and gullible”, is easily applied to substantial numbers of Internet users.

As an experienced and cautious Internet user, it’s safe to say that you will not be deceived by this type of clumsy attempt to defraud but, you might be surprised how often reasonably intelligent people are. So, be kind to your friends, relatives, and associates, particularly those who are new Internet users, and let them know that there is an epidemic of this types of scam on the Internet. In doing so, you help raise the level of protection for all of us.

For reference, I’ve included the full text of this “torturous” email, which contains the usual spelling, grammar, punctuation, and layout errors.

EFCC FRAUD UNIT

Attention,
The Federal Government of Nigeria through provisions in Section 419 of the
Criminal Code came up with punitive measures to deter and punish
offenders.The Advance Fee Fraud section deal mainly with cases of advance
fee fraud(commonly called 419) such as obtaining by false pretence through
different fraudulent schemes e.g. contract scam, credit card scam,
inheritance scam, job scam, loan scam, lottery scam, “wash wash” scam (money
washing scam), marriage scam. Immigration scam, counterfeiting and religious
scam. It also investigates cyber crime cases.
This is to officially announce to you that some scam Syndicates were
apprehended in Lagos, Nigeria few days ago and after several interrogations
and tortures your details were among those mentioned by some of the scam
Syndicates as one of the victims of their operations.
After proper investigations and research at Western Union Money Transfer and
Money Gram office to know if you have truly sent money to the scam
Syndicates through Western Union Money Transfer or Money Gram, your name was
found in Western Union Money Transfer database amongst those that have sent
money through Western Union Money Transfer to Nigeria and this proves that
you have truly been swindled by those unscrupulous persons by sending money
to them in the course of getting one fund or the other that is not real,
right now we are working hand in hand with Western Union and Interpol to
track every fraudsters down, do not respond to their e-mails, letters and
phone calls any longer they are scammers and you should be very careful to
avoid being a victim to fraudsters any longer because they have nothing to
offer you but to rip-off what you have worked hard to earn.
In this regard a meeting was held between the Board of Directors of The
Economic and Financial Crimes Commission (EFCC) and as a consequence of our
investigations it was agreed that the sum of Two hundred thousand US Dollars
(US$200,000) should be transferred to you out of the funds that Federal
Government of Nigeria has set aside as a compensation to everyone who have
by one way or the other sent money to fraudsters in Nigeria.
We have deposited your fund at Western Union Money Transfer agent location
EMS Post office Lagos, Nigeria. We have submitted your details to them so
that your fund can be transferred to you.
Contact the Western Union agent office through the email address stated
below inform them about this notification letter and the transfer of your
fund;
Email:wu_payingdept@qatar.io
Yours sincerely,
Sarah White (Miss)
Assistant Investigation Officer.
The Economic and Financial Crimes Commission (EFCC)
15A Awolowo Road, Ikoyi, Lagos.
Nigeria
http://www.efccnigeria.org
******************************************************************

Please note that some fraudsters are claiming to be Directors or staff of
The Ecomomic and Financial Crimes Commission have recently been sending
phony e-mails/letters and also calling unsuspecting persons, with intent to
defraud them. It is important to note that these fraudsters are criminals
engaged in Advanced Fee Fraud known in Nigeria as 419. Every day, people
throughout the world are falling victim to scams of one kind or another. But
remember – if it sounds too good to be true, it is probably a scam. In the
circumstance, we unreservedly advice you to dissociate yourselve from all
correspondence and transactions entered into based on evidently fraudulent
and fictitious claims.
********************************************************************

“This e-Mail may contain proprietary and confidential information and is sent for the
intended recipient(s) only. If, by an addressing or transmission error, this mail has been
misdirected to you, you are requested to delete this mail immediately. You are also
hereby notified that any use, any form of reproduction, dissemination, copying,
disclosure, modification, distribution and/or publication of this e-mail message, contents
or its attachment(s), other than by its intended recipient(s), is strictly prohibited. Any
opinions expressed in this email are those of the individual and not necessarily of the
organization. Before opening attachment(s), please scan for viruses.”
All business handled under Standard Trading Conditions. Copy available on request.
********************************************************************

Just to be clear, as a strong supporter of Amnesty International, any references I made to torture were for effect, only.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Will The Epsilon Data Breach Affect You? Don’t Be Surprised!

The damage yet to be realized from the Epsilon Data Management breach, in which 250 million consumers names and e-mail addresses were compromised, has the potential to be staggering.

With 2500 client customer databases residing on their servers, Epsilon likes to characterize itself as the world’s premier email marketing service. Since they are responsible for over 40 billion (generally unwanted) emails annually, I tend to characterize Epsilon less favorably.

To this point, all of the companies involved in this breach (and the list is growing daily), are aggressively making the point that customer financial and confidential information, remains secure – and, has not been stolen. However, in a cover their ass move, many of the affected companies slip in a caveat – “based on everything we know”, or words to that effect.

