|
STORY |
LINK |
Click me
| FBI warns of e-mail scam |
"As many harmful computer viruses are located in e-mail attachments, the FBI said it strongly encourages computer users not to open attachments from unknown recipients...."
http://www.cnn.com/2005/TECH/internet/11/22/email.scam.ap/index.html |
| Directory Harvest Attack (DHA): |
"Directory Harvest Attack (DHA): When a spammer bombards a domain with thousands of generated email addresses in an attempt to collect valid email addresses from an organization..."
http://www.securence.com/resources/Glossary_of_Terms_Related_to_Spam.htm |
| New Sober Worm Spoofs FBI, CIA |
"A new variation of the long-running Sober worm uses extremely effective tactics to trick users into infecting their PCs, security companies said Tuesday, including posing as messages from the FBI and CIA. "
http://www.informationweek.com/story/showArticle.jhtml?articleID=174401321 |
| Dictionary Harvest Attack Protection |
"Spammers have started using advanced methods such as Directory Harvest Attacks (DHAs) to collect corporate email addresses and add them to their spam lists. A typically DHA works by trying to deliver mails to addresses in a spammers dictionary of common email addresses... "
http://www.logicboxes.com/solutions/integrated-products/communicate/business-email-features/ |
| TarpitTime has been implemented |
"Tar pit functionality makes it much more difficult for spammers who send unsolicited mail to automate a directory harvest attack (dha). A directory harvest attack (DHA) is an attempt to retrieve a list of known good e-mail addresses from a particular organization..."
http://www.microsoft.com/technet/prodtechnol/exchange/Analyzer/f8a08dde-6523-46ab-9e77-7ae3864c22cc.mspx |
| Holidays Bring an Increase in Spam Attacks |
“When fighting RNDR attacks, be aware that some antispam products don’t work 100% correctly”, says Sitek, “and worse, their solutions open the door to Directory Harvest Attacks, a variant of RNDR...."
http://i-newswire.com/pr50352.html |
Antispam Offerings Grow Up
|
http://www.toptechnews.com/story.xhtml?story_id=39059
" With this release, Tumbleweed also has included features from its MailGate Edge relay product. These include real-time SMTP connection analysis and management, designed to protect corporations from what the company calls "dark traffic," such as directory harvest attacks (DHAs) and e-mail denial-of-service attacks. By identifying and throttling such traffic, MailGate Appliance 3.0 can reduce the amount of inbound mail entering an organization by up to 90%, the company says." |
| Drop in directory harvest attacks (DHAs) |
http://www.spamblogging.com/archives/2005_03.html
"Unless they have changed their methods and I didn't hear/read about it yet, the way to run a directory harvest attack (DHA) against a company is to do a bute force/dictionary attack on them with usernames " |
| What is a DIRECTORY HARVEST Attack (DHA)? |
http://www.praetor.net/FAQ/Docs2/Antispam/WhatIsADirectoryHarvestAttack.htm
"Why does this "directory harvest" vulnerability exist? The vulnerability arises because the receiving mail server under attack provides feedback about the non-deliverability of an email address. The attacking computer notes this failed attempt and continues with other test addresses..."
|
| Darkmail Traffic Risen Fourfold In 12 Months Says Email Systems |
http://www.securitypark.co.uk/article.asp?articleid=24236&CategoryID=1
"Although it is a relatively new phenomenon, Darkmail has risen in prominence recently with a significant increase in the frequency of email attacks that target a specific domain, such as distributed denial of service attacks (DDoS) and directory harvest (DHA) attacks for example, as many of the mails sent are never recieved yet have the potential to sap a huge percentage of network bandwidth..." |
| Phishing casts into the workplace |
http://www.pcpro.co.uk/news/75592/phishing-casts-into-the-workplace.html
"For example, a Directory Harvest Attack (DHA) is a brute force assault on a mail server to identify legitimate mail addresses for that domain. From there, a phishing attack could be used to obtain sensitive information, such as passwords and other credentials. Then it is a short step to changing bank account details, stopping pay checks, and even adding new names to the payroll system..." |
| definition: directory harvest attack (dha) |
http://www.eweek.com/encyclopedia_term/0,2542,t=directory+harvest+attack&i=41448,00.asp
"A method spammers use to obtain valid e-mail addresses. Random names are generated and sent out to valid domains. If an undeliverable message does not return, the name is assumed to be genuine.... " |
| OfficeMax and Virginia Hospital Center Recognized for Innovative Communication Security Solutions |
http://www.mailfrontier.com/press/press_offvir.jsp
