<div dir="ltr"><div><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">
<table bgcolor="#ffffff" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td align="left" valign="top">
<table cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="border-top:0px solid rgb(0,0,0);border-bottom:1px solid rgb(255,255,255);background-color:rgb(255,255,255);text-align:center" align="center"><span style="font-size:10px;color:rgb(96,96,96);line-height:200%;font-family:verdana;text-decoration:none">Email
not displaying correctly? <a href="http://www.oplin.org/4cast/" style="font-size:10px;color:rgb(0,0,255);line-height:200%;font-family:verdana;text-decoration:none" target="_blank">View
it in your browser.</a></span></td>
</tr>
<tr>
<td style="border-top:0px solid rgb(51,51,51);border-bottom:0px solid rgb(255,255,255);background-color:rgb(255,255,255)">
<center><a><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/4cast_email_header.png" title="OPLIN" alt="OPLIN 4Cast" align="middle" border="0"></a></center>
</td>
</tr>
</tbody>
</table>
<table style="width:763px;height:877px" bgcolor="#ffffff" cellpadding="20" cellspacing="0">
<tbody>
<tr>
<td style="font-size:12px;color:rgb(0,0,0);line-height:150%;font-family:'Gothic Sans',sans-serif" bgcolor="#ffffff" valign="top">
<p>
<span style="font-size:20px;font-weight:bold;color:rgb(0,0,0);font-family:arial;line-height:110%">OPLIN 4cast #474: Slipping through the spam filters</span><br>
<span style="font-size:11px;font-weight:normal;color:rgb(102,102,102);font-style:italic;font-family:arial">January 27th, 2016</span></p>
<p style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><img align="left" src="http://www.oplin.org/4cast/wp-content/uploads/2016/01/spam_filter.png" alt="spam filter" width="130" height="90" style="padding-right:14px;padding-top:4px;padding-bottom:4px">
It's the middle of winter, so let's talk about snowshoe attacks. These actually have nothing to do with the weather or dangerous winter footwear - they're a particular type of spam attack that is not new, but started showing up with increasing frequency a couple of years ago. Much like a snowshoe is designed to stay on top of the snow without crashing through the surface, snowshoe spam is delivered to email servers in such a way that the spam does not break through the limits of the tests the server runs for detecting which email is legitimate and which is spam. The only currently effective method for stopping such spam is to increase the number and variety of tests used by the server.
</p>
<div> </div>
<ul style="text-align:left">
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="http://secure360.org/2015/12/dangers-lurking-in-your-e-mail/" target="_blank">What dangers are lurking in your e-mail?</a> (Secure360) "When we think of spam, we typically think of one person (or computer) sending out a massive volume of email. Until recently, that method proved to be true, making it easy for spam filtering software to prevent us from seeing much spam. Unfortunately, a new method of spam is taking over inboxes: <a href="http://www.eweek.com/security/snowshoe-spam-a-new-type-of-junk-email-starting-to-clog-inboxes.html" target="_blank">snowshoe spam</a>. This form of spam is not sent from one computer, but instead thousand of users, each sending messages in low volume. It is easy for filters to block spam coming from one location, but it becomes difficult to keep up with many different hosts."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="http://blogs.cisco.com/security/talos/snowshoe-flurry" target="_blank">Snowshoe spam attack comes and goes in a flurry</a> (Cisco Blog | Alex Chiu) "As you can see from the chart below, we've seen the amount of snowshoe spam double since November of 2013. Snowshoe spam can be a challenge for some anti-spam detection techniques because it typically uses multiple IP addresses with very low spam volume per IP address. Depending on how an anti-spam technology works, this can cause severe problems with detection."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="http://www.cio.com/article/2915359/security0/spam-continues-to-thrive-thanks-to-snowshoe-strategy.html" target="_blank">Spam continues to thrive thanks to 'snowshoe' strategy</a> (CIO | CP Morey) "Email gateways will give incoming messages a simple "pass / fail" based on a single point in time. Spammers only need to figure out how to outsmart the email gateway once in order to overrun the network with spam. Many organizations use a layered defense comprised of multiple tools from a variety of vendors that check and block spam at different points throughout the network. This is a more effective approach, based on the idea that spam missed by one tool will be blocked by the next."