Understanding Spam

Anyone who has an email address needs no introduction to this pesky phenomenon of electronic communication. Spam is unwanted, unsolicited commercial email that is mailed in bulk to thousands, even millions of recipients simultaneously.

Much of the confusion regarding spam comes from a lack of understanding the everyday email user may have regarding the ways and motivations of the spammers.

Whether a given email is spam or not spam can be said to be in the eye of the beholder. There are legitimate email marketers out there, who comply with all applicable laws when they do their bulk emailing. They will, for example, only send their advertising to recipients who have subscribed to their emailing list. In fact, in formal studies have shown that currently, only about half of all spam is deceptive or fraudulent; roughly half of all spam contains genuine marketing messages. Thanks to spammers, all email marketing is tainted with a bad name.

The nature of spam has less to do with its commercial content than with the fact that it is unsolicited and sent out in bulk.  There are two categories of spam: unsolicited bulk email and unsolicited commercial email.

Unsolicited bulk email is mass-mailed to recipients who have not given their consent to receive it. This category of spam encompasses jokes, chain letters, virus alerts, etc. unsolicited commercial email targets your wallet. This subset of spam includes get-rich- quick and pyramid schemes, stock offerings for pennystocks, spamming software and fake pharmaceuticals.

While most spam is generally mailed out to advertise a product or service, some is malicious in content and intent. It runs the gamut from jokes and ads, to stock-market scams and virus-laden emails. Spammers, those obnoxious folks who send you spam, will target you because:

- They want you to buy something

- They defraud you out of your hard-earned money

- They want to confirm that your email address is a real live one (and then add you to a spam mailing list)

- They just want to shock and offend

The huge volume of spam has created big problems. While it is free for the spammer to send out his millions of spam emails, the cost of the bandwidth that this junk mail takes up borne by the internet service provider (ISP). The ISP, not one to bear this expensive burden on its own, will pass on some of the cost to you in the form of price increases.
You also pay the price for spam in the time wasted sorting through and deleting junk mail, the loss in productivity and the pure aggravation of having to deal with it. It also raises security issues because it may contain viruses that are harmful to your computer.

How do you spot spam when it lands in your inbox?

Here are a few things you can look for that are a dead give-away

- Email from someone you do not know
- Nonsensical subject lines
- Outlandish promises of money, exotic cruises and lonely housewives
- Adult or pornographic content
- Unsubscribe links in unsolicited email
- Very brief emails - a line or two

You should be aware that spammers often send you email that is designed to look like it came from an acquaintance of yours, a reputable company or a reply to an email from you.

Obama Wants To Speed Up Internet Privacy Laws

The Obama administration desires higher Internet privacy protection and is on the lookout for new legal guidelines and a new authorities to assist in that effort.

Citing folks conversant in the situation, the Journal says the White House had asked the Commerce Department to create a report with recommendations on enacting new legal guidelines regarding Web privacy. Presently in draft kind, the ultimate report is because of come out in a few weeks.

A special activity drive headed by Cameron Kerry, brother of Massachusetts Sen. John Kerry, has also been shaped to assist flip these recommendations into precise policy. A brand new federal position could be created to enforce that policy.

Though the government has usually steered away from any kind of regulation of on-line companies, the White House now appears to prepared to maneuver over considerations that online industries might not be able to regulate themselves. The renewed effort follows last week's announcement from the European Union that it is also searching for tougher legal guidelines to manage how personal information is used on the Internet.

Given the present political local weather in Washington, though, enacting and enforcing legal guidelines over Internet privacy could also be a challenge. While enough Republicans would doubtless help the effort, many might shrink back from giving the government too much regulatory management over the online industry.

Naturally, Web-based companies themselves are cautious of any new legal guidelines that would limit their capability to do business as usual. According to the Journal, the Interactive Promoting Bureau (IAB), which represents online advertisers, already feels the industry is doing sufficient to ensure privacy.

"We believe we are living up to consumer-privacy expectations and are very advanced in privacy protections and innovation," quoted the Journal of Mike Zaneis, senior vice chairman of the IAB.

The push for powerful Internet privacy laws is nothing new. Rep. Rick Boucher, a Democrat from Virginia, has been one of many main Congressional champions of such laws dating back to 1999. This previous May, Boucher unveiled a draft proposal searching for to clamp down on the gathering of online knowledge, however several privateness groups complained that the proposal wasn't tough enough.

One other invoice launched in July by Illinois Rep. Bobby Rush known as for a set of new rules administered by the Federal Trade Fee and fines towards any corporations that didn't observe those rules. However that invoice was seen as too weak by privateness advocates and too broad by the IAB and other industry groups.

The FTC has also been drafting its personal report due by the end of the 12 months with recommendations to Congress on regulating sure Internet business practices. Speaking at an occasion in Canada this past June, an FTC representative said that present Internet privateness legal guidelines aren't working and place an excessive amount of of a burden on the buyer to deal with the insurance policies of online businesses.

