Jump to content

Search the Community

Showing results for tags 'spam'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 19 results

  1. There’s a reason your inbox has more malicious spam—Emotet is back After taking a five-month break, the botnet returns with a short burst of activity. Enlarge Aurich Lawson 29 with 20 posters participating Emotet, the world’s most costly and destructive botnet, returned from a five-month hiatus on Friday with a blast of malicious spam aimed at spreading a backdoor that installs ransomware, bank-fraud trojans, and other nasty malware. The botnet sent a hefty 250,000 messages during the day, mostly to people in the United States and the United Kingdom, Sherrod DeGrippo, senior director of threat research and detection at security firm Proofpoint, told Ars. Other researchers said targets were also located in the Middle East, South America, and Africa. The botnet followed its characteristic pattern of sending either a malicious document or link to a malicious file that, when activated, installs the Emotet backdoor. Enlarge / A map showing where Emotet hit on Friday. Peter Kruse The botnet gave its first indications of a return on Tuesday, with small message volumes being sent out. Email samples that appeared on Twitter accounts from threat monitors abuse.ch and Spamhaus looked like this: Enlarge Spamhaus Enlarge Spamhaus Emotet’s resurgence on Friday was also spotted by antivirus provider Malwarebytes and Microsoft. Box of tricks Emotet has proven to be one of the more resourceful threats to face people in recent years. Emails often appear to arrive from a person the target has corresponded with in the past. The malicious messages often use the subject lines and the bodies of previous email threads the two have participated in. Emotet gets this information by collecting the contact lists and inboxes of infected computers. The technique has a dual benefit. It tricks the target into thinking the message can be trusted because it comes from a known friend, acquaintance, or business associate who is following up on a previously discussed matter. The inclusion of authentic content also makes it harder for spam filters to detect the emails as malicious. Another of Emotet’s clever tricks: it steals usernames and passwords for outgoing email servers. The botnet then uses the credentials to send mail from those servers rather than relying on its own infrastructure. Because the trusted servers send the malicious messages, they’re harder for security products to detect and block. Hit and run DeGrippo said that the last time Emotet had shown itself was during a five-day run in early February, that delivered about 1.8 million messages. The botnet is known for making big blasts for short periods of time and then going silent for weeks or months at a time. Last September, it woke from a four-month slumber. The group is known for taking long breaks and regularly taking time off during weekends and major holiday seasons. True to its normal pattern, the latest Emotet activity had completely stopped on Saturday morning, as this post went live. Besides allowing its workers to maintain a healthy work-life balance, the schedule makes campaigns more successful. “The key for most threat actors is to minimize the time between when [malicious mail] hits the inbox and when it gets opened by the target.” DeGrippo explained. “The longer that time elapses, the bigger the risk to the threat actor that their payload won't get delivered because of mitigating controls.” Emotet messages include malicious Microsoft Word documents or PDF files or URLs that link to malicious Word files. The Word documents contain macros that, when activated, install the Emotet backdoor. The backdoor typically waits a period of days before installing follow-on malware, such as the banking trojan TrickBot or the Ryuk ransomware. Researchers have published indicators of compromise from Friday’s message blast here, here, and here. Emotet is yet another reminder that people should be highly suspicious of files and links sent in email, particularly if they seems out of context, such as when a friend sends an invoice. People should be doubly suspicious of any Word document that requires macros be enabled before content can be viewed. There is rarely any reason for consumers to use macros, so a good household rule is to never enable them for any reason. A better policy still is to open Word documents in Google Docs, which prevents any malware from getting installed on the local computer. There’s a reason your inbox has more malicious spam—Emotet is back
  2. Gmail's spam filter might be broken for some, according to user reports Gmail users have begun reporting that the service’s spam filter is malfunctioning, in turn letting many promotional and unwanted emails through to the inbox that would have otherwise been flagged as Spam. Reports of the issue began appearing on Reddit and Twitter (spotted by AndroidPolice) yesterday, with more users tweeting about receiving an unusual number of such emails in their inbox starting this morning. The company has not officially confirmed any problems with spam filtering yet. However, the G Suite Status Dashboard flagged a ‘Service disruption’ for Gmail early today morning. The description noted that a “significant subset of users” were affected by the issue and that users could face problems with accessing the service or experience delays while sending or receiving email. While the listing states that the issue is now resolved, it is not clear if the outage had anything to do with the filtering failures that users are reporting. Additionally, it is also not known if the issue is limited to any region. However, it is not a pleasant experience to see unwarranted emails filling up the inbox. This also leads to security concerns owing to known phishing scams and other malicious emails making it through due to the broken filtering. We will keep an eye out for any official communication from the search giant regarding the hiccups with the spam filtering. Gmail's spam filter might be broken for some, according to user reports
