OnlyMyEmail Finishes 1st in VBSpam Competition

June 22nd, 2016

For the 34th test in a row, OnlyMyEmail’s MX-Defender blocked more spam than any other filtering system competing in the Virus Bulletin VBSpam Challenge.

During the latest competition, which ran for 16 days with live email feeds, OnlyMyEmail accurately blocked more spam than all other spam filters, missing one spam email out of 169,565 messages, 160,426 of which were spam.

In addition, OnlyMyEmail did not create a single false-positive result (blocking of legitimate emails) during the test, resulting in another VBSpam+ award.

By comparison, well known solutions performed much worse, with Kaspersky missing 165 and 197 spam emails with their two solutions, Trustwave allowing 234, Sophos missing 332, and SpamHaus failing to capture 5,804 emails from the exact same live feed of messages.

The results from Virus Bulletin’s VBSpam Challenge continually document that OnlyMyEmail’s MX-Defender is decisively superior to any other spam defense available today, having stopped a far higher rate of spam than any other filter tested since the VBSpam Competition began in 2009.

In all, over the years, OnlyMyEmail has significantly outperformed a total of 41 other systems including hardware appliances, software programs and other Software as a Service (SaaS) solutions.

Quoting from the VBSpam review:

“The OnlyMyEmail hosted email solution…. achieved a final score that, rounded to two decimals, would be 100.”

The full list of competitors to date, (including past competitions) includes:

Anubis Networks, Axway MailGate, BitDefender, CronLab Anti-Spam, Eleven eXpurgate, ESET, FortiMail, GFI MailEssentials, GFI VIPRE, Halon Security, IBM Lotus Protector, IBM X-Force, Kaspersky Anti-Spam, Libra Esva, Mailshell, McAfee Email Gateway, McAfee EWS, McAfee SaaS, Messaging Architects M+ Guardian, MessageStream, modusGate, Netmail Secure, NoSpamProxy, Pro-Mail, Scrollout, Sophos Email Appliance, SPAM Fighter, Spamhaus, Spamhaus ZEN+DBL, SpamTitan, Spider Antispam, Symantec Brightmail, Symantec Messaging Gateway, SURBL, Trustwave Secure, The Email Laundry, Vade Retro, Vamsoft ORF, Webroot, and ZEROSPAM.

OnlyMyEmail Blocks More Spam in VBSpam Competition

April 8th, 2016

For a 32nd test in a row, OnlyMyEmail’s MX-Defender blocked more spam than any other filtering system competing in the Virus Bulletin VBSpam Challenge.

During the latest competition, which ran for just over two weeks, OnlyMyEmail accurately blocked more spam than all other spam filters, not missing even a single spam email out of 225,571 messages, 216,053 of which were spam. This was the largest test corpus in 6 years of competitions an OnlyMyEmail alone stopped 100% of the spam.

In addition, OnlyMyEmail did not create a single false-positive result (blocking of legitimate emails) during the test, resulting in another VBSpam+ award.

By comparison, well known solutions performed much worse, with Kaspersky missing 145 spam emails, Sophos allowing 249 and SpamHaus failing to capture 3,510 emails from the exact same live feed of messages.

The results from Virus Bulletin’s VBSpam Challenge continually document that OnlyMyEmail’s MX-Defender is decisively superior to any other spam defense available today, having stopped a far higher rate of spam than any other filter tested since the VBSpam Competition began in 2009.

In all, over the years, OnlyMyEmail has significantly outperformed a total of 39 other systems including hardware appliances, software programs and other Software as a Service (SaaS) solutions.

Quoting from the VBSpam review:

“OnlyMyEmail’s catch rate hasn’t dipped lower than 99.99% for the past four years. On occasion it has even been a full 100% – as it was in this test”

The full list of competitors to date, (many have dropped out) includes:

Anubis Networks, Axway MailGate, BitDefender, CronLab Anti-Spam, Eleven eXpurgate, ESET, FortiMail, GFI MailEssentials, GFI VIPRE, Halon Security, IBM Lotus Protector, Kaspersky Anti-Spam, Libra Esva, Mailshell, McAfee Email Gateway, McAfee EWS, McAfee SaaS, Messaging Architects M+ Guardian, MessageStream, modusGate, Netmail Secure, NoSpamProxy, Pro-Mail, Scrollout, Sophos Email Appliance, SPAM Fighter, Spamhaus, Spamhaus ZEN+DBL, SpamTitan, Spider Antispam, Symantec Brightmail, Symantec Messaging Gateway, SURBL,The Email Laundry, Vade Retro, Vamsoft ORF, Webroot, and ZEROSPAM.

Norton Safe Web Lays An Egg

January 5th, 2015

User’s of any Norton product (owned by Symantec) are running into some very strange errors when trying to access OnlyMyEmail’s web site lately.

In fact, they’re being told that we’re a malicious infected malware site and cannot be trusted.

Pretty startling, given our beyond stellar reputation as the most accurate spam filtering system on the Internet since we launched in 2003, winning awards from PC Magazine, PC World and blocking more spam than any other filter ever tested by the Virus Bulletin VBSpam Competition.

What dangerous and malicious ill-willed behavior are we up to over here recently?

more »

OpenSSL Heartbleed Exploit: What To Know

April 11th, 2014

We’ve had questions regarding OnlyMyEmail’s spam filtering and email hosting services and how they might be affected by the recent HeartBleed exploit within OpenSSL software.

As soon as the exploit was announced, OnlyMyEmail reviewed all of our systems and found that none of them have ever run any version of OpenSSL vulnerable to this exploit.

