Symantec Quietly Buys SpamSquelcher

Symantec, the anti-virus people, has recently bought TurnTide, the company behind the SpamSquelcher technology.

SpamSquelcher was originally developed by the ePrivacy Group as anti-spam software that, in the words of CNET, “analyzes incoming mail and, in a technique known as ‘traffic shaping’, targets broadband connections serving as great riverbeds for spam.” This traffic shaping basically means that the connections with suspect servers and computers are half-throttled, so that while the spam gets through, it takes a long time to do it. As CNET explains, “SpamSquelcher ultimately lets all of the e-mail through–even the spam. But once spammers realize their bulk mailing is taking hours and days to process, rather than minutes, they typically abandon the connection and leave the ISP alone”.

The purchase follows Symantec’s acquisition of Brightmail a month ago. Brightmail is also a provider of ISP/gateway/ompany level anti-spam products, as well as email fraud protection software, and a ‘reputation service’ which “provides administrators with the most accurate information about the trustworthiness of email senders and sources”. Brightmail is now available under the Symantec umbrella brand.

It’s odd that Symantec has not trumpeted this acquisition. There’s been no press release and the only way to find out is by visiting TurnTide’s website. Clearly Symantec is moving into the anti-spam business, in part an acknowledgement that viruses, worms and trojans can no longer be treated separately from spam.

It’ll be interesting to see how Symantec put the two acquisitions together. As Stephen Cobb, who used to be involved with SpamSquelcher, says: “Since the same technology has applications beyond spam, as in the control of outbound email at the network layer, I think this acquisition is a very smart move by Symantec and a good fit with their earlier acquisition of Brightmail.”

Ho, Ho, Ho, Tis The Season Of The Online Scam

Phishing — the art of depriving folk of their sensitive password data and then using it to empty their pockets — has become the scam du jour of the holiday season. The Anti-Phishing.org website says it has seen ‘dramatic’ growth in November and December of email spoofing (emails claiming to be from, for example, your bank) and general fraud activity. (Anti-Phishing is an industry group founded by Tumbleweed Communications, a builder of anti-spam software.) For example:

— More than 60 unique new phishing email fraud attacks have been launched against consumers in the last 2 weeks
— Over 60 million email fraud attacks are estimated to have been sent out in the same period – timed for the peak of the holiday season
— eBay customers were the most highly targeted by scammers, with 24 unique email fraud attacks over the past 60 days
— Online financial institutions, including banks, Visa and PayPal, represented the largest target group with 35 unique email fraud attacks reported over the past 60 days

It seems that phishing has been remarkably rewarding for the scammers involved. The Anti-Phishing Working Group reckons an average of 5% of recipients respond to such emails, resulting in financial losses, identity theft, and other fraudulent activity. And, perhaps worse, this “activity threatens the integrity of companies that do business online”. (I’m assuming they’re talking about banks, eBay and other folk who rely on ordinary folk to maintain their faith in the security of online commerce.)

There are a number of ingenious scams that play on the holiday theme — which also highlight that it’s not just banks and big-ticket items that the phishers are targeting. One example is a fake online Christmas card, designed to compromise AOL accounts. In this scam, the recipient receives a spoofed email from the “AOL Hallmark” team, and is asked to visit a website to pick up his/her card. In order to access the site (which is run by the scammer), the user is asked to log in to his or her AOL account, thereby divulging the account name and password. The compromised account can then be used, anti-Phishing says, to launch further phishing attacks, virus attacks, spam, or other nefarious activity.

Clearly this sort of thing is going to grow, becoming more sophisticated as users wise up to the scams. Recent emails now play upon the growing awareness of scams by claiming to be from your bank, warning you about such scams and telling you to ignore other emails. They then, of course, go on to tell to visit the legitimate website to confirm your password. (The main component of this trick is that 90% of the email is genuine, in that the images are all from the bank’s website, and if you hover your mouse over the link you’re being asked to visit, it may well look genuine too. What you’re actually seeing, is a clever ruse: the real website is buried at the end of the link, hidden after a lot of empty space. So checking that sort of thing is no longer enough. It should go without saying that you shouldn’t react to any email that requires you to do anything with your password. For a good resource on such scams, check out Codefish.)

In the end all this will help educate users about the Internet and improving their own security. I don’t see it doing any serious damage to online commerce, at least in terms of undermining public confidence. I do believe, however, that we’ve seen only the tip of the iceberg in terms of the sophistication of scammers, and banks and other online institutions must improve their awareness of the threat, as well as protect and educate their customers.

Have a phishing-free Christmas.

Software: More Spam Options

 Matterform Media, who make anti-spam software for the Mac, have said that October 1 their Spamfire will be available for Windows. Matterform Media’s Spamfire for Windows is available at a suggested retail price of $39.95, which includes one year of automatic filter updates at no additional charge, and is available for immediate download from the company’s website, www.matterform.com.
Matterform also sell something called SpamVaccine, which converts email addresses on your website to something that the spammers’ little robots can’t recognise, and therefore harvest. (This is how spammers get most of their email addresses.) No mention is made of whether that will be available for Windows.