  3. How to Avoid Spam—Using Disposable Contact Information The next time you sign up for a coupon code or retail promotion, use these apps to avoid spam text and email messages. Photograph: Getty Images Wherever we go on the web, we're asked to sign up for new accounts—for streaming platforms, app trials, delivery services, and so on—and that puts a strain on the email accounts and cell numbers we use every day. Even when these services you sign up for are legit, you don't necessarily want a deluge of promotional offers, feature updates, and other miscellany filling up your inbox. Then there are the services that you'd rather just try out first, before you start sharing anything personal like an email address or phone number. For all these reasons, a disposable email address or phone number (or both) can be very handy. If a particular service starts spamming or robocalling you, you can just close down the temporary contact and walk away. When it comes to email addresses, you've got a number of free or freemium options to pick from—email addresses don't cost much to set up and maintain. With the more high-maintenance cell numbers you're going to need to pay, but it doesn't have to be very much, as we'll explain. Here are some of our favorite options for both. Disposable Email Addresses Sign in with Apple Screenshot: David Nield via Apple If you're using Apple devices and apps, the option to use disposable email addresses is already baked in—as long as the app or website you're signing up for offers a Sign in with Apple button. You'll register with your Apple ID, but you'll see the option to Share My Email or Hide My Email depending on how much you trust the service. Choose to share your email, and the app or website gets the email address associated with your Apple ID. Choose to hide your email, and Apple generates a disposable email address for you, which relays messages to your main address. From an iPhone, iPad or Mac you can disable this forwarding at any time, or disconnect yourself from the newly created account completely. Sign in with Apple, free with an Apple ID 10 Minute Mail Screenshot: David Nield via 10 Minute Mail 10 Minute Mail creates, as its name implies, email addresses that last just 10 minutes. For those 10 minutes, you can check any incoming messages through a simple web interface (in case you need to verify the address exists after using it), and you can get an extra 600 seconds added to the life span of the email address if you need it. This is for truly disposable email, though—where you want to sign up and then forget the sign-up ever happened. You should still be able to log into the app or service you've signed up for, but once the email address gets trashed, you won't be able to reset your password, delete your account, or do anything else you need a working email address for. Depending on the service, you might be able to change your disposable email address for a real one, if it turns out that you want to keep your new account long-term. 10 Minute Mail, free on the web Guerrilla Mail Screenshot: David Nield via Guerilla Mail Guerrilla Mail isn't going to win any web design competitions, but it does a very good job of generating disposable email addresses for you, and that's what counts. The site gives you plenty of flexibility in picking your temporary address too, with a choice of domain names (after the "@") and the option to scramble up a new address at random with a click. You don't get any forwarding options with Guerilla Mail, just a web inbox where messages arrive and stay for an hour (read or not). You can use it to validate email addresses if that's necessary, and the address will stay active until you click the Forget Me button—at which point the service you signed up for will have no way of reaching you. Guerrilla Mail, free on the web Burner Mail Screenshot: David Nield via Burner Mail Few disposable email services have the polish and the features of Burner Mail, perhaps because it's funded by premium, paid-for accounts (though you can still create up to five temporary addresses for free). You can use it as a web app or as a Chrome extension, and if you install the browser plug-in you can simply click a button to generate an email address when you're signing up for something new. Once you've created a burner address, it can be set up to forward messages to one of your other email accounts, and you can also check out incoming messages through the Burner Mail web app (no forwarding necessary). At any point, you can change the address that emails are forwarded to, or get rid of a temporary address completely once you're done with it. Burner Mail, freemium for Chrome and on the web Firefox Private Relay Screenshot: David Nield via Firefox The Firefox development team has been expanding its talents into the fields of file transfers and password management, and now it can help you protect your main email address too. Private Relay is a new Firefox extension currently in alpha testing, which once installed pops up whenever you need to enter an email address on the web. At the moment the project isn't accepting new testers, but once it's more widely available, Private Relay will appear as a button you can press next to fields that ask for an email address. Firefox then creates a disposable address for you, which passes on messages to your real account. When you no longer need the alias, you can simply delete it. Firefox Private Relay, free for Firefox Disposable Cell Numbers Burner Screenshot: David Nield via Burner Burner is one of the most well-established and longest-running burner number services around—obviously, as it nabbed the best name—and you can rely on it to generate working mobile numbers that don't necessarily have to carry on existing for very long. Your new number functions just like a real one inside the mobile apps, with support for SMS, MMS, and voicemail as well as calls. When you decide you're done with a particular number, you can trash it and you need never have to hear from anyone who had that number again. You can try Burner for free with one number for a limited time. After that there are a variety of payment options—you can either pay as you go per number or sign up for a monthly subscription. While there are other options for generating temporary cell numbers, we'd recommend Burner as the most robust and reliable—you try any of the others at your own risk. As we said at the top, generating mobile numbers requires a lot more heavy lifting than creating temporary email addresses, which is one reason why these types of services aren't as common. Burner, freemium for Android, iOS and the web Source: How to Avoid Spam—Using Disposable Contact Information (Wired)
  4. Discord says it’s banning millions of accounts to tackle spam The stats were revealed in its latest transparency report Illustration by Alex Castro / The Verge Discord banned 5.2 million accounts between April and December last year, the company revealed today in its second transparency report. The most common reasons for account bans were spam and exploitative content, which includes nonconsensual pornography (so-called “revenge porn”) as well as sexual content related to minors. The report reveals a stark difference in the kinds of violations that most users are likely to report, versus the actions that are most likely to get people and servers banned. The most common reports Discord receives from users relate to harassment, however only a relatively small proportion of these reports actually result in action being taken. Discord says that in many cases it will teach people how to block the offending user without taking any further action. On the other hand, exploitative content makes up just 6.7 percent of reports, but lead to the second highest amount of bans. Part of the reason for this is that Discord is much more likely to take action after receiving one of these reports, but the company says it’s also taking a much more proactive approach to removing it. Discord scans every image and video uploaded to its service and uses PhotoDNA to match it to known child sexual abuse material. In the majority of cases, this approach means that offending servers can be removed before anyone reports them, Discord says. Spam was one area where there were a consistently high number of both reports and bans. It was the third most common report type, had the highest action rate out of all reports, and resulted in the highest amount of bans. Discord says it’s much more likely to take action on spam reports because they typically affect a large amount of users, and they’re easy to verify. Although 5.2 million sounds like a lot of bans to hand out, it’s just a fraction of what Facebook revealed it removed in its last transparency report last year. The company said it removed 54 million pieces of violent or graphic content, over 10 million posts containing hate speech, 5.7 million posts that violated its bullying or harassment policies, and 18.5 million pieces of exploitative content. Then again, with over 2 billion users compared to the quarter of a billion Discord had as of May last year, the disparity isn’t a huge surprise. Discord released its first transparency report last August, which covered the first quarter of last year. Going forward, Discord says it expects to release reports on a semiannual basis, with its next report coming in August. Correction: This story originally stated that Discord had 250,000 users as of May last year. It actually had 250 million. The Verge regrets this error. Source: Discord says it’s banning millions of accounts to tackle spam (The Verge)
  5. Ruining it for everyone — Keybase moves to stop onslaught of spammers on encrypted message platform Romance, drug, and blockchain scammers drawn to crypto-chat like flies to… Enlarge / All scammers, all the time: my Keybase message inbox. Keybase started off as co-founder and developer Max Krohn's "hobby project"—a way for people to share PGP keys with a simple username-based lookup. Then Chris Coyne (who also was cofounder of OkCupid and SparkNotes) got involved and along came $10.8 million in funding from a group of investors led by Andreesen Horowitz. And then things got increasingly more complicated. Keybase aims to make public-key encryption accessible to everyone, for everything from messaging to file sharing to throwing a few crypto-coins someone's way. But because of that level of accessibility, Keybase faces a very OkCupid kind of problem: after drawing in people interested in easy public-key crypto-based communications and then drawing in blockchain lovers with its partnership with (and funding from) Stellar.org, Keybase has also drawn in spammers and scammers. And that has brought a host of alerts and messages that have made what was once a fairly clear communications channel into one clogged with unwanted alerts, messages, and other unpleasantry—raising a chorus of complaints in Keybase's open chat channel. It turns out there's a reason spell check keeps wanting to tell me that Keybase should be spelled "debase." Full disclosure: I have been a Keybase user for several years, and fellow Ars editor Lee Hutchinson and I had experimented with using Keybase as a potential way of securing some of our workflow. Not needing anyone to host (and therefore own) our data seemed like a good thing. But Lee recently canceled his Keybase account and says he won’t be back because of how annoying it is. Keybase's leadership is promising to do something to fix the spam problem—or at least make it easier to report and block abusers. In a blog post, Krohn and Coynes wrote, "To be clear, the current spam volume isn't dire, YET. Keybase still works great. But we should act quickly." But the measures promised by Keybase won't completely eliminate the issue. And Keybase execs have no interest in getting involved with additional steps that they see as censorship. "Keybase is a private company and we do retain our rights to kick people out," the co-founders said in the blog post. "That hammer will not be used because someone is mostly disliked, as long as they're playing nicely on Keybase." Romancing the scam Part of the attraction of Keybase is that it allows hassle-free access from the Tor