Spam News, Articles and Updates

MailSploit bugs let spoofed emails bypass DMARC, spam detectors

A collection of vulnerabilities dubbed Mailsploit, found by German security researcher Sabri Haddouche in 30 types of email client applications - from Apple Mail to Mozilla Thunderbird - lets hackers bypass anti-spoofing mechanisms.

Cobalt malware leverages recently patched 17-year-old Microsoft flaw

Cobalt malware was documented exploiting the 17-year-old CVE-2017-11882 vulnerability via spam just a few days after researchers noted a similar spam campaign exploiting an RTF documents.

Linux IoT botnet retooled to send spam email

An IoT botnet has set its hooks in about 4,500 - 5,000 proxy devices to send spam emails which each device capable of sending 400 messages or a total of 1.8 million messages per day.

Doubling Down: Locky & FakeGlobe ransomware pushed in dual spam campaigns

Cyber-criminals kicked off a spam campaign earlier this month capable of delivering either Locky or FakeGlobe ransomware creating a situation where a single person could be victimised twice in the same attack.

Imperva Incapsula uncovers elaborate 80,000-strong spam botnet

Researchers at the security company find that making money online from fake Viagra not so hard.

ICYMI: Spam leak; password loss; Privacy Shield; hospital hit; app in iframe

In Case You Missed It: Spammer breached; Yahoo/gmail passwords; Privacy Shield concern; malware shuts hospital; 132 apps in iframe malware.

Major spam operation suffers data leak containing 1.4 billion records

A spamming group called River City Media, led by well-known spammers Alvin Slocombe and Matt Ferris, has had its database of 1.4 billion records leaked.

ICO deals finance firm fine, as ICO fine total mounts up

A finance firm based in London has been fined £70,000 by the Information Commissioner's Office, in retaliation for its contracted marketing firm sending out some 2.2 million unsolicited SMS messages. The fine comes as the ICO's total bill of outstanding fines mounts up, due to companies going into liquidation rather than paying them.

Localised "designer" malware campaigns all the rage, says Sophos

Criminal outfits are increasingly distributing "designer" spam and malware, customised to optimally target victims in specific geographic regions, according to new research from Sophos' research division, SophosLabs.

Facebook scam promises friend's video, delivers malware instead

A new spam campaign tries to fool Facebook users into downloading malware by luring them to a fake YouTube page supposedly featuring a friend's video.

Nigerian man sentenced to 12 years for operating spam scheme

A Nigerian man was sentenced to more than 12 years in a prison and ordered to pay US $13 million in restitution for his role in an internet fraud scheme

Shade among top three encryptors in Russia; delivered via spam, exploit kits

Researchers at Kaspersky Lab said Shade encryptor has gained a top three encryptor berth in Russia in less than a year.

Decoding the DNS: A new arena in cyber defence

Cyber defence tactics are constantly evolving to meet new threats - but one area that has been undervalued up until now is the Domain Name System (DNS), says Simon McCalla.

Kaspersky Lab—spam and phishing in Q2

Kaspersky's latest report shows that in the second quarter of 2015 spam was controlled by emails based on real events.

Cloudmark identifies iomart worst for spamming in UK

Scotland-based iomart has been identified as the leading UK source of spam last month by email security firm Cloudmark.

Attention, criminals: DMARC will not get your spam delivered

Time to set the record straight on email authentication: DMARC won't get spam into the inbox, says Rob Holmes

TorrentLocker copycat CryptoFortress leads new wave of ransomware

Ransomware continues to rise in several new and old guises, including a copycat TorrentLocker, BandarChor and a spam campaign encompassing the infamous CryptoWall.

Huge spam campaign drops Trojan on UK bank customers

A huge spam campaign has been installing the Dyreza banking Trojan on tens of thousands of UK computers, specifically targeting those with accounts at major banks.

Banking credential theft hits German speakers

German language spam campaign delivers malware to steal banking credentials.

Dual-engines cut data breach risks

UK watchdog ICO complains about limited powers

The Information Commissioner's Office (ICO) has once again hit out at its limited powers, but might get more resources and money when new EU data protection laws go live.

Cybercrime threat landscape evolving rapidly

New research claims to show that, whilst spam levels fell to a five-year low last month, the increasing complexity of cyber-criminal attacks shows no sign of easing, with increasing levels of malware attacks and dangerous PDFs rapidly becoming the norm.

MH17 spammers direct Twitter users to Zeus-ridden websites

In the aftermath of the MH17 tragedy which saw almost 300 people lose their lives in an airplane crash over Ukraine, cyber-criminals are taking advantage by leading social media users to malicious websites.

Can Twitter spammers steal email addresses?

Some Twitter users have claimed that cyber-criminals may have been able to spam the email addresses registered with the social networking giant.

Spamhaus seeks arrests of non-EU DDoS attackers

Anti-spam organisation Spamhaus welcomes two arrests in the UK and Spain, and now seeks others outside the EU, which commentators believe is unlikely to happen.

Spam down in May says Kaspersky

The proportion of spam in email traffic fell 1.3 percent from April to May says Kaspersky.