Your Ad Here
No Comments

Email Bombing and Spamming

2010
09.07

This document provides a general overview of problems associated with electronic mail bombing and email spamming. It includes information that will help you respond to and recover from this activity.

Introduction

I. Description
II. Technical Issues
III. What You Can Do

  1. Detection
  2. Reaction
  3. Prevention
IV. Additional Security Measures That You Can Take

I. Description

Email bombing is characterized by abusers repeatedly sending an email message to a particular address at a specific victim site. In many instances, the messages will be large and constructed from meaningless data in an effort to consume additional system and network resources. Multiple accounts at the target site may be abused, increasing the denial of service impact.

Email spamming is a variant of bombing; it refers to sending email to hundreds or thousands of users (or to lists that expand to that many users). Email spamming can be made worse if recipients reply to the email, causing all the original addressees to receive the reply. It may also occur innocently, as a result of sending a message to mailing lists and not realizing that the list explodes to thousands of users, or as a result of a responder message (such as vacation(1)) that is setup incorrectly.

Email bombing/spamming may be combined with email spoofing (which alters the identity of the account sending the email), making it more difficult to determine who actually sent the email. For more details on email spoofing, see

http://www.cert.org/tech_tips/email_spoofing.html

II. Technical Issues

  • If you provide email services to your user community, your users are vulnerable to email bombing and spamming.
  • Email spamming is almost impossible to prevent because a user with a valid email address can spam any other valid email address, newsgroup, or bulletin-board service.
  • When large amounts of email are directed to or through a single site, the site may suffer a denial of service through loss of network connectivity, system crashes, or failure of a service because of
    • overloading network connections
    • using all available system resources
    • filling the disk as a result of multiple postings and resulting syslog entries

III. What You Can Do

    1. Identify the source of the email bomb/spam and configure your router (or have your Network Service Provider configure the router) to prevent incoming packets from that address.Review email headers to determine the true origin of the email. Review the information related to the email bomb/spam following relevant policies and procedures of your organization.
    2. Follow up with the site(s) you identified in your review to alert them to the activity. Contact them to alert them to the activity.NOTE:
      When contacting these sites, keep in mind that the abuser may be trying to hide their identity.

      We would appreciate it if you sent a copy of your message to cert@cert.org; this facilitates our work on incidents and helps us relate ongoing intruder activities.

      If you have a CERT reference number (e.g., CERT#XXXXX) for this incident, please include it in the subject line of all messages related to this incident. (NOTE: The CERT/CC assigns this reference number, so if you do not have one, one will be assigned once we receive the incident report.)

      To find site contact information, please refer to

      http://www.cert.org/tech_tips/finding_site_contacts.html
    3. Ensure you are up to date with the most current version of your email delivery software (sendmail, for example) and increase logging capabilities as necessary to detect or alert you to such activity.
    1. Develop in-house tools to help you recognize and respond to the email bombing/spamming and so minimize the impact of such activity. The tools should increase the logging capabilities as well as check for and alert you to incoming/outgoing messages that originate from the same user or same site in a very short span of time. Once you identify the activity, you can use other in-house tools to discard the messages from the offending users or sites.
    2. If your site uses a small number of email servers, you may want to configure your firewall to ensure that SMTP connections from outside your firewall can be made only to your central email hubs and to none of your other systems. Although this will not prevent an attack, it minimizes the number of machines available to an intruder for an SMTP-based attack (whether that attack is a email spam or an attempt to break into a host). It also means that should you wish to control incoming SMTP in a particular way (through filtering or another means), you have only a small number of systems–the main email hub and any backup email hubs–to configure. More information on filtering is available from
      http://www.cert.org/tech_tips/packet_filtering.html
    3. Consider configuring your mail handling system(s) to deliver email into filesystems that have per-user quotas enabled. Doing this can minimize the impact of an email bombing attack by limiting the damage to only the targeted accounts and not the entire system.
    4. Educate your users to call you about email bombing and spamming.
    5. Do not propagate the problem by forwarding (or replying to) spammed email.

  2. Detection

    3. If your system suddenly becomes sluggish (email is slow or doesn’t appear to be sent or received), the reason may be that your mailer is trying to process a large number of messages.

  3. Reaction

  4. Prevention

    5. Unfortunately, at this time, there is no way to prevent email bombing or spamming (other than disconnecting from the Internet), and it is impossible to predict the origin of the next attack. It is trivial to obtain access to large mailing lists or information resources that contain large volumes of email addresses that will provide destination email addresses for the spam.

IV. Additional Security Measures That You Can Take

  1. If you have questions concerning legal issues, we encourage you to work with your legal counsel.U.S. sites interested in an investigation of this activity can contact the Federal Bureau of Investigation (FBI). Information about how the FBI investigates computer crimes can be found here
    http://www.cert.org/tech_tips/FBI_investigates_crime.html

    For information on finding and contacting your local FBI field office, see

    http://www.fbi.gov/contact/fo/fo.htm

    Non-U.S. sites may want to discuss the activity with their local law enforcement agency to determine the appropriate steps for pursuing an investigation.

  2. For general security information, please see
    http://www.cert.org/

    Courtesy : http://www.cert.org/tech_tips/email_bombing_spamming.html

Bookmark and Share

Tags: Category IT, Software Services |

No Comments

Stopping Spam Comments on my Blog

2010
09.07

Internet users are hounded by spam, but what exactly is spamand how does it affect people? Spam is one of the few problems with using the internet to communicate. Because it’s a form of mass communication the spammers have an easy job to get their message out there.

Spam simply means unsolicited messages. Although most people think that these messages are always sent through email this isn’t actually always the case. Spam can affect any form of electronic communication including text messages on cell phones, and blog comments.

Blogging

Blogging has taken the internet by storm with almost everyone owning a blog and updating it on a regular basis. Blogs are like online diaries and can be used to keep people informed about what’s going on in your life.

The main reason why blogs are so popular is because it’s possible to allow people to interact with them. Interaction is wonderful because it keeps people interested and allows them to ask questions.

Leaving Comments

One of the ways to interact on a blog is to leave comments. When you write an entry on your blog people can then leave comments to tell you about what’s going on in their life, or discuss anything with you.

This sounds like a great idea and it really is. Lots of people have found long lost friends simply because they found their blogs and left comments.

Comment Spam

The only real problem with the ability to leave comments is that anyone can leave a message. This means that people who aren’t your friends can leave comments which have nothing to do with your post or blog. This is a type of spam and can be just as dangerous and annoying as email spam.

There are actually quite a few ways to protect your blog from spam. All of the major blogging platforms including Blogger and WordPress have utilities to protect you from spam.

If you use WordPress then there is a Plug-in called Akismet-it. This will automatically analyze the comments left on your blog to decide whether or not they are considered spam. You are also able to review what it has marked as spam to make sure.

All of the other blog platforms have similar pieces of software and filters to protect against spam.

Your blog might be a bit of fun for you but it’s important that you stop it falling victim to spam. If you start getting spam comments on your blog then you need to take action quickly before the problem spreads.

Courtesy : http://www.spamlaws.com/stop-spam-blog-comments.html

Bookmark and Share

Tags: Category IT, Software Services |

No Comments

Destroy all Malware

2010
09.07

Susan Tenby: Rest assured that there are steps you can take to reduce the amount of junk flooding your inbox.

  1. Never, ever reply to a spam message.
  2. Don’t click any links in a spam e-mail.
  3. Disguise your e-mail addy.
  4. Don’t forward an e-mail from someone you don’t know to a list of people.
  5. If you have your own domain, don’t use your regular e-mail address when you register at Web sites.
  6. Create disposable e-mail addresses.
  7. Don’t use your home or business e-mail address when you register on a Web site or in a group.
  8. Before you join a list , make sure the list owner or Web master will not sell your address.
  9. Preview your messages before you open them.
  10. View a message’s headers to see if a sender’s e-mail address is valid.
  11. Don’t use Hotmail/AOL/MSN as your primary mail provider.
  12. Use complicated e-mail addresses.
  13. Use a spam filter.
  14. If you work in an office, forward spam to your IT department so they can adjust the filters.
  15. Read all your messages as text.
  16. Use a Web-posting form on your Web site to allow users to contact you.
  17. Make sure your privacy settings are set so you don’t receive marketing from other sites in your AOL and Yahoo profiles.
  18. Never use your e-mail address as your screen name in chat rooms.
  19. Throw in a little HTML or spacing that is undetectable to crawlers , when posting your e-mail address on a Web site.
  20. Don’t give your real address to a Web site for registration.

Courtesy : http://www.destroyallmalware.com/?guid=20050907225536

Bookmark and Share

Tags: Category IT, Software Services |

No Comments

Things You Can Do to Prevent Spam

2010
09.07

Face it; your inbox is infested with spam. And it’s not like you asked for all of these messages either. Or did you? Believe it or not, your behavior online plays a big role in who has access to your email address — and that includes spammers. Regardless, you’re probably frustrated about unwanted mail and want to do something, anything. Rest assured that there are steps you can take to reduce the amount of junk flooding your inbox.

We asked TechSoup Community members for their expert advice on ways to drastically reduce the amount of spam ambushing your inbox. The following TechSoup readers contributed tips: Sunah Caroline Cherwin, Alex Martin, and Lisa LaTorre. TechSoup Community hosts William Rodina, Don Cameron, Jayne CravensRobert L. Weiner, and Christian Nielsenalso contributed tips.

  1. Never, ever reply to a spam message. This includes buying a product that is for sale or clicking the often-misunderstood “unsubscribe” link, which actually informs your spammer that you exist. If you can tell from the subject line that a message is spam, don’t open it — delete it. Spam subject lines usually promise you a better sex life, a more youthful appearance, prescription drugs without a doctor’s approval, love, thicker hair, or a better mortgage rate. They also use attention-demanding punctuation, such as exclamation marks or all caps.
  2. Don’t click any links in a spam email. Spammers often have multiple, unique pages on their sites. Often, when you click a URL in a spam message, this tells the spammer that you — and only you — received the message he or she sent.
  3. Disguise your email address. Don’t put your email address in plain text on your Web site. An effective way to trick the spiders that traverse the Web to harvest email addresses is to disguise your email address by stripping out periods and “@” symbols. For example, “YOURNAME AT YAHOO DOT COM.” You can also make the “@” an image, which will prevent crawlers from identifying it. You make also wish to disguise it in your signature file, in case your recipients forwards your email.
  4. Don’t forward an email from someone you don’t know to a list of people. You remember those “forward this email to 20 of your friends” messages? They are perfect for spammers to harvest email addresses, even if the sender of the original email did not have this intent. These types of sign-and-forward emails often appear in the form of a petition — and they don’t work.
  5. Don’t use your home or business email address. when you register on a Web site or in a group. If you must sign up for services, want to receive more info, register for newspapers or domains; use a free email address from a site like Yahoo or Hotmail to create an address especially for that purpose. This also goes for posting to the Web, in a listserv, newsgroup, on a contact page for a Web site, or on a resume that is posted on the Web.
  6. Before you join a list, make sure the list owner or Web master will not sell your address. Check to see if you can opt out of receiving unsolicited email from the site where you’re registering. If you are unsure about this, read the site’s privacy statement.
  7. Preview your messages before you open them. Outlook (and many other email clients) let you use a preview mode to peek at the contents of a message before you actually open it. To do this in Outlook, go the View menu and select Preview Pane. Instead of double clicking a message, click it once to select it and you’ll see the message displayed in the Preview Pane.
  8. Use a complicated email username. Spammers’ software will look for the easy and obvious addresses first, such as those with identifiable names “john1977@hotmail.com,” as opposed to “sjk839@msn.com.”
  9. Use a spam filter. One to try is SpamBayes for Windows, which you can find in TechSoup’s Free Downloads section. Another is Mailshell, which is available on TechSoup Stock. (Visit the Mailshell page for details).
  10. If your organization has an IT department, forward any spam that gets through to it. This way, they can perhaps better tweak the filters.
  11. Make sure your privacy settings are set so you don’t receive marketing from other sites in your AOL and Yahoo profiles. Many listservs use Yahoo lists as the list provider; you must unselect these pre-selected choices in your personal privacy settings.
  12. Never use your email address as your screen name in chat rooms. It will give spiders or human email harvesters an absolute yes to a questionable email address.

Courtesy : http://www.techsoup.org/learningcenter/internet/page4782.cfm

Bookmark and Share

Tags: Category IT, Software Services |

No Comments

Don’t Let Spammers Find You!

