Monthly Archives: January 2007

Spammers Mimicing Legitimate Newsletters

Spammers, always adding to their bag of thug tools, have begun sending spam disguished as legitimate newsletters. To date, the fake newsletters have not accounted for large volumes of spam, but the practice is disturbing because:


1) Recipients might be more likely to open the messages, and,


2) spoofed newsletters might be penalized in any number of ways.


Digg! Add to Technorati Favorites  Save This Page

Update on Storm Worm

The Storm message has morphed into over 250 variants.


A wide variety of subject lines are being used in the spam campaign, including “You’re so Far Away”, “I Dream of you”, “Dream Date Coupon”, “Together You and I”, “A Bouquet of Love”, “So in Love” and “Cuddle Up”. Attached to the emails are files called ‘flash postcard.exe’ or ‘greetingcard.exe’. When opened, the worm attempts to send itself to other email addresses found on the recipient’s PC, while also attempting to download further malicious code from the internet, designed to take over the computer and use it to send spam on behalf of hacking gangs.


Digg! Add to Technorati Favorites  Save This Page

Father of the Internet Warns that Botnets Pose Grave Danger to Internet

Vint Cerf, “father of the internet,” warned attendees at the world economic forum that botnets could undermine the future of the internet. Cerf estimates that 25% of all PCs currently connected to the internet (about 150 Million) are infected with trojans.


 We have been watching the growth of the Botnet closely over the past several years, and have seen it grow in size and sophistication. One particular Botnet, dubbed Spam Thru, is particulalry sophisticated. It clears other trojans off of computers it has infected and is designed to avoid detection and removal.


Cyber Thugs use Botnets to send spam, steal data and launch denial of service attacks. Essentially, the botnet is a free, illegal, criminal distributed computing network.


Digg! Add to Technorati Favorites  Save This Page

LBL Update

MxToolBox provides free email blacklist lookups and monitoring (RBL or DNSBLs)as a free service to the public.  We do not endorse any of these blacklists or even recommend them as reliable information to block spam and viruses in inbound emails.


 


However, many email administrators do choose to use these lists to block emails.  We make as many lists as possible available on our lookup tool to provide as much information as possible to those that are listed and, subsequently, rejected.  We leave the interpretation of the results up to the professional opinion of the user. 


 


The LBL list recently went offline, returning positive results for any lookup. MxToolBox will remove this list from our tool at 5:00pm Central Time on 1/25/2007.  The reason for the delay is that in our professional opinion, the result is still valid.


 


It is still valid because email is still being rejected by some servers because of this listing, and that is what our tool is intended to help diagnose.  Not all servers specify the reason that an email was rejected, so not all bounce messages may be useful in pointing to the source of the problem. 


 


Anyone using LBL to reject inbound email should obviously stop using it immediately.  This would also be an excellent time to review ALL lists you are using to reject emails.  If you don’t specifically know what a list represents and believe in the quality of the information, you should remove those lists as well.


 


Anyone listed on LBL (this is YOU, because EVERYONE is listed), should not worry.  You only need to take action if you have emails blocked.  In that case, you should contact the system administrator of the receiving email server and point them in the right direction.