SPAMMERS LEVERAGE CNN.COM’S REDIRECT FUNCTIONALITY TO LAUNCH CYBER-ATTACKS
Blogger.com, Gmail users targeted by advanced phishing templates – Bug in SpamAssassin software causes False Positives worldwide
Ahmedabad, 28 April 2010
Cyberoam, a division of Elitecore Technologies and the innovator of identity-based Unified Threat Management (UTM) solutions, today announced the Q1 2010 Internet threats trend report, prepared in collaboration with its partner, Commtouch. In a major development, spammers have been found to exploit the redirect functionality of CNN.com’s ad server links to launch work-from-home riches scams.
The spam link was structured along a genuine CNN.com URL. Clicking on the link would send a request to CNN which would lead the browser to send a second request to a short URL redirection site (http://bit.ly). The spammer would thus, cleverly misuse the host site without its knowledge.
Says Abhilash Sonwane, Vice-President-Product Management, Cyberoam, “The technique of using the redirect functionality of a reputable site such as CNN.com is very advantageous to the spammer – he can send out the impression that a genuine story will be found at the other end of the link. Moreover, most URL filtering solutions would not block the initial request to such a trustworthy news site.”
Adds Mr. Sonwane, “However, reputable gateway anti-spam solutions such as Cyberoam’s get updated in real-time about these spam patterns and can easily prevent them from spreading further.”
In another key story, spammers and phishers unleashed their creativity by duplicating the URL of Blogger.com and Gmail, which effectively downplays the “phishy” nature of the email. These scams reflect why phishing-aware services such as Paypal and Blogger use only text-based emails with no links or images when contacting account owners.
The glitch in ‘SpamAssassin’, a widely used free Anti-Spam software by xSPs, organizations, universities, and also vendors, caused false positives worldwide that led to rejection of legitimate mails.
Cyberoam is unveiling its powerful enhanced appliances at the RSA Conference 2008 in San Francisco. To learn more about Cyberoam’s software driven multi-core enhancements and how it delivers its patent-pending identity-based network security that handles user-targeted threats, visit Cyberoam at RSA – Booth 345.
Spam levels averaged 83% of all email traffic throughout the quarter, peaking at nearly 92% near the end of March and bottoming out at 75% at the start of the year. Pharmacy spam remained in the top spot with 81% of all spam messages while an average of an average of 305,000 zombies were activated daily. Brazil continued to produce the most zombies and Sites in the “sex education” and “games” categories topped the list of Web categories likely to host hidden phishing pages while “Pornography” has replaced “business” as the Web site category most infected with malware. In the Web 2.0 sphere of user-generated content, entertainment (music, television, movies, reviews, etc.) is the most popular topic for blog creators.
Cyberoam uses the Commtouch RPDTM technology to analyze large volumes of Internet traffic in real-time. Unlike traditional spam filters, it does not rely on email content, so it is able to detect spam in any language and in every message format (including images, HTML, etc.), non-English characters, single and double byte, etc. Its language and content agnostic nature enables it to provide effective spam blocking capabilities. Cyberoam incorporates this technology within its unique identity-based UTM appliances, which deploy user identity-based functionality across all of its features. A departure from traditional IP address-dependent solutions, Cyberoam determines precisely who is doing what in the network, providing IT managers with stronger policy control and clearer visibility of activity.
Cyberoam Identity-based UTM appliances offer comprehensive protection against existing and emerging Internet threats, including viruses, worms, Trojans, spyware, phishing, pharming and more. Cyberoam UTM delivers the complete range of security features such as stateful inspection firewall, VPN, gateway anti-virus, gateway anti-malware, gateway anti-spam, intrusion prevention system, content filtering in addition to bandwidth management and multiple link management over a single platform. The Cyberoam solution portfolio includes Cyberoam iView, a logging and reporting appliance solution, Cyberoam SSL VPN appliances and Cyberoam Endpoint Data Protection suite to protect data and manage assets over endpoints in organizations. Cyberoam is certified with CheckMark UTM Level 5 Certification, ICSA Labs, and is a member of the Virtual Private Network Consortium. Cyberoam was positioned as a “Visionary” in the Magic Quadrant for SMB Multi-function Firewalls by Gartner. Cyberoam has also continuously received SC Magazine’s 5 Star Rating. Cyberoam has offices in Woburn, MA and India. For more information, please visit www.cyberoam.com
About Elitecore Technologies
Elitecore Technologies is the global provider of Cyberoam UTM appliances. Elitecore’s other divisions include CRESTEL Convergent Billing Solution that meets the voice, data, video billing and customer care requirements of Tier-1 service providers and 24online Billing and Bandwidth Management Solution for hotels, hotspots and Internet service providers. Elitecore has a strong R&D base and support center in India. It has sustained a healthy growth rate of over 75 % since inception. For more information, please visit www.elitecore.com
L. K. Pathak