Here’s a story from the Register about how modern spam filtering has forced a long-time Canadian publication to have to change it’s name.  It’s a good thing that Barracuda Spam & Virus Firewalls are easy to tweak and adjust!

Spam filters stuff Canadian Beaver

Venerable magazine to adopt less suggestive title

By Lester Haines

Posted on theRegister.co.uk 13th January 2010 14:41 GMT

Publisher Deborah Morrison explained to AFP: “The Beaver was an impediment online. Several readers asked us to change the title because their spam filters at home or at work were blocking it. I’ve even had emails bounce back because I had inadvertently typed the term in the heading."

She added: “Nearly a century ago, it probably seemed the perfect name for a magazine about the fur trade and Canada’s northwest frontier. There was only one interpretation for the word then. But you’re likely to find a lot of [porn] sites now if you search for the title of our history magazine online.”

The 90-year-old title will, after the Feb/March issue, be known as Canada’s History.

Other Beavers of note which can be found online are the newspaper of the London School of Economics Students’ Union, a Toronto restaurant offering a range of tongue-tingling delights and a film starring Mel Gibson and Jodie Foster. ®

The original story from TheRegister.

US-CERT encourages users to take the following measures to protect themselves:

• Do not follow unsolicited web links or attachments in email messages.
• Maintain up-to-date antivirus software.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Maintaining up-to-date anti-virus is vital. Some appliances, like the Barracuda Spam & Virus Firewalls that are used by CudaMail.com to filter mail are updated on a constant basis.

US-CERT will provide additional details as they become available.

Relevant Url(s):

http://www.us-cert.gov/cas/tips/ST04-014.html

http://www.avertlabs.com/research/blog/index.php/2009/04/27/swine-flue-spam/

http://www.us-cert.gov/reading_room/emailscams_0905.pdf

US-CERT Current Activity

IRS Stimulus Package Phishing Scam

Original release date: February 6, 2009 at 10:03 am Last revised: February 6, 2009 at 10:03 am

US-CERT is aware of public reports indicating that phishing scams are circulating via fraudulent U.S. Internal Revenue Service emails offering users stimulus package payments. These emails include text that attempts to convince users to follow a link to a website or to complete an attached document. The website and document request that the user provide personal information.

US-CERT encourages users to do the following to help mitigate the risks:

* Do not follow unsolicited web links received in email messages.
* Refer to the Recognizing and Avoiding Email Scams (pdf) document
for more information on avoiding email scams.
* Refer to the Avoiding Social Engineering and Phishing Attacks
(pdf) document for more information on social engineering attacks.

Relevant Url(s):

====

This entry is available at: http://www.us-cert.gov/current/index.html#irs_stimulus_package_phishing_scam

The first report is from Message Labs and it reports that with spam volume up another 5% so far in January 2009 the top 10 Botnets, while consisting of between 10 thousand to 1 Million bots (estimated), were capable of sending out between 131 Million to almost 40 BILLION Spam messages PER DAY per Botnet. Total Volume from just the top 10 Botnets totalled almost 65 Billion messages per day! Are you getting your fair share?

It is interesting to see that the largest Botnet Cutwail/Pandex placed second behind Mega-D/Ozdok in spam volume per day category (7 Billion to 38 Billion) even though it had more compromised PC’s (1 Million bots to 660,000). This is double interesting as the latest estimates for the recent Conflicker/Downadup botnet size is at 10 million PC’s and they are not sending any spam yet.  With 10 million bots and assuming an aggressive and efficient spam engine Conflicker/Downadup could be capable of sending over half a Trillion (575 Million) messages per day by itself. Are you ready to see your spam volume jump to 10 times its current volume or even higher?

According to Barracuda Central Pharmacy spam still leads with almost 50% of the total volume while Gambling, Illegal Advertizing, ‘Amazing Deals on Software’ and ‘Genuine Replica’s’ round out the top 5 spots and over 90% of the total volume of spam.

If you don’t know how effective your anti-spam measures are or how close they are to running at capacity (out of sight = out of mind) then now is the time to take a serious look at these solutions in your organization and how they are going to handle the new surge of spam that is waiting on the horizon.

It might just be time to invest in a new firewall solution and anti-spam solution.

Don’t say we didn’t warn you!

Other Graphs and reports.

MessageLabs Intelligence: January 2009
http://www.messagelabs.com/mlireport/MLIReport_2009.01_Jan_Final.pdf

Conficker botnet at 10m infections
http://www.theregister.co.uk/2009/01/26/conficker_botnet/

DCC e-mail and spam volume graph last 12 months.
http://www.dcc-servers.net/dcc/graphs/

SpamCop – last 12 months spam volume.
http://www.spamcop.net/spamgraph.shtml?spamyear

Barracuda Central – Spam data last 24 hours
http://www.barracudacentral.org/data/spam

Shaun Sturby

Cisco recently released their ‘Annual Security Report for 2008’ and in it they show in a graph on page 4 that the volume of SPAM has climbed from approximately 60 Billion spam messages per day in May of 2007 to over 190 Billion SPAM Messages per day in October of 2008 or a 300% increase in SPAM in less than 18 months. Hardly seems like the CAN-SPAM act has been able to slow the flood. What was the daily spam volume prior to the 2003 debate and enacting of the act? I don’t have the numbers but I can assure you that a lot less than 60 Billion messages per day.

