Spammers Twist Microsoft's Good Into Evil
Spammers seem to be always a notch ahead than all the efforts against their malicious intentions. According to a recent study by MX Logic Inc., a provider of email defense solutions for corporates, spammers have now begun to use Microsoft’s latest arsenal against spam, the Sender Policy Framework (SPF), to give their mail a garb of legitimacy.
The SPF is an email authentication technology recently introduced by Microsoft to help stop fraudulent email. In its preliminary study, MX Logic found that some spammers have embraced SPF in the hope that their unsolicited email messages will be viewed as more legitimate because the messages have an SPF email authentication record associated with them. In a sample of more than 400,000 unique spam email messages that passed through the MX Logic Threat Center from Aug. 29 through Sept. 3, 16 percent had published SPF records.
SPF helps prevent domain spoofing in email and makes it easier to identify fraudulent email scams and phishing attacks by authenticating the origin of an email. Email domain owners identify their legitimate sending mail servers by publishing an SPF record in the domain name system (DNS). This enables email servers to validate the source of incoming email against the associated SPF record to determine if the email sender’s domain is legitimate and not spoofed.
The company also reported that compliance with the federal anti-spam law, the Controlling and Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, rose to 2 percent in August up from an all-time low of 0.54 percent in July.
In order for authentication to be effective against spam, the industry will need to come to agreement not only on the authentication standard to be usedsuch as SPF or Sender IDbut also on accreditation and reputation services that can vouch for the domain’s SPF record as well as email sending history.
While CAN-SPAM compliance increased to 2 percent during August, the amount of spam also increased. Of all email traffic through the MX Logic Threat Center during the month, 92 percent was spamup from 84 percent in July.
- Is There A Weak Link In Your Encryption Strategy?
- New Security Flaw Grips Most Modern Laptops: F-Secure Researchers
- Multi-Factor Authentication Can Mitigate Password Risks: Study
- Policybazaar Deploys Trend Micro’s Solutions To Boost Security
- Focus On Visibility To Prevent Cyber Threat, Says Skybox Exec
- Using Digital Transformation To Secure Your Bank Locker
- 96 pc of Firms Experienced At Least One Severe Exploit, Says Study
- Organizations Must Prepare for Data Security Risks To Survive
- How Is Data Masking Done?
- Lack of Skills Raising Demand for IT Security Services