14 June 2005
Spam: Are you part of the problem?
RECENT surveys indicate that by the middle of 2004, junkmail will make up 60% of the total global e-mail volume.
The battle between network administrators and spam is akin to ongoing guerrilla warfare, but system administrators cannot spend the time to open and filter all incoming e-mail.
In the workplace, it is common to get a hearty laugh out of e-mail jokes and to use the company’s network to forward these items to your friends.
But have you unwittingly become an accomplice to spammers?
Employees often forward what they presume as useful e-mail over the company’s network. This unfortunately contributes to the rise in e-mail volume and a crunch in storage space.
As an example, a mail tagged “high priority” that had “Help a Little Girl with Leukaemia!” as the subject tugged plenty of heartstrings. It was widely circulated, and many concerned employees, out of the goodness of their hearts, forwarded this e-mail to everyone in their group.
Very few people checked out the true source of the message, and no one tried to find out whether the little girl had recovered or not.
Six months later, the e-mail will probably be back in your mailbox.
As e-mail like this continue to deluge your accounts, you will begin to doubt their legitimacy. This means that those who are truly in life-or-death situations and need help may well be ignored because of the lack of trust caused by malicious junk e-mail.
Malicious e-mail is nothing new, and best way to counter them is through education and training.
Cute lil' bear
Remember the e-mail that went around, saying: “Quick, check your hard drive and see whether jdbgmgr.exe is there. It’s the newest virus, you’ve got to get rid of it right away!”
Recipients of this e-mail forwarded it to everyone, as though a great enemy was camped at the door. More “enthusiastic” employees answered: “That jdbgmgr.exe file really is there! There’s also a cute little bear icon, it must be a virus all right. Get rid of it, quick!”
Later, that e-mail too was forwarded all over the place.
Poor innocent bear! That bear icon was actually Microsoft’s Internal Java error handler, and once removed it will be impossible for Java to run normally on your system.
But what should worry people more about e-mail being forwarded is that unscrupulous people could use this to harvest e-mail addresses for profit.
Unless you are positive that a virus alert comes from a reputable vendor, you should confirm the source as there have been instances where viruses have also used security company addresses to send e-mail. Last September, the virus Swen A falsely used Microsoft’s name to send huge quantities of “update patch” notifications.
The e-mail from “ms inet mail storage service” and “MS Program Security Section” caused many users to become infected with viruses. Since users thought Microsoft had issued an update or attachment notice, they opened the attachment and hence infected their computers.
The virus took advantage of Microsoft’s vulnerabilities to automatically run itself and used various means of infection to broadcast a large-scale virus attack.
So what does it mean to “be sure” of the source of such e-mail? Well, the quickest and safest way is to ask the manufacturer or your company’s service department.
Harder to manage employees
Jokes and pornographic photos no doubt account for a high percentage of e-mail forwards.
Such e-mail may be more harmful than you think. It can infringe upon the rights of other, and can exact an even higher price in terms of IT.
A well-known publicly traded company in the United States once had a female employee object to the subject line “25 Reasons Why Bears are Better than Women.” The company had to shell out more than US$1mil (RM3.8mil) to buy a mail management software system.
When objections come from within the company, it might not be so difficult to manage them – but when legal questions arise, it is not always so easy.
In recent years, employees have begun to rely more on the Internet. Survey results show that 40% of broadband enterprise bandwidth is used to download MP3 music files or audio-visual files unrelated to work.
Reacting to this technology proliferation, employers are continuously trying to exert a stronger supervision against the use of the Internet.
However, freezing or limiting Internet use is naturally a very controversial area. The majority of corporate policymakers who have made this difficult and necessary decision did so because they saw it as a way to stem the tide of worms coming in by e-mail and to avoid legal problems related to employee download of MP3 files.
Unfortunately, they have also unfortunately sunk into a morass of lawsuits.
Brotherhood of spam, viruses
The majority of firewalls are not effective enough to stop e-mail from coming in. This means that spam and worms can easily break through the first line of defence and get onto the e-mail server. From there, they move to the client workstations.