2010
09.07

So, your inbox is full of spam – and you want to receive less of it in the future. There are many things you can do that will decrease the amount of spam in your inbox, including using aspam filter or a spam blocker. But there are also common sense ways to prevent spam in your inbox and increase your email address’s security. Here are just a few:

  • Never reply to or click on any links in a spam message – Don’t buy any products or services advertised in spam, don’t reply to the email, don’t click any links provided, and don’t click the “Unsubscribe” link unless it includes mention of the CAN-SPAM Act. These actions only serve to confirm to spammers that you exist and you are receiving their emails. This may even increase the amount of email these spammers are sending you.
  • Read your messages as text – Turn off the ability to view pictures, HTML, movies, and formatted text for emails you don’t know. This prevents you from accidentally clicking a link or downloading adwarespyware, or viruseswithout knowing it. Some email providers like Google and Hotmail automatically block these things from appearing in emails from senders not familiar to you. Don’t change these settings.
  • Preview your messages – If you use Outlook you can preview messages in the preview screen before actually opening them. Like reading your messages as text, this prevents you from downloading spyware, adware, and viruses without knowing it.
  • View message headers – You can usually do this by clicking a button or link called something along the lines of “View full header.” When analyzing header information, pay special attention to the “From” and “Reply To” addresses. Are they the same? Is the “Reply To” address the same as the organization the email claims to be from? If not, this is a warning sign of spam.
  • Don’t participate in forwards and ask your friends not to send you them – Forwarded emails tend to list the email addresses of everyone who has forwarded the message, along with the email addresses of everyone they forwarded the message to. This is an easy target for spammers to find long lists of email addresses to target. Be especially wary of signing any sort of petition too, since these can be created by spammers for the list of names and email addresses.
  • Use a complicated email address - The more complicated your email address is, the less likely it is to be generated for targeting by a spammer’s software. Spammers’ software normally looks for easy and obvious addresses first.
  • Create alias email addresses – Certain services (like those of Sneakemail.com) allow you to generate multiple, anonymous email addresses that forward to your real email account. You can even reply to forwarded messages through your email account and have it appear as though you are replying through the generated one. This puts a level of anonymity between you and potential spammers. A good idea is to create a new email address for every website that you disclose your address to. If you start to get spam through that address, you know where the spam is coming from and you can delete the address and eliminate the spam.
  • Read privacy policies before disclosing your email address – Don’t register your email address on a website unless you know for sure that you can later opt-out from any emails they send you. Read their privacy policy to find this out and also to find out if they may sell or show your email address to a third party, who could very well be a spammer.
  • Keep your home or business address confidential – Don’t give out your home or business address on registration webpages. Instead, use a service like Sneakemail.com or create an address you use specifically for registration purposes. You should also do this when joining a listserv, message board, internet group, or when posting your email address on an online contact page, resume, etc.
  • Don’t give your real address for registration – If you can get away with it when registering on a website, newsgroup etc., use a fake email address. This will not work if you need to reply to a confirmation address though. In this case, use a service like Sneakemail.com or an email address you create specifically for those purposes.
  • Don’t use your email address as your screen name - If you participate in chat/message boards or anything similar where you register a username, don’t use the section of your email address before the @ sign as your screen name. This confirms a questionable email address to spammers, and they will often try to add “@hotmail.com,” “@yahoo.com,” etc. to create an email address (yours) to target.
  • Disguise your email address – If you need to publish your email address on a website, even if it’s an address that you have for that specific purpose (which you should always use when publishing your email address), disguise it so that spammer’s software can’t find it. You can do this by leaving out periods and @ signs, and instead making it look something like this: “yourname AT yourdomain DOTcom.” You can also make the “@” an image or use JavaScript to make your address a clickable link.
  • Don’t use a major national free email provider as your primary address – Spammers will often target common usernames on widely-used email domains like Hotmail, Yahoo, AOL, MSN, etc.
  • Use a spam filer or blocker – Read more about spam blockers and spam filers on our site.
  • Adjust your privacy settings – Make sure the spam filters included in your email service are on their highest setting.

    • And when you do find spam in your inbox, don’t forget to report it. This ensures that appropriate steps are taken to persecute the spammers and stop spam at its source.

    Courtesy : http://www.spamlaws.com/prevent-spam.html

    Bookmark and Share

    Tags: Category IT, Software Services |

    « Older Entries
    Newer Entries »