"High profile brands like OfficeMax are often the target of directory harvest attacks (DHAs) by spammers and phishers. Despite having anti-spam protection from another company, OfficeMax's IT department was spending 60 hours per week battling unwanted email. " |
|
HR Organisations Increasingly At Risk From DDoS Attacks |
http://www.onrec.com/content2/news.asp?ID=9129
"...consequently bombard the domain with innumerate combinations of email addresses in an attempt to ascertain actual addresses. Specifically this type of attack is known as a Directory Harvest Attack (DHA). " |
| Coping with Dark Traffic and controlling illegitimate or malicious emails |
http://www.securitypark.co.uk/article.asp?articleid=24347&CategoryID=1
"The most common reason a cyber criminal would deploy a directory harvest attack (dha) over the Internet is order to identify a company's genuine email addresses" |
| How to recognize targeted destination e-mail attacks |
http://www.networkworld.com/newsletters/gwm/2005/1010msg2.html
"Instead of directing a broad-based attack to harvested e-mail addresses, such as those gleaned during a directory/dictionary harvest attack (dha), this type of threat specifically targets one or more IP addresses." |
|
http://www.nemx.com/products/powertools/howto/DirectoryHarvestAttack.asp
"Spammers use a technique called “directory attacks” to deliver email which can generate a high amount of NDR reports and ultimately chokes your bandwidth. Directory attacks involve taking common given and surnames, generating addresses..." |
| The webs that spam can weave |
http://www.seacoastonline.com/news/10092005/business/67169.htm
"He and Sanford Wallace were the most hated spammers around ... anti-spammers seethed when they heard their names," McWilliams told me." |
Security Harvest festival hits them hard
|
http://www.theinquirer.net/?article=25865
"This type of attack is known as a Directory Harvest Attack (DHA), says Email Systems"
|
Ireland celebrates first anti-spam conviction
|
http://www.channelregister.co.uk/2005/09/07/irish_spam_conviction
"Ireland's Data Protection Commissioner, Billy Hawkes, has secured his first conviction for a breach of the country's anti-spam law."
|
|
Wanted: Your Personal Info |
http://allafrica.com/stories/200504010597.html
"The report also offered local statistics on phishing and spam, says Evans. "Phishing is a global trend, but it is starting up in SA, and is moving beyond social engineering through e-mail to sending Trojans out as well..." |
|
Join the fight to stop internet spammers. |
http://50connect.co.uk/index.asp?main=http%3A//50connect.co.uk/50c/articlepages/technology_index.asp%3Faid%3D12293
"UK consumers are being targeted by spammers and scammers from overseas, announced the Office of Fair Trading (OFT) today as it released initial results of the first global internet sweep of spam..." |
|
Are Canucks winning the war against spam? |
http://www.integratedmar.com/ECL.cfm?item=DLY031405-2
"Canadians received an average of 177 emails per week, 87 of which (49 per cent) were spam, an improvement over 2003 where 134 (68 per cent) of the weekly average of 197 emails were spam. Prior to this, spam volumes had been doubling every year (average of 30 spam messages per week in 2001 and 64 in 2002), officials said..." |
|
Special Assignment: Spam--Part I |
http://www.wtoctv.com/Global/story.asp?S=2996074&nav=0qq6WnOd
"Now you see it's like V, I, at sign, G, space R, A. That's because these spam filters come out and said, 'Don't allow the word Viagra to come through.' Well, that's not the word Viagra any more."
(Brought to you by Spam Filter News) |
|
Anti-spam standard still moving in slow motion |
http://blogs.zdnet.com/BTL/index.php?p=1142
"the SenderID e-mail authentication specification was making on the anti-spam standards front. "
(Brought to you by Spam Filter News) |
|
Microsoft Releases Initial Data on Technology Aimed at Helping Address Spam and Phishing Scams |
http://biz.yahoo.com/prnews/050302/sfw037_1.html
"an e-mail authentication technology protocol that helps address the problem of domain spoofing (a tactic commonly used in spam and phishing scams) by verifying the domain name from which e-mail is sent..."
(Brought to you by Spam Filter News) |
|
From MS Anti-Spam to Vaccines |
http://www.crime-research.org/news/07.03.2005/1022/
"Microsoft Research announced last week that anti-spam technology has been used to create more effective vaccine designs for HIV..."
(Brought to you by Spam Filter News) |
|
Lawyer Misses Court Date Thanks To Spam Filter |
http://www.techdirt.com/articles/20050223/1022241_F.shtml
"We've all heard stories about people missing important emails thanks to spam filters, but what's the most important email that you lost (or, rather, almost lost) thanks to such a filter?"