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="http://www.bloomberg.com/news/articles/2016-01-19/e-mail-spam-goes-artisanal" target="_blank">E-mail spam goes artisanal</a> (Bloomberg Business | Jordan Robertson) "As artisanal spam becomes a bigger problem, the cyber-security industry is pushing for adoption of new protections that could save our in-boxes. One, called DMARC, is a global registry that lets retailers and other companies register the servers they use to send the kind of mass mailers some people enjoy receiving. Messages purporting to be from those companies but coming from an unregistered address would get flagged."</li>
</ul>
<div style="text-align:left"> </div>
<p style="text-align:left;font-size:20px;font-family:arial;line-height:110%"><small><strong><em>Articles from <a href="http://ohioweblibrary.org" target="_blank">Ohio Web Library</a>:</em></strong></small><br>
</p>
<div style="text-align:justify;font-size:16px;font-family:arial;line-height:110%">
<ul>
<li><a href="http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=bwh&AN=bizwire.c53389017&site=ehost-live" target="_blank">Prominent brands cut email abuse by more than 50% with DMARC.</a> (<em>Business Wire</em>, 2/18/2014 | DMARC.org)</li>
<li><a href="http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=aph&AN=110505382&site=ehost-live" target="_blank">Google joins Yahoo, AOL in adopting stricter email authentication.</a> (<em>eWeek</em>, 10/20/2015 | Jaikumar Vijayan)</li>
<li><a href="http://search.ebscohost.com.proxy.oplin.org/login.aspx?direct=true&db=nfh&AN=103079105&site=ehost-live" target="_blank">The race to outsmart corporate phishing attacks.</a> (<em>Christian Science Monitor</em>, 6/5/2015 | Cristina Maza)</li>
</ul>
</div>
<div style="text-align:left"> </div>
</td>
</tr>
<tr>
<td valign="top" width="760"><span style="font-size:10px;color:rgb(96,96,96);line-height:100%;font-family:verdana">
<hr>
<div style="text-align:justify">The <strong><em>OPLIN
4cast</em></strong>
is a weekly compilation of
recent headlines, topics, and trends that could impact public
libraries. You can subscribe to it in a variety of ways, such as: <br>
</div>
<div style="text-align:left"> </div>
<ul>
<li style="text-align:justify"><strong>RSS feed.</strong>
You
can receive the OPLIN 4cast
via RSS feed by subscribing to the following URL:
<a href="http://www.oplin.org/4cast/index.php/?feed=rss2" target="_blank">http://www.oplin.org/4cast/index.php/?feed=rss2</a>. </li>
<li style="text-align:justify"><strong>Live Bookmark.</strong>
If you're using the Firefox
web browser, you can go to the 4cast website
(<a href="http://www.oplin.org/4cast/" target="_blank">http://www.oplin.org/4cast/</a>) and click on the orange "radio wave" icon
on the right side of the address bar. In Internet Explorer 7, click on
the same icon to view or subscribe to the 4cast RSS feed. </li>
<li style="text-align:justify"><strong>E-mail.</strong>
You
can have the OPLIN 4cast
delivered via e-mail (a'la OPLINlist and OPLINtech) by subscribing to
the 4cast mailing list at
<a href="http://mail.oplin.org/mailman/listinfo/OPLIN4cast" target="_blank">http://mail.oplin.org/mailman/listinfo/OPLIN4cast</a>. </li>
</ul>
</span> </td>
</tr>
<tr>
<td style="text-align:center;font-family:'Century Gothic',sans-serif;border-top:0px solid rgb(255,255,255);background-color:#2c4587;color:#fff" valign="top" width="760">© 2015 Ohio Public Library Information Network<br>
<a href="http://www.slideshare.net/oplin" title="Find us on Slideshare" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/slideshare3.png" alt="Find us on Slideshare"></a>
<a href="http://www.facebook.com/oplin.org" title="Find us on Facebook" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/facebook_0.png" alt="Find us on Facebook"></a>
<a href="https://plus.google.com/107751358238995507967" title="Find us on Google+" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/google+.png" alt="Find us on Google+"></a>
<a href="http://www.twitter.com/oplin" title="Find us on Twitter" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/twitter_0.png" alt="Find us on Twitter"></a>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div></div></div></div></div></div></div>
</div>