VB Migration

Tag: spam

  • Left-to-right override makes a return in spam

    Trick shows that spammers still try to beat content-based filters. A decade ago, when spam had become a serious issue, most spam filters tried to block the unwanted emails based on their content. This resulted in a cat-and-mouse game between spammers and spam filters, with the former constantly looking for new ways to obfuscate the…

  • Srizbi kernel-mode spambot reappears as Pitou

    Malware possibly still in the ‘brewing’ stage. In November 2007, we published an article by Kimmo Kasslin ( F-Secure ) and Elia Florio ( Symantec ), in which they analysed the ‘Srizbi’ trojan, notable for being the first malware found in the wild that operated fully in kernel mode. It appears that Srizbi has made…

  • VB2014 preview: Labelling spam through the analysis of protocol patterns

    Andrei Husanu and Alexandru Trifan look at what TCP packet sizes can teach us. In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we will look at some of the research that will be presented at the event. Today, we look at the paper ‘ Labelling spam through the analysis of…

  • Report: 15 solutions achieve VBSpam award

    Despite short spike, image spam no problem for spam filters. Good news for those who need to run a spam filter (in other words: everyone who runs a mail server). For the second time in a row, all 15 participating full solutions in our comparative anti-spam tests achieved a VBSpam award. They all blocked a…

  • AOL spam spreads ‘NotCompatible’ Android trojan

    AOL responds by following Yahoo! in setting strict DMARC policy. This week, #AOLhacked has become a popular hashtag on Twitter : many AOL users are using it to complain that their email address had been sending spam to their contacts. Those who click the link in the emails – never a wise thing to do…

  • Is your fridge sending spam?

    It’s possible that smart devices are sending spam, but it wouldn’t make any difference. Last week, security-as-a-service firm Proofpoint published a press release on a recent spam campaign in which emails had been sent from Internet-connected devices such as televisions and even a fridge. At Ars Technica , Dan Goodin did a good job debunking…

  • Syrian conflict used in pump-and-dump spam

    Short campaign could have had desired effect. Pump-and-dump spam is almost as old as spam itself: emails are sent out promoting worthless ‘penny stocks’, which have been purchased by the scammers before the start of the campaign. The hope is that the hype contained in the emails will encourage others to invest in the stock,…

  • Kelihos checks machines’ IP addresses against DNS blacklists

    Role of node in a botnet dependent on whether the IP address is blacklisted. Whenever I look at the results of the VBSpam tests, it always amazes me how large a percentage of spam is blocked because the sending IP address appears on a DNS blacklist. It is not that I wouldn’t expect those that…

  • Are Gmail’s new advertisements in breach of CAN-SPAM?

    Marketers upset about ’emails’ that you can’t unsubscribe from. A debate is happening among (anti-)spam experts on whether Gmail ‘s new way of displaying advertisements is in breach of anti-spam laws. It is easy to underestimate the importance of anti-spam laws. Of course, most of the spam sent today would be illegal, even without laws…

  • Is publishing your employees’ email addresses such a big deal?

    Beware of a false sense of security. Security blogger Graham Cluley points to hypocrisy in a KPMG press release in which it criticises FTSE 350 companies for ‘leaking data that can be used by cyber attackers’, while making the same mistake themselves. KPMG found that every single company in the FTSE 350 index (the 350…