Sabtu, 19 Februari 2011

Twitter Researchers Step up "Fight Against Spam"

How to Stop Spam

How to Stop Spam
Paul Judge, chief research officer for Barracuda, noted that Twitter is an attractive target because it is both a social network and a search engine. Barracuda cited the example of Download-Heaven, a site that was using a Twitter account to push links to hosted shareware filled with malware and Trojans. 

In a presentation called 'The Dark Side: measuring and analysing malicious activity on Twitter', Barracuda Networks' research scientist Daniel Peck and chief research officer and VP of cloud services Dr Paul Judge claimed that with any website with user generated content there is a gap in trust among users, some of who are genuine and others who use them as a means to attack other users' accounts.

With account hijacking, what risk model is there? Peck said that millions of users accounts are created every day and for every 100 users, only one per cent had 1,000 or more followers. One example the company tracked was Download-Heaven, a site that was using a Twitter account to push links to hosted shareware filled with malware and Trojans. Barracuda looked for that sort of imbalance as it tracked a raw stream of data from Twitter. It also looked for accounts that had been unfollowed by a lot of users over time; such accounts have often been recognized by other Twitter users as bad news. 

What Barracuda found was that just 43 percent of Twitter users could be classified as "true". These were users that had more than 10 followers, friends, and tweets. Much like trying to game conventional search engines to get new eyeballs, scammers were adding topic tags and/or popular words and phrases to tweets to get them to show up in the "Trends" field on Twitter pages and higher up on Twitter's search results pages. 

To track how widespread this practice was, Barracuda began grabbing popular search terms on Twitter every hour, and doing searches for them on the site. Twitter accounted for 8 percent of this total, with the other search engines logging the remainder.

"Google didn't necessarily get better--there was more malware--basically Bing, Twitter, and Yahoo got worse. To Twitter's credit, the company has made several efforts to keep this malware at bay. It also employed its own link-shortening service that similarly vets links. The free Profile Protector scans both your Facebook and Twitter profiles and identifies users that are on the company's watch list.
By. How to Stop Spam



GSMA Will Recommend a "Mark as Spam" System

How To Stop Spam

How to Stop Spam
The GSM Association aka GSMA will recommend operators to join a program that lets mobile users to report spam messages. Operators like AT&T, Bell Mobility, Sprint and Vodafone had also participated.

Alan Ranger, vice president for Cloudmark's mobile marketing said that users can forward suspicious spam content to 7726, which spells out as spam in the numeric format.  Cloudmark will be selling and managing the spam report service. Once a user reports an SMS, the service blocks them from coming on to a mobile user’s cell phone. 

For users in the U.S., receiving five such unsolicited messages a day may not seem uncommon, according to messaging security firm Cloudmark. Users in Asian countries may find themselves deleting upwards of 50 unsolicited text messages in a single day.

Users were urged to forward any messages they suspected to be spam to “7726,” a text message short code that corresponds to the word spam. Most spammers buy up prepaid SIM cards, Cloudmark says, and send out spam messages until the card runs out.

An ongoing effort to reduce the message’s effectiveness is a necessity according to Cloudmark. Adult-oriented messages may redirect a user to a malicious phishing website. 
By. How to Stop Spam


Kamis, 17 Februari 2011

What is Spam

How To Stop Spam
How to Stop Spam
Electronic junk mail or junk newsgroup postings. Some people define spam even more generally as any unsolicited e-mail. However, if a long-lost brother finds your e-mail address and sends you a message, this could hardly be called spam, even though it's unsolicited. Real spam is generally e-mail advertising for some product sent to a mailing list or newsgroup.

In addition to wasting people's time with unwanted e-mail, spam also eats up a lot of network bandwidth. Consequently, there are many organizations, as well as individuals, who have taken it upon themselves to fight spam with a variety of techniques. But because the Internet is public, there is really little that can be done to prevent spam, just as it is impossible to prevent junk mail. However, some online services have instituted policies to prevent spammers from spamming their subscribers.

There is some debate about the source of the term, but the generally accepted version is that it comes from the Monty Python song, "Spam spam spam spam, spam spam spam spam, lovely spam, wonderful spam??" Like the song, spam is an endless repetition of worthless text. Another school of thought maintains that it comes from the computer group lab at the University of Southern California who gave it the name because it has many of the same characteristics as the lunchmeat Spam:

    * Nobody wants it or ever asks for it.
    * No one ever eats it; it is the first item to be pushed to the side when eating the entree.
    * Sometimes it is actually tasty, like 1% of junk mail that is really useful to some people.
By. How to Stop Spam
 

More Link Spam Examples in Google

How to Stop Spam

How to Stop Spam
For today’s example, I will be looking at the Hot Tub industry where one of my clients has a significant interest and ranks well for many of the most sought after terms including “hot tub”, “hot tubs”, “spa” and “spas” as well as many other related permutations. Unlike JC Penny, ChooseHotTubsDirect is using a number of other link spam tactics to artificially inflate their Google rankings. Let’s take a look at some of the methods they’re using including blog comment spam, blog spam (splogs), and forum spam.

