Trailrunner7 writes: Robocalls are among the more annoying modern inventions, and consumers and businesses have tried just about every strategy for defeating them over the years, with little success. But one man has come up with a bot of his own that sends robocallers into a maddening hall of mirrors designed to frustrate them into surrender. The bot is called the Jolly Roger Telephone Company, and it's the work of Roger Anderson, a veteran of the phone industry himself who had grown tired of the repeated harassment from telemarketers and robocallers. Anderson started out by building a system that sat in front of his home landlines and would tell human callers to press a key to ring through to his actual phone line; robocallers were routed directly to an answering system. He would then white-list the numbers of humans who got through. Sometimes the Jolly Roger bot will press buttons to be transferred to a human agent and other times it will just talk back if a human is on the other end of the line to begin with.
broswell writes: For years we used Postini for spam filtering. Google bought Postini in 2007, operated it for 5 years and then began shutting it down. Then we moved to MX Logic. McAfee bought MX Logic, and McAfee was purchased by Intel. Now Intel is shutting down the service. Neither company chose to raise prices, or spin off the division. Anyone want to speculate on the reasons?
walterbyrd writes: The DOJ as well as Ohio, Illinois, California, and North Carolina say that Dish disregarded federal laws on call etiquette. US lawyers are asking for $900 million in civil penalties, and the four states are asking for $23.5 billion in fines, according to the Denver Post. 'Laws against phoning people on do-not-call lists and using recorded messages allow penalties of up to $16,000 per violation,' the Post added.
itwbennett writes: According to a new Google report, the search giant disabled more than 780 million "bad ads," including include ads for counterfeit products, misleading or unapproved pharmaceuticals, weight loss scams, phishing ploys, unwanted software and "trick-to-click" cons, globally last year. This marks a 49 percent increase over 2014. For perspective, it would take an individual nearly 25 years to look at the 780 million ads Google removed last year for just one second each, according to Google. If the trend continues, Google's team of more than 1,000 staffers dedicated to killing spam will be even busier in 2016, and they could disable more than a billion junky ads.
An anonymous reader writes: A new spam campaign is targeting Facebook users. It uses the same approach as the recent one aimed at WhatsApp users, and Comodo researchers believe that the authors of both campaigns are likely the same. The fake emails are made to look like an official communication from the popular social network, and their goal is to make the victims believe they have received a voice message. The attachment that the recipients are urged to download and open contains a malicious executable — a variant of the Nivdort information-stealing Trojan.
An anonymous reader writes: Spam filters have come a long way over the past two decades — but spammers have, too. Though email providers are better than ever at blocking spam, it's still big business, with a lot of money to be made. Security researchers are seeing a new trend in spam: less volume, and better targeting. The article mentions "snowshoe" attacks, which occupy the middle ground between massive spam campaigns and tiny phishing attacks. "Craig Williams, a senior manager at Talos, said the amount of snowshoe spam has more than doubled in the past two years and now accounts for more than 15 percent of all junk messages distributed globally." Security researchers have been pushing for a unified registry to help deal with these mid-range spammers, but it's hard to get a significant portion of providers on the same page, particularly when many are fond of running their own solutions.
An anonymous reader writes: Spamhaus, an international non-profit organization that hunts down spammers, is accusing Verizon of indifference and facilitation of cybercrime because it failed for the past six months to take down stolen IP routes hosted on its network from where spam emails originated. Spamhaus detected over 4 million IP addresses, mainly stolen from China and Korea, and routed on Verizon's servers with forged paperwork. Spamhaus says, "For a start, it seems very strange that a large US-based ISP can be so easily convinced by abusers to route huge IP address blocks assigned to entities in the Asian-Pacific area. Such blocks are not something that can go unnoticed in the noise of everyday activity. They are very anomalous, and should call for an immediate accurate verification of the customer. Internal vetting processes at large ISPs should easily catch situations so far from normality."
TCPALaw writes: Hate robocalls? In July, the FCC tightened the rules regarding robocalls to cell phones, especially debt collection calls (in particular limiting calls to wrong numbers or to anyone who is not the debtor). Now the debt collection industry is getting their revenge by sneaking in a massive exemption (see section 301 on page 10 to the PDF) to the the FCC's rules that would expressly permit debt collection robocalls to cell phones (and even collect calls!) for student loans, mortgages, taxes, and any other debt owed or guaranteed by the government. Time to make a few phone calls myself to some senators. The Senate switchboard is (202) 224-3121 or go to senate.gov to find the number for your senators. This may come up for a vote in 24 hours or less.
New submitter d4nimal writes: Intel today announced that it is killing the MX Logic/McAfee/Intel Security spam protection service (PDF). The last date of service is January, 2017. This comes on the heels of numerous outages and a general rise in user and admin dissatisfaction. Intel purchased the service as part of its McAfee acquisition in 2010. MX Logic was bought by McAfee less than a year earlier.
An anonymous reader writes: As we consolidate on just a few major email services, it becomes more and more difficult to launch your own mail server. From the article: "Email perfectly embodies the spirit of the internet: independent mail hosts exchanging messages, no host more or less important than any other. Joining the network is as easy as installing Sendmail and slapping on an MX record. At least, that used to be the case. If you were to launch a new mail server right now, many networks would simply refuse to speak to you. The problem: reputation. ... Earlier this year I moved my personal email from Google Apps to a self-hosted server, with hopes of launching a paid mail service à la Fastmail on the same infrastructure. ... I had no issues sending to other servers running Postfix or Exim; SpamAssassin happily gave me a 0.0 score, but most big services and corporate mail servers were rejecting my mail, or flagging it as spam: Outlook.com accepted my email, but discarded it. GMail flagged me as spam. MimeCast put my mail into a perpetual greylist. Corporate networks using Microsoft's Online Exchange Protection bounced my mail."
Muad'Dave writes: Here's an interesting article at The Atlantic about the prevalence of surveillance and the recent uptick in 'deja-vu' moments where devices seemingly hear your conversations and then attempt to market to you. From the article: "One night the previous summer, I’d driven to meet a friend at an art gallery in Hollywood, my first visit to a gallery in years. The next morning, in my inbox, several spam e-mails urged me to invest in art. That was an easy one to figure out: I’d typed the name of the gallery into Google Maps. Another simple one to trace was the stream of invitations to drug and alcohol rehab centers that I’d been getting ever since I’d consulted an online calendar of Los Angeles–area Alcoholics Anonymous meetings. Since membership in AA is supposed to be confidential, these emails irked me. Their presumptuous, heart-to-heart tone bugged me too. Was I tired of my misery and hopelessness? Hadn’t I caused my loved ones enough pain? Some of these disconcerting prompts were harder to explain. For example, the appearance on my Facebook page, under the heading “People You May Know,” of a California musician whom I’d bumped into six or seven times at AA meetings in a private home. In accordance with AA custom, he had never told me his last name nor inquired about mine. And as far as I knew, we had just one friend in common, a notably solitary older novelist who avoided computers altogether. I did some research in an online technology forum and learned that by entering my number into his smartphone’s address book (compiling phone lists to use in times of trouble is an AA ritual), the musician had probably triggered the program that placed his full name and photo on my page."
dkatana writes: Street vendors across Barcelona's tourist districts last week created their own union to negotiate with city officials. Barcelona has a new mayor, and new policies dealing with the "Top Manta" (for the blankets — or mantas — they spread out on the sidewalk). The recently-elected left-leaning administration in this Mediterranean city is taking a new — and controversial — approach to this complex issue. They argue that the real fault is the government's for not having a more comprehensive immigration policy. Mayor Ada Colau has welcomed the newly created Popular Union for Street Vendors (Sindicato Popular de Vendedores Ambulantes), established by the illegal vendors themselves.
An anonymous reader writes: A Russian man that calls himself "Alister Maclin" has been disrupting the Bitcoin network for over a week, creating duplicate transactions, and annoying users. According to Bitcoin experts, the attack was not dangerous and is the equivalent of "spam" on the Bitcoin blockchain servers, known in the industry as a "malleability attack," creating duplicate transactions, but not affecting Bitcoin funds. Maclin recently gave an interview to Vice.
aarondubrow writes: The National Science Foundation announced $74.5 million in grants for basic research in cybersecurity. Among the awards are projects to understand and offer reