 |
| |
 |
Your Bookmarks |
|
|
|
| |
 |
Daily Quote |
|
|
|
| |
|
| |
 |
|
|
|
Spam Makes A Comeback,
Friend! |
Good Morning!
Trent Steele here with all the
hottest technology news, software
downloads, and your personalized
weekly recommendations.
Getting more spam than normal?
Technology is continually changing
the way we do things.
That means sometimes we opt for one
service over another, especially
when it's a bundled service.
One that allows us to do away with
dedicated spam detectors, for
example.
But spam is still out there, so we
need to make sure whatever systems
we have in place...
... are capable of weeding out
the rubbish!
Read this
week's bonus article below
for some
insight into how spam can creep back
into your life when you least expect
it.
Enjoy: and have a great week
--
Trent Steele,
Site Manager.
http://www.privacy-central.com
|
| |
| Back to top |
|
|
|
 |
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
Friend's Recommendations... |
|
| Every week, we recommend a series of exciting
new hardware and software tools that we think you'll find interesting.
Here's what we have for you this week... |
| |
 |
 |
 |
|
|
|
Photo-Eraser! |
|
Stop deleted photos being
recovered from your memory
card! Make unwanted pics and
snaps vanish FOR GOOD! |
|
|
|
|
 |
|
 |
|
 |
|
 |
|
|
| The Ultimate Podcasting
Kit! |
| Create your own online radio broadcasts in just MINUTES -- with this all-in-one guide to all things podcast! |
|
|
|
|
 |
|
 |
|
|
|
|
|
|
| Anonymeister Secure Browsing! |
| Enjoy 100% secure browsing with the amazing Anonymeister! Hides your IP address and clears surfing traces ? for TOTAL PRIVACY! |
|
|
|
|
|
|
|
|
|
|
|
| |
|
| Internet History Cleaner! |
| Keep your PC clean and protected! Erase your browsing history and keep attackers at bay.
Free Home Keylogger
included!! |
|
|
|
|
|
|
|
|
|
|
|
|
|
| The PERFECT Keylogger! |
| What
happens
on
your
computer when you're not there? Keylogger monitors your PC around the clock
-- and reports directly to you! |
|
|
|
|
|
|
|
|
|
|
|
| |
|
|
My First Browser! |
|
Keep kids safe online! This
fully-functional web browser
for kids keeps you in
control of your children's
surfing habits! |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The All New Dynamic
IP Notifier! |
|
Let your PC notify you
whenever your IP addresses
change! Keep track of your
IP addresses automatically! |
|
|
|
|
|
|
|
|
|
|
|
| |
|
|
Undelete File Recovery! |
|
Recover your
deleted files in just minutes -- with the world's MOST POWERFUL
undelete software! |
|
|
|
|
|
|
|
|
| |
| Back to top |
|
|
|
|
|
Spam Makes A Comeback |
How could spam be an issue for a security manager in 2013?
It's been years now since we all started subscribing to services that do a
phenomenal job of filtering out advertisements for prescription medications and
exotic vacations and dumping them into spam folders, where they usually
accumulate and never bother anyone.
Until this past week, I likely hadn't spent five minutes in 10 years thinking
about spam -- a testament to the effectiveness of spam filters. After all, about
98% of our incoming email is spam. If we didn't have effective spam-filtering
engines, every employee would receive an extra 40 to 50 emails per day. That
would hit productivity.
Probably because real spam has long been out of sight and out of mind for our
employees, our general counsel was dismayed when he recently started regularly
receiving emails that he deemed to be spam. He forwarded some of them to me,
wondering what was going on. The emails purport to be from organizations such as
ADP, FedEx and eFax, and at first glance they look legitimate. Only an
inspection of the email headers would tell you otherwise.
Some of the emails contain links to questionable sites in places like China and
Russia. Some include attachments that are supposedly required certificates or
e-fax documents but in reality are zip files containing an .exe file. In short,
these are not ordinary spam -- which is annoying and clogs networks but is
generally benign. No, these are phishing attacks.
Soon, others in the company began to complain about an increase in spam. Why, I
wanted to know, weren't these phishing attacks being intercepted and shuttled
away from employees' inboxes?
I was aware that we have been migrating users to a managed Microsoft email
service and that there had been talk of saving money by dropping our current
spam provider in favor of Microsoft's spam prevention system, which is bundled
with the mail service. I figured that was likely the root of the problem, and
sure enough, my suspicions were right.
We previously had not only inspected attachments, but also restricted the types
of attachments authorized to be delivered. We also had what is called Sender
Policy Framework checking enabled, which verifies that senders are really who
they say they are. When the email team migrated our email, they neglected to
enable these critical security functions. And thus spam has become an issue of
concern for me in 2013. Now, employees potentially could click attachments or
links and execute malicious programs.
Luckily our endpoint protection software prevented most of the attachments from
causing harm, but there wasn't 100% detection. As a result, I'm having my
security team analyze the suspicious email attachments and links that have been
identified and build rules in our security incident and event management tool to
look for evidence that employees have clicked on any of them or downloaded
nefarious software.
We have also recently enabled a really cool feature within our Palo Alto
Networks firewalls called Wildfire, which redirects executable files to a
secured sandbox, where it evaluates the program to determine whether it is
malicious. Unfortunately, since this is a new functionality, we're simply
monitoring the events and haven't yet enabled blocking.
We've had to take action a couple of times, but we've been lucky so far. For
example, one attachment that was executed by several employees proved upon
evaluation to be programmed to reach out to a server in China to download
additional software. Luckily, the server in China had been taken down.
Now, we have to continue to monitor for suspicious activity, and I need to
ensure that our current email architecture is deployed in a secure manner. |
 |
| By
Mathias Thurman. |
| |
|
Back to top |
|
|
|
|
 |
|
For more information on any of our products,
call now: 800-461-6701 |
| © WCCL
2013. All rights reserved. Privacy Policy |
|
|
|
