Posts Tagged ‘zombie’

OnlyMyEmail Blocks More Spam in VBSpam Competition

Friday, April 8th, 2016

For a 32nd test in a row, OnlyMyEmail’s MX-Defender blocked more spam than any other filtering system competing in the Virus Bulletin VBSpam Challenge.

During the latest competition, which ran for just over two weeks, OnlyMyEmail accurately blocked more spam than all other spam filters, not missing even a single spam email out of 225,571 messages, 216,053 of which were spam. This was the largest test corpus in 6 years of competitions an OnlyMyEmail alone stopped 100% of the spam.

In addition, OnlyMyEmail did not create a single false-positive result (blocking of legitimate emails) during the test, resulting in another VBSpam+ award.

By comparison, well known solutions performed much worse, with Kaspersky missing 145 spam emails, Sophos allowing 249 and SpamHaus failing to capture 3,510 emails from the exact same live feed of messages.

The results from Virus Bulletin’s VBSpam Challenge continually document that OnlyMyEmail’s MX-Defender is decisively superior to any other spam defense available today, having stopped a far higher rate of spam than any other filter tested since the VBSpam Competition began in 2009.

In all, over the years, OnlyMyEmail has significantly outperformed a total of 39 other systems including hardware appliances, software programs and other Software as a Service (SaaS) solutions.

Quoting from the VBSpam review:

“OnlyMyEmail’s catch rate hasn’t dipped lower than 99.99% for the past four years. On occasion it has even been a full 100% – as it was in this test”

The full list of competitors to date, (many have dropped out) includes:

Anubis Networks, Axway MailGate, BitDefender, CronLab Anti-Spam, Eleven eXpurgate, ESET, FortiMail, GFI MailEssentials, GFI VIPRE, Halon Security, IBM Lotus Protector, Kaspersky Anti-Spam, Libra Esva, Mailshell, McAfee Email Gateway, McAfee EWS, McAfee SaaS, Messaging Architects M+ Guardian, MessageStream, modusGate, Netmail Secure, NoSpamProxy, Pro-Mail, Scrollout, Sophos Email Appliance, SPAM Fighter, Spamhaus, Spamhaus ZEN+DBL, SpamTitan, Spider Antispam, Symantec Brightmail, Symantec Messaging Gateway, SURBL,The Email Laundry, Vade Retro, Vamsoft ORF, Webroot, and ZEROSPAM.

OpenSSL Heartbleed Exploit: What To Know

Friday, April 11th, 2014

We’ve had questions regarding OnlyMyEmail’s spam filtering and email hosting services and how they might be affected by the recent HeartBleed exploit within OpenSSL software.

As soon as the exploit was announced, OnlyMyEmail reviewed all of our systems and found that none of them have ever run any version of OpenSSL vulnerable to this exploit.

More information on the exploit itself from http://heartbleed.com/

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

As a result of this bug, it is possible that passwords on affected hosts are compromised, so it’s a good idea to change your password if the service in question is an issue.  This Mashable article has a fairly comprehensive list of all the major services that are suggesting you change your password.

According to this article the exploit was a result of an honest mistake and not part of a deliberate attempt to compromise the security of OpenSSL.  The article also indicates that this bug has existed in OpenSSL since New Years Eve 2011.

Given the length of time that this bug has existed, and the fact that using this exploit is undetectable,  it is quite possible that cyber criminals have been using this exploit for some time to gather information.  Thus it’s a good idea to change your passwords on affected sites (and any sites that share that password) just to be safe.

ADP Payroll Invoice Spam/Virus

Monday, January 27th, 2014

There’s a very successful spam campaign out now spoofing legitimate ADP payroll invoice emails. They most commonly arrive as:

Subject:     Payroll Invoice
From:     “payroll@adp.com”

In reality, they come from previously infected personal computers spanning the globe.

An example of the above:

‘from 60-240-131-86.static.tpgi.com.au ([60.240.131.86])

(envelope-from <photojournalistvi@wetleather.com>)

It doesn’t take a trained email professional to realize that’s not ADP emailing.

more »

The Better Business Bureau Trojan Horse

Thursday, February 21st, 2013

With the fake Better Business Bureau Trojan Horse campaign, we find yet another infectious email that is socially engineered so well, that users often release such messages from quarantine; even after spam filtering has clearly identified the emails as a Virus carrying Trojan Horse.