(Brought to you by Spam Filter News) |
|
Gmail spam filter effectiveness |
http://www.spamfo.co.uk/component/option,com_content/task,view/id,291/
"We decided to test the effectiveness of the gmail spam filter by pointing a known harvested alias to a gmail account.The test was by no means meant to be comprehensive, more our initial thoughts after using gmail more throroughly for a month..."
(Brought to you by Spam Filter News) |
|
Anti-spam legislation accelerated |
http://www.chinatechnews.com/index.php?action=show&type=news&id=2432
"Zhou submitted a proposal named "Advice on Strengthening the Anti-spam Effort" during last year's session, and he appealed for the government's support on anti-spam legislation..."
(Brought to you by Spam Filter News) |
|
Fight against spam still difficult, but tide may be turning |
http://www.newstarget.com/005558.html
"Some analysts believe that the tide of email spam may have reached its peak, and that efforts by ISPs and other companies may be bearing fruit. America Online reports that in 2004, the company was able to slow the flow of spam to its users for the first time..."
(Brought to you by Spam Filter News) |
|
Spam costs UK business £1.3bn a year, says study |
http://www.computerweekly.com/articles/article.asp?liArticleID=137122&liArticleTypeID=1&liCategoryID=6&liChannelID=22&liFlavourID=1&sSearch=&nPage=1
"This figure comes from a study by Ferris Research, which found that UK firms receive more spam than businesses in France, Germany, Italy and China. The research group calculated that spam filtering software could have a return on investment of between 30% and 220%..."
(Brought to you by Spam Filter News) |
|
|
|
Bandwidth-clogging, Speculatively Targeted Spam Increases Dramatically |
http://i-newswire.com/pr39538.html
"Typically, a Directory Harvest Attack (DHA) will target a specific domain with emails to many millions of combinations of email address at that domain."
(Brought to you by Spam Filter News)
|
|
Bigfoot Interactive Consumer Survey: Less Spam, More Relevance in the Inbox Today Than One Year Ago |
http://home.businesswire.com/portal/site/google/index.jsp?ndmViewId=news_view&newsId=20050308006048&newsLang=en
"Anti-spam software use high - 65% of consumers strongly/somewhat agreed they currently use anti-spam filtering or challenge response software.."
(Brought to you by Spam Filter News) |
|
Dating Web site says UT improperly blocked its e-mails
|
http://www.kltv.com/Global/story.asp?S=3050823
"An online dating service told a federal appeals court that its unsolicited e-mails comply with all anti-spam laws..."
(Brought to you by Spam Filter News) |
|
AntiOnline Spotlight: Spam Declining? |
"You see, mail servers don't lie. They may prevent the bulk of spam from ever reaching a user's inbox but they are still bombarded with it, even if that results in banishing most of it. So while inboxes are undoubtedly cleaner for many, the amount of spam eating away at network resources may actually be unchanged, if not growing..."
(Brought to you by Spam Filter News) |
|
Anti-spam and anti-phishing blitz has had strong results says OFT |
http://www.publictechnology.net/modules.php?op=modload&name=News&file=article&sid=2585
"UK consumers are increasingly being targeted by phishers, spammers and scammers from overseas, the Office of Fair Trading has said - as it released initial results of the first global internet sweep of spam at a meeting of the International Consumer Protection and Enforcement Network (ICPEN) in Edinburgh. "
(Brought to you by Spam Filter News) |
|
Spam Costs Businesses Worldwide $50 Billion |
http://www.informationweek.com/story/showArticle.jhtml?articleID=60403016
"Nor is every method of filtering spam equal in economy, he added. Server-based filtering is considerably cheaper than desktop-based anti-spam solutions: the former typically costs $132 per year per user, while the latter runs $217..."
(Brought to you by Spam Filter News) |
|
Less spam feeds Canadians' appetite for e-mail |
http://www.theglobeandmail.com/servlet/ArticleNews/TPStory/LAC/20050311/RSPAM11/TPBusiness/Canadian
"New privacy laws and the use of spam filters by individuals and Internet providers helped lower the amount of unsolicited e-mail to 49 per cent of all electronic mail, down from 68 per cent in 2003, according to Ipsos-Reid's quarterly survey of Canadian Internet trends..."
