The spam filter has run amok

My MovableType spam defenses have kind of run amok. It was letting through a ton of spam which led me to disable anonymous comments. For its next trick it decided to trash valid comments. The first method used for trashing valid comments was a rule that http:// shouldn’t appear in the commenter’s name field. That …

Continue reading ‘The spam filter has run amok’ »

ISC Diary: Spam Storm effecting Canada

Today’s SANS handler diary notes a SPAM storm is effecting the availability of mail servers at some companies in Canada. Its always amusing to note spammer mistakes in formulating the email addresses. In this case it looks like they are using $firstname$randomword$lastname. That’s not going to work very well. The sheer volume, is causing some …

Continue reading ‘ISC Diary: Spam Storm effecting Canada’ »

Spam Automation Tools

Brian Krebs links to the XRumer auto-submitter in an entry in the Washington Post Security Fix. Its interesting to see the software that is out there for pumping spam into on-line bulletin boards. XRumer, uses search engines to gather target forums, it then automates the registration and posting of the spam. They brag in the …

Continue reading ‘Spam Automation Tools’ »

GCW: Coast Guard Mandates Anti-Phishing Training

According to a Government Computing News article, the Coast Guard is requiring all of its computer users to “take mandatory training on how to avoid fake e-mail messages that try to acquire sensitive data in a technique known as phishing and even more highly targeted attacks known as spear phishing.” That reminds me of a …

Continue reading ‘GCW: Coast Guard Mandates Anti-Phishing Training’ »