anonymizing network, as well as from VPNs—which makes it harder to track down the source of abusive traffic through the service. But much of the spam traffic is over unobfuscated network connections, and while some of it is coming from Europe and North America, most is coming from Russian and Nigerian IP addresses. Other platforms have seen the same sort of problem. Romance scammers got their start on instant messaging platforms and quickly moved on to dating apps. Earlier this decade, OkCupid became a den for these scams—where someone (often in Nigeria) poses as someone looking for love, and then moves the conversation toward pleas for financial support, calling cards, or other investments. And as I've reported earlier this year, these and other scams have taken hold on Twitter. Right now, it's possible (with some navigation) to block someone from messaging you on Keybase and hiding messages they send. But there's no effective way to report them for abuse other than reaching out to administrators directly. And there's no way to completely filter out the requests in the first place, as anyone can create a Keybase account and send a message to you. First image of article image gallery. Please visit the source link to see all images. Talk to the block As part of the changes to Keybase being pushed out in an upcoming release, users will now be able to report spam or abusive messages straight from Keybase's chat interface—blocking that user with a click or tap, with the option of reporting the user to Keybase administrators. The report allows for quick classification of the message as spam, harassment, "obscene material," or "other," with a field for additional details. "You'll also be able to send Keybase admins the transcript of your chat—something we obviously don't normally have access to, since Keybase is end-to-end encrypted," Keybase execs explained in their post. Another measure Keybase calls the "nuclear option" is also in the works. Similar to Twitter's protected account capabilities, it allows users to select a set of rules that determine who can follow or message them—based on whether they’re already connected in some way." These options will create a custom walled-garden experience," the Keybase execs explained. "It won't be necessary for most people -- especially after the blocking features launch -- but it will 100% shut down all unwanted contact." More fixes are promised in the future. Considering that Keybase already provides ways for people to attest to their identities to provide trust in communications, it would be conceivable that you could filter requests based on the quality and number of those attestations—confirmations made by posting messages to social media accounts, GitHub accounts, and other accounts that are connected to online identity (mine is tied to Twitter, GitHub, Hacker News, Reddit, and a personal domain name as well as my PGP key). Most fraudulent accounts don't bother with anything more than the free Stellar wallet address, and those that do often attach a fake Twitter account. None of this is going to bring Lee Hutchinson back. "When a tool that I don’t need or think about very often starts spamming me and requires I dig up documentation to make the spamming stop," Lee said, "I’m not going to take time out of my [redacted] day to read the docs and screw around with privacy settings. I’m just going to delete the tool. Which I did." Source: Keybase moves to stop onslaught of spammers on encrypted message platform (Ars Technica) (To view the article's image gallery, please visit the above link)
  6. Notepad++'s GitHub issue tracker flooded with pro-Chinese and anti-western messages. Anti-Chinese activists are fighting back with their own spam and attacks on the Beijing regime. Chinese propagandists are spamming the GitHub repository of the Notepad++ app with pro-Chinese and anti-Western messages after Notepad++ devs released a version codenamed "Free Uyghur" on Tuesday. Angry Chinese users posted messages in support of their government, accusing westerners of interfering in matters "they don't understand" and that "China's territorial integrity is inviolable." Messages were posted in Chinese, English, or both -- so the messages "hit home with foreigners." Initial messages invoked China's right over the Xinjiang region, home of the Uyghur minority. Over the past year, multiple reports have surfaced about China's appalling treatment of the Uyghur population, with the deployment of facial tracking technology, travel bans, and "re-education" camps from where people often never come back. But the flooding of the Notepad++ project's GitHub repository with pro-Chinese propaganda messages quickly drew in all the anti-Chinese activists. Today, discussions on the Notepad++ issues tracker had shifted to all Chinese topics, such as Taiwan's sovereignty, the Hong Kong protests, and the failure of the "western democracy" model -- and especially the "brainwashed western people living under evil capitalism regime [sic]." With most of the discussions taking a "China vs. the world" theme, other users have also stepped in, and are calling out the hypocrisy of some pro-Chinese commenters who are mocking western democracies while living under a "social credit" system. Notepad++ developers have been trying to keep pace with all the spam and closing discussions, but new GitHub issues with propaganda messages are being opened every few minutes. Furthermore, the Notepad++ website also came under a prolonged DDoS attack today. The site recovered after hours of downtime only after being moved behind Cloudflare proxies. The Notepad++ 7.8.1 release, the one codenamed "Free Uyghur," has not been pulled, and is still available for download. You can read the hundreds of pro- and anti-Chinese messages in the Notepad++ GitHub issue tracker's closed section. Developing story. Updates will follow. Source: Chinese users attack Notepad++ app after 'Free Uyghur' release (via ZDNet) p/s: While the main site is running well at this time of writing, but the domain download.notepad-plus-plus.org that serves the installer download is still down.
