Thought I'd take a second and make sure we're all targeting the same enemy.
The more we know about the enemy, the more we can protect ourselves.
Definition of a Smart Spammer
1. Uses legitimate products to generate revenue and hide behind big
corporations (McAfee or Symantec products)
2. Makes use of open relays, that way his real source IP is hidden which
randomizes their source IP
3. Uses a common name in the "helo" banner to our SMTP server, such as
[mx1.mail.yahoo.com] Also known as spoofing.
4. Randomizes their return email address
5. Uses a web link to entice the target user to their scheme
6. Sends few recipients in each message ( between 6 and 20 )
7. Is aware of system limitations.
8. Works with other spammers to attack
9. Harvests their own e-mail addresses, confirms valid addresses
Then there is the thief spammer
1. Creates a webpage that looks like your billing portal - including your
logos and links back to your other legitimate sites.
2. Spams to your users with an email that looks just like your "Update
Billing Info" notification
3. User receives message, goes to site and give credit card and banking
info.
4. Thief drains their accounts.
If you have other finger prints or classifications of what the enemy is, I'd
be very interested.
Thanks,
Jonathan
Jonathan Curtis
Bell Canada
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg