Some firms do their own spam and virus filtering with an appliance like the Barracuda Spam & Virus Firewall, . However, some don’t have their own I.T. resources, or simply don’t want to manage their own appliance.

That’s the advantage of a “Cloud-Based” Spam Filtering service – it’s set up for you, and managed for you. You also don’t have to bother with updating spam definitions or other subscriptions.

There are several services available on the web, but it’s important to ask yourself some questions like:

Is it important to be able to contact them (and talk to a live person) easily?

Can I add people to my whitelist or blacklist?

It’s a free downloadable guide, so if you want to get some tips on choosing a spam filtering service, you can check it out easily. There an opt-in form on the top right of the site, and after confirming with AWeber, you get a link to the guide.

The Story:

US-CERT is aware of public reports of a phishing attack that specifically targets US government and military officials’ Gmail accounts. The attack arrives via an email sent from a spoofed address of an individual or agency known to the targeted user. The email contains a "view download" link that leads to a fake Gmail login page. The login information is then sent to an attacker. Google has indicated that this phishing campaign has been disrupted and that affected parties have been notified.

• US-CERT encourages users and administrators to do the following to help mitigate the risks:
• Review the Google blog entry Ensuring your information is safe online.
• Do not follow unsolicited web links or attachments in email messages.
• Use caution when providing personal information online.
• Verify the legitimacy of the email by contacting the organization directly through a trusted contact method.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
• Refer to the Using Caution with Email Attachments document for more information on safely handling email attachments.

Relevant Url(s):

http://www.us-cert.gov/cas/tips/ST04-014.html

http://www.us-cert.gov/reading_room/emailscams_0905.pdf

http://googleblog.blogspot.com/2011/06/ensuring-your-information-is-safe.html

http://www.us-cert.gov/cas/tips/ST04-010.html

Original Article:  http://www.us-cert.gov/current/index.html#gmail_phishing_attack

US-CERT recently posted a warning about impending Phishing and Malware email scams regarding Japan’s recent earthquake and the resulting tsunami disaster:

- original story below:

US-CERT Current Activity

Japan Earthquake and Tsunami Disaster Email Scams, Fake Anitvirus and Phishing Attack Warning

Original release date: March 11, 2011 at 10:14 am Last revised: March 11, 2011 at 10:14 am

US-CERT would like to warn users of potential email scams, fake antivirus and phishing attacks regarding the Japan earthquake and the tsunami disasters. Email scams may contain links or attachments which may direct users to phishing or malware-laden websites. Fake antivirus attacks may come in the form of pop-ups which flash security warnings and ask the user for credit card information. Phishing emails and websites requesting donations for bogus for charitable organizations commonly appear after these types of natural disasters.

US-CERT encourages users to take the following measures to protect themselves:

• Do not follow unsolicited web links or attachments in email messages.
• Maintain up-to-date antivirus software.
• Review the Federal Trade Commission’s Charity Checklist.

Verify the legitimacy of the email by contacting the organization directly through a trusted contact number. Trusted contact information can be found on the Better Business Bureau National Charity Report Index.

You can find the original story here.

Here’s a “blast from the past”. It’s like it’s 2001 all over again! There’s an email worm ( and not kidding here ) circulating that uses the good old infection method of sending emails with malicious executables to all the people in your address book!

It arrives in emails with a subject like “Here You Have”, or something similar to it.

In the email, there’s a link to a malicious download – with text that’s made to look like it’s a link to a pdf, or a video. If a user clicks on it, the malware winds up in the Windows folder. The file name winds up CSRSS.EXE and that’s a file name for a legitimate file in Windows.

Body Examples

Hello:

This is The Document I told you about,you can find it Here.
hxxp://www.SomeFakeWebsite/library/PDF_Document21.025542010.pdf

Please check it and reply as soon as possible.

Cheers,

or

Hello:

This is The Free Dowload Sex Movies,you can find it Here.

hxxp://www.AnotherFakeWebsite/library/SEX21.025542010.wmv

Enjoy Your Time.

Cheers,

At that point it tries sending itself to everyone in your Outlook address book.

Who says that the good old “tried and true” methods of spreading malware don’t work any more? I suppose if fashion from the 70′s can come back, it’s not too big a leap to have old spammers tactics rear their ugly heads from time to time.

When the first few came through the CudaMail system, they were quickly analyzed and are now being caught and blocked, but for non-CudaMail customers, make sure you keep an eye on your inbox, and stick with “safe emailing” practices with regard to clicking on anything!

— Original Article —

More than 40 percent of the world’s spam is coming from a single network of computers that computer security experts continue to battle, according to new statistics from Symantec’s Message Labs division.

The Rustock botnet has shrunk since April, when about 2.5 million computers were infected with its malicious software that sent about 43 billion spam e-mails per day. Much of it is pharmaceutical spam.

Now, about 1.3 million computers are infected with Rustock, and the botnet is making up for its decreased size with increased volume, said Paul Wood, a MessageLabs intelligence analyst with Symantec. Those infected computers — most of which are in North America and Western Europe — are collectively sending around 46 billion spam e-mails per day.

The reason for the drop in infected computers could be due to a number of factors, Wood said. Those computers’ antivirus programs may have detected the infections or the people controlling Rustock could have lost the connection to those computers for various reasons.

The computers infected with Rustock have also stopped using TLS (Transport Layer Security), an encryption protocol used to securely send e-mail. Spammers were believed to encrypt their spam using TLS because it was harder for other network equipment to inspect the traffic and figure out if it was spam, Wood said.

But sending e-mail using TLS required more resources and was slower. “It would seem that the botnet controllers, especially those behind Rustock, have perhaps realized that the use of TLS gave them little or no discernible benefits and instead impeded their sending capacity owing to the additional bandwidth and processing overhead needed for TLS,” the report said.

Rustock has proved to be a robust botnet. It was nearly killed off when McColo, an ISP in San Jose, California, was cut off from the Internet in November 2008 by its upstream providers. McColo had hosted the command-and-control servers for several botnets, including Rustock.

But Rustock’s operators were able to switch the command-and-control servers when McColo briefly regained connectivity again before finally being shut off, which has allowed it to run for nearly four years now.

View the original story here.

—–

At the Federal Trade Commission

The Article:

Consumers Don

]]> http://www.thespamcryer.com/millions-continue-to-click-on-spam/feed/ 0 http://www.thespamcryer.com/which-botnet-sends-the-most-spam-p-3/ http://www.thespamcryer.com/which-botnet-sends-the-most-spam-p-3/#comments Fri, 05 Mar 2010 17:55:20 +0000 Shaun http://www.thespamcryer.com/?p=268 Terry Zink looks at botnets, and if there’s a way to determine which sends the most spam. This is part 3 of his series.

original post:

In part 1 of my series, I looked at which botnet sends the most spam, by total number of messages sent at the recipient level and not the envelope level. In part 2, I looked at which one sends the most spam by total amount of bytes that they emit. Now, I

]]> http://www.thespamcryer.com/which-botnet-sends-the-most-spam-p-3/feed/ 0