Year of the Ox ushers in new abuses and threats

By Victor Ng | Feb 3, 2009

1 comments

Facebook

LinkedIn

Digg

Thumbnail: 

As Chinese New Year continues to be celebrated around the world, Symantec has observed a recent increase in the abuse of the .cn (China) country code top-level domain (ccTLD) in spam messages.

A top-level domain (TLD) is the part of a domain name that follows the final “dot” of any domain name. A ccTLD is a top-level domain generally reserved or used by a country or dependent territory.

Symantec noted in January 2009 that approximately 90% of all spam messages today contain some kind of URL. In January 2009, an average of 32.5% of the URLs observed had a .cn ccTLD, compared to the average of 57% of URLs that had a .com TLD.

Spammers often rotate domains and TLDs in their spam messages because they likely feel this tactic allows them to circumvent some anti-spam filters that depend on pattern matching to block the spam message. The URLs (with a .cn ccTLD) observed recently have often tried to direct recipients to “offers” of pharmaceutical products.

The Chinese New Year is celebrated over 15 days, so end-users should take steps to minimize the impact of malicious individuals and networks that send spam messages over the festive epriod that ushers in the Year of the Ox.

Here are 8 auspicious and useful tips:

• Employ an email security solution. This solution should protect your network from spam and viruses while still allowing legitimate email through.
• Create a spam filter. Once you have a good security solution in place, you need to configure the type of filter required. A good place to start is to have a filter that focuses on the most common spam criteria: the "To" field. Spam is rarely addressed to you personally, so it's important to configure your filter to reroute email that is not directed to you or does not have your email address in the "To" field. Test the filter to see how much, if any, legitimate email is tagged as spam. If this occurs, simply adjust your filter settings to allow addresses commonly mistaken for spam to reach your inbox.
• Educate yourself on secure email practices. Be on the lookout for suspicious email messages. Never fill out forms in email messages that ask for personal or financial information or passwords. Remember that legitimate companies will never ask for this type of information via email. Avoid opening suspicious emails and clicking on suspicious links.
• Remember never to respond to spam. A response will let the spammer know they have reached an active email address, and this just leads to even more spam. Likewise, clicking on links within a spam email that promises to remove you from the sender's mailing list will again reaffirm the email address is active for the spammer. Delete suspicious email without reading it.
• Watch out for social engineering tricks that often trick or tempt individuals to enable malicious code attacks.
• Get multiple email addresses for multiple purposes. Have one email address specifically for personal use, known only to family, friends, and colleagues. Another email address could be used for mailing lists and newsletters, and still another for online inquires and orders.
• Watch where you post your email address. To avoid being caught by bots collecting email addresses, don’t post your full email address on any publicly accessible web page.
• Do not forward chain email messages. This special type of email is considered spam. It is unsolicited, intrusive and may clog up email servers and slow down Internet traffic.

1 comments

Facebook

LinkedIn

Digg