Spam Tactics

OnlyMyEmail Beats 22 Competitors in the Virus Bulletin Spam Challenge

Friday, January 13th, 2012

The results from OnlyMyEmail’s sixth Virus Bulletin VBSpam Challenge competition have been released.

For the sixth time in a row, OnlyMyEmail’s MX-Defender stopped more spam than any of the 23 competing spam solutions. OnlyMyEmail missed just one single spam message out of 171,963 total, for a new record spam filtering capture rate of 99.9994% besting the previous record of 99.9993% - also set by OnlyMyEmail in a previous competition.
By comparison, the next best capture rate was McAfee SaaS which missed 41 spam messages. The third best capture rate was AnubisNetworks which missed 97 spam emails.

The average “false-negative” rate among the other 18 filtering systems was a whopping 3,471 missed spam messages and the median was 272.

The results from Virus Bulletin’s VBSpam Challenge have proven, time and again, that for the last year OnlyMyEmail’s MX-Defender is decisively superior to any other spam defense available today, including hardware appliances, software programs and other Software as a Service (SaaS) solutions solutions as well.

The full list of competitors beaten by OnlyMyEmail includes: AnubisNetworks, BitDefender, FortiMail, GFI MailEssentials, Halon Security, IBM Lotus Protector, Kaspersky Anti-Spam, Libra Esva, Mailshell, McAfee Email Gateway, McAfee EWS, McAfee SaaS, Sophos Email Appliance, SPAM fighter, SpamTitan, Spider Antispam, Symantec Messaging Gateway, The Email Laundry, Vade Retro, Vamsoft ORF, Spamhaus ZEN+DBL and SURBL.

Tags: spam, Spam Reviews, Spam Test
Posted in Message Control, Spam Tactics, Spam-Stats | Comments Off

Goldline International Joins the Legions of Spammers

Friday, August 19th, 2011

With the price of gold sky-high, the profits to be made must be equally impressive, turning side-show companies like “Goldline International” into first rate spammers.

Either that, or the high price has brought competitor’s out of the woodwork, making them so desperate for business they’ve now turned to spam.

Either way, whether it’s gouging customers, desperate for business or just ethically bankrupt the “Goldline” spam has hit the main vain.

The emails from their advertisements, SEO campaigns or third-party affiliates arrive with a subject line that currently announces:

Subject: Now Is The Time To Buy Gold!

These are blasted out from a wide variety of disposable sending domains using addresses that are “From:” more »

Tags: spam
Posted in Spam Tactics | Comments Off

Rejected ACH payment – Virus/Fraud

Monday, August 15th, 2011

Look out for fraudulent emails spoofing “The Electronic Payments Association” that are arriving as:

From: risk_manager@nacha.org
Subject: Rejected ACH payment

In reality these messages are from previously infected personal computers from across the globe:

from [122.168.251.32] (helo=ABTS-mp-dynamic-032.251.168.122.airtelbroadband.in)

These messages include a fictional warning that includes content such as:

The ACH transaction (ID: 32604668345041), recently sent from your checking account (by you or any other person), was rejected by the other financial institution.

Tags: botnet, fraud, malware, phishing, scam, spoofing, zombie
Posted in Email Fraud, Spam Tactics | Comments Off

Please Restore Your Account Access – Chase Fraud

Wednesday, August 10th, 2011

Spammers are nothing if not persistent, and even more so when it comes to the most sinister ones that are trying to steal your identity and your entire bank account.

They’re also smart enough to Phish in the biggest pools of potential victims, so the endless stream of cons targeting JP Morgan Chase customers makes perfect sense.

The latest comes with a subject:

Please Restore Your Account Access

Tags: fraud, phishing, scam, spoofing
Posted in Email Fraud, Spam Tactics | Comments Off

Craigslist – Confirmation for Posting Fraud

Sunday, August 7th, 2011

A clever Craigslist Phishing fraud is using a highly targeted approach to trick Craigslist advertisers into giving up their username and passwords.

