Email Security Matters blog

A blog where users and experts exchange security news and discuss email spam trends

Vircom is proud to present its guru employees’ blog on email security. An independent technical blog discussing email security, best practices, spam and of course, industry news.

Visit Email Security Matters or subscribe to the RSS feed for your weekly news and articles.

Latest articles

Spear Phishing: Is Your Boss a Whale? (2010-07-29 by Margot MacNutt)
Spear and whale phishing 1have been around for a while now, but recent social engineering efforts are focusing more on company executives. An example is this type of email: it certainly looks legit at first glance; even the phone number and address – right down to the floor number – are correct. But take a closer look at the URL used in the links: the real site has no relation to puzzlejs-mailing.com.
Who is Responsible for Internet Security: A Response (2010-07-26 by Yves Lacombe)
Basically you have the Australian courts who want to place the onus on the shoulders of end-users. Others want to put the responsibility on Operating System or Application vendors due to their security holes. Finally, you have the Mail System operators or Network connectivity providers (ISPs) who don't take sufficient measures to combat open relays or botnets where infected machines act like SMTP proxies.
My spam is different from your spam! (2010-07-22 by Mike Petsalis)
The type of spam you receive depends on many things, including your behavior on the net, how you use your email address, your position in a company and much more. As a software company executive I receive a very particular stream, one that is probably very different than what most people receive. Well, at least that's what our Security Operations team tells me.
Surfing on Web 2.0: Where Innovation Meets Cybercrime (2010-07-20 by Alexandre Abreu)
Yesterday, I logged into Facebook. I usually never use my account there (I am not a Facebook fan), but once in a while I’ll spend some time on it. For the first time, after entering my credentials, a “security” page appeared stating that unusual activities have been witnessed on my account. I then had to answer some questions, choose the names of some tagged friends, and reset my password. I have no idea what happened or how my account got compromised.
Get rid of Social Spam on WordPress (Comment & Registration Spam) (2010-07-16 by Damien Ramé)
The hot topic of the past few years certainly has been Social Networking and the Web 2.0! So, you started a blog on your own domain, have spent a lot of time writing relevant quality content, performing SEO, integrating into social networks to distribute your news. Now, your site is starting to get decent exposure from Search Engines and Social Networks, traffic is building up and so is spam. This damn spam. After being spammed for years through email, now you also get it on your blog. Of course, spammers have identified this new source. It offers basically the same potential as email (and actually an even better potential), so they want to be there as well. There is spam whose purpose is SEO (improve backlinks), some others are about phishing, identity theft, or malware. Let's see how to get rid of all this noise once and for all.
Sex, pills & scams (2010-07-15 by Marc Chouinard)
These three words reflect 90% of the spam traffic for May-June 2010. Between fake Twitter emails and classic Nigerian 419, there was a rise of new phishing attempts using .html attachment files.
Organized Cybercrime (2010-07-13 by Deeptiman Jugessur)
A month ago I read a fascinating book called McMafia 1by Misha Glenny 2. Glenny, a former BBC world correspondent, presents a terrifying yet eye opening look at how organized crime has progressed with Globalization over the last few decades. Glenny covers all the major illicit activities from global drug trafficking networks, to prostitution and human trafficking. One chapter in particular is dedicated to the future of organized crime and the fastest growing sector, cybercrime.
Privacy vs. Data Leakage: What’s More Important to You? (2010-07-08 by Sandy Sidhu)
In an earlier post, I discussed why your business needs Policy Management and the different causes of Data Leakage. In today’s post, I will take a closer look at one of the causes of data leakage protection and how it can be prevented: let’s look at the case of the Disgruntled Employee.
Share NTFS USB Hard Drive on VMware vSphere/ESX 4 (2010-06-29 by Damien Ramé)
The other day, I was discussing virtualization in email security (for example, anti spam virtual appliance). One of the drawbacks of ESX (and ESXi) is the lack of support for external data storage (non Data Store). Of course, you can add a multitude of data stores, local and remote, and it is THE way to go. But I needed to be able to backup my virtual appliances to an external hard drive using NTFS (so that it can be read on my Windows machines).
Who’s responsible for Internet Security? (2010-06-23 by Margot MacNutt)
A couple of stories in the news today caught my attention because they have very opposite perspectives on tackling cybercrime and Internet security. First, the Australian government is thinking of making home computer users responsible for security1. They’re contemplating legislation to force users to install anti-virus programs and firewalls on their home computers before being allowed to connect to the Internet.
Why Your Business Needs Policy Management (2010-06-17 by Sandy Sidhu)
Instead of being reactive to scandals and managing them after the fact, organizations should take a proactive role and protect data leakage before it happens, to prevent the loss of secrets that are revenue generating. However, most companies are still under-protected and focus their security budgets on compliance and protection of custodial data (customer personal information) rather than internal information such as corporate/product strategy, or financial reports which directly affect the bottom line.
Honest, I don’t want an email security appliance! (2010-06-14 by Mike Petsalis)
Vendors have their own very special reasons for pushing email security appliances, instead of virtual machines or straight software installations. You may find that their reasons do not always align with your own.
Angelina Jolie wants to be my friend: The pitfalls of social media (2010-06-09 by Margot MacNutt)
I guess writing this blog brings some perks after all. I’ve been nominated to ‘represent [my] professional community’ for every possible Who’s Who list, Facebook invitations are coming in fast and furious, I’m getting offered all kinds of free product subscriptions, and, judging from my message content, I think my 15 minutes of fame have finally arrived!
Interview with Adam Guerbuez: $873 Million Dollar Man (2010-06-07 by Marc Chouinard)
"I need a one way ticket to Tijuana!" You might think that if something happens and you want to escape. But if you live in Canada, just sit back and relax - you have nothing to worry about. Canada is known for their lazy laws for certain types of crimes, especially "new" ones (like the latest incidents of financial fraud and spam).
May Email Security News: New Undersea Cables Feed African Botnets (2010-05-31 by Mike Petsalis)
Email Security Industry news from May 2010 with commentary

Stay Connected with Vircom

Copyright © 2010 by Vircom Inc. All Rights Reserved. Vircom, SysAdmin on the line, Netadmin on the line, modus, modusMail, modusGate and Email Security Matters are trademarks of Vircom, Inc. Windows and Exchange are registered trademarks of Microsoft Corporation. IBM is a registered trademark of International Business Machines Corporation. VMware is a registered trademark or trademark of VMware, Inc. All other trademarks are the property of their respective owners.