Spam

Blogs

GDPR Didn't Affect Spam? Not So Fast

I have recently become aware of a blog post from Recorded Future that attempts to analyze the effects of the GDPR on online security. Unfortunately, it starts by asking an irrelevant question and then goes on to use irrelevant metrics to come to a meaningless answer. The premise of Recorded Future's article - that spammers would send more spam and register more domains because GDPR came into effect - tells us nothing useful about how GDPR affects anything. It's the wrong question... more

GDPR PII Time-Bomb? Kill it With Fire!

Hi! My name is spamfighter. I investigate spam and phish in a post-GDPR dystopia. Recently, I invented Fire, to save you millions of €uros. One day, my Boss suggested I automate some of my processes. I, for one, welcome our Robot Overlords (and a happy boss), but I can be exacting about the tools I use. Perhaps not to the degree of the infamous Van Halen 'no brown M&M's' contractual clause but I have no patience for poorly-designed software, and truly dislike typing when... more

Sorry, Not Sorry: WHOIS Data Must Remain Public

In March, I posted a call to action to those of us in the community who have the inclination to fight against a movement to redact information critical to anti-abuse research. Today, I felt compelled to react to some of the discussions on the ICANN discussion list dedicated to the issue of WHOIS reform: Sorry, not sorry: I work every working hour of the day to protect literally hundreds of millions of users from privacy violating spam, phish, malware, and support scams. more

Craigslist Gets a $40 Million CAN-SPAM Judgment

Classified ad site craigslist is famously protective of its contents. While they are happy for search engines like Google to index the listings, they really, really do not like third parties to scrape and republish their content in other forms. In 2013 craigslist sued a company called 3taps which had created an API for craigslist data. They also sued real estate site Padmapper, which showed craigslist and other apartment listings on a map, something craigslist didn't do at the time. more

Loudmouths Wanted for ICANN WHOIS Replacement Work

TL;DR? It's worth reading, BUT, if not -- ICANN has yet another group looking at WHOIS, and there is a huge push to redact it to nothing. I spend easily half my day in WHOIS data fighting online crime, losing it would not make my job harder, it will make it impossible. PLEASE JOIN THE ICANN GROUP and help us fight back against people who are fighting in favour of crime. more

Large Companies (Un?)knowingly Hire Spammers

This morning, CSO and MacKeeper published joint articles on a massive data leak from a marketing company. This company, River City Media (RCM), failed to put a password on their online backups sometime. This leaked all of the company's data out to the Internet at large. MacKeeper Security Researcher, Chris Vickery discovered the breach back in December and shared the information with Spamhaus and CSO online. The group has spent months going through the data from this spammer. more

Cyber-Terrorism Rising, Existing Cyber-Security Strategies Failing, What Are Decision Makers to Do?

While conventional cyber attacks are evolving at breakneck speed, the world is witnessing the rise of a new generation of political, ideological, religious, terror and destruction motivated "Poli-Cyber™" threats. These are attacks perpetrated or inspired by extremists' groups such as ISIS/Daesh, rogue states, national intelligence services and their proxies. They are breaching organizations and governments daily, and no one is immune. more

How a Plaintiff Was Undeceived and Lost at Spam Litigation - What Nobody Told You About!

Back in 2003, there was a race to pass spam legislation. California was on the verge of passing legislation that marketers disdained. Thus marketers pressed for federal spam legislation which would preempt state spam legislation. The Can Spam Act of 2003 did just that... mostly. "Mostly" is where litigation lives. According to the Can Spam Act preemption-exception... more

The Kindness of Strangers, or Not

A few days ago I was startled to get an anti-spam challenge from an Earthlink user, to whom I had not written. Challenges are a WKBA (well known bad idea) which I thought had been stamped out, but apparently not. The plan of challenges seems simple enough; they demand that the sender does something to prove he's human that a spammer is unlikely to do. more

