Spammers Twist Microsoft's Good Into Evil
Spammers seem to be always a notch ahead than all the efforts against their malicious intentions. According to a recent study by MX Logic Inc., a provider of email defense solutions for corporates, spammers have now begun to use Microsoft’s latest arsenal against spam, the Sender Policy Framework (SPF), to give their mail a garb of legitimacy.
The SPF is an email authentication technology recently introduced by Microsoft to help stop fraudulent email. In its preliminary study, MX Logic found that some spammers have embraced SPF in the hope that their unsolicited email messages will be viewed as more legitimate because the messages have an SPF email authentication record associated with them. In a sample of more than 400,000 unique spam email messages that passed through the MX Logic Threat Center from Aug. 29 through Sept. 3, 16 percent had published SPF records.
SPF helps prevent domain spoofing in email and makes it easier to identify fraudulent email scams and phishing attacks by authenticating the origin of an email. Email domain owners identify their legitimate sending mail servers by publishing an SPF record in the domain name system (DNS). This enables email servers to validate the source of incoming email against the associated SPF record to determine if the email sender’s domain is legitimate and not spoofed.
The company also reported that compliance with the federal anti-spam law, the Controlling and Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, rose to 2 percent in August up from an all-time low of 0.54 percent in July.
In order for authentication to be effective against spam, the industry will need to come to agreement not only on the authentication standard to be usedsuch as SPF or Sender IDbut also on accreditation and reputation services that can vouch for the domain’s SPF record as well as email sending history.
While CAN-SPAM compliance increased to 2 percent during August, the amount of spam also increased. Of all email traffic through the MX Logic Threat Center during the month, 92 percent was spamup from 84 percent in July.
- Study Reveals Why CISO Should Report To The CEO
- CXOs Still Wary Of Cloud Data Security: Study
- PNB Scam: Some Tech Lessons For Indian Banks
- Why Financial Sector CIOs Should Get On Top Of Machine Learning
- Unnecessary Security Cordons Make Fintech More Vulnerable
- Direct Co-ordination With CEO Can Maximise Cyber Security
- How To Become Cisco CCNA Security 210-260 Certified
- Cyber Security: Challenges And Potential For Indian Businesses
- F Secure Is Growing Much Faster Than The Market
- CISOs Wary Of Threat Intelligence Accuracy, Quality: Study