  7. Disable auto-invites to combat Google Calendar Spam Google Calendar spam is not a new phenomenon; it has plagued Google Calendar users for years and spam seems to come and go in waves. Recently, users started to report an increase in Google Calendar spam. Spam comes in many forms but the two main categories fall into advertising and outright malicious messages. Google Calendar customers who did not receive spam invites up until now may wonder how that invite got accepted in first place; it is easy to explain: Google Calendar has a feature that automatically adds invitations to Calendar. All an attacker needs to do is send you an invite using the right format and et voila, the invite becomes visible in Google Calendar. What makes this particularly problematic, besides the fact that this feature is opt-out and not opt-in, is that the mobile Google Calendar application does not even have the option to disable this. Here is how you disable auto-invites in Google Calendar Open the Google Calendar application in a browser on a desktop PC. If you try to open the Calendar website on a mobile device you may be redirected to the Calendar application automatically. Open the Settings menu when the website has loaded and select Settings from the context menu (you need to sign-in to your Google account). Select Event Settings from the menu on the left or scroll down to the Event settings section on the page. The setting "Automatically add invitations" needs to be adjusted. It is set to Yes by default which means that invitations are accepted automatically; this is the source of the spam that you receive on Google Calendar. Switch the value of the setting to "No, only show invitations to which I have responded". If you still receive spam after making that change, follow the instructions below: Open the Google Calendar settings again on the desktop. Scroll down to the "View options" section or click on View Options in the sidebar to jump to the section on activation. Uncheck the "show declined events" option; this hides declined events in Calendar automatically. Scroll down to Events from Gmail. Disable "Automatically add events from Gmail to my Calendar". Note that you may need to disable the "show declined events" on the mobile Calendar application as well if you still see those there and use it. Disabling automatic invites could make things a little less comfortable for Google customers who share calendars with others and used to use the auto-invite system in the past. Source: Disable auto-invites to combat Google Calendar Spam (gHacks - Martin Brinkmann)
  8. Accounts will be limited to 400 follows per day. In an apparent attempt to combat spam and bot accounts that populate its platform, Twitter announced today that it is changing its rules to allow users to follow up to 400 accounts per day. The change marks a considerable drop from the previous cap, which allowed up to 1,000 follows in a single day, though still allows for more following than the average human user is likely to do in a 24 hour period. "As a part of our commitment to building a healthy service, we remain focused on stopping spam and abuse on Twitter," a spokesperson for Twitter told Engadget. "We found that having a high daily follow rate contributed to follower churn, and as a result, we are reducing the daily follow rate limit from 1,000 to 400." Follower churn, according to Twitter's help center, is the process of following and unfollowing accounts. The process is done to get the attention of users and try to get people to follow back to inflate one's follower count. The rule change is just the latest in Twitter's effort to cut back on the abilities of spam accounts and bots. Last year, the company cracked down on "bulk tweeting" that allowed accounts to tweet the same content from multiple accounts. It also added new reporting tools that allow human users to flag bots and instituted a verification process that requires users to confirm their identity with a phone number or email address when creating a new account. Source
  9. The number of robocalls to US consumers increased massively last year. Consumers in the US received a whopping 26.3 billion robocalls in 2018, which was 46 percent more than that the total number of robocalls in 2017, according to Hiya, maker of a caller ID app. The company estimates that people received on average 10 unwanted calls per month and that 25 percent of all robocalls are scams. The top three categories of unwanted calls in the US include general spam, fraud and telemarketing. The Federal Communications Commission (FCC) has outlined plans to combat the problem of robocalls in the US. FCC chairman Ajit Pai in November fired off a letter to carriers demanding that the industry implements a call-authentication system by this year. The system aims to combat caller ID spoofing. He's pushing carriers to immediately adopt the Signature-based Handing of Asserted Information Using Tokens (Shaken) and the Secure Telephone Identity Revisited standards. Carriers would then 'sign' calls originating from their network, which would be validated by other carriers before reaching a phone. According to YouMail, another robocall-blocking service, the situation in 2018 was even worse, with the company last week reporting an estimated 47.8 billion robocalls in the US last year. Robocalls in 2018 were up 56.8 percent from the estimated 30.5 billion robocalls in 2017. Its data found that 37 percent of all robocalls were scams related to health insurance, student loans, easy money scams, tax scams, travel scams, business scams and warranty scams. The remaining 60 percent of robocalls were legitimate, including telemarketing calls, reminders and alerts. The FCC and the Federal Trade Commission both cite unwanted and illegal robocalls as their top source of complaints. The FTC received 7.1 million consumer complaints about robocalls in 2017, up from 5.3 million in 2016. The FCC says it gets about 200,000 complaints each year. The number of robocalls have increased over the years despite over 200 million US consumers have registered on the Do Not Call Registry. Hiya's research sets out the US area codes most targeted by spammers. Source