Trump's Fundraising Email - Bad Data Drives Delivery Problems

It's a wild election season here in the US. In the past few presidential elections, email has played a bigger and bigger role in messaging and fundraising. President Obama's campaign used email effectively, but sent huge volumes. In fact, the volume was so heavy, it led to a joke on the Daily Show... This year there is a stark difference in how the candidates are using email. more

ICANN Fails Consumers (Again)

In its bid to be free of U.S. government oversight ICANN is leaning on the global multistakeholder community as proof positive that its policy-making comes from the ground up. ICANN's recent response to three U.S. senators invokes the input of "end users from all over the world" as a way of explaining how the organization is driven. Regardless of the invocation of the end user (and it must be instinct) ICANN cannot seem to help reaching back and slapping that end user across the face. more

DotSpam? Certain New gTLDs Rapidly Outpacing Legacy TLDs in Terms of Abuse

Would you like to hear about how to treat your psoriasis? Where to get a cheap oil change? How to flatten your belly? Achieve a stronger sexual life? Cheap toner? Annuities? Herpes? Bed bugs? Free energy? Varicose-Veins? Herpes? Saggy skin? Arthritis? Overactive bladder? Drug addiction? Herpes? No? Well, that's too bad, because that you are going to hear about it whether you like it or not. Many of the messages about these and other subjects are being carried to you via new gTLDs. more

Internet Governance Forum Publishes BPs on Regulation and Mitigation of Unsolicited Communications

The IGF this morning published a number of reports, including the aforementioned one, at the URL provided, titled 'IGF 2015 Best Practice Forum Regulation and mitigation of unsolicited communications.' The reports can be found in the included URLs on the IGF Website. more

Officially Compromised Privacy

The essence of information privacy is control over disclosure. Whoever is responsible for the information is supposed to be able to decide who sees it. If a society values privacy, it needs to ensure that there are reasonable protections possible against disclosure to those not authorized by the information's owner. In the online world, an essential technical component for this assurance is encryption. If the encryption that is deployed permits disclosure to those who were not authorized by the information's owner, there should be serious concern about the degree of privacy that is meaningfully possible. more

Internet Society's New Policy Brief Series Provides Concise Information On Critical Internet Issues

Have you ever wanted to quickly find out information on key Internet policy issues from an Internet Society perspective? Have you wished you could more easily understand topics such as net neutrality or Internet privacy? This year, the Internet Society has taken on a number of initiatives to help fill a need identified by our community to make Internet Governance easier to understand and to have more information available that can be used to inform policymakers and other stakeholders about key Internet issues. more

News Briefs

Study Finds GDPR Has Had Minimal Impact on Spam and Domain Registrations

Most Abused TLDs Put Under Spotlight by Spamhaus

Microsoft, Facebook and Others Demand ICANN Take a Closer Look at Questionable Registrars

Over a Billion Email Addresses of Major Spam Operation Exposed via Unprotected Backups

'Spam King' Sanford Wallace Sentenced to 2.5 Years In Prison

Internet Infrastructure Coalition (i2Coalition) Joins M3AAWG to Reduce Hosting Industry Abuse

Plentyoffish Media Inc. Fined $48,000 for Alleged Violation of Canada's Anti-Spam Law

M3AAWG Releases Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

Canadian Regulator CRTC Issues $1.1 Million Penalty to Compu-Finder for Spamming

Spam-Friendly Registrar 'Dynamic Dolphin' Shuttered by ICANN

Arrest Made in Connection to Spamhaus DDoS Case

Massive Spam and Malware Campaign Following Boston Tragedy

Largest DDoS Attack To Date Aimed at Spamhaus Effects Global Internet Traffic

J.D. Falk: 1974 - 2011

Google Removes All Sites Under .CO.CC Over Security Concerns

Happy Canada Day from the CRTC

Researchers Use Social Graphs to Detect Spammers, Attackers

CAUCE Director Neil Schwartzman Wins Prestigious MAAWG Award

Research Detects Spammers Using Fake URL-Shortening Services

Garth Bruen Discussing Whois, DNSSEC and Domain Security

Most Viewed

Most Commented

Industry Updates

Participants – Random Selection