Spam

Spam / Most Commented

What Is Email Appending and Why Is It Bad?

MAAWG recently released a document on email appending, criticizing the practice and describing it as abusive. But what is email appending? ... This definition is alright but I didn't find it as helpful as it could be. I looked it up on some other sites and I have a better description. more

Internet and Self-Governance? An Example

At the Government Roundtable meeting in Amsterdam on 12 September RIPE NCC presented on her results on auditing Local Internet Registries (LIRs) and on the policy process concerning certification of her members. If this showed something to the world it is that cooperation with governments and law enforcement agencies (LEAs) pays off and self-governance can work. How did this come about? more

Seventh Circuit Awards e360 a Whopping $3 in Damages Against Spamhaus - e360 v. Spamhaus

The lawsuit between e360 and Spamhaus was a long-running, tortured affair, and it looks like it finally came to a close. With e360 being awarded a whopping $3 in damages against Spamhaus. ... e360 sued Spamhaus, a UK entity, for damages allegedly resulting from being identified as a "known spammer." It sued Spamhaus for tortious interference and defamation. Spamhaus removed to federal court and asserted lack of personal jurisdiction. more

Five Countries are Considering Anti-Spam Laws

The international press is alight with reports of various countries considering privacy and anti-spam legislation. It appears that many countries have arrived at the logical conclusion that after years of supposed 'self regulation'; some marketers must be brought to heel by way of regulation and law, to stop abusive practices. more

Spam Is on the Decline; What Are the Implications?

Previously, I wrote that the total amount of spam that we are seeing has seen a significant decline over the past year and a half. What does this mean in real terms? Are we finally winning the fight against spam? There are multiple angles. On the one hand, processing spam takes significant system resources... more

Protecting Yourself from Spear Phishing

One of the big trends this year is spear phishing. These are phish attacks that are frequently (though not always) against high profile users. The purpose of these attacks is to steal sensitive data or get elevation of privilege inside the service by exploiting a software vulnerability within the user's computer that transmits usernames and passwords back to the phisher. more

Holomaxx v. Yahoo and MS: The Hearing

I visited Judge Fogel's courtroom this morning to listen to the oral motions in the Holomaxx cases. This is a general impression, based on my notes. Nothing here is to be taken as direct quotes from any participant. Any errors are solely my own. With that disclaimer in mind, let's go. more

Synacor Provides a New Complaint Feedback Loop Service to the Internet Community

Last week, Synacor joined other major mailbox providers by introducing a complaint feedback loop service -- powered by ReturnPath. This increases the number of public complaint feedback loops available today across the internet. more

Catching Spam Email with Project Honey Pot

Since its launch in October, 2004 Project Honey Pot has made some interesting progress in their war against spam email. The project is a distributed system used to identify spammers and spambots operating across the Internet. To put it simply, Project Honey Pot lays millions of traps around the Internet (66,393,293 as of this writing) baited with specific email addresses that are configured to forward received emails to the Project Honey Pot system. Since these are not email addresses used by real individuals virtually every email received is positively identified as spam. more

New gTLDs: Floodgates for Spammers?

Ever since I heard of the new generic Top-Level Domains (gTLDs), I wondered whether they would be prone to abuse. For example, Microsoft might want to register www.microsoft.microsoft, or Sony might want to register www.sony. But isn't this opening up the floodgates for spammers to register their own domains and squat on them? Why couldn't a spammer register www.cit.ibank? They could then send phishing messages and fool people into clicking very legitimate looking domains. But I don't think this will be a problem. more

Researchers Use Social Graphs to Detect Spammers, Attackers

A project named S-GPS or Spammer Global Positioning System, by Microsoft researchers uses spammer identification rather than spam identification to identify zombie-based spammers. more

Response Policy Zones (RPZs): Use as a Blocklisting Process

Gradually it seems the word is spreading about a new blocking methodology to interrupt the ability of end users to click and visit phishing sites - thereby having their personal information/credentials at risk. This is the DNS Response Policy Zones. DNS RPZs allows companies that run recursive resolvers to create a zone that will not resolve specific domains. more

CAUCE Director Neil Schwartzman Wins Prestigious MAAWG Award

CAUCE Executive Director Neil Schwartzman won the prestigious Mary Litynski award on June 08, 2011 for his contributions to Internet anti-abuse efforts, including the passage of Canada's Anti-Spam Law. more

Research Detects Spammers Using Fake URL-Shortening Services

New research has uncovered evidence of spammers establishing their own fake URL-shortening services for the first time. According to the latest MessageLabs Intelligence report, shortened links created on these fake URL-shortening sites are not included directly in spam messages; instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites. "Rather than leading directly to the spammer's final Web site, these links actually point to a shortened URL on the spammer's fake URL-shortening Web site, which in turn redirects to the spammer's final Web site." more

The Distribution of Botnets Since Rustock Went Down

I pulled together some statistics on my collection of botnet statistics for the period of time between Rustock being shut down and Wednesday, April 6. I wanted to see the distribution of botnets per country - now that Rustock is down, which country has the most botnet infections (as measured by unique IP addresses that send us spam)? more