  10. T-Mobile is beginning to roll out support for call verification technology, which will confirm that a phone call is actually coming from the number listed on caller ID. Now, if one T-Mobile subscriber calls another T-Mobile subscriber, the person receiving the call will see a message saying “Caller Verified” if they have a supported phone. Unfortunately, there’s only one supported phone for the time being. Call verification won’t put a stop to spammy phone calls, but it will start to help people identify which calls are actually coming from real people. As anyone with a phone knows, spammers have relentlessly spoofed local phone numbers in recent years, making it appear that you’re getting an incoming call from someone you may know. Call verification is meant to combat that. There are a lot of limitations at launch, though. For one, T-Mobile is the first carrier to launch support for it. It’s supposed to eventually work across all major phone providers, but that’ll only happen once others come on board. Second, T-Mobile is starting small, launching this only on the Galaxy Note 9 to start. Presumably, it’ll come to other phones eventually, but no timeline was given. The bigger limitation is that this doesn’t actually tell you which calls are spam, just which calls aren’t. That’s definitely still a help. You might get a call from a neighbor or a local business that you’ll now know to pick up, thanks to the verification tech. But if you get a call that isn’t verified, it doesn’t necessarily mean it’s a spammer, just that the call couldn’t be verified, which could simply be due to lack of support from their phone provider. Still, it’s an encouraging sign in the perpetually frustrating fight against spammers. T-Mobile is using a pair of technologies known as SHAKEN and STIR, which FCC chairman Ajit Pai “demanded” the phone industry implement. In November, Pai sent letters to the industry asking that the technologies be adopted “without delay.” Verizon plans to start implementing the tech later this year, and Sprint plans to begin testing it this year. Other major voice providers have said they are working on it or beginning trials. Source
  11. An unknown individual compromised an alert service and abused their access to send out a spam message to some of the service’s customers. The Australian Early Warning Network (EWN) alert service disclosed first in a Facebook post and later on its website that the compromise took place near the beginning of the year: The service responded by launching an investigation into the incident. This effort revealed that the individual responsible used stolen credentials to gain access to the service and send out the spam message. This nuisance alert included a link that wasn’t harmful to customers who received it. Kerry Plowright, managing director of EWN, told ABC News that the breach likely originated in Australia: At this time, the EWN’s systems are online and providing ongoing alerts for severe weather and natural hazard events. The service also said that its investigation into the incident is ongoing with the help of Police and the Australian Cyber Security Centre. This isn’t the first time that an emergency alert service has suffered a security incident. In March 2018, city officials confirmed they detected what they called a “limited breach” on a system that supports Baltimore’s 911 emergency services. According to Baltimore Police Commissioner Darryl De Sousa, the incident did not disrupt his officers’ ability to respond to emergency callers throughout the city. But it did lead the city to temporarily transition its 911 emergency services into manual mode, which means dispatchers took callers’ locations manually without any means to verify those details. Source
  12. Ponting

    SPAM Control

    Don't know why the first few posts of a newbie aren't moderated,before it appears on nsane.forums. :unsure: :think:
  13. A new spam campaign has emerged in support of the Asprox botnet. The scheme involves shipping receipt emails that contain malicious links and purport to come from the United States Postal Service (USPS). Anyone who receives one of these emails and clicks on the link therein will have a zip file downloaded onto their machine, according to a Zscaler report. After a user downloads the zip file, it shows up as a seemingly legitimate looking Word document on the Windows desktop. That file is in actuality an executable which must be opened before the user becomes infected with the malware. Researchers from the security firmStopMalvertising analyzed Asprox – also known as Kulouz – in November. They found that the strain of malware began as a password-stealing botnet, but has since evolved to where it’s primary purpose is to launch automated SQL injection attacks. Asprox, they say, is notorious for spoofing shipping companies like the United Parcel Service and FedEx. Asprox is not new, with references to it on Threatpost dating back as far as 2009. As of Zscaler’s publication, the threat was scoring a fairly dangerous 4/52 on VirusTotal. At the time of our publication, the detection engines appear to have taken notice, and the threat is now scoring a less potent 27/52. According to the report, the malware copies itself into an infected user’s Local Application Data before creating an autostarter to ensure that the infection stays around even after restart. “The common factor across all of these dropped files is that they all POST bzip2 compressed data which is then encrypted with a 16-byte random RC4 key via HTTP as reported by StopMalvertising,” wrote Chris Mannon in the Zscaler analasys. “We’re seeing a growing number of attacks which utilize this method of phone home activity. The case of this Asprox threat phones home over ports 443 and 8080.” Source
  14. In Internet years, AOL and its webmail counterpart AOL Mail are beyond ancient at this point. A relic of electronic mail history, the majority of users have long since jumped ship for Gmail or Yahoo. Yet those who still have accounts with AOL were no doubt unhappy when they discovered last weekend that a slew of old AOL Mail accounts had been hacked to send spam to their friends. While it’s unclear exactly how many users’ accounts have been compromised at this point, multiple users have complained on Twitter that their accounts – some which naturally have not been used for years – were compromised and used to send spam to other users. AOL acknowledged the hack late yesterday and pointed out that it’s likely affected users weren’t hacked but spoofed, and that it’s doing everything in its power to correct the issue. “AOL takes the safety and security of consumers very seriously, and we are actively addressing consumer complaints,” AOL said in a statement Tuesday, “We are working to