While there have been some spammers charged under it and some large judgments you would think with SPAM still being such a big problem that more would be done.

http://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003#Enforcement

Why has more not been done? Because the level of pain caused by spam that most people feel is still low enough that they don’t care to do more about it. Solutions like CudaMail have insulated the general public from the pain of SPAM. Yes they get a few messages once in a while that are spam but for each spam message they see Tens of thousands have been blocked. Imagine a day where all anti-spam measures failed and your mailbox went from a few hundred messages to 20,000 messages.

What could you do? Even taking 1 second to look at each message and delete the spam would result in you taking over 5 and a half hours of your day to just delete the spam. Do you have the time to do that?  Nobody does but that is effectively what the CudaMail system is doing for you each and every day – giving you back that 5 and a half hours each day that you don’t have to spend pounding on the delete key.

Aren’t you glad you have CudaMail?

The Bot Herders have not been asleep these past weeks but have re-vamped and improved their tools. You can bet that they will not be caught out next time their command and control servers are taken offline. Expect spam volumes to return to ‘normal’ as the holiday season approaches and people start surfing around for deals on that perfect gift.

http://www.theregister.co.uk/2008/12/08/mega_d_returns/

- Shaun

Do you want to have a very easy way to submit SPAM and false positive reports?

Do you want an easy way to keep your white list up to date?

If you answered YES to any of the above questions then you may want to try the Outlook Plug-in.

Getting to Know The Outlook Plug-In:

This very simple toolbar can be installed in the Outlook 2000 to 2007 e-mail client (not Outlook Express or the new MS Mail) to give you some additional options and two new buttons. These Green and Red buttons with an envelope and either a Check Mark (good) or Red X (bad) make the process of sending a report back to the system that you consider a message SPAM or Wanted as easy as clicking on the corresponding button. It can’t get any simpler than that!

To download the toolbar simply go to the CudaMail Web Portal and click on the ‘Get Mail Client Plugins Here‘ link at the bottom of the page. (this download link is only for current CudaMail customers – if you have a Barracuda Spam Firewall and want the plug-in go talk to your network administrator)

Per-user Web portal is at https://web.CudaMail.com

Once you download the Outlook Plug-in you have to run it to install it so you need to do this with an account that has administrative access to your PC. After it is installed you should be able to get to the ‘Spam Firewall‘ tab under the ‘Tools’ – ‘Options‘ menu item and it should look something like this:

What Does This All Mean?

Automatically Update White list: When this option is checked off every time you add someone as a new personal contact or e-mail someone then they will be added to your personal white list. While this sounds like a great idea you need to login to your personal options area on the CudaMail system on a semi-regular basis to clear out old or stale white list entries and specifically to make sure your own e-mail address is not on the white list.

A typical spammer trick is to send you spam pretending to be you so you do not want to white list your own e-mail address or you will get more spam.

This can happen by accident if you ‘reply all‘ to an e-mail and don’t take your e-mail address off or if you are in the habit of always cc’ing yourself.

Additional Button Actions:

Spam: Permanently Delete Message or Move to Deleted Items folder.

While I like to completely get rid of any spam messages by leaving it on the ‘Permanently Delete Items‘ option you have no way of easily getting back any message you accidently marked as Spam. By setting this option to “Move to – Deleted Items Folder‘ you can always rescue it from there if you have an accident.

Not Spam: Add E-Mail addresses to Whitelist. When a message come through with the subject tagged as spam ‘[CudaMailTagged] -original subject’ and you click on the Green button to submit a ‘falsely marked as spam‘ report this option will also update your personal whitelist so that this senders e-mail will not be tagged in the future.

There is a second benefit to the plug-in as it is building your own personal database of ‘Good‘ and ‘Bad‘ messages that are unique to you. Once you have marked at least 200 messages of each type then the statistical analysis or ‘Barracuda Bayesian Learning‘ will kick in and provide additional protection against Spam. You will only be able to mark messages that have been processed by the CudaMail system so don’t just select everything in your inbox and try to mark them all as ‘good‘. What you should do is look at the message and ask yourself ‘Did this e-mail come from outside our organization and is it a representative sample of e-mail that I want to get in the future?’

This plug-in is also the answer to questions like the following:

1. How do I automatically whitelist all of my contacts?
2. I get so few messages in the per-user quarantine how am I ever going to get 200 ‘good’ messages?
3. How do I send you samples of spam that I don’t want?

Does the Outlook plug-in work with Microsoft Vista?

Yes the Outlook Plug-in versions 2.1.0.5 and above work with Microsoft Vista and Outlook 2007. The plug-in version can be found on the licensing screen when installing the plug-in, or in Microsoft Outlook by viewing the Spam Firewall tab in the Options window. The version number will be located in the bottom-right corner of the window.

If you can give the Outlook Plug-in a try. I have been using it myself for the last 2 years and I get a sense of joy every time I can click on the ‘Spam’ button because I know that this is making the Spammer’s job that much harder next time.

- Shaun