{"id":275,"date":"2009-07-30T16:55:53","date_gmt":"1999-01-01T00:00:00","guid":{"rendered":"https:\/\/fir3netwp.gmsrrpobkbd.com\/?p=275"},"modified":"2021-07-27T16:30:22","modified_gmt":"2021-07-27T16:30:22","slug":"messaging-security-threats","status":"publish","type":"post","link":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html","title":{"rendered":"Messaging Security Threats"},"content":{"rendered":"
SPAM<\/strong><\/span><\/p>\n Spam continues to be the major threat affecting email systems today. Relay<\/strong> Image<\/strong> Attachment Spam<\/strong> Malware<\/strong> Phishing and email fraud attacks<\/strong> Directory Harvest Threat<\/strong> DoS<\/strong> Bounce \/ Spam Blowback Attacks<\/strong> Prevention <\/strong><\/p>\n IM Threats<\/strong><\/p>\n IM worms, also referred to as SPIM, pose a very unique type of threat to the enterprise for four reasons: SPAM Spam continues to be the major threat affecting email systems today. The term Spam is used to define junk email messages that are usually sent out in high volumes to thousands of users at a time. SPAM Invasion Below contains some examples of some HTML-based filter evasion tactics, Tiny or invisible text that is … Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"yoast_head":"\n
\nThe term Spam is used to define junk email messages that are usually sent out in high volumes to thousands of users at a time.
\nSPAM Invasion
\nBelow contains some examples of some HTML-based filter evasion tactics,<\/p>\n\n
\nOne way spammers deal with the concealment issue is by using open relays or identity-masking relays. One application of such a technique is the misuse of open proxy servers. Open proxy servers are misconfigured or virus-infected computers that allow traffic for virtually any network service to be channeled through a compromised machine.<\/p>\n
\nWith image spam, the email advertisement or call to action appears in the form of an image in the message rather than in text.
\nImage spam is often used in so-called \u201cpump and dump\u201d campaigns. The goal of this activity is designed to boost the price of stocks, once done they will sell their stocks at a profit.<\/p>\n
\nAttachment spam is one of the latest methods of method of spamming . In these attacks, spammers use attachments to send images instead of embedding them in the body of the email message.<\/p>\n
\nMalware refers to software designed to infiltrate or damage a computer system, without the owner’s consent. There are many different types of malware that infect email traffic, including\u00a0 worms and Trojan Horses. Spyware and adware are more recent variants.<\/p>\n
\nA quickly growing and dangerous type of spam are phishing attacks. Phishing attacks send emails that resemble official messages sent by a real banks, online merchants, or online auction services, usually asking for personal information such as user name and passwords, credit card numbers, and social security numbers.<\/p>\n
\nDirectory Harvest attempts are a common form of attack. These attacks are designed to \u201charvest\u201d\u00a0 or obtain legitimate email addresses within a domain. The spammer will send out a massive amount of emails to randomized addresses. Email addresses are determined \u201cactive\u201d if no undeliverable notifications are received by the spammer. Email addresses that are successfully harvested in these attacks are usually later targets for spam advertisements and fraud attacks.<\/p>\n
\nDenial of Service (DoS) Attacks are undertaken with the intent to completely take down an organization\u2019s email system. They work by sending a very large number of emails to an address or domain, in the hopes that the email system is overwhelmed and shuts down.<\/p>\n
\nMisdirected bounce attacks are another variant of email attacks that can quickly overwhelm an email system.\u00a0 This is were a spammer will send a spoofed email. Due to this being spoofer any deliverable notifications will be sent back to the spoofed domain rather then the spammer.<\/p>\n\n
\nThe amount of IM worms has increased alarmingly over the past year. Many organizations are not prepared for IM worms, and malware authors have adopted IM as a method of propagation
\nIM worms spread more rapidly than older threats. Because of the real time nature of instant messaging, IM worms can spread throughout the enterprise in minutes, rather than hours.
\nIM worms use social engineering. When you receive an IM worm it typically appears as a message from a contact you are familiar with because you are on their buddy list. A threat on your machine will look on your contact list and start contacting people you know. Most worms include text to tempt the user into clicking on the suspect URL. There is a much greater uptick in people clicking on malicious links (about 30%) because people tend to trust messages from people they\u2019re familiar with.
\nWorms generally present themselves as URLs with some socially engineered text to temp you to click on the URL. All IM worms tends to follow a very specific behavioral pattern, described below:<\/p>\n\n