Spammers Twist Microsoft's Good Into Evil
Spammers seem to be always a notch ahead than all the efforts against their malicious intentions. According to a recent study by MX Logic Inc., a provider of email defense solutions for corporates, spammers have now begun to use Microsoft’s latest arsenal against spam, the Sender Policy Framework (SPF), to give their mail a garb of legitimacy.
The SPF is an email authentication technology recently introduced by Microsoft to help stop fraudulent email. In its preliminary study, MX Logic found that some spammers have embraced SPF in the hope that their unsolicited email messages will be viewed as more legitimate because the messages have an SPF email authentication record associated with them. In a sample of more than 400,000 unique spam email messages that passed through the MX Logic Threat Center from Aug. 29 through Sept. 3, 16 percent had published SPF records.
SPF helps prevent domain spoofing in email and makes it easier to identify fraudulent email scams and phishing attacks by authenticating the origin of an email. Email domain owners identify their legitimate sending mail servers by publishing an SPF record in the domain name system (DNS). This enables email servers to validate the source of incoming email against the associated SPF record to determine if the email sender’s domain is legitimate and not spoofed.
The company also reported that compliance with the federal anti-spam law, the Controlling and Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, rose to 2 percent in August up from an all-time low of 0.54 percent in July.
In order for authentication to be effective against spam, the industry will need to come to agreement not only on the authentication standard to be usedsuch as SPF or Sender IDbut also on accreditation and reputation services that can vouch for the domain’s SPF record as well as email sending history.
While CAN-SPAM compliance increased to 2 percent during August, the amount of spam also increased. Of all email traffic through the MX Logic Threat Center during the month, 92 percent was spamup from 84 percent in July.
- Trends In Information Management: An India Perspective
- Cyber Security Predictions For 2018
- SpiderOak CEO Warns Of 10 Cybersecurity Threats For 2018
- Uber Data Breach: Accountability, Corporate Ethics In Question
- Customer-Facing Web, Mobile Apps Pose Highest Security Risk: Study
- 70% Consumers Stop Following A Business After Data Breach: Study
- CISOs, Beware Of Crime-as-a-Service, IoT Threats In 2018
- McAfee Acquires Cloud Security Startup Skyhigh Networks
- DevSecOps, A Key Focus Of CA Technologies
- CA Technologies Driving Digital India Innovation