The emails typically arrive with spoofed headers such as:

Subject:     FW: Complaint Case 091921
From:     “Better Business Bureau” <Kerri_Rucker@newyork.bbb.org>

In order to appear legitimate and to try and evade simple spam filtering systems, the Complaint Case number will be randomized, and the spoofed sending email address will vary as well.

The content will include vague yet serious sounding allegations, such as:

The Better Business Bureau has received the above-referenced complaint from one of your customers regarding their dealings with you. The details of the consumer’s concern are included on the reverse. Please review this matter and advise us of your position.

A full copy of such the bogus email:

more »

Another VBSpam Competition First Place Finish

Sunday, January 20th, 2013

For the thirteenth consecutive evaluation, OnlyMyEmail has again blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge and secured yet another first place finish.

The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, again missing just 1 single spam email out of 92,166 total. This represents a spam capture rate of 99.9989%.

By comparison, the next best capture rate was Libra Esva which missed 44 emails in total. The third best blocking rate went to Zerospam which missed 61 spam emails from the same corpus. The worst performers, missing well over 500 spam emails included:  IBM, Sophos, SPAMfighter, Vamsoft, Spamhaus ZEN+DBL and SURBL.

more »

OnlyMyEmail Stops More Spam in The VBSpam Competition

Sunday, October 7th, 2012

For the eleventh consecutive time, OnlyMyEmail has again blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge.

The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, missing just 12 spam emails out of 242,703 total. This represents a spam capture rate of 99.993%.

By comparison, the next best capture rate was Libra Esva which missed 400% more spam, 50 emails in total. The third best blocking rate went to ZeroSpam which missed 112 spam emails from the same spam corpus. The worst performers, missing well over 1,000 spam emails included: M+Guardian, Halon Security, Vamsoft ORF, IBM, Spamhaus ZEN+DBL and SURBL. more »

Rejected ACH payment – Virus/Fraud

Monday, August 15th, 2011

Look out for fraudulent emails spoofing “The Electronic Payments Association” that are arriving as:

From:     risk_manager@nacha.org
Subject:     Rejected ACH payment

In reality these messages are from previously infected personal computers from across the globe:

from [122.168.251.32] (helo=ABTS-mp-dynamic-032.251.168.122.airtelbroadband.in)

These messages include a fictional warning that includes content such as:

The ACH transaction (ID: 32604668345041), recently sent from your checking account (by you or any other person), was rejected by the other financial institution.

more »

New Skype Has Been Releases ! Upgrade Now

Saturday, July 16th, 2011

Mailboxes are now receiving fake Skype upgrade spam sent from hijacked Rhapsody.com mail servers.

The current campaign arrives as:

Subject:     New Skype Has Been Releases ! Upgrade Now
From:     “Skype” <newsletter@news.skype.com>

In an interesting twist, the spammers involved appear to have hacked and are in control of Rhapsody.com mail servers as the samples we’ve reviewed so far are actually from:

  • mta900.e.rhapsody.com ([63.211.90.40]
  • mta902.e.rhapsody.com ([63.211.90.42]
  • mta903.e.rhapsody.com ([63.211.90.43]
  • mta904.e.rhapsody.com ([63.211.90.44]
  • mta905.e.rhapsody.com ([63.211.90.45]
  • etc., etc.

The spam email itself is as follows:

more »

Notification of Limited Account Access – Paypal Phishing

Wednesday, January 5th, 2011

Paypal users must be easy prey, statistically speaking. Year in and year out, the identity theft Phishing fraud emails just keep targeting them. Once thing is sure, spammers only keep doing what works.

The latest version:

Subject:     Notification of Limited Account Access RXI091
From:     PayPal <security@onlineupdate.com>

more »

Legal Assistance Inquiry – Email Fraud

Friday, October 22nd, 2010

In a previous post, we questioned the competence of the legal profession as follows:

Based on the relatively high volume of email fraud attempts aimed at lawyers, it appears that lawyers are actually worthwhile targets for scams. Otherwise, this type of fraud would be far less frequent.

There must be a flaw in our logic. It turns out that lawyers are masters of due diligence when it comes to email . . . more »