Junkmail means extra loads on mailserver bandwidth; they sit on top of legitimate e-mail, perhaps even covering up business opportunities. Sandwiched amid advertisements, pictures of puppies, “true stories” from voluptuous women, and joke animations, it is hard to predict how long a real piece of e-mail will take to reach its recipient.
Each e-mail that reaches the client may also carry a worm that will cause the recipient to unwittingly give up all the addresses in his address book. Then the worm starts its cycle of destruction again.
This year’s highly infective big virus, “Sobig,” is a good example of the partnership between viruses and spam. Sobig used e-mail with the subject lines “Thank you!,” “Details,” “My details,” “Approved,” “Your application,” “Wicked screensaver” and “That Movie” to spread itself worldwide.
Network security and antivirus experts are now in a dilemma with users relying heavily on the Internet and e-mail. Must safety-conscious IT departments force workers to give up the Internet, with its growing array of treasures?
That’s refusing to eat for fear of choking.
Therefore, the best thing is to have a network safety expert put a barrier in place for you.
Set up a united front
Since most firewalls only provide basic filtering capabilities, they are not well suited for advanced intrusion techniques. in response to the trend toward large-scale input of networks in companies.
Viruses and spam are arriving in droves via e-mail. That’s why protection at the network gateway, where an alarm is sounded by security filtering software even before the virus actually attacks, is so important.
With the increasing trend of convergence between junkmail, security vulnerabilities, websites, file sharing and other areas where enterprises are threatened, a complete enterprise security system must take into consideration how to protect the company from “combo” attacks or attacks in multiple modalities.
What is required is a solution capable of cutting off invalid or malicious mail at the gateway, preventing these items from disturbing the company, while also keeping out any viruses they might harbour.
The best software protection should also solve the thorny problem of virus protection and spam management once and for all, so that companies will no longer need to purchase two separate products.
Ever-changing spam kings
To stop the spam problem, we must first of all understand the structure of spam.
The most frequently-encountered form uses an automatic mailer so that the same message is tirelessly sent out over and over. Improvements in the tools used to send these e-mail messages is one reason for the recent explosion in spam. It’s now possible to send out millions of these messages in just an hour.
The so-called “Spam King,” Alan Ralsky from Detroit, Michigan, pumped out 650,000 e-mail messages per hour, which adds up to almost one billion messages a day.
One thing is sure: Ralsky could not have filtered all those messages to make sure they didn’t carry viruses before sending each one out.
As a result, it’s very possible that the enduser may encounter an unwanted gift with the mail.
Today, there are two ways to filter spam. One is to set up a virtual mailbox as a decoy; if this phantom mailbox receives any message, it means that it may be junkmail.
However, since spam engines are constantly evolving, you may not be be able to track down the spammers.
To avoid these problems, businesses are using a second method to directly analyse the spam mail structure. Using this method, it is possible for an enterprise to more efficiently handle its junkmail.
Avoid turning gold into junk
E-mail filtering software can help IT professionals avoid unwanted information hassles.
The definition of junkmail may vary from one person to the other because one man’s spam is another man’s filet mignon. For example, you may have received various commercial e-mail messages claiming assistance in “sexual enhancements.” To many it is merely junkmail, but for that someone who is seeking such information, it helps.
Consequently, spam filtering still faces the need for greater flexibility, and there are still many technical challenges to be overcome.
An effective antivirus solution is the one that locks spam outside the gateway and uses an intelligent heuristic engine to evaluate, identify and monitor existing new messages. The solution must be capable of a high accurate spam capture rate with low false positives.
The package must also effectively stem the tide of junkmail while reducing productivity losses associated with handling and filtering duties. This should translate to a lighter load on IT personnel in monitoring and processing e-mail that comes in.
What is required is a package that offers a high degree of integration with existing antivirus software to provide a comprehensive gateway sentinel.
But endusers should also be held more responsible with better education. They should be more selective of e-mail that is forwarded, and more careful of opening e-mail when its source is questionable.