The trick is to provide the headline from an actual Craigslist posting in order to help evade spam filtering and more importantly, to increase the likelihood of fooling the recipient into believing the “Confirmation for Posting” is legitimate.

A typical email will arrive such as:

Subject: Your ad, titled ’1970 short bed ford ‘ has been posted.
From: craigslist <acount@pueblo.craigslist.org>

The Subject line will vary according to match the title of the specific Craigslist posting.

Tags: fraud, phishing, scam, spam, spoofing
Posted in Email Fraud, Spam Tactics | Comments Off

The Executive Registry, Who’s Who Among Spammers

Saturday, August 6th, 2011

Bogus “Who’s Who” listings and other similar publications have been around long before the Internet, so there’s nothing new about selling fake credentials and memberships in non-existent “executive” publications.

But, as with many things, Email and the Internet combine to make the scammer’s job easier with a wider and deeper reach, and all for lower cost.

The latest fake credential listing touts your invitation to join “The Executive Registry” and is signed by someone claiming to be “Ethan Andrews” of the “Candidate Review Committee” – for what that’s worth.

Here’s a copy of the latest email:

Tags: fraud, scam, spam
Posted in Email Fraud, Spam Tactics | Comments Off

Salesgenius List Selling Spam

Sunday, July 31st, 2011

Here’s an interesting business question:

Would you trust the integrity of a business list marketed to you by a spammer?

SalesGenius along with “DataBase 101″ and “InfoFree.com” (among other aliases) must think so as they’re ripping out plenty of spam trying to sell marketing lists to other small businesses.

This leaves us with Spammers selling spamming lists to potential spam wannabees. Just perfect.

Emails arrive mostly from various SalesGenius servers such as:

Tags: fraud, scam, spam
Posted in Spam Tactics | Comments Off

Endless Spam from Earthlink

Tuesday, July 26th, 2011

It’s hard to estimate how many Earthlink user accounts have been compromised at any given time, but the endless drip-drip-drip of spam from Earthlink’s servers speaks volumes.

Either the infiltration is significant, or it’s just that Earthlink’s email security, monitoring and controls are either completely ineffectual or non-existent.

The endless drone of Earthlink spam continues with terse “familiar” sounding subjects such as:

Tags: fraud, scam
Posted in All About Email, Spam Tactics | 1 Comment »

New Skype Has Been Releases ! Upgrade Now

Saturday, July 16th, 2011

Mailboxes are now receiving fake Skype upgrade spam sent from hijacked Rhapsody.com mail servers.

The current campaign arrives as:

Subject: New Skype Has Been Releases ! Upgrade Now
From: ”Skype” <newsletter@news.skype.com>

In an interesting twist, the spammers involved appear to have hacked and are in control of Rhapsody.com mail servers as the samples we’ve reviewed so far are actually from:

mta900.e.rhapsody.com ([63.211.90.40]
mta902.e.rhapsody.com ([63.211.90.42]
mta903.e.rhapsody.com ([63.211.90.43]
mta904.e.rhapsody.com ([63.211.90.44]
mta905.e.rhapsody.com ([63.211.90.45]
etc., etc.

The spam email itself is as follows:

Tags: botnet, email, fraud, malware, scam, spoofing, virus, zombie
Posted in Email Fraud, Spam Tactics | 2 Comments »

Wells Fargo Online Fraud Prevention

Thursday, June 30th, 2011

More spam claiming to be from Wells Fargo headed toward mailboxes as:

Subject: Wells Fargo Online Fraud Prevention.
From: “Wells Fargo Online”<wellsfargo@wellsconnect.wellsfargo.com>

When in reality the sending address is spoofed and the email is actually originating from Yahoo’s mail servers:

nm28-vm1.bullet.mail.ac4.yahoo.com ([98.139.52.247])

As is common for such Phishing frauds, the email warns you

Tags: fraud, phishing, scam, spam, spoofing
Posted in Email Fraud, Spam Tactics | Comments Off