The following list was provided by McAfee to minimize the daily onslaught of spam. Some pretty good advice, and some pretty basic advice (like never responding to spam), but there must be some reason spam keeps coming. I especially recommend the last one, as in get seperate email addys, one for friends, one for mailing lists. From Gmail to Hotmail to Yahoo, there are just so many places to obtain free email, and once spam starts to overwhelm one email address, switch to a new one, as they are very disposable.

Also, my company, Message Partners, has come up with some pretty neat new tricks to beat spam, such as greylisting. McAfee's list follows:

1. Never respond to spam. If you reply, even to request removing your e-mail address from the mailing list, you are confirming that your e-mail address is valid and the spam has been successfully delivered to your inbox. Lists of confirmed e-mail addresses are more valuable to spammers than unconfirmed lists, and are frequently bought and sold by spammers.

2. Check to see if your e-mail address is visible to spammers by typing it into a web search engine. If your e-mail address is posted to any websites or newsgroups, remove it if possible to help reduce how much spam you receive.

3. Disable in-line images, or do not open spam messages. Frequently spam messages include "web beacons" enabling the spammer to determine how many, or which e-mail addresses have received and opened the message. Most current e-mail programs disable in-line images by default to prevent this from occurring.

4. Do not click on the links in spam messages, including unsubscribe links. These frequently contain a code that identifies the email address of the recipient, and can confirm the spam has been delivered and that you responded.

5. When unsubscribing from email, the main rule to follow is: if you didn’t originally opt-in to receive it, or if you don’t recognize the sender/company sending the email, then don’t unsubscribe. Trying to unsubscribe from one email can start a flood of mail from other sources, so if you are unsure, it is best not to unsubscribe and block the mail another way. When unsubscribing from mail always check that the links in the email go to the correct company website and not a phishing site.

6. When filling in web forms, check the site’s privacy policy to ensure it will not be sold or passed on to other companies. There may be a checkbox to opt out of third party mailings.

7. Do not respond to email requests to validate or confirm any of your account details. Your bank, credit card company etc. already have your account details, and would not need you to validate them. If you are unsure if a request for personal information from a company is legitimate, contact the company directly or type the website URL directly into your browser. Do not click on the links in the email, as they may be fake links to phishing Web sites.

8. If you have an email address that receives a large amount of spam, consider replacing it with a new address and informing your contacts of the new address. Once you are on lots of spammers’ mailing lists, it is likely that the address will receive more and more spam.

9. Set up two email addresses, one for personal email to friends and colleagues, and use the other for subscribing to newsletters or posting on forums and other public locations. If you have a more complex email address, it is less likely to receive spam.

Tags: Minimizing Spam, Stop Spam, McAfee

Posted by pschooff in McAfee • Spam | Permalink | Comments (0) | TrackBacks (0)

The internet has become a major focus of criminal enterprises due to its hidden, anonymous nature, explains a recent report from McAfee. Criminals simply find it easier and more lucrative to steel from the comforts of a computer station than to jump old ladies in alleys. And that ease makes it that much easier to recruit others to engage in online crime as well.

As David Marcus, security research and communications manager for McAfee, said, For organized crime, the Internet is the best thing to come along since bootlegging and moonshine," Marcus said. "And it's a lot safer to run a botnet than it is to go to the street and break someone's kneecaps.”

The report also says that organized crime is targeting some of the top talent at high-tech schools, sponsoring their high-end education and then getting them placed in a companies to give them inside access. The sense of immunity in cyberspace helps a lot, making people more willing to engage in high-tech crime. It’s much easier to sit at Starbucks and commit wire fraud then it is to hang out in dank basements planning the next bank heist.

Considering this, McAfee says that IT departments should be prepared for a nasty escalation of threats in the future. Also, IT should start on a plan to secure hand-held devices, as those are going to become the focus of the future. The fact that hand-helds are quickly supplanting the PC for people on the road means they will soon be in the net-burglars bulls eye.

The report also reaches the following conclusions:

Cybercriminals are increasingly using phishing schemes to trick unsuspecting computer users out of their money.

Cybercriminals are focusing more on social networking and community sites to find targets. By loading fake profiles and pages with adware, spyware, and Trojans, criminal code writers are cashing in on the popularity of MySpace , FaceBook, and other places people gather.

Password proliferation means that simple guesswork often is all it takes to uncover people’s data.

With an estimated 12 million computers conscripted for botnets, botnets have clearly become the preferred method for e-thieves to launch attacks.

Tags: Security Trends, Botnets, Hand-held Vulnerability

Posted by pschooff in Better Protection • Hackers • McAfee | Permalink | Comments (0) | TrackBacks (0)

The Macintosh has become a tantalizing challenge for hackers precisely because it is seen as somewhat unimpenetrable. A report from TechNewsWorld also indicates that, although the virus free image of the Mac is a big feature in Apple’s advertising, that perception may not be altogether accurate.

This past May Internet Security Systems, a security vendor, found that there were three times as many vulnerabilities for the Macintosh then there were for Windows. Some have referred to this trend as Mac becoming the Apple of hackers’ eyes.

As you would expect, this growing interest has translated into the discovery of even more Mac vulnerabilities. McAfee found that vulnerabilities for Mac went up 228 percent, while for Windows they only increased 78 percent. Of course some of this percentage can be explained by the fact that Mac also starts with a much lower number of vulnerabilities (there are 2,000 known viruses for the Mac, compared to 70,000 for the PC).

It was in February 2006 that the first worm created for Mac OS X was discovered, named OSX/Leap.A, which is an instant messaging worm capable of infecting the Mac.

This increase is party due to the Mac’s success, as the Mac has seen double digit growth, as well as the growth in iPod and iTunes. The increase can also be attributed to sheer boredom, as hackers have been focusing on Windows for so long, Apple simply presents a new challenge.

There is good news in all this, for both platforms. The fact is, the number of serious problems resulting form virus attacks have dropped considerably. In 2004, McAfee counted 48 virus outbreaks of at least moderate severity, and in 2005 that number dropped to 12, and this year stands at zero. Let’s hope it stays that way.

Tags: Macintosh, Hackers

Posted by pschooff in Apple • Hackers • McAfee • Microsoft | Permalink | Comments (0) | TrackBacks (0)

In what is starting to resemble nothing less than the gunfight at the OK Corral, the white hat firm of Authentium announced that they have created a new version of their product that circumvents PatchGaurd’s kernel protection technology. In an article at EWeek, The Palm Beach Gardens based company said that they have a new version of Authentium ESP Enterprise Platform that can bypass Patchguard without setting off desktop alarms. Expect the black hat hackers and internet nare-do-wells to soon follow.

In an attempt to stop hackers from attacking computers with rootkits, PatchGuard blocks any application from “hooking” Vista's kernel commands, a method also used by vendors for anti-tampering and behavior monitoring tools. But unlike McAfee and Symantec, which have demanded access to the kernel, Authentium has simply circumvented the feature. Whereas any program that attempts to modify the kernel will result in a blue screen computer stoppage, Authentium said they have been able to access the kernel without incurring a shut-down.

The loophole used to bypass PatchGuard is simply the result of Vista’s need to support older hardware. As Mike Rothman said on his Daily Incite blog, "This is the fundamental truth of Microsoft's problem. As long as they are constrained by requiring backwards compatibility, the problem is NOT going to get better and we are not going to make much progress."

Because hackers will quickly copy this method of defeating Patchguard, Corey O’Donnell, vice president of marketing at Authentium, said that was why his company is not waiting to see what Microsoft’s APIs will allow for. Said O’Donnell, "Good and bad guys have the same job, to identify holes in whatever software is delivered and beat it."

Tags: Microsoft Vista, Authentium, PatchGuard

Posted by pschooff in Better Protection • Hackers • McAfee • Microsoft | Permalink | Comments (0) | TrackBacks (0)

While McAfee and Symantec have been battling furiously with Microsoft over the Vista operating system, Sophos’ believes, as quoted on the website Softpedia, that Symantec and McAfee have simply been caught unprepared by Microsoft's new operating system.

Richard Jacobs, CTO of Sophos, explained, “Symantec and McAfee may be struggling with HIPS because they haven't coded their solutions with 64-bit Vista in mind. We’ve taken a different approach to HIPS, by focusing more on catching bad behavior by analyzing code before it executes. Additionally, we are building our technology by making use of supported Microsoft interfaces rather than by trying to subvert the kernel by 'hooking' calls to it. That's why we're ready for 64-bit Vista, and others aren't."

Sophos’ believes Patch Guard is a positive step for Microsoft’s security and dismiss the claim of anti-competitiveness. Their conclusion, though, is dependent on Microsoft’s commitment to deliver a similar level of kernel support of third party integration as it does to its in house security team.

Sophos also declares Vista “more secure” but by no means completely secure, thereby justifying the need for additional security measures. Richard Jacobs continued, “PatchGuard is a step in the right direction for customers, and we believe that security vendors should embrace and work with PatchGuard rather than fight it."

Tags: Microsoft's Vista, Sophos, McAfee, Symantec

Posted by pschooff in McAfee • Microsoft | Permalink | Comments (0) | TrackBacks (0)

In news from Infoworld, IBM just completed their buyout bid for Internet Security Systems, Inc. Yesterday IBM's shareholders approved a $1.3 billion dollar cash offer for ISS, the Atlanta company whose security services aim to protect networks, servers, desktops and laptops by preemptively blocking Web threats like spam and viruses. IBM announced that ISS will become part of IBM Global Technology Services division and plans to keep their 1,300 employees.

Also on Monday, McAfee announced their security risk management strategy which entails acquiring Onigma for $20 million, an Israel-based data leak prevention vendor, which rounds out their buyouts of Foundstone, Preventsys and Citadel.

McAfee plans to offer an integrated solution that addressed both security and compliance issues. Vimal Solanki, senior direction of marketing, said to CRN Canada, “What’s challenging about these areas is that they’re largely being attacked on an individual basis. There’s little automation between the two, and that’s becoming an inhibitor.”

Onigma uses agent software to prevent confidential data from slipping out (data leaks becoming a key compliance issue) through copy/paste, screen capture, printed documents and USB drives. This provides a more complete solution then a mere gateway approach, which only sees traffic as it’s leaving the network and can’t look within an enterprise.

Tags:IBM, McAfee

Posted by pschooff in Better Protection • IBM • McAfee | Permalink | Comments (0) | TrackBacks (0)