Iconix Phishing Protection

A couple days ago I received email from Paypal titled “New PayPal Plug-In – Shop anywhere online.” That struck me as kind of suspicious so I looked at the mail headers. The headers showed the message did originate with Paypal’s servers, and more importantly it contained a domain key (DKIM). According to Wikipedia, “DomainKeys is …

Continue reading ‘Iconix Phishing Protection’ »

Google CAPTCHA breakage leads to increase in spam

MessageLabs Intelligence report for February 2008 reports that ” 4.6% of all spam originates from the major web mail-based services and the proportion of spam from Google increased two-fold from 1.3% in January to 2.6% in February.” They speculate that this increase in Google spam occurred because hackers have recently compromise Google’s CAPTCHA. A CAPTCHA …

Continue reading ‘Google CAPTCHA breakage leads to increase in spam’ »

More SenderID Bashing

Looks like another company wants to generate some good PR buzz by bashing Microsoft and bashing SenderID. This is just like my article from last fall. A company has breathlessly reported that spammers are using SenderID. Its not that bad. MXLogic’s press release is parroted by techwebnews (parent of SecurityPipleline). They say that spammers use …

Continue reading ‘More SenderID Bashing’ »

eWeek Article misinforms readers on Yahoo Domain Keys

“Scammers Exploit DomainKeys Anti-phishing Weapon.” So screams the headline in a recent eWeek article. Oh boy. Here we go again. Another uninformed article from a tech writer who couldn’t learn from the response to the uninformed articles about spammers abusing SPF. These articles are really dangerous. They lack any understanding about what SPF and Yahoo! …

Continue reading ‘eWeek Article misinforms readers on Yahoo Domain Keys’ »

Trouble for Microsoft SenderID

The Apache Group and Debian developers have marshaled the anti-Microsoft forces and convinced the IETF to scuttle the proposed SenderID standard. They do this claiming that it is anathema to have a “standard” be encumbered by patent. Somehow I think that this would not have been this first time that a standard would have surrounding …

Continue reading ‘Trouble for Microsoft SenderID’ »