In one particular case, JC Penney was ranking first for the search term ‘Samsonite carry on luggage’, ahead of Samsonite’s own website. JC Penney also happens to be one of Google’s biggest buyers of paid search advertising.

To understand how JC Penney’s website was achieving these results, it is important to understand one aspect of how Google (and other search engines) rank websites. Search engines judge the importance of a website in part by the amount of links coming into it, and by the quality of those links. So, if your site has three incoming links, and your competitor’s has 3000, then all other things being equal, your competitor’s site will rank higher on Google for the same search term.

Google and other search engines use this measure of importance because mostly, it works. One basic example would be if you paid 3000 website owners to put links on their sites, pointing to your site, no matter what their sites were about.

This is the big question – Google had previously ‘punished’ JC Penney for other Black Hat SEO techniques, yet failed to pick up a relatively large black hat campaign that was keeping JC Penney in the number one spot on numerous highly valuable keywords for a four month stretch. What adds an element of conspiracy to the story is that as mentioned earlier, JC Penney pays Google considerable sums of money for paid search advertising through AdWords. The implication is clear – does Google turn a blind eye to black hat SEO methods used by its largest customers?
By. How to Stop Spam


Rabu, 16 Februari 2011

"Phishing Up" Spam Down in 2010’s Second Half

How to Stop Spam

How to Stop Spam
The volume of e-mail spam is declining — down one-third from last summer’s level — while sophisticated phishing attacks and exploit kits are coming in greater numbers.  The company’s researchers produce the threat report twice a year. In M86’s newest report, the company charted spam volume from January 2008 to December 2010. 

In a spam affiliate program, spammers are paid to inundate hapless Internet browsers with bogus websites and links. M86 measures spam volume by a numeric index. When the spam volume doubled, it reached 2,000. Exploit kits are packs of malicious programs that owners use to launch automated, malware-spreading attacks.

Anstis predicts that malware as a service is heading toward arrangements where criminals sign up for a service, like an exploit kit running in the cloud. The report also mentions combined attacks employing two types of code, like Java and Adobe Flash Actionscript, to bypass security measures.

The volume of e-mail spam is declining — down one-third from last summer’s level — while sophisticated phishing attacks and exploit kits are coming in greater numbers. The company’s researchers produce the threat report twice a year. If you look back at the spam volume index, it’s a real roller coaster,” said Bradley Anstis, M86’s vice president of technical strategy, about the report’s data.

In M86’s newest report, the company charted spam volume from January 2008 to December 2010. In a spam affiliate program, spammers are paid to inundate hapless Internet browsers with bogus websites and links. M86 measures spam volume by a numeric index. When the spam volume doubled, it reached 2,000.

Social media sites are a growing platform for cyber-criminals to lure users to take things like false surveys and obtain information. Exploit kits are packs of malicious programs that owners use to launch automated, malware-spreading attacks.

Anstis predicts that malware as a service is heading toward arrangements where criminals sign up for a service, like an exploit kit running in the cloud. Security software providers, M86 and McAfee, have warned companies not to be complacent in the face of increased mobile malware, as two new reports reveal mobile malware is on the rise while spam emails are declining.

“Spam hitting its lowest levels can be attributed to a transition period with several botnets growing dormant during a time of year when spam volumes are usually on an upward path,” the McAfee report read. The report said that while there was a decline in phishing emails, probably as a result of users becoming more aware of fake emails claiming to be from banking institutions, there was a new threat of websites offering a 'multiple choice' from a selection of banks in phishing messages.

“People are taken to a page and they choose a bank and it is in effect multiple choice phishing. The report said that UK banking customers had been affected by this technique. Two examples it pointed to are the scanning module in the Siberia Exploit kit and Neosploit's new Malware-as-a-Service offering.
By. How to Stop Spam






Google's Latest Step In The Fight Against Spam

How to Stop Spam

How to Stop Spam
The search giant has released an extension for its Chrome browser that allows users to block sites in Google's search results with a single click. The idea is that if a user finds a low-quality site via Google, it can tell Google about it and that site won't be shown again to that user. When sufficient users block the same website, Google could conclude it really is a low quality spam site and permanently remove it from its search results. 

This person could conceivably block all sites on Google's search results for the evolution query that he doesn't agree with, leaving only search results that criticise evolution. Google's fight against spam websites showing up in its search results is commendable. 

Complaints about Googles current spam results are whirling around like a hurricane. One: It prompted new search engines to push for anti-spam features. Two: It increased attention to Blekko, the search engine that currently has the strongest zero spam platform. And three: It prompted Google to pay greater attention to anti-spam development. 

Once the algorithm is adjusted to more fully recognize spam, Google will be turning its attention toward eliminating the low-quality or duplicate content used to fluff a site. Option two is to pay writers a very low sum to create content.
By. How to Stop Spam