Now, if one fell off the turnip wagon yesterday, that response might seem acceptable, or even encouraging. Personally, I’ll be guided by what experience has taught me in relation to situations such as this; and that is – there’s a very good chance that what we’re  seeing today, is no more than the tip of the iceberg.

In the short term we can expect the following:

The incidence of targeted spam (since names, addresses, and most importantly, company affiliations are available), is sure to rise dramatically;  with a corresponding increase in malware laden email.

Based on the same information accessibility, spam phishing attempts will move up the list of cybercriminals’ preferred scams. Unfortunately, the success ratio is likely to increase dramatically.

Long term impact has yet to be determined with any accuracy – but, since the type of companies impacted by this breach tend to operates in the Twilight Zone when it comes to safeguarding their customers privacy, heightened vigilance on the Internet, particularly not responding to unsolicited emails, takes on a new urgency if you are one of those who has had previous, or current dealings, with any of the affected companies.

Quick questions: Why wasn’t this enormously sensitive customer information encrypted? Have things gone so far, that we need to legislate common sense?

Internet security provider Kaspersky, has put together a list of the companies impacted by Epsilon’s data breach which is worth reviewing – if you’re unsure of a relationship with an affected company.

From Kaspersky Lab’s Threat Post:

The number of companies that was affected by the attack on online marketing firm Epsilon Data Management has continued to grow, virtually by the hour.

Many retailers, banks and other firms sent out notification letters to their customers on Monday, and to help you keep track of who’s affected, we’ve compiled a list of known companies victimized by the Epsilon attack.

There are likely to be even more companies that send out breach notification letters in the coming days, so check back for updates. Here is a list of companies known to have been affected so far: List of Companies Hit By Epsilon Breach.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

March 2011 MessageLabs Intelligence Report – Rustock Goes Down, Bagle Botnet Picks Up The Slack

There’s been much more discussion recently as to whether infected computers should be allowed unrestricted access to the Internet. Despite the fact we’ve been around the horn on this question for years, there’s still little consensus on this thorny issue.

Since infected computers, linked together in botnets, form the backbone of spam distribution networks – according to the March 2011 MessageLabs Intelligence Report, botnets sent an average of 88.2% of global spam during 2010 – this question needs to be taken off the back burner and dealt with much more aggressively.

Frankly, I’m tired of making excuses for people who are too damn lazy, too damn stupid, too damn inconsiderate, ………. to take the time to learn the basics of computer security. And, as a consequence cause me, and you incidentally, to have to deal with volumes of spam that are beyond the pale.

Graphic courtesy of Symantec (Click to expand to original)

According to the March 2011, MessageLabs Intelligence Report (released yesterday), the recently taken down Rustock botnet “had been sending as many as 13.82 billion spam emails daily, accounting for an average of 28.5% of global spam sent from all botnets in March.”

A little math suggests, that during March enough Spam was emailed that conceivably, every person on the Planet received 7 spam emails EVERY DAY! Since every person on the Planet is not connected, the abuse takes on another magnitude. I can’t think of another finite resource – and the Internet is a finite resource – that could be continuously abused in this way, without some kind of strong kickback.

Are we making any headway against botnets and the cyber criminals behind them? Not according to the MessageLabs Intelligence Report we’re not. Sure, Rustock has bitten the dust (at least for the moment), but the Bagle botnet has stepped into the breech, bumped up its output, and is now sending 8.31 billion spam emails each day, mostly tied to pharmaceutical products.

Report highlights:

Spam: In March 2011, the global ratio of spam in email traffic from new and previously unknown bad sources decreased by 2 percent (1 in 1.26 emails).

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 208.9 emails (0.479 percent) in March, an increase of .134 percentage points since February. In March, 63.4 percent of email-borne malware contained links to malicious websites, a decrease of .1 percentage points since February.

Endpoint Threats: The endpoint is often the last line of defense and analysis. The threats found here can shed light on the wider nature of threats confronting businesses, especially from blended attacks. Attacks reaching the endpoint are likely to have already circumvented other layers of protection that may already be deployed, such as gateway filtering.

Phishing: In March, phishing activity was 1 in 252.5 emails (0.396 percent), a decrease of 0.065 percentage points since February.

Web security: Analysis of web security activity shows that an average of 2,973 websites each day were harbouring malware and other potentially unwanted programs including spyware and adware, a decrease of 27.5% since February. 37 percent of malicious domains blocked were new in March, a decrease of 1.9 percentage points since February. Additionally, 24.5 percent of all web-based malware blocked was new in March, a decrease of 4.2 percentage points since last month.

Reading this type of report (or at least the highlights), is certainly educational, and can be a major step in expanding that sense of threat awareness that active Internet users’ require.

The full MLI Report is available here in PDF.

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.