Posts Tagged ‘spam’

Security on the Web

Posted on: July 25th, 2014 by jiml | No Comments

Where does a majority of spam originate? My guess is most readers would put China or Russia at the top of your list. Here is a ranking compiled by Proofpoint, one of the largest security firms in the US that provides spam filtering for many of the Fortune 500 companies as well as Colden Company customers.

Spam Countries List

Who had Argentina on their list ahead of China and Russia? I, for one, did not. Proofpoint goes on to break down the spam senders by percentage and as you can see from the graph below, The European Union is – by a wide margin – the leading spammer.

Spam2

The full article from Proofpoint can be read at http://www.proofpoint.com/threatinsight/pdf/threat-report/Proofpoint-Threat-Report-May2014.pdf.

The point of the above statistics is not to diminish the threat from countries like China and Russia. On the contrary, it is to point out that the threats can come from anywhere and there are far more threats out there than you may realize.

There have been many recent high profile cases of exposure, such as eBay and Target being compromised, and of course the dreaded Crytpolocker virus which comes via spam email. This virus is still a serious threat and we recommend taking a proactive approach to educating users to the threats that exist.

Another recent threat exposed by Proofpoint was something called an Advanced Persistent Threat (APT) attack that utilized a vulnerability in Internet Explorer (even up to the most current version, version 11). Phishing emails, designed to get the receiver to click on links to malicious sites to infect computers were sent out in bulk. This threat purportedly came from China.

While educating users is a necessary step in combating these attacks, what else can be done? Often anti-virus software is not enough to stop advanced viruses like Cryptolocker. Remember that anti-virus runs on your computer and searches for threats that are already there! Colden Company is offering two new services that can help protect your business from security threats like the ones listed above. The first is Web Protection which will be the subject of this post. The second is our Security Service offering which is a comprehensive security program for your business. More to come on that topic in subsequent posts.

Web Protection is essentially content filtering which allows your business to set guidelines for what is acceptable web content for your users to visit with some added security benefits. Our Web Protection package allows for the blocking of groups of sites like gambling sites or social media, while allowing for exceptions if you want to be able to update the company LinkedIn page, for example. Web Protection also allows for schedule setting so that you can, for example, block social media sites during working hours but allow them during lunch hour, giving you the flexibility to protect against productivity drain while allowing some leniency for employee satisfaction.

From a security standpoint, Web Protection does something else to safeguard your business. It has a continuously updated list of known bad sites that harbor malware and viruses and prevents your users from accidentally or purposefully accessing those bad sites. Often times, users contract malware innocently while attempting to perform very valid work. In those accidental cases or in the case of the phishing email in the example mentioned above, Web Protection steps in and prevent your user from going to the malicious site and contracting the virus or malware. Web Protection saves your business from those mistakes!

Ask us more about this service and we believe you will be shocked at how inexpensive it is to deploy and provide your business with an additional layer of much needed security protection. We can be reached at (888) 600-4560, at info@coldencompany.com, or see us on Facebook or Twitter (@coldenco) as well.







Fighting Back Against Spam

Posted on: July 30th, 2011 by billp | No Comments

Spam is a problem any business e-mail user deals with on a daily basis. Spam is broadly defined as the use of electronic messaging systems to indiscriminately send unsolicited bulk messages. While e-mail spam is the most common form, there is also instant messaging spam, social network spam, blog comment spam, search engine spam, and other forms. Whatever form it comes in, spam is a drain on business’ computing resources (storage, bandwidth, etc.) and employee productivity. In this newsletter, we will focus on e-mail spam since it is the biggest problem for most business users.

Spam can be used by advertisers to broadly distribute information about their products or services. Spam can, however, also be used for malicious purposes by being a vector for malware distribution. Spam can even be used for criminal purposes through the use of phishing attacks. Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Regardless of the purpose, spam is an unwelcome guest in your e-mail system.

Spamming remains a viable business because advertisers have low operating costs and it is difficult to hold spammers accountable. Because the barrier to entry is so low, spammers are numerous, and the volume of unsolicited mail has become very high. In the year 2011, the estimated figure for spam messages is around seven trillion. The costs, such as lost productivity and fraud, are borne by the public and by Internet Service Providers (ISPs), which have been forced to add extra capacity to cope with the additional volume of email. Spamming has been the subject of legislation in many jurisdictions.

There are many techniques that you can use to reduce the amount of spam that finds its way into your inbox. The simplest – but most labor-intensive for the user – methods are the whitelist, blacklist, or keyword filtering approachs. Your e-mail client may allow you to create a whitelist of users that you allow to send you e-mail. The problem, of course, is that senders that are not on your whitelist will be quarantined or rejected initially. A blacklist is a more conservative approach because you maintain a list of senders that should not be allowed to send you e-mail. However, blacklists tend to be ineffective because spammers rarely send from the same e-mail address for long. Similarly, keyword filtering can be ineffective because spammers often use misspellings of common words to evade filtering.

A more effective form of spam filtering involves the use of speculative (a.k.a heuristic) filtering. Simply stated, speculative filtering works by subjecting e-mail messages to thousands of pre-defined rules. Each rule assigns a numerical score to the probability of the message being spam. This score is then evaluated against the user’s tolerance for spam (low, medium, high, etc.) to determine if the message will be quarantined or delivered.

Colden Company is proud to offer Google Message Security (Postini) to its customers. Postini uses extremely effective speculative filtering to keep spam from reaching your inbox, draining your employees’ productivity, and consuming your business’ computing resources. Postini is software-as-a-service (SaaS), meaning that it requires no additional hardware, software, or other infrastructure to be purchased. Even better, Postini stops spam, viruses, phishing, denial of service, directory harvest attacks, and other attacks before they reach your network without message loss or disruptions to email service. Google offers 99.999% availability for message processing and 100% virus protection Service Level Agreements (SLAs) for Postini, securely filtering and delivering billions of transactions each day.

Do you want to stop spam and other unwanted e-mail from ever reaching your network? Find out more by contacting us at 518-885-2857, toll-free at 888-600-4560, via email at info@coldencompany.com, or on Twitter.