The battle between network administrators and spam is akin to ongoing guerrilla warfare, but system administrators cannot spend the time to open and filter all incoming e-mail.
In the workplace, it is common to get a hearty laugh out of e-mail jokes and to use the company’s network to forward these items to your friends.
But have you unwittingly become an accomplice to spammers?
Employees often forward what they presume as useful e-mail over the company’s network. This unfortunately contributes to the rise in e-mail volume and a crunch in storage space.
As an example, a mail tagged “high priority” that had “Help a Little Girl with Leukaemia!” as the subject tugged plenty of heartstrings. It was widely circulated, and many concerned employees, out of the goodness of their hearts, forwarded this e-mail to everyone in their group.
Very few people checked out the true source of the message, and no one tried to find out whether the little girl had recovered or not.
Six months later, the e-mail will probably be back in your mailbox.
As e-mail like this continue to deluge your accounts, you will begin to doubt their legitimacy. This means that those who are truly in life-or-death situations and need help may well be ignored because of the lack of trust caused by malicious junk e-mail.
Malicious e-mail is nothing new, and best way to counter them is through education and training.
Cute lil' bear
Remember the e-mail that went around, saying: “Quick, check your hard drive and see whether jdbgmgr.exe is there. It’s the newest virus, you’ve got to get rid of it right away!”
Recipients of this e-mail forwarded it to everyone, as though a great enemy was camped at the door. More “enthusiastic” employees answered: “That jdbgmgr.exe file really is there! There’s also a cute little bear icon, it must be a virus all right. Get rid of it, quick!”
Later, that e-mail too was forwarded all over the place.
Poor innocent bear! That bear icon was actually Microsoft’s Internal Java error handler, and once removed it will be impossible for Java to run normally on your system.
But what should worry people more about e-mail being forwarded is that unscrupulous people could use this to harvest e-mail addresses for profit.
Unless you are positive that a virus alert comes from a reputable vendor, you should confirm the source as there have been instances where viruses have also used security company addresses to send e-mail. Last September, the virus Swen A falsely used Microsoft’s name to send huge quantities of “update patch” notifications.
The e-mail from “ms inet mail storage service” and “MS Program Security Section” caused many users to become infected with viruses. Since users thought Microsoft had issued an update or attachment notice, they opened the attachment and hence infected their computers.
The virus took advantage of Microsoft’s vulnerabilities to automatically run itself and used various means of infection to broadcast a large-scale virus attack.
So what does it mean to “be sure” of the source of such e-mail? Well, the quickest and safest way is to ask the manufacturer or your company’s service department.
Harder to manage employees
Jokes and pornographic photos no doubt account for a high percentage of e-mail forwards.
Such e-mail may be more harmful than you think. It can infringe upon the rights of other, and can exact an even higher price in terms of IT.
A well-known publicly traded company in the United States once had a female employee object to the subject line “25 Reasons Why Bears are Better than Women.” The company had to shell out more than US$1mil (RM3.8mil) to buy a mail management software system.
When objections come from within the company, it might not be so difficult to manage them – but when legal questions arise, it is not always so easy.
In recent years, employees have begun to rely more on the Internet. Survey results show that 40% of broadband enterprise bandwidth is used to download MP3 music files or audio-visual files unrelated to work.
Reacting to this technology proliferation, employers are continuously trying to exert a stronger supervision against the use of the Internet.
However, freezing or limiting Internet use is naturally a very controversial area. The majority of corporate policymakers who have made this difficult and necessary decision did so because they saw it as a way to stem the tide of worms coming in by e-mail and to avoid legal problems related to employee download of MP3 files.
Unfortunately, they have also unfortunately sunk into a morass of lawsuits.
Brotherhood of spam, viruses
The majority of firewalls are not effective enough to stop e-mail from coming in. This means that spam and worms can easily break through the first line of defence and get onto the e-mail server. From there, they move to the client workstations.
