[OPLIN 4cast] OPLIN 4cast #474: Slipping through the spam filters

OPLIN Support support at oplin.ohio.gov
Wed Jan 27 10:30:05 EST 2016 

Email not displaying correctly? View it in your browser.
<http://www.oplin.org/4cast/>
[image: OPLIN 4Cast]

OPLIN 4cast #474: Slipping through the spam filters
January 27th, 2016

[image: spam filter] It's the middle of winter, so let's talk about
snowshoe attacks. These actually have nothing to do with the weather or
dangerous winter footwear - they're a particular type of spam attack that
is not new, but started showing up with increasing frequency a couple of
years ago. Much like a snowshoe is designed to stay on top of the snow
without crashing through the surface, snowshoe spam is delivered to email
servers in such a way that the spam does not break through the limits of
the tests the server runs for detecting which email is legitimate and which
is spam. The only currently effective method for stopping such spam is to
increase the number and variety of tests used by the server.

   - What dangers are lurking in your e-mail?
   <http://secure360.org/2015/12/dangers-lurking-in-your-e-mail/>
   (Secure360) "When we think of spam, we typically think of one person (or
   computer) sending out a massive volume of email. Until recently, that
   method proved to be true, making it easy for spam filtering software to
   prevent us from seeing much spam. Unfortunately, a new method of spam is
   taking over inboxes: snowshoe spam
   <http://www.eweek.com/security/snowshoe-spam-a-new-type-of-junk-email-starting-to-clog-inboxes.html>.
   This form of spam is not sent from one computer, but instead thousand of
   users, each sending messages in low volume. It is easy for filters to block
   spam coming from one location, but it becomes difficult to keep up with
   many different hosts."
   - Snowshoe spam attack comes and goes in a flurry
   <http://blogs.cisco.com/security/talos/snowshoe-flurry> (Cisco Blog |
   Alex Chiu) "As you can see from the chart below, we've seen the amount of
   snowshoe spam double since November of 2013. Snowshoe spam can be a
   challenge for some anti-spam detection techniques because it typically uses
   multiple IP addresses with very low spam volume per IP address. Depending
   on how an anti-spam technology works, this can cause severe problems with
   detection."
   - Spam continues to thrive thanks to 'snowshoe' strategy
   <http://www.cio.com/article/2915359/security0/spam-continues-to-thrive-thanks-to-snowshoe-strategy.html>
   (CIO | CP Morey) "Email gateways will give incoming messages a simple "pass
   / fail" based on a single point in time. Spammers only need to figure out
   how to outsmart the email gateway once in order to overrun the network with
   spam. Many organizations use a layered defense comprised of multiple tools
   from a variety of vendors that check and block spam at different points
   throughout the network. This is a more effective approach, based on the
   idea that spam missed by one tool will be blocked by the next."
   - E-mail spam goes artisanal
   <http://www.bloomberg.com/news/articles/2016-01-19/e-mail-spam-goes-artisanal>
   (Bloomberg Business | Jordan Robertson) "As artisanal spam becomes a bigger
   problem, the cyber-security industry is pushing for adoption of new
   protections that could save our in-boxes. One, called DMARC, is a global
   registry that lets retailers and other companies register the servers they
   use to send the kind of mass mailers some people enjoy receiving. Messages
   purporting to be from those companies but coming from an unregistered
   address would get flagged."

*Articles from Ohio Web Library <http://ohioweblibrary.org>:*

   - Prominent brands cut email abuse by more than 50% with DMARC.
   <http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=bwh&AN=bizwire.c53389017&site=ehost-live>
   (*Business Wire*, 2/18/2014 | DMARC.org)
   - Google joins Yahoo, AOL in adopting stricter email authentication.
   <http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=aph&AN=110505382&site=ehost-live>
   (*eWeek*, 10/20/2015 | Jaikumar Vijayan)
   - The race to outsmart corporate phishing attacks.
   <http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=nfh&AN=103079105&site=ehost-live>
   (*Christian Science Monitor*, 6/5/2015 | Cristina Maza)

------------------------------
The *OPLIN 4cast* is a weekly compilation of recent headlines, topics, and
trends that could impact public libraries. You can subscribe to it in a
variety of ways, such as:

   - *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
   subscribing to the following URL:
   http://www.oplin.org/4cast/index.php/?feed=rss2.
   - *Live Bookmark.* If you're using the Firefox web browser, you can go
   to the 4cast website (http://www.oplin.org/4cast/) and click on the
   orange "radio wave" icon on the right side of the address bar. In Internet
   Explorer 7, click on the same icon to view or subscribe to the 4cast RSS
   feed.
   - *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
   OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
   http://mail.oplin.org/mailman/listinfo/OPLIN4cast.

© 2015 Ohio Public Library Information Network
[image: Find us on Slideshare] <http://www.slideshare.net/oplin>  [image:
Find us on Facebook] <http://www.facebook.com/oplin.org>  [image: Find us
on Google+] <https://plus.google.com/107751358238995507967>  [image: Find
us on Twitter] <http://www.twitter.com/oplin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20160127/cd916586/attachment.html>

More information about the OPLIN4cast mailing list