Email

Email / News Briefs

Happy Canada Day from the CRTC

Neil Schwartzman writes to report: "CAUCE reports that the CRTC published long-awaited regulations (a big step towards Canada's Anti-spam Law (AKA C28) coming into force), late June 30, the day before Canada Day. The regulations are, as anticipated, very terse and do little to water down the strong nature of the law; they move to clarify certain aspects of express vs. implied consent, among other things." more

Chinese Newspaper Warns Google Against Playing a Risky Political Game

Chris Buckley reporting in Reuters: "The tough warning appeared in the overseas edition of the People's Daily, the leading newspaper of China's ruling Communist Party, indicating that political tensions between the United States and China over Internet security could linger. Last week, Google said it had broken up an effort to steal the passwords of hundreds of Google email account holders, including U.S. government officials, Chinese human rights advocates and journalists. It said the attacks appeared to come from China..." more

New Anti-phishing Initiative Introduced by Yahoo!

Neil Schwartzman writes to report: "The company announced the Yahoo! Mail Anti-Phishing Platform (YMAP) yesterday. The technology is predicated upon the use of both DKIM and Sender Policy Framework (SPF) to identify authentic messages. As part of the initiative, Yahoo! has partnered with email authenticators Authentication Metrics, eCert, Return Path, and Truedomain to provide broad-band coverage of well-known brands." more

Google: China Interfering with Gmail and Attempting to Conceal the Act

Thomas Claburn reporting in InformationWeek: "In a move that could further dampen its business prospects in China, Google is accusing Chinese authorities of interfering with its Gmail service and attempting to conceal that interference. Google says that Gmail users in China have been reporting difficulties using Gmail and that it has checked its systems and found no problems. ...'This is a government blockage carefully designed to look like the problem is with Gmail,' says Google." more

Microsoft, Federal Agencies Take Down Rustock Botnet

Neil Schwartzman writes: "There is a lot of press on the profound effect the take-down of the Rustock botnet, affected by Microsoft, some U.S. federal agencies, and countless others working in the background to assist in the effort. CAUCE has aggregated a few of the best stories and data-points. A community congratulations, and thank-you to all those involved!" more

Conflict Over Efforts to Develop a Best-Practices Document for Blacklist Operators

Neil Schwartzman writes to report: "Ken Magill covers the current rake fight on the IRTF's Anti-Spam Research Group mailing list concerning anti-spam DNS Blacklist, or Blocklist, (DNSBL) operators charging for delistings, that is well worth a read, he has quotes from many experts and leaders in the industry who are decidedly against the practice." more

Canadian "Fighting Internet and Wireless Spam Act" Introduced Into the House of Commons

Neil Schwartzman writes to report: "The long-anticipated Canadian Anti-spam bill (a re-tabling of ECPA, now entitled FISA), and a bill amending PIPEDA passed first reading in the Canadian House of Commons yesterday. The bill must be read and passed twice, then referred to parliamentary committee to survive the summer recess of parliament (mid-June), it is anticipated that it will do so. The actual text of bills 28 & 29 is yet to be forthcoming, it should be a matter of a day or two until they are published." more

Spamhaus Uncovers Fake DNSBL: nszones.com

Neil Schwartzman writes: Spamhaus has uncovered a fake spam filter company which was pirating and selling DNSBL data stolen from major anti-spam systems including Spamhaus, CBL and SURBL, republishing the stolen data under the name "nszones.com". more

German High Court Says No to Retaining Telecom, Email Data for Tracking Criminal Networks

The highest court in Germany has ruled against telephone and email data retention used to track criminal networks. Melissa Eddy of the Global and Mail reports: "A law ordering data on calls made from mobile or landline telephones and e-mail exchanges be retained for six months for possible use by criminal authorities violated Germans' constitutional right to private correspondence, the Federal Constitutional Court ruled. In its ruling, the court said the law failed to sufficiently balance the need for personal privacy against that for providing security."
 more

A Word of Warning About Your Haiti Charity Donations

Neil Schwartzman writes: "CAUCE, The U.S. Federal Bureau of Investigation and Symantec warn consumers about fraudulent charities trying to steal donations for Haitian earthquake relief efforts." more

Addressing Search Engine, Website, and Provider Accountability for Illicit Online Drug Sales

Garth Bruen reports on a paper published by the American Society of Law, Medicine & Ethics of Boston University School of Law authored by Bryan A. Liang and Tim Mackey titled, "Searching for Safety: Addressing Search Engine, Website, and Provider Accountability for Illicit Online Drug Sales". From the paper: "Online sales of pharmaceuticals are a rapidly growing phenomenon. Yet despite the dangers of purchasing drugs over the Internet, sales continue to escalate. These dangers include patient harm from fake or tainted drugs, lack of clinical oversight, and financial loss. Patients, and in particular vulnerable groups such as seniors and minorities, purchase drugs online either na├»vely or because they lack the ability to access medications from other sources due to price considerations. Unfortunately, high risk online drug sources dominate the Internet, and virtually no accountability exists to ensure safety of purchased products."  more

Project Honey Pot: 1 Billion Spammers Served

Coen Dijkgraaf writes: "Project Honey Pot is a community of tens of thousands of web and email administrators from more than 170 countries around the world who are working together to track online fraud and abuse. The Project has been online since 2004 and each day receives millions of email and comment spam messages which are catalogued and shared with law enforcement and security partners. On Wednesday, December 9, 2009 at 06:20 (GMT) Project Honey Pot received its billionth email spam message. For the full article and some intersting statistics about spamming, see 1 Billion Spammers Served." more

C-27 Canada's Electronic Commerce Protection Act passes Committee Review

Bill C-27 passed an important milestone on Monday October 26, at 17:30 when it passed clause-by-clause committee review and was referred back to the Canadian House of Commons materially intact and without controversial amendments that would have significantly altered the bill. more

The Phishing Scams That Affected Users of Hotmail, Gmail and Yahoo! is Spreading

The industry-wide phishing scam that has affected popular web mail services such as Hotmail and GMail, is spreading, according to experts. Security firm Websense says it has noticed a sharp rise in spam emails from Yahoo, Gmail and Hotmail accounts. This is because infected accounts are sending personalised e-mails to contacts suggesting shopping sites, which are in fact fakes... more

One Third of Companies Employing Staff to Monitor Content of Outbound Email, According to Survey

A recent survey of US companies conducted by Proofpoint has found companies increasingly concerned over data leaks via emplyee misuse of email, blogs, social networks, multimedia channels and text messages. From the report: "[A]s more US companies reported their business was impacted by the exposure of sensitive or embarrassing information (34 percent, up from 23 percent in 2008), an increasing number say they employ staff to read or otherwise analyze the contents of outbound email (38 percent, up from 29 percent in 2008). The pain of data leakage has become so acute in 2009 that more US companies report they employ staff whose primary or exclusive job is to monitor the content of outbound email (33 percent, up from 15 percent in 2008)." more