(Brought to you by Spam Filter News) |
|
Anti-Spam Software Revenues Seen Climbing To $1.7 Billion |
http://www.informationweek.com/story/showArticle.jhtml?articleID=60403315
"By 2008, the Framingham, Mass.-based research firm forecasted, worldwide revenues of anti-spam solutions -- software and hosted services -- will run to $1.7 billion. In 2003, the last full year for which hard numbers are available, anti-spam spending was only $300 million...."
(Brought to you by Spam Filter News) |
|
Vendors Slowing Flow of Spam |
http://www.technewsworld.com/story/40590.html
"In November 2003, users sent almost 11 million spam reports every day to AOL, and that figure declined to about 2.2 million spam reports in November 2004...."
(Brought to you by Spam Filter News) |
|
The Spam Assassin Behind SpamAssassin |
http://www.osdir.com/Article4419.phtml
"Supported by the Apache Software Foundation, this server-side spam filter is one of the most widely-deployed programs in the open-source world. It's readily available for free, and is also implemented in many commercial packages. SpamAssassin is pretty much the standard in spam-filtering..."
(Brought to you by Spam Filter News) |
|
Spam vendors explain how unwanted messages can pose a security threat |
http://www.itbusiness.ca/index.asp?theaction=61&lid=1&sid=58005&adBanner=Security
"E-mails peddling fake Rolex watches and Viagra do not usually pose a threat to IT systems, but network managers need to filter spam to protect infrastructure from other attacks, according to executives at some companies that sell e-mail filtering products. For example, some spammers use directory harvesting attacks to get e-mail addresses from users' directories, and these can knock mail servers..."
(Brought to you by Spam Filter News) |
|
|
|
|
Choking on spam |
http://comment.zdnet.co.uk/other/0,39020682,39186361,00.htm
"Spam will stop when spamming is too difficult, too expensive and too dangerous to be profitable. Only a systematic attempt to make it so can have that effect..."
(Brought to you by Spam Filter News)
|
|
Anti-spam activists meet to plan battle against spam |
http://www.newstarget.com/004036.html
"Anti-spam activists met at MIT recently to plan the war against spammers. Speakers discussed "Operation Honey Pot", a scheme to plant tagged e-mail addresses on web pages in order to record the identity of people harvesting the e-mail address and using it to send spam. New spam filtering technologies were also discussed..."
(Brought to you by Spam Filter News) |
|
Ex-engineer pleads guilty to spam law |
http://www.insidebayarea.com/businessnews/ci_2555787
"He stole it explicitly for the purpose of using it for spam," Assistant U.S. Attorney David Siegal said in court. The theft led to "waves and waves of billions of spam."
(Brought to you by Spam Filter News) |
|
Stopping the "New" Spam: Directory Harvest Attacks (DHAs) |
http://www.gwsae.org/executiveupdate/2004/December/spam.htm
"What many security efforts have not yet addressed — because it had not yet surfaced as a problem — is a dangerous technique called a dictionary attack or a directory harvest attack (DHA) that spammers use to obtain valid e-mail addresses. A directory harvest attack (dha) can slow down and even stop an e-mail server from sending and receiving messages, and it can render an internal spam filter useless..."
(Brought to you by Spam Filter News) |
|
Study: Spam costing companies $22 billion a year |
http://blogcritics.org/archives/2005/02/05/010437.php
"I don't know about you, but I get exponentially more then 18.5 SPAM emails a day. Because of my SPAM filter I do however keep the time it takes to take care of that SPAM to under 5 minutes though, thank god..."
(Brought to you by Spam Filter News) |
|
Spamhaus Accuses MCI of Hosting Spam Gangs |
http://www.internetnews.com/security/article.php/3469091
"One of the world's largest Internet providers is hosting illegal spam operations and making an estimated $5 million a year to keep those operations running, according to a report published by the anti-spam group Spamhaus Project Friday..."
(Brought to you by Spam Filter News) |
|
Repeal Can Spam |
http://weblog.infoworld.com/foster/2005/02/04.html
"Now that it's become obvious that the Can Spam Act is actually making the spam problem worse, it's time for Congress to admit its mistake and do the only thing it can do. Repeal the "Yes, You Can Spam Act" before the Internet chokes to death on the unsolicited commercial e-mail it encourages..."
(Brought to you by Spam Filter News) |
|
Understanding Directory Harvest Attacks (DHAs) |
http://www.pcmag.com/article2/0,1759,1543581,00.asp
"It's a tenet of legal thrillers as well as the news: The absence of a denial can be as informative as a direct confirmation. This simple idea underlies the directory harvest attack (DHA), an increasingly prevalent technique for mining e-mail addresses that can then be bombarded with unwanted solicitations..."
(Brought to you by Spam Filter News) |
