The Weekly HELO — March 28th, 2011

Posted by Melinda Plemel 

This week: China gets defensive, Microsoft gets Rustock, the FBI gets Rad, Vanessa Hudgens gets embarrassed, Australia gets worried, and Korea gets funky — all in the name of internet security.

Welcome to the eighth edition of Return Path’s new feature, The Weekly HELO! Each week, Melinda Plemel synopsizes some of the most interesting current happenings in email technology and messaging abuse.

Censoring? Who’s censoring?

Last week we wrote about Gmail subscribers having issue accessing their web accounts from China. Gmail of course says it was nothing on their end, and claimed it was the Chinease government. In response, Foreign Ministry spokeswoman Jiang Yu basically said “This is an unacceptable accusation.” But is Google is completely off base with their accusation? It’s not like anyone has had issues with China before.

An interesting side effect is that stocks are on the rise for local Chinese ISPs like SINA. “The more the Chinese government clamps down on foreign competitors, the better local tech companies will do.”

I Fought the Law, and the Law Won

There were a few ‘wins’ this week in the spam fighting world. Last Wednesday March 16th (mark that in your calendar) the Rustock botnet went quiet. Once responsible for 60 percent of the world’s spam, its Internet activity ceased completely. The following day, Microsoft revealed that it had brought down the networks’ command and control servers. The key to taking down Rustock was the fact that “Microsoft was able to legally take down Rustock by filing a collection of civil suits, and they subsequently received court orders that permitted them to take control of the servers and control the botnet.” Keep in mind this doesn’t mean that it’s completely dead and buried, there still remains many infected machines that could jump back if the command and control servers are ever re-commissioned. “The success of Microsoft’s action depends on keeping the domain names and IP addresses down until the victim machines can be cleaned up. “ The actual effects of the takedown are still unknown, but some reports do show a possible spam decline up to 39 percent as a direct result of freeing the million plus zombie computers. Amazing, to say the least.

The New Jersey FBI arrested “the alleged organizer of an international securities fraud ring employing hackers, botnet operators, and e-mail spam distributors…for conspiring to artificially inflate the value of stocks.” Christopher Rad, 42, of Cedar Park, Texas is being charged with one count of conspiracy to commit securities fraud and transmit multiple commercial e-mail messages with fraudulent information. Beginning in 2007, Rad hired hackers and conspired with stock promoters to manipulate stock prices known as “pump and dump” schemes. Good news, and I’m sure it took a ton of manpower and hours to finally get these guys.

The Naked Truth

The FBI freeing up all that manpower is probably good news for Vanessa Hudgens, who has ask the FBI for help in finding the person responsible for guesing her Gmail password and stealing nude photos. I’m still shocked that people store their nude photos on their PC, or “in the cloud” at Gmail. Personally, I store all my nude photos on a disk which I take out for family events — fastest way to clear a room.

No free mail for you, Mate

The battle rages on for China, but there are other countries that are starting to take steps to restrict access, and for good reason. Any agency that has secure information certainly doesn’t want to face the embarrassment of being compromised. Australia’s National Audit Office is taking a bit of a different approach and calling that all government agencies ban access to free webmail services. “The auditor also called on agencies to review log-in credentials after administrator or service account passwords were compromised at three of the four agencies examined in the report. A ‘brute force’ test resulted in around 20 percent of passwords being compromised, according to the audit.” Most companies already put some type of restriction on external access from internal systems, I’m sure as time goes on more and more companies and agencies will do something similar. However….

Hackers be warned

The word is out! More and more sites are taking steps to help prevent or warn when you have an account that has been hacked. Lifehacker has found an application “that’ll let you remotely check up on your Gmail and Facebook accounts to see if you’re signed in from any other locations.” Great approach, and hopefully this will expand to include other free webmail services.

Korea is taking a bit of a different approach, in that they have created an emergency call number to report internet abuse like hacking. It’s toll free and they have this groovy video to go with it:

Hopefully this will help get the Friday song out of your head.

Until Next Time!

Author Image

About Melinda Plemel

Melinda has been working at Return Path for 9 years and is currently the Senior Industry Advocate and is responsible for managing global partners that join Return Path's Data Exchange program and emerging markets. She is the key to helping and educating Return Path on mailbox providers, anti-spam, and email technology trends, as well as to educating receivers about everything Return Path has to offer.

Author Archive