Yesterday we highligthed an issue of spam from several different sources that when a user clicked on the included links they were brought to a site with malware on it. Today we have another version of this spam, and they are impersonating Youtube. For our Postini customers we have created a custom filter to block these messages and place them in the Quarantine (in case there are false positives).
Postini Content Filter
- Login to your Postini Administrative Console
- Access the User Org
- Access Content Manager
- Create new custom rule with these parameters
Match: All Rules
Subject Line – Contains Text: Welcome to Youtube
Entire Message – Contains Text: http://lifetimewebaddress.com/amazon.html
Entire Message – Contains Text: lifetimewebaddress.com
Routing: Delete (Blackhole)
Copy to Quarantine: Add Quarantine Address: Recipient - Hit Save and this filter will be applied. We chose to send it to the Quarantine in case this filter catches any false positives.
Example of Spam Message
MxToolbox has partnered with WebRoot to offer Web Filtering to protect your network from attacks through the web browser. For more details on the protection that this program can offer, go here.