Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42868
  • Total Topics: 16077
  • Online Today: 2414
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: Spammers Hack Servers to Infect Legit E-Mail  (Read 2537 times)

0 Members and 2 Guests are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Spammers Hack Servers to Infect Legit E-Mail
« on: 25. October 2008., 20:06:21 »


Spammers are getting around improved filtering systems, according to Cyberoam, a division of Elitecore Technologies.

Instead of sending e-mail from a known spam IP address or infected bot server, spammers have found ways to do so from legitimate mail servers and domains, Cyberoam noted.

The unified threat management (UTM) solutions provider said that spammers would steal legitimate e-mail senders' credentials, compromising e-mail account enrollment processes. Consequently, the spammers could automatically register thousands of free e-mail accounts mainly by using algorithms to break CAPTCHAs meant to eliminate mass automated registrations.

In particular, malware hidden in legitimate sites is on the rise, Cyberoam said.

Perpetrators also play on user psychology and curiosity by sending spam content such as gruesome videos, doomsday announcements, celebration days, love mails and celebrities' information.

Sinister Attack Methods

According to Cyberoam, malicious content like flash spam is often hosted on legitimate sites that had been hacked. Such content may also be hosted on popular public platforms like Blogspot or Flickr, taking advantage of security solutions' reluctance to generate false positives.

"Given the blended nature of attacks, unified security that includes anti-virus, anti-malware and content filtering solutions provide second and third layers of protection," said Abhilash Sonwane, Cyberoam's vice president of product management. "Such security prevents downloads of malware from websites and prevents users from accessing malware-laden sites inadvertently."

Sonwane said that having a strong anti-spam solution at the gateway stops spreading of spamware through official e-mail addresses. "However, malware-linked spam can still slip in through personal e-mail accounts."

"Building user awareness and enforcing responsible surfing behavior in corporate networks prevents such threats significantly," Sonwane said.

Ironically, spammers have also played upon users' desire to defend themselves against web-based threats, Cyberoam noted.

For example, an e-mail like 'admin@microsoft.com' was designed to look like a notification update for the popular IE7 web browser, complete with a disclaimer from the Microsoft site. However, users who clicked on the link were hit with a nasty executable file.

Blocking bots

According to Cyberoam, reputation-based solutions are continuously improving in ability to block bots, with about 55 per cent of bots having a lifespan as short as one day. However, Cyberoam also noted that such solutions need to be continuously updated to maintain accuracy.

The UTM solutions provider claims to use Commtouch RPDTM technology to analyse large volumes of internet traffic in real-time. Unlike traditional spam filters, the technology does not rely on e-mail content, and is hence able to detect spam in any language, and in every message format, Cyberoam said.

Cyberoam also claims to incorporate this technology within its identity-based UTM appliances.

(PC World)

Samker's Computer Forum - SCforum.info

Spammers Hack Servers to Infect Legit E-Mail
« on: 25. October 2008., 20:06:21 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising