spam

August 20, 2014

THREAT RESEARCH

Snowshoe Spam Attack Comes and Goes in a Flurry

4 min read

This post is co-authored by Jaeson Schultz and Craig Williams. Every so often, we observe certain spam campaigns that catch our interest. On August 15, we observed a particular spam campaign that caught our attention because it was using “snowshoe” spam techniques combined with PDF exploitation. While neither of these techniques are new, we have seen a growing […]

July 14, 2014

SECURITY

Big Data: Observing a Phishing Attack Over Years

4 min read

Overview Phishing attacks use social engineering in an attempt to lure victims to fake websites. The websites could allow the attacker to retrieve sensitive or private information such as usernames, passwords, and credit card details. Attacks of this kind have been around since 1995, evolving in sophistication in order to increase their success rate. Up until now, […]

May 30, 2014

SECURITY

Walking in a Winter Wonderland

3 min read

It is not uncommon to see an anti-spam system catch >99% of the spam passing through it. Most of the best anti-spam systems catch >99.9% of spam. In this environment, spammers try just about anything to evade spam filters. Some spammers believe that blasting at high volume is the key to success. Others believe complete […]

May 20, 2014

SECURITY

April 2014 Threat Metrics

3 min read

April kicked off with a 1:292 rate of malware encounters and closed with a rate of 1:315. Highest peak day was April 20 when the rate reached 1:177. Lowest was April 4 at 1:338. The median rate of web malware encounters in April 2014 was 1:292, representing a slight improvement over the median of 1:260 […]

May 2, 2014

SECURITY

Spam Hits Three Year High-Water Mark

2 min read

Takedowns of prolific spam botnets, such as Rustock in 2011 and Grum in 2012, had a substantial effect on reducing overall global spam volumes. This, combined with diminishing returns for spammers sending via bots, had left many email recipients basking in the comfort of (mostly) clean inboxes. No doubt this downward trend in global spam […]

January 31, 2014

SECURITY

Attack Attribution and the Internet of Things

2 min read

On January 16, 2014, Proofpoint discussed a spam attack conducted via “smart devices which have been compromised.” Among the devices cited by Proofpoint as participating in the “Thingbot” were routers, set-top boxes, game consoles, and purportedly, even one refrigerator. Of course, news about a refrigerator sending spam generates considerable media attention, as it should, since […]

December 12, 2013

SECURITY

Big Data in Security – Part IV: Email Auto Rule Scoring on Hadoop

6 min read

Following part three of our Big Data in Security series on graph analytics, I’m joined by expert data scientists Dazhuo Li and Jisheng Wang to talk about their work in developing an intelligent anti-spam solution using modern machine learning approaches on Hadoop. What is ARS and what problem is it trying to solve? Dazhuo: From a high-level view, Auto […]

September 19, 2013

SECURITY

High Stakes Gambling with Apple Stock

1 min read

Miscreants are always trying to put new twists on age-old schemes. However, I must admit that this latest twist has me slightly puzzled. Today, Cisco TRAC encountered a piece of stock related spam touting Apple’s stock, AAPL.

July 19, 2013

SECURITY

Zeus Botnet Impersonating Trusteer Rapport Update

1 min read

Starting Friday, July 19, 2013 at 14:45 GMT, Cisco TRAC spotted a new spam campaign likely propagated by the Zeus botnet. The initial burst of spam was very short in duration and it’s possible this was intended to help hide the campaign, since it appears to be targeted towards users of a Trusteer product called […]