Print
|
Send on Yahoo!
|
PDF version
|
RSS
|
Filed Under: ALERTS
The Inbox-Killer Read Receipts’ Carousel
When the spamming gets tough, the spammers get going… with older techniques.
This week continues under the same auspices of another spamming campaign that advertises drugs for sexual life improvement. So far, business as usual. The novelty resides however in the mix of delivery confirmations the messages request.
While in normal circumstances this confirms that the recipient received and read the message, when it comes to spam, a read receipt proves that the e-mail addresses are valid and active.
To be sure the users confirm the message reception, the spammers thought to employ an additional technique, by referencing a remotely stored image. E-mail clients traditionally block this type of content. To see it, users should allow the image to load and thus to confirm they read the message.
Last but not least, if the previous two fail, the third one should be effective, especially when the users realize they have been duped. It is the classic unsubscribe or opt-out trick – clicking the link does not unsubscribe the recipient from the mailing list, but confirms his or her address is fully functional and ready to get even more spam.
To keep all this (and some additional) trouble away from your machines, here’s the drill:
• Install, activate and update a reliable Antimalware, Antispam and Antiphishing security solution.
• Do not enable automatic read receipt expedition.
• Always delete the spam messages; if you accidentally open them, display the attached images or click links within their corpus you simply indicate the spam-mers your e-mail account is active and available to receive more spam or you may trigger and install other malware.
• Do not open e-mails and e-mail attachments from senders you do not know.
• Do not open e-mails with odd entries in Subject line.
• Do not click any links indicated in the spam e-mails, including the “unsub-scribe” ones; you might trigger other malware and compromise your system’s security.
• Do not unsubscribe, opt-out or reply to any spam message; you might confirm your e-mail address is active and available for receiving even more unwanted messages.
• When browsing the Internet, do not submit your e-mail address and personal information when requested by suspicious web pages.
• When purchasing goods and services online, refrain from signing up for any additional service or promotion, as well as other online subscriptions, advertised on the seller’s website unless you really need them.
• Use at least two e-mail addresses. Create one e-mail account and use it for your correspondence with people you know and a second e-mail account for the websites forms requiring an e-mail address to allow content access.
• Avoid placing your e-mail address on websites, guest books, newsgroups, contact lists, shopping or gift lists.
E-Mail Spam - 30 Years After
Hi Glen,
First of all, thanks for the comments :)
You are absolutely right – the unknown senders' list or spammers list (a.k.a. black list) is always a good idea. I guess any decent Antispam solution includes one (or at least it should).
Some heuristics might work as well, when it comes to "herds" of similar junk messages, but also some trainable intelligent modules. And I totally agree with you that we should prefer some false positives instead of an avalanche of unsolicited messages advertising drugs or replica watches.
Sure, on the other hand, we should also scrutinize more carefully our junk e-mail folders before hitting that (Shift ) Del key(s). For instance, I wouldn't want to lose a message from my colleagues, just because one of them thought to express his disapproval or stupefaction by using a more colloquial (possibly four letter) word that normally appears in spam's subject or body. Right?
As for the display of our screen shots in a pop-up window when the thumbnail images are clicked, I guess it was our blog designers' idea. It should help the readers to stay on the post's page, while also having the large pics under their eyes. I don't know if you have seen the previous version of the blog, where clicking a thumbnail displayed the large size image in the same window and you had to press your browser's back button to return to what you were actually reading. I guess is more convenient for reading this way, if you ask me :D But don't worry, except the extra mouse click to "kill" it, the pop-up is totally inoffensive. Scout's word :D
Best,
Razvan Livintz
Powered by
--Glenn