resolve the issue of account spoofing to keep users and their respective accounts running smoothly and securely.” As AOL notes, spoofing attacks are basically spam emails that appear to come from the victim but are technically coming from the spammers’ email account and are sent via the spammers’ server. While spoofing attacks are nothing new this particular campaign appears to have really started picking up steam over the weekend. The hashtag #AOLhacked on Twitter has seen users bemoan the service’s security and others cracking their fair share of jokes since Sunday. Since there’s a difference between being hacked and being spoofed, there’s nothing users can really do prevent the spammer from continuing to spoof their email accounts. Users can change their passwords and delete their contacts but it doesn’t really matter – the spammer already has a copy of the victim’s address book. The company’s mail Twitter page, @AOLMailHelp, said it plain and simple yesterday: “Once your account if spoofed, there is nothing else that can be done.” Some experts, like web designer and programmer Brian Alvey, however are speculating that AOL Mail may have suffered an address book webmail exploit. “When you load [Yahoo’s] webmail interface your browser makes several calls into AOL for data. One is to login. Another is to load all the messages in your inbox. Another is to load your address book so you can a) see who your friends are and B) easily send them email, auto-completing addresses as you type them,” Alvey wrote in a blog entry last night. “Each of those data calls should have security checks.” Alvey surmises that there may not have been a security check like this in place, something that could allow an attacker to bypass security and secure access to users’ address books without being forced to guess passwords or go through the trouble of hacking into the affected accounts. In the meantime, even though it may not help, it may not hurt for anyone with an old AOL Mail account to change their password and to steer clear from any suspicious looking emails, especially those that direct you to a murky looking link, like the one above. Source
  15. By Chris Mooney Feb. 14 2014 1:23 PM Narcissistic, Machiavellian, psychopathic, and sadistic. n the past few years, the science of Internet trollology has made some strides. Last year, for instance, we learned that by hurling insults and inciting discord in online comment sections, so-called Internet trolls (who are frequently anonymous) have a polarizing effect on audiences, leading to politicization, rather than deeper understanding of scientific topics. That’s bad, but it’s nothing compared with what a new psychology paper has to say about the personalities of trolls themselves. The research, conducted by Erin Buckels of the University of Manitoba and two colleagues, sought to directly investigate whether people who engage in trolling are characterized by personality traits that fall in the so-called Dark Tetrad: Machiavellianism (willingness to manipulate and deceive others), narcissism (egotism and self-obsession), psychopathy (the lack of remorse and empathy), and sadism (pleasure in the suffering of others). It is hard to underplay the results: The study found correlations, sometimes quite significant, between these traits and trolling behavior. What’s more, it also found a relationship between all Dark Tetrad traits (except for narcissism) and the overall time that an individual spent, per day, commenting on the Internet. In the study, trolls were identified in a variety of ways. One was by simply asking survey participants what they “enjoyed doing most” when on online comment sites, offering five options: “debating issues that are important to you,” “chatting with others,” “making new friends,” “trolling others,” and “other.” Here’s how different responses about these Internet commenting preferences matched up with responses to questions designed to identify Dark Tetrad traits: To be sure, only 5.6 percent of survey respondents actually specified that they enjoyed “trolling.” By contrast, 41.3 percent of Internet users were “non-commenters,” meaning they didn’t like engaging online at all. So trolls are, as has often been suspected, a minority of online commenters, and an even smaller minority of overall Internet users. The researchers conducted multiple studies, using samples from Amazon’s Mechanical Turk but also of college students, to try to understand why the act of trolling seems to attract this type of personality. They even constructed their own survey instrument, which they dubbed the Global Assessment of Internet Trolling, or GAIT, containing the following items: I have sent people to shock websites for the lulz. I like to troll people in forums or the comments section of websites. I enjoy griefing other players in multiplayer games. The more beautiful and pure a thing is, the more satisfying it is to corrupt. Yes, some people actually say they agree with such statements. And again, doing so was correlated with sadism in its various forms, with psychopathy, and with Machiavellianism. Overall, the authors found that the relationship between sadism and trolling was the strongest, and that indeed, sadists appear to troll because they find it pleasurable. “Both trolls and sadists feel sadistic glee at the distress of others,” they wrote. “Sadists just want to have fun ... and the Internet is their playground!” The study comes as websites, particularly at major media outlets, are increasingly weighing steps to rein in trollish behavior. Last year Popular Science did away with its comments sections completely, citing research on the deleterious effects of trolling, and YouTube also took measures to rein in trolling. But study author Buckels actually isn’t sure that fix is a realistic one. “Because the behaviors are intrinsically motivating for sadists, comment moderators will likely have a difficult time curbing trolling with punishments (e.g., banning users),” she said by email. “Ultimately, the allure of trolling may be too strong for sadists, who presumably have limited opportunities to express their sadistic interests in a socially-desirable manner.” http://www.slate.com/articles/health_and_science/climate_desk/2014/02/internet_troll_personality_study_machiavellianism_narcissism_psychopathy.html Chris Mooney is the author of The Republican War on Science and, with Sheril Kirshenbaum, Unscientific America: How Scientific Illiteracy Threatens Our Future.
  16. By Manish Singh on February 11, 2014 - 07:18PM Internet, much like the real world, has bad people too. And while the digital security of the entire planet seems to be a train-wreck, things are even worse in India. According to Microsoft’s third annual Computing Safety Index (MCSI)​ report, 20% Indians are the victims of online phishing attacks. The victims in this case lose around Rs. 7500 ($120 USD) on average. “About 12 per cent Indian respondents said they suffered identity theft at an average cost them Rs 7,500," the MSCI states. Whereas the annual worldwide impact of phishing and identity theft is around $5 billion, while fixing peoples’ online reputation could go as high as $6 million. “The annual worldwide impact of phishing and other various forms of identity theft could be as high as $5 billion, with the cost of repairing the damage to peoples' online reputation being higher yet at nearly $6 billion or an estimated average of $632 (Rs 39,000) per loss," the MSCI mentioned. The survey which was released today on Safer Internet Day, used the data gathered from testing around 10,500 users from across 20 nations. According to the report, only 34% of them care to prevent strangers from seeing their updates on social media. Whereas, 38% of people actually tweak some settings to set control over who sees what. Furthermore, only 35% of the users employed a PIN protection to keep their devices secure. "Internet users can prevent intrusions and thefts by using a unique four-digit PIN for mobile devices and strong passwords for online accounts," Microsoft India National Technology Officer Prakash Kumar said. It is high time we became aware of online attacks and started using simple preventive measures which can save us a whole lot of trouble. “The Internet touches our lives every day, whether we are communicating with loved ones, for work, shopping, and paying bills. But how cautious are we about monitoring our online presence, and taking note of our own vulnerabilities? There are many things you can do to stay safer online," Kumar added. http://www.winbeta.org/news/phishing-attacks-20-percent-indians-are-victims-says-microsoft
  17. By Casey Johnston - Jan 25 2014, 9:48am AUSEST Gmail shifted the "spam" link away from the layout TechCrunch screenshotted to discourage clicking. It's highlighted here in purple in its new form. A Gmail bug has resulted in thousands of unsolicited e-mails hitting up the Hotmail account of one David S. Peck of Fresno, California, according to a report from TechCrunch. TechCrunch suggests the glitch is possibly related to the outage that occurred earlier Friday. The bug operated like this: a Google search for the word “Gmail” turns up a couple of links under the Gmail header, including one with the text “Email.” Clicking that link would pop up a Compose window with dsp559 at hotmail dot com pre-filled in the To: field; apparently, more than a few Gmail users YOLO’d and hit send. Peck has been receiving the unsolicited e-mails since Thursday. He deleted the day’s bounty and woke up Friday with 1,900 more e-mails, he told TechCrunch. Peck contacted Hotmail for support, and as of Friday afternoon, the “Email” link on the Google results page leads to a 404. Earlier in the day, both Gmail and Google+ went down for about two hours. Given Google+’s recent integration with YouTube, that meant YouTube users were unable to make comments on the site, as well. http://arstechnica.com/business/2014/01/bad-gmail-link-results-in-thousands-of-spam-e-mails-to-a-hotmail-user
  18. The analysis procedure spammaps registers, categorises and maps messages that have been classified as spam. On the basis of the extraction of malicious URLs, their contents and attachments, AV-TEST has developed an interactive database that can be used to archive cases of spam. The visualisation is presented in spam statistics displaying different time intervals, the focus of the spam content and its country-specific origin. Last 14 Days Last 60 Days Last 180 Days Complete List Spam Ratio http://www.av-test.org/en/statistics/spam
  • Create New...