[anti-abuse-wg] [cooperation-wg] WannaCry Ransomware
- Previous message (by thread): [anti-abuse-wg] [cooperation-wg] WannaCry Ransomware
- Next message (by thread): [anti-abuse-wg] [cooperation-wg] WannaCry Ransomware
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ox
andre at ox.co.za
Wed May 17 07:40:34 CEST 2017
On Mon, 15 May 2017 18:52:18 +0100 Gareth Llewellyn <gareth at networksaremadeofstring.co.uk> wrote: > On Mon, May 15, 2017 at 2:08 PM, peter h <peter at hk.ipsec.se> wrote: > > The main route of attack is by SPAM. > > Why is noone doing something effective against SPAM ? > > > > To date there has been no evidence that email was the vector. > exactly. WannaCry: Advice to consumers should place a lot more focus on Web Browsers (than on email - although email transports links, sometimes the payload, etc as well - this is well known...- What is not known is that the consumers favorite PORN website also installs 'monitor ware'...) Regarding Spam: Spam is becoming much more professional. Spammers now have; * registered companies, * advanced "policies" (claims of opt-in marketing only) * far greater technical focus on compliance ("standards" which they set and enforce themselves * "professional organizations" and associations/bodies providing "legitimacy" and group harassment of victims (or spamtraps or block lists) * when applying for removal from block lists, always claims shared hosting and issues have been resolved, over and over and over. * the sending of bulk (UBE) from the same IP number as legit user emails or allowing hosting users to send bulk (like mailchannels.com) * and a lot more... ********************************************************************************** Spammers have DKIM and SPF and in fact advanced email headers, so much so that legit email is not even as legit as SPAM! (in a technical sense) ********************************************************************************** The simple and salient fact is that email is a communications tool and not a marketing tool. Yes, email can be used for communicating marketing but not for marketing communication. Until that becomes firmly entrenched there will always be a spam problem. On a side note: Since the focus on sender reputation and not on spam itself, actual spam levels and user complaints are much lower. But, using a single source for reputation is still a unicorn, closest is SORBS, if you are listed on SORBS it means that you have sent spam and you are non responsive to complaints and/or are a habitual spammer sender. Simple. some thoughts... Andre
- Previous message (by thread): [anti-abuse-wg] [cooperation-wg] WannaCry Ransomware
- Next message (by thread): [anti-abuse-wg] [cooperation-wg] WannaCry Ransomware
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]