- Do not follow unsolicited web links or attachments in email messages
- Maintain up-to-date antivirus software
- Review the Recognizing Fake Antivirus document for additional information on recognizing fake antivirus.
- Refer to the Avoiding Social Engineering and Phishing Attacks document for additional information on social engineering attacks.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for additional information on avoiding email scams.
- Review the Federal Trade Commission's Charity Checklist.
- Verify the legitimacy of the email by contacting the organization directly through a trusted contact number. Trusted contact information can be found on the Better Business Bureau's National Charity Report Index.
Tuesday, November 12, 2013
Phillipines Typhoon Email Scams and Phishing Attacks
Email professionals know that whenever there's a natural disaster - regardless of how terrible - spammers and malware writers are quick to try and exploit it. In this case, emails that try to look like charitable organizations try to get people to visit malware-laden websites. US-CERT just released a note on these scams: US-CERT encourages users to take the following measures to protect themselves:
Thursday, October 24, 2013
Cryptolocker Ransomware Warning
Cryptolocker Warning
There's a very serious Ransomware virus known as CryptoLocker currently circulating the Internet. CudaMail is actively detecting and blocking E-mails containing this dangerous threat, but we wanted to give you a heads up so that you can be aware (even for your home computers).
Mainly Spread in 3 Ways
- Via E-mail with an attached .zip file
- You browsed to a malicious website that exploits vulnerabilities using an out-dated version of Java
- You have been tricked to download a malicious file (Drivers or codec)
There is no current way to decrypt your files, once they have been encrypted!
We strongly encourage EVERYONE take special care and attention opening any ATTACHMENT We have provided some links to more information about this Virus and some resources to help prevent infections from occuring: *- http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
- http://windowssecrets.com/top-story/cryptolocker-a-particularly-pernicious-virus
- https://isc.sans.edu/diary/Cryptolocker+Update%2C+Request+for+Info/16871
- http://www.foolishit.com/vb6-projects/cryptoprevent/
Tuesday, October 22, 2013
Top 12 Spam Sending Countries
At CudaMail, we deal with the "war on spam" every day. We know it's an ongoing battle that will continue with spammers trying to devise more devious ways to get to your inbox, while we have to continually improve our managed spam filtering service to be able to detect them. One of the products our parent company Optrics sells is Sophos, and they have recently come out with their "Dirty Dozen" spam sending countries. (excerpt from original article, which is linked below) First, they differentiate Spammers vs. Spam Senders: There's a big difference, because spammers generally don't send their own spam in bulk any more. That hasn't worked for a decade or so, because if you send 10,000,000 unwanted emails as fast as you can from the same server, or even the same data center, you make an easily-identified target. So 1,000,000 of the messages might get loose before either the data center (if it cares, and reputable ones most definitely do) or the majority of your recipients, or both, say, "No more!" Not only are you blocked from sending the remaining 9,000,000 emails from your truncated campaign, you probably can't use those same servers again for days, weeks, months, perhaps ever. 
As you can see, the top of the table is surprisingly consistent, with the countries in the first five places having all been in the Dirty Dozen throughout the year. Of course, you probably expected to see India and China in the list: they each have populations exceeding 1 billion people, so it would be surprising not to see them near the top. Nor is is surprising that the USA is in the Number One spot yet again, this time sending nearly three times as much spam as second-placed Belarus. After all, the US has 30 times the population of Belarus, and internet access is much more strongly established, so you would expect a higher proportion of Americans to have their own computers and to use the internet regularly. Spam-Sending "Dirty Dozen" countries per capita: 
Here, the numbers next to each country denotes the average spamminess per person compared to the USA. In other words, we divided each country's spam total by its population, then divided every country's spam-per-person value by the figure for America. Obviously, that makes US = 1.00, and tells us that the average computer in Belarus was eleven times more likely to send spam than if it were in the USA. Israelis, whose propensity for sending spam sneaks the Middle Eastern country into twelfth place on chart for the first time this year, were 1.8 times as likely as Americans to be spam senders. The per capita chart doesn't do any favours to small countries, which tend to hide near the bottom of volume-only lists, even if their computers are awash with zombie malware. US neighbor The Bahamas, for example, made it to eighth spot, with double the likelihood of its computers spamming compared to the US. Luxembourg got up to fourth spot, with a spammishness 2.7 times than of the US, up from sixth in Q2 and seventh in Q3. - above info from their original article: http://nakedsecurity.sophos.com/2013/10/17/dirty-dozen-spam-sending-nations-find-where-you-finished-in-our-q3-spampionship-chart/
