Spam

Blogs

Spamtraps Are Overblown… by Senders

One of the fascinating parts of my job is seeing how different groups in email have radically disparate points of view. A current example is how much value senders put on spamtraps compared to ISPs and filtering companies. I understand why this is. In all too many cases, when a sender asks why they're mail is going to bulk or being blocked, the answer is "you're hitting spamtraps." The thing is, spamtraps are almost never the only reason mail is being blocked. more

How to Track Online Malevolent Identities in the Act

Want to be a cybersleuth and track down hackers? It may sound ambitious considering that malevolent entities are extremely clever, and tracing them requires certain skills that may not be easy to build for the typical computer user. But then again, the best defense is offense. And learning the basics of sniffing out cybercriminals may not only be necessary nowadays, it has become essential for survival on the Web. So where can you begin? more

My Domain Reputation Is Bad, Should I Get a New Domain?

Many companies have the occasional "oops" where they send email they probably shouldn't have. This can often cause a decrease in reputation and subsequent delivery problems. Some companies rush to fix things by changing domains. Brand new domains, those registered less than 30 days, have really bad reputations. Blame the spammers and scammers who exploited a loophole and sent tons of untraceable spam from newly registered domains that they then abandoned without paying for them. more

GDPR Didn't Affect Spam? Not So Fast

I have recently become aware of a blog post from Recorded Future that attempts to analyze the effects of the GDPR on online security. Unfortunately, it starts by asking an irrelevant question and then goes on to use irrelevant metrics to come to a meaningless answer. The premise of Recorded Future's article - that spammers would send more spam and register more domains because GDPR came into effect - tells us nothing useful about how GDPR affects anything. It's the wrong question... more

GDPR PII Time-Bomb? Kill it With Fire!

Hi! My name is spamfighter. I investigate spam and phish in a post-GDPR dystopia. Recently, I invented Fire, to save you millions of €uros. One day, my Boss suggested I automate some of my processes. I, for one, welcome our Robot Overlords (and a happy boss), but I can be exacting about the tools I use. Perhaps not to the degree of the infamous Van Halen 'no brown M&M's' contractual clause but I have no patience for poorly-designed software, and truly dislike typing when... more

Sorry, Not Sorry: WHOIS Data Must Remain Public

In March, I posted a call to action to those of us in the community who have the inclination to fight against a movement to redact information critical to anti-abuse research. Today, I felt compelled to react to some of the discussions on the ICANN discussion list dedicated to the issue of WHOIS reform: Sorry, not sorry: I work every working hour of the day to protect literally hundreds of millions of users from privacy violating spam, phish, malware, and support scams. more

Craigslist Gets a $40 Million CAN-SPAM Judgment

Classified ad site craigslist is famously protective of its contents. While they are happy for search engines like Google to index the listings, they really, really do not like third parties to scrape and republish their content in other forms. In 2013 craigslist sued a company called 3taps which had created an API for craigslist data. They also sued real estate site Padmapper, which showed craigslist and other apartment listings on a map, something craigslist didn't do at the time. more

Loudmouths Wanted for ICANN WHOIS Replacement Work

TL;DR? It's worth reading, BUT, if not -- ICANN has yet another group looking at WHOIS, and there is a huge push to redact it to nothing. I spend easily half my day in WHOIS data fighting online crime, losing it would not make my job harder, it will make it impossible. PLEASE JOIN THE ICANN GROUP and help us fight back against people who are fighting in favour of crime. more

Large Companies (Un?)knowingly Hire Spammers

This morning, CSO and MacKeeper published joint articles on a massive data leak from a marketing company. This company, River City Media (RCM), failed to put a password on their online backups sometime. This leaked all of the company's data out to the Internet at large. MacKeeper Security Researcher, Chris Vickery discovered the breach back in December and shared the information with Spamhaus and CSO online. The group has spent months going through the data from this spammer. more

Cyber-Terrorism Rising, Existing Cyber-Security Strategies Failing, What Are Decision Makers to Do?

While conventional cyber attacks are evolving at breakneck speed, the world is witnessing the rise of a new generation of political, ideological, religious, terror and destruction motivated "Poli-Cyber™" threats. These are attacks perpetrated or inspired by extremists' groups such as ISIS/Daesh, rogue states, national intelligence services and their proxies. They are breaching organizations and governments daily, and no one is immune. more

How a Plaintiff Was Undeceived and Lost at Spam Litigation - What Nobody Told You About!

Back in 2003, there was a race to pass spam legislation. California was on the verge of passing legislation that marketers disdained. Thus marketers pressed for federal spam legislation which would preempt state spam legislation. The Can Spam Act of 2003 did just that... mostly. "Mostly" is where litigation lives. According to the Can Spam Act preemption-exception... more

The Kindness of Strangers, or Not

A few days ago I was startled to get an anti-spam challenge from an Earthlink user, to whom I had not written. Challenges are a WKBA (well known bad idea) which I thought had been stamped out, but apparently not. The plan of challenges seems simple enough; they demand that the sender does something to prove he's human that a spammer is unlikely to do. more

Trump's Fundraising Email - Bad Data Drives Delivery Problems

It's a wild election season here in the US. In the past few presidential elections, email has played a bigger and bigger role in messaging and fundraising. President Obama's campaign used email effectively, but sent huge volumes. In fact, the volume was so heavy, it led to a joke on the Daily Show... This year there is a stark difference in how the candidates are using email. more

ICANN Fails Consumers (Again)

In its bid to be free of U.S. government oversight ICANN is leaning on the global multistakeholder community as proof positive that its policy-making comes from the ground up. ICANN's recent response to three U.S. senators invokes the input of "end users from all over the world" as a way of explaining how the organization is driven. Regardless of the invocation of the end user (and it must be instinct) ICANN cannot seem to help reaching back and slapping that end user across the face. more

DotSpam? Certain New gTLDs Rapidly Outpacing Legacy TLDs in Terms of Abuse

Would you like to hear about how to treat your psoriasis? Where to get a cheap oil change? How to flatten your belly? Achieve a stronger sexual life? Cheap toner? Annuities? Herpes? Bed bugs? Free energy? Varicose-Veins? Herpes? Saggy skin? Arthritis? Overactive bladder? Drug addiction? Herpes? No? Well, that's too bad, because that you are going to hear about it whether you like it or not. Many of the messages about these and other subjects are being carried to you via new gTLDs. more

News Briefs

Gmail Is Blocking 100 Million More Spam Messages Every Day With AI, Says Google

Former ICANN Security VP Joins CAUCE Board of Directors

FCC to Classify Text Messaging as Information Service to Fight Spam Texts, Others Oppose the Move

Study Finds GDPR Has Had Minimal Impact on Spam and Domain Registrations

Most Abused TLDs Put Under Spotlight by Spamhaus

Microsoft, Facebook and Others Demand ICANN Take a Closer Look at Questionable Registrars

Over a Billion Email Addresses of Major Spam Operation Exposed via Unprotected Backups

'Spam King' Sanford Wallace Sentenced to 2.5 Years In Prison

Internet Infrastructure Coalition (i2Coalition) Joins M3AAWG to Reduce Hosting Industry Abuse

Plentyoffish Media Inc. Fined $48,000 for Alleged Violation of Canada's Anti-Spam Law

M3AAWG Releases Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

Canadian Regulator CRTC Issues $1.1 Million Penalty to Compu-Finder for Spamming

Spam-Friendly Registrar 'Dynamic Dolphin' Shuttered by ICANN

Arrest Made in Connection to Spamhaus DDoS Case

Massive Spam and Malware Campaign Following Boston Tragedy

Largest DDoS Attack To Date Aimed at Spamhaus Effects Global Internet Traffic

J.D. Falk: 1974 - 2011

Google Removes All Sites Under .CO.CC Over Security Concerns

Happy Canada Day from the CRTC

Researchers Use Social Graphs to Detect Spammers, Attackers

Most Viewed

Most Commented

Industry Updates

Participants – Random Selection