Source:  http://news.cnet.com/8301-1009_3-20022650-83.htmlixzz15AZ5pbAv

Facebook Filed Lawsuit Case On Spammers

Facebook announced today that it has filed suit against two individuals and a company that it says are responsible for propagating deceptive spam offers across the massive social network, including some that encouraged members to spam their friends in turn.

"This week, in a U.S. federal court in San Jose, California, we filed three lawsuits alleging violations of our terms and applicable law by defendants attempting to trick people on Facebook into signing up for mobile subscriptions and sending spam to their friends," a blog entry posted by Facebook's security team explained. "In three separate complaints, we allege that Steven Richter, Jason Swan, and Max Bounty, Inc. used Facebook to offer enticing, but non-existent products and services."

The lawsuits, filed Tuesday, allege that Jason Swan of Long Island, N.Y., had been running "more than 27 fake profiles, 13 fake pages, and at least 7 applications as part of an affiliate marketing advertising scam"; that Richter, also of Long Island, had been running about 40 fake profiles and 43 fake pages; and that the Canada-based Max Bounty Inc. had been misappropriating Facebook's logo and using deceptive marketing in its hawking of free gift cards, iPads, and other goods to consumers. All three are charged with violations of the U.S. Computer Fraud and Abuse Act, the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), and other state and federal laws.

Almost exactly a year ago, Facebook was awarded $711 million in a court judgment against Sanford Wallace, the self-described "spam king" who had been accused of fraudulently obtaining access to Facebook accounts and then using them to run phishing scams. Among other things, Wallace is now permanently banned from Facebook.

In another judgment related to CAN-SPAM violations, this one in 2008, Facebook was awarded $873 million.

"Stay tuned as our push against spammers and scammers escalates over the next month, year and beyond," the post from Facebook today read. "We have other actions pending, and there will be more to come."

Security on Facebook has been a hot topic lately because of a controversial Wall Street Journal investigation that found many of Facebook's major application developers were violating the social network's terms of service by selling some user information to marketers. The report was assailed by many tech industry professionals who said that it made too much fuss about something that actually wasn't particularly surprising or alarming, but others have argued that the real problem is that Facebook didn't appear to be doing enough to police its advertisers and developers for terms of service infractions.

View the original article here

Security Expert Matthew Anderson Arrested For Spreading Viruses

Matthew Anderson, 33 years old, may very well be prisoned for distributing computer viruses. Matthew is a PC security expert from Scotland has admitted that he is member of international hackers.

His legal activities were found by Scotland Yard, which led an investigation into the viruses.

The gang, identified popularly recognized on-line because the m00p group. They're believed to be infecting computer systems using viruses, spywares connected to unsolicited industrial emails.

The Scotsman studies that Anderson composed and distributed thousands and thousands of spam messages with virus attachments earlier than distributing them.

The viruses ran within the background on an infected laptop and allowed Anderson to access private and commercial knowledge saved on them. He was additionally in a position to activate webcams, successfully spying on users of their houses and sometimes taking screengrabs.

The hacker additionally made copies of personal paperwork reminiscent of wills, medical studies, CVs, password lists and personal photographs.

Anderson, is set to be sentenced on 22 November.

Hackers Charged In Stealing $3M Using Zeus Trojan

The FBI and the U.S. Lawyer's workplace in southern New York announced that 37 folks accused of being part of a global crime ring that stole $3 million from financial institution accounts by infecting computers with the Zeus Trojan and different malware.

Between federal and state expenses, greater than 60 people complete are being charged in the operation, officials said.

Ten individuals have been arrested at present by federal and New York regulation enforcement officers and another 10 were previously arrested in the U.S. as a part of a coordinated take down, authorities said. Seventeen people are nonetheless being sought in the U.S. and overseas, officers said. The defendants named in the documents, unsealed by the courtroom at this time, had been all listed as being from Japanese Europe and face federal charges.

Individually, 10 individuals had been charged earlier at present in England for similar Zeus-associated crimes.

The Zeus Trojan was identified earlier this yr as a key issue within the building of a botnet that contaminated tens of hundreds of computers around the world.

The defendants charged in Manhattan federal court docket at present include alleged managers of the operation in addition to alleged money mules recruited to open financial institution accounts for laundering cash and a person accused of obtaining false overseas passports for mules.

The group allegedly recruited mules by putting adverts on Russian language Websites looking for students with J-1 visas, who may open financial institution accounts in the U.S.

One of the purported victims was identified as a municipal entity in Massachusetts. Among the alleged mules are accused of retrieving cash from breached brokerage accounts at eTrade and TD Ameritrade. Different defendants allegedly received stolen cash from wire transfers to bank accounts in Asia or by withdrawing cash from ATMs in New York, the documents indicate.