How spam is delivered
Enter the botnet, or robot network. That's an unwitting collection of surreptitiously co-operating zombie computers - in homes, at offices, in coffee shops, at the mall, by the beach - that regularly call home for instructions to servers that the criminals control. The crooks can send each bot in the network a list of email addresses, and then command the entire botnet to start a giant spam campaign. Using bots, those 10,000,000 spams can be sent, say, in 10,000 batches of 1000 emails at a time, presenting a much less obvious pattern to those who defend against spam. (And sticking those 10,000 bot-infected users with the cost of the bandwidth, if you don't mind.)Why spam matters
I used the words "unwitting" and "surreptitious" above because, although some users may knowingly participate, the majority of botnet spam senders don't even realize they're doing it. That's why we publish the SPAMPIONSHIP tables: not to lay wholesale accusations of cyber-criminality against entire countries, but to raise awareness of something we've said a number of times recently, since it's Cyber Security Awareness Month: The latest figures showing spam by volume on a country-by-country basis: (and from Sophos' article: "If your country is on the list, we're not saying that you're spammers. But we are saying that you are spam senders.") Spam-Sending "Dirty Dozen" countries by volume:
As you can see, the top of the table is surprisingly consistent, with the countries in the first five places having all been in the Dirty Dozen throughout the year. Of course, you probably expected to see India and China in the list: they each have populations exceeding 1 billion people, so it would be surprising not to see them near the top. Nor is is surprising that the USA is in the Number One spot yet again, this time sending nearly three times as much spam as second-placed Belarus. After all, the US has 30 times the population of Belarus, and internet access is much more strongly established, so you would expect a higher proportion of Americans to have their own computers and to use the internet regularly. Spam-Sending "Dirty Dozen" countries per capita: 
Here, the numbers next to each country denotes the average spamminess per person compared to the USA. In other words, we divided each country's spam total by its population, then divided every country's spam-per-person value by the figure for America. Obviously, that makes US = 1.00, and tells us that the average computer in Belarus was eleven times more likely to send spam than if it were in the USA. Israelis, whose propensity for sending spam sneaks the Middle Eastern country into twelfth place on chart for the first time this year, were 1.8 times as likely as Americans to be spam senders. The per capita chart doesn't do any favours to small countries, which tend to hide near the bottom of volume-only lists, even if their computers are awash with zombie malware. US neighbor The Bahamas, for example, made it to eighth spot, with double the likelihood of its computers spamming compared to the US. Luxembourg got up to fourth spot, with a spammishness 2.7 times than of the US, up from sixth in Q2 and seventh in Q3. - above info from their original article: http://nakedsecurity.sophos.com/2013/10/17/dirty-dozen-spam-sending-nations-find-where-you-finished-in-our-q3-spampionship-chart/ Wednesday, April 17, 2013
Boston-Related Malware Campaigns Are Out
As usual, spammers and malware writers try to take advantage of any major events - and try to send out new malware campaigns "themed" after the event to try and get more people to fall victim to their attacks.
It's no different with the recent terrible bombing attack in Boston.
Here are some of the subject lines that malware attacks have incorporated:
- Subject: 2 Explosions at Boston Marathon
- Subject: Aftermath to explosion at Boston Marathon
- Subject: Arbitron. Dial Global. Boston Bombings
- Subject: Boston Explosion Caught on Video
- Subject: BREAKING - Boston Marathon Explosion
- Subject: Explosion at Boston Marathon
- Subject: Explosion at the Boston Marathon
- Subject: Explosions at Boston Marathon
- Subject: Explosions at the Boston Marathon
- Subject: Opinion: Boston Marathon Explosions made by radical Gays? Really? - CNN.com
- Subject: Opinion: Boston Marathon Explosions - Romney Benefits? - CNN.com
- Subject: Opinion: Boston Marathon Worse Sensation - Osama bin Laden still alive!? - CNN.com
- Subject: Opinion: FBI knew about bombs 3 days before Boston Marathon - Why and Who Benefits? - CNN.com
- Subject: Opinion: Osama Bin Laden video about Boston Marathon Explosions - bad news for all the world. - CNN.com
Although our CudaMail spam filters are quick to pick up zero-day campaigns, it's a good idea to remember the best advice - Watch What You Click ON!.
Subscribe to:
Posts (Atom)