Junkmail means extra loads on mailserver bandwidth; they sit on top of legitimate e-mail, perhaps even covering up business opportunities. Sandwiched amid advertisements, pictures of puppies, “true stories” from voluptuous women, and joke animations, it is hard to predict how long a real piece of e-mail will take to reach its recipient.
Each e-mail that reaches the client may also carry a worm that will cause the recipient to unwittingly give up all the addresses in his address book. Then the worm starts its cycle of destruction again.
This year’s highly infective big virus, “Sobig,” is a good example of the partnership between viruses and spam. Sobig used e-mail with the subject lines “Thank you!,” “Details,” “My details,” “Approved,” “Your application,” “Wicked screensaver” and “That Movie” to spread itself worldwide.
Network security and antivirus experts are now in a dilemma with users relying heavily on the Internet and e-mail. Must safety-conscious IT departments force workers to give up the Internet, with its growing array of treasures?
That’s refusing to eat for fear of choking.
Therefore, the best thing is to have a network safety expert put a barrier in place for you.
Set up a united front
Since most firewalls only provide basic filtering capabilities, they are not well suited for advanced intrusion techniques. in response to the trend toward large-scale input of networks in companies.
Viruses and spam are arriving in droves via e-mail. That’s why protection at the network gateway, where an alarm is sounded by security filtering software even before the virus actually attacks, is so important.
With the increasing trend of convergence between junkmail, security vulnerabilities, websites, file sharing and other areas where enterprises are threatened, a complete enterprise security system must take into consideration how to protect the company from “combo” attacks or attacks in multiple modalities.
What is required is a solution capable of cutting off invalid or malicious mail at the gateway, preventing these items from disturbing the company, while also keeping out any viruses they might harbour.
The best software protection should also solve the thorny problem of virus protection and spam management once and for all, so that companies will no longer need to purchase two separate products.
Ever-changing spam kings
To stop the spam problem, we must first of all understand the structure of spam.
The most frequently-encountered form uses an automatic mailer so that the same message is tirelessly sent out over and over. Improvements in the tools used to send these e-mail messages is one reason for the recent explosion in spam. It’s now possible to send out millions of these messages in just an hour.
The so-called “Spam King,” Alan Ralsky from Detroit, Michigan, pumped out 650,000 e-mail messages per hour, which adds up to almost one billion messages a day.
One thing is sure: Ralsky could not have filtered all those messages to make sure they didn’t carry viruses before sending each one out.
As a result, it’s very possible that the enduser may encounter an unwanted gift with the mail.
Today, there are two ways to filter spam. One is to set up a virtual mailbox as a decoy; if this phantom mailbox receives any message, it means that it may be junkmail.
However, since spam engines are constantly evolving, you may not be be able to track down the spammers.
To avoid these problems, businesses are using a second method to directly analyse the spam mail structure. Using this method, it is possible for an enterprise to more efficiently handle its junkmail.
Avoid turning gold into junk
E-mail filtering software can help IT professionals avoid unwanted information hassles.
The definition of junkmail may vary from one person to the other because one man’s spam is another man’s filet mignon. For example, you may have received various commercial e-mail messages claiming assistance in “sexual enhancements.” To many it is merely junkmail, but for that someone who is seeking such information, it helps.
Consequently, spam filtering still faces the need for greater flexibility, and there are still many technical challenges to be overcome.
An effective antivirus solution is the one that locks spam outside the gateway and uses an intelligent heuristic engine to evaluate, identify and monitor existing new messages. The solution must be capable of a high accurate spam capture rate with low false positives.
The package must also effectively stem the tide of junkmail while reducing productivity losses associated with handling and filtering duties. This should translate to a lighter load on IT personnel in monitoring and processing e-mail that comes in.
What is required is a package that offers a high degree of integration with existing antivirus software to provide a comprehensive gateway sentinel.
But endusers should also be held more responsible with better education. They should be more selective of e-mail that is forwarded, and more careful of opening e-mail when its source is questionable.
# posted by vdodon @ 03:39 