The investigation appears to have been triggered when New York police detectives went to a Bronx financial institution in February to analyze a suspicious $forty four,000 withdrawal, in response to a news release issued by the FBI, the U.S. Attorney's workplace, the New York Police Division, and different agencies.

The costs range from financial institution fraud and false use of passport to cash laundering and conspiracy to commit wire fraud. Most jail sentences range from 10 years to 30 years and fines from $250,000 to $1 million per


Learn more: CNET

8 Out Of 10 Web App Fails In Open Web Application Security Project

According to reports by Veracode, an application security company, more than half of software system are proned for security vulnerability.

Veracode viewed more than 2,900 systems over an 18-month period that were used by its cloud-based clients and discovered that 57 percent of all the applications were found to have unacceptable application security quality.

In a study only 2 out of 10 Web Applications are able to meet the OWASP (Open Web Application Security Project ) Top 10 requirement that is necessary to achieve PCI (payment card industry) compliance for use in financial and e-commerce sites, Veracode said.

The report ascertains that third-party code, which is growing in use in enterprises, is often insecure. Third-party suppliers failed to achieve acceptable security standards 81 percent of the time, the report said.

Meanwhile, cross-site scripting remains the most common of all application vulnerabilities, and .NET applications showed "abnormally high" numbers of flaws, Veracode said.

"A lot of work still needs to be done around the work of software security," Sam King, vice president of product marketing at Veracode, told CNET.

Also on Wednesday, WhiteHat Security released a report that found that the average Web site had nearly 13 serious vulnerabilities.

more on: http://news.cnet.com/8301-27080_3-20017011-245.html

Shaquille O'Neal Accussed Of Hacking A PC

A man from Florida is accussing Shaquille O'Neal of trying to frame him by putting child pornography on his computer laptop.  The man is said to be a personal assistant of the NBA Superstar.

In papers filed in Florida state court docket in Miami, Shawn Darling claims O'Neal hacked his pc as part of a revenge plot after Darling exposed affairs O'Neal was supposedly having with a number of ladies, including rapper Alexis Miller, who goes by the stage name MaryJane, and model Dominica Westling.

Darling is suing O'Neal, who last month signed a $3 million deal to play for the Boston Celtics, for making "repeated attempts to frame Darling of amongst other things possession of child pornography," Darling states in court papers.

Darling also claims O'Neal, who has played previously for the Los Angeles Lakers, Miami Heat, Phoenix Suns, and Cleveland Cavaliers, caused him emotional distress.

"By sending e-mails and by making phone calls to his agents and others, O'Neal engaged in a scheme to place Darling in grave danger and to deprive him of property," Darling states.

"O'Neal knowingly obtained or used, or endeavored to obtain or to use, the property of Darling with the intent to, either temporarily or permanently deprive Darling of a right to his property and his communications, or a benefit from the property or appropriate the property to his own use or to the us [sic] of any person not entitles [sic] to the use of the property," Darling claims in the rambling, at times almost incoherent, 15-page complaint.

Darling is seeking unspecified damages and has asked the court to order a jury trial. O'Neal's agent, Perry Rogers, did not immediately respond to a request for comment.

New Chrome Security Fixes

Google updated the stable and beta builds of its Chrome browser on Tuesday, making a fix marked as essential to the Mac version and numerous repairs marked as excessive-precedence across all platforms. Chrome 6.0.472.59 for Home windows, Mac and Linux additionally repaired a Linux-particular memory-corruption bug.

At the time of writing, the critical Mac bug was still blocked from public view. This isn't unusual with bugs that can characterize severe safety risks. Judging by its public security logs, Google appears to be releasing particulars on mounted bugs no earlier than every week after the bug has been repaired.

Other security issues that had been addressed embody a number of high-degree bugs involving use-after-free in doc APIs, SVG types and nested SVG elements. Two high-degree reminiscence corruption bugs had been also mounted, one in the HTML 5 geolocation function, and another in language dealing with for Khmer. Finally, a small variety of customers who experienced browser crashes when blocking pop-ups ought to now see that fixed. The Chrome 6.0.472.59 changelog might be read at Google's Chrome updates blog.

Microsoft & Adobe Blocks Zero Day Attacks

Software giants Microsoft and Adobe Systems have introduced  launched Microsoft toolkit that can be utilized to block zero-day attacks focusing on a safety flaw in Adobe's Acrobat and Reader programs.

In an advisory printed on Friday, Microsoft detailed how its Enhanced Mitigation Expertise Toolkit 2.zero could possibly be used to brief-circuit the threat. Adobe, which has not but launched a patch, up to date its original advisory to reflect the new information.

Adobe considers the flaw to be "vital" - it may let an attacker take management of any of the millions of computer systems operating what is far and away the most well-liked PDF viewing system.