« June 2005 | Main | August 2005 »

July 21, 2005

Messaging in the SMB Market, 2005-2008

has just published Messaging in the SMB Market, 2005-2008, a new multiclient study.  This report focuses on the North American small-to-mid-size business (SMB)  market, which for the purposes of this report is defined as organizations of  between 20 and 1,500 employees.  The goal of this report is to assist vendors and  others to increase their understanding of market developments in the SMB  messaging space and to help them gain insight into key trends that will shape  this market for the next several years.

Some key points in the report state that:

  • The most serious messaging management problems reported by SMBs are  adware/spyware, spam and the growth in messaging storage. 
  • Anti-virus and anti-spam capabilities are more widely deployed at the server  and gateway level within enterprises, and more widely deployed at the  desktop within SMBs.
  • Two-thirds of SMBs currently operate an email security infrastructure that  consists of point, best-of-breed security solutions.  However, most SMBs would  prefer a unified email security infrastructure rather than operate a series of  point solutions.

To read the full report, visit the Osterman Research site or view the .
Posts by Securence

July 21, 2005 in General Internet Security | Permalink | Comments (0) | TrackBack

iTunes instant message worm drops adware

A new instant messaging worm that masquerades as Computer's application and drops adware on infected Windows PCs has been found.

The pest is a new version of the and spreads using America Online's Instant Messenger, security companies said. It was first discovered on July 14 and isn't currently spreading at a high rate, Bruce Hughes, a senior antivirus researcher at Trend Micro, said on Wednesday. "It isn't infecting people at a high rate," he said.

The worm, dubbed Opanki.Y by Trend Micro, arrives in a message with the text: "This picture never gets old." It includes a link to a file that when downloaded is installed as "ITUNES.EXE," possibly to trick people into thinking that it is associated with Apple's popular media player.

If it runs, the worm opens a back door on the infected PC and downloads and installs four adware applications, Trend Micro said. is software that displays pop-up advertising on a computer screen.

"We are seeing more worms and viruses that are dropping spyware and adware," Hughes said. "The virus writers get money for every install."

In addition to Opanki.Y, a worm called IM.Dynu hit users of AIM and MSN Messenger on Wednesday. It infects PCs via e-mail, the Web and instant messaging services, IMlogic said in an advisory. The Web addresses it uses in the instant messages can differ and so does the payload, the security company said.

The advice to instant messaging users is to be careful when clicking on links in messages--even when they seem to come from friends--and to use up-to-date antivirus software.

Original Story on CNet

Post by Securence .

July 21, 2005 in Adware | Permalink | Comments (0) | TrackBack

July 18, 2005

Spam Moving from Email to Cell Phones

Spam is starting to move more and more from e-mail to the cell phone.

What can you do to protect yourself from spam text messages? First, if it gives you a message to return the call, don't call back. The number may be offshore, meaning you'll be charged big bucks.

Also, document everything. Write down the date, time, the message, all the information on the message. Then file a complaint with the Federal Communications Commission online. It only takes a few minutes and it's easy.

Tags:  , ,

July 18, 2005 in Anti Spam | Permalink | Comments (1) | TrackBack

July 14, 2005

Microsoft Rewards Sasser Worm Informants

SEATTLE (Reuters)—Microsoft Corp. will pay a combined $250,000 to two people who helped track down the author of the Sasser Internet worm, which infected computers around the globe, the world's largest software maker said on Friday.

A German court hours earlier gave Sven Jaschan a suspended sentence of 21 months after he admitted creating the malicious software program.

Jaschan, 19, was arrested within a week after the Sasser worm first appeared on the Internet in May 2004 and infected more than a million computers running Microsoft's Windows operating system.

The two individuals, who were not identified, will share the reward, which Microsoft established with Interpol, the FBI and the U.S. Secret Service.

Full story at eWeek.

Posts by Securence -

Tags:  , ,

July 14, 2005 in Anti Virus | Permalink | Comments (0) | TrackBack

July 11, 2005

Marketers Use Spam to Target Cell Phones

Marketers are using unsolicited e-mails to target cell phone users. Experts recommend “Don’t call back.”

The e-mails often start with a message telling the cell phone subscriber they have won a prize. Depending on the cell phone company, the user may be charged for incoming text messages. 

Privacy rights experts recommend not calling back because a subscriber's information can be sold to other telemarketers.

"If it says you won a great prize, call us at 1-800 or 1-900, don't call them back," said Beth Givens, of the Privacy Rights Clearinghouse. "It could be an overseas exchange that will cost you a lot of money."

Cell phone users can file a complaint with the Federal Communications Commission or report the problem to their cell phone service provider.

Full article at NBC Sandiego .

Tags:  , ,

July 11, 2005 in Anti Spam | Permalink | Comments (0) | TrackBack

'Spam Report' Trojan Spreading Quickly

A new onslaught of spam e-mails containing malicious Trojan software has been sent to up to 400,000 addresses. The Trojan e-mails claim to be from a member of the recipient's I.T. team warning that their system has been compromised and is distributing spam. The e-mails, which carry the subject line "Spam Report," were first detected at 3.25 a.m. July 7, 2005.

The attachment, which contains Trojan-Downloader.Win32.Small.arf, is a small executable report.log.exe file of 16 KB size. If executed, it downloads harmful content from an external Web site.

The e-mails use typical social engineering techniques designed to encourage recipients to download the Trojan attachment. The message body reads:

"Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into problems with the online service. If you choose to ignore our request, you leave us no choice but to cancel your membership. Virtually yours, Network Administrator Team."

Posts by Securence -

July 11, 2005 in Anti Spam | Permalink | Comments (0) | TrackBack

July 07, 2005

Spyware, Adware, Viruses Altering Online Behavior

The vast majority of online consumers have changed their computing behavior because of the threat of spyware and viruses being downloaded onto their computers, according to a survey by the Pew Internet & American Life Project, with 9 out of 10 users saying they have made at least one change to evaid the unwanted downloading of software, InformationWeek reports. Nearly 7 in 10 home internet users in the U.S., or about 93 million people, have experienced at least one problem related to unwanted software.

Among them, more than 59 million, or 43 percent of those surveyed, said they have found one example of adware or spyware on their computers, after Pew researchers discussed the definitions of those terms with the online consumers, writes ClickZ. Although 80 percent of consumers said they knew about spyware, less than half understood adware.

Full article at Marketing VOX

Tags: , , ,

July 7, 2005 in General Internet Security | Permalink | Comments (0) | TrackBack

July 06, 2005

Yahoo and Cisco combine their antispam technologies

JUNE 02, 2005 (IDG NEWS SERVICE) - Inc. and Systems Inc. are combining their antispam technologies to create a new e-mail authentication system, they announced this week.

The system, called DomainKeys Identified Mail (DKIM), will draw on Yahoo's authentication technology and Cisco's Internet Identified Mail. The technology will be offered to other industry players on a royalty-free basis in an effort to reduce the amount of spread across the Internet, the companies said.

E-mail authentication is important because spammers and online criminals often used forged e-mail addresses to send unwanted messages.

Yahoo's DomainKeys uses public-key cryptography to authenticate the sender of an e-mail at the domain level. The sending system generates a signature and inserts it in the e-mail header while the receiving system verifies the signature using a public key published in the Domain Name System.

Cisco's authentication technology also uses cryptography but associates the signature with the message itself. In its system, the sending server signs the message and inserts the signature and pubic key used to create it in a new and additional header. The receiving system then verifies that the public key used to sign the message is authorized for use by the sending e-mail address.

DomainKeys Identified Mail will combine aspects of both of these authentication systems. It will use the Domain Name System in the same manner as DomainKeys, to verify signatures using the published public key, but will also draw on Cisco's header signing technology to ensure consistency as messages are sent through the system.

It wasn't immediately clear how the new technology would fit in with the companies' prior work on authentication systems, however. Yahoo has already implemented DomainKeys into its Yahoo Mail service and offers the technology royalty-free to other industry players.

The Sunnyvale, Calif., Internet company said it receives more than 350 million messages a day signed by DomainKeys, but didn't say whether it plans to replace the technology once DKIM becomes available.

Cisco released an open source implementation of Identified Internet Mail late last year.

Originally Found Here

Posts by Securence -

July 6, 2005 in Anti Spam | Permalink | Comments (0) | TrackBack

July 01, 2005

Microsoft pushes spam-filtering technology

If your e-mail does not have a Sender ID, Microsoft wants to junk your message.

Sometime around November, and MSN will flag as potential spam those messages that do not have the tag to verify the sender, Craig Spiezle, a director in the technology care and safety group at the software maker said Wednesday. The move is meant to spur adoption of Sender ID, he said.

Sender ID is a specification for verifying the authenticity of e-mail by ensuring the validity of the server from which the e-mail came. While the purpose of curbing junk mail may be laudable, the debate on how to stop the tide of junk mail is still ongoing. According to up to 90 percent of e-mail is spam.

Read more of the article at .
Learn more about at Securence.

July 1, 2005 in Anti Spam | Permalink | Comments (0)