By Ed Burnette

Researchers at UCLA and the University of Florida have created a new type of distributed spam-filtering system that is more efficient and scalable than the alternatives in use today. Results of a large-scale prototype were published in the October edition of IEEE Computer.

The idea is simple:

Spammers send the same or similar messages to thousands of users; we have developed a system that lets users query all of their e-mail clients to determine if another user in the system has already labeled a suspect message as spam.

(more…)

By Lisa Mostyn 

Phishing, we’ve probably heard the term used before but do you really know what it means to be ‘phished?’

Phishing, a play on the word ‘fishing,’ is a term used to describe the types of emails used to lure people into divulging their user names and passwords for internet banking, Ebay, and other sensitive sites.

(more…)

by Robert McMillan, IDG News Service 

Junk images are being used to trick e-mail filters, security vendors say. 

Spam is again on the rise, led by a flood of junk images that spammers have crafted over the past few months to trick e-mail filters, according to security vendors.

Called “image-based” spam, these junk images typically do not contain any text, making it harder for filters that look for known URLs or suspicious words to block them.

Instead of a typed message, users will see only an embedded .gif or .jpeg image file urging them to buy pharmaceuticals or invest in penny stocks.

Antispam vendor Cloudmark says that half of incoming spam on the “honeypot” systems it puts out on the Internet to lure spammers is now image-based. “About a year-and-a-half ago we started seeing a little bit of it, but it wasn’t until the past six months that it became a serious issue for many antispam companies,” said Adam O’Donnell, a senior research scientist with the company.

(more…)

by Jonathan Coupal 

Executive Summary

Unsolicited commercial email, also commonly known as spam, has developed a negative reputation because it is at best a waste of valuable time and at worst an offensive intrusion into one’s desktop. It is estimated that 56% of all mail that passes through the Internet is spam which is an increase of 40% from one year ago today. In addition, it is estimated that spam costs an average of $874 per employee per year, with a loss of approximately 1.4% of productivity due to managing spam on the desktop.

Introduction

Internet email is an electronic system through which messages are transferred between systems on behalf of their users. It is a trusting system in that the mail server will deliver a message to the receipt that it is addressed to. This level of trust becomes a problem when anyone in the world can send an email to anyone. Individuals and organizations that send unsolicited email (spammers) are taking advantage of this trusting system.

(more…)

by Joris Evers 

Many Windows PCs have been turned into zombies, but rootkits are not yet widespread, according to a Microsoft security report slated for release Monday.

More than 60 percent of Windows PCs scanned by Microsoft’s Windows Malicious Software Removal Tool between January 2005 and March 2006 were found to run malicious bot software, according to Microsoft. The tool removed at least one version of the remote control software from about 3.5 million PCs, the software maker said.

“Backdoor Trojans…are a significant and tangible threat to Windows users,” Microsoft said in the report.

(more…)

by Kelly Martin, SecurityFocus 

Comment Back in 1972, by some accounts, a new form of communication known as email was born. It was a practical implementation of electronic messaging that was first seen on local timeshare computers in the 1960s. I can only imagine how much fun and revolutionary it must have been to use email in those early years, to have been at the bleeding edge of the curve.

Almost ten years later, in November 1981, Jonathan Postel published RFC 788 (later deprecated by RFC 821, also by Postel, and RFC 822 by David Crocker), thereby inventing the foundations of the Simple Mail Transport Protocol (SMTP) - a proposal that would revolutionize email again. Since that time, email has become as important an invention to the world as the telegraph and the telephone, and it has long been synonymous with the internet itself.

(more…)

by Dina Giolitto 

1. There is money to be made in spam. The goal of the spam racketeers: crack your passcodes, dig into your credit card and bank account information and sell it to third parties. The method: set up zombie “spam host” computers all over the world that will send virus-laden spam emails. The viruses will then burrow through your security layers and trace your every move and keystroke. In fact, your computer could be functioning as a spam host right now. Why is that fairly devastating? Because you could end up on a spam blacklist tomorrow… and as an internet marketer, the last thing you need is a tainted IP address, ticking people off with unwanted spam that you had no idea you sent!

(more…)

by George Ou

Fix SMTP and leave port 25 alone for the sake of spam by ZDNet’s George Ou — Larry Seltzer of eWeek, whom I have great respect for and usually agree with, wrote this article on dealing with spam using the controversial tactic of blocking all outbound port 25 access.? The logic behind this is that the vast majority of spam in the world comes from “zombies” (millions of computers that have been hijacked by professional hackers and spammers?and are used as?attack or spam platforms) that spew out tons of spam directly over TCP port 25 (a standard communication channel used specifically for e-mail).? I think this is a bad idea. Here’s why […]

(more…)

by Allan Gunnneson

Spam is everywhere. It’s the “in-box lunch meat” nobody likes, wants or looks forward too. Unfortunately, many folks enjoy “eating” this product because if they didn’t, there wouldn’t be any. Read on…

The federal government’s ill-conceived CAN-SPAM Act did little more than make a few legislators feel better about themselves. Did this legislation stop spam? No. Did it at least slow down the flow of spam? Nope.

You can’t eliminate a problem by treating the symptoms. If you want to eradicate a problem, you must make its environment one that will not support it.

There’s a new plan recently hatched by some well-intentioned folks at Blue Security that several of my clients have asked about. On the surface, it sounds like a good idea but, in my humble opinion, the model is fatally flawed. Here’s the scoop…

(more…)

By John Sylvester

Today I met a client for lunch. He runs a ticketing agency in Vienna and complained about confirmation emails not getting through to customers with an AOL or Yahoo email account.

In an article he recently stumbled upon, it referes to: “AOL and Yahoo are planning to begin charging what amounts to postage for those sending multiple email messages to their subscribers.” Although they’re positioning it as an anti-spam measure, it will have the effect of hampering the distribution of free information by small and non-profit publishers.

(more…)