More information on the exploit itself from http://heartbleed.com/

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

As a result of this bug, it is possible that passwords on affected hosts are compromised, so it’s a good idea to change your password if the service in question is an issue.  This Mashable article has a fairly comprehensive list of all the major services that are suggesting you change your password.

According to this article the exploit was a result of an honest mistake and not part of a deliberate attempt to compromise the security of OpenSSL.  The article also indicates that this bug has existed in OpenSSL since New Years Eve 2011.

Given the length of time that this bug has existed, and the fact that using this exploit is undetectable,  it is quite possible that cyber criminals have been using this exploit for some time to gather information.  Thus it’s a good idea to change your passwords on affected sites (and any sites that share that password) just to be safe.

OnlyMyEmail Captures First Place in VBSpam Competition

February 2nd, 2014

For the 20th consecutive competition, OnlyMyEmail’s MX-Defender blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge and secured yet another first place finish.

During the latest competition, which ran for 13 consecutive days, OnlyMyEmail accurately blocked more spam than all other spam filters, missing only one spam email out of 82,206 total. This represents a capture rate of 99.9988%.

In addition, OnlyMyEmail did not create a single false-positive result (blocking of legitimate emails) during the test, resulting in another VBSpam+ award.

By comparison, well known solutions performed much worse, with Kaspersky missing 84 spam emails, Sophos allowing 159 and McAfee failing to capture 442 emails from the exact same live feed of messages; with Kaspersky and McAfee both blocking multiple legitimate emails as well.

The worst performers were Spamhaus ZEN+DBL which allowed 7,439 spam emails for a capture rate of 90.95% and the SURBL which missed 53,864 meaning they only blocked 34.48% of all spam.

more »

ADP Payroll Invoice Spam/Virus

January 27th, 2014

There’s a very successful spam campaign out now spoofing legitimate ADP payroll invoice emails. They most commonly arrive as:

Subject:     Payroll Invoice
From:     “payroll@adp.com”

In reality, they come from previously infected personal computers spanning the globe.

An example of the above:

‘from 60-240-131-86.static.tpgi.com.au ([60.240.131.86])

(envelope-from <photojournalistvi@wetleather.com>)

It doesn’t take a trained email professional to realize that’s not ADP emailing.

more »

Google Docs Phishing Frauds

March 23rd, 2013

It seems that almost every tool Google provides is readily adopted by spammers and scammers alike.  Not a day goes by that we don’t see spam and Phishing fraud and other identity theft emails from hacked Gmail and Google Groups accounts and often abusing systems such as Google Docs.

The ubiquity of these free services makes for the perfect no-cost social engineering platform for hackers to use for launching their attacks.

A current Phishing campaign uses stolen Gmail accounts to steal the credentials to other email accounts, allowing spammers to increase their spam volume day over day.

The most common email circulating now comes with a subject that references the sharing of a file though “Google Docs” and often has a subject line of simply:

Subject:     Important Document

Since the email comes from a previously hijacked account, the recipients will typically recognize the sender’s address which makes it more likely that they will be taken in by this fraud:

more »

OnlyMyEmail Captures 100% in Spam Competition

March 13th, 2013

For the thirteenth consecutive evaluation, OnlyMyEmail has again blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge and secured yet another first place finish.

The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, missing not even one spam email out of 64,988 total. This represents a never before seen spam capture rate of 100%.

In addition, OnlyMyEmail created zero false-positive results (blocking of legitimate emails) during the test, resulting in an overall perfect score.

By comparison, the next best capture rate was a tie between Libra Esva and Scrollout with both missed 17 emails in total and created false-positives of 1 and 25 respectively. The third best blocking rate went to Zerospam which missed 73 spam emails from the same corpus. The worst performers, missing well over 300 spam emails each included:  IBM, McAfee SaaS, Sophos, SPAMfighter, Vamsoft, Spamhaus ZEN+DBL and SURBL.
more »

Your AT&T wireless bill is ready to view

March 10th, 2013

A lot of spam and Phishing campaigns rely upon tricking the recipient into thinking they’ve received a billing error, from an otherwise legitimate source.  The latest of these claim to be from ATT Wireless, and arrive with realistic sending addresses and subject lines, such as:

Subject:     Your AT&T wireless bill is ready to view

From:     “AT&T Customer Care” <icare7@amcustomercare.att-mail.com>

In reality, the sending addresses are spoofed, and these are instead sent by previously infected computers and hijacked servers, but that fact is not readily apparent to the typical email user.

What makes these types of emails so convincing is that the spammers are doing a much better job than they used to in terms of making these faked billing emails appear legitimate, such as this example we’ve seen a lot of lately:

more »

Receipt for your PayPal payment to WHO?

March 4th, 2013

We fondly remember the days when PayPal Phishing frauds were easily spotted by their subject line alone. The urgent warnings about your compromised account made identity theft emails almost trivial to identify.

But, as with all things technology, the lame Phishing attempts too have evolved, and they’re snaring even users with moderate technology skills. The latest evolution of the PayPal identity theft fraud relies on the user’s reaction to what appears to be a standard account notice. The subject line is a receipt for payment, but to a seller with which you have not conducted a valid transaction, such as:

Subject:     Receipt for your PayPal payment to Soo Duk Lee

The email itself contains standard language like:

You sent a payment of $149.49 USD to Soo Duk Lee (commercializesa8@datkin.net)

Thanks for using PayPal. To see all the transaction details, log in to your PayPal account.

and

It may take a few moments for this transaction to appear in your account.

Here’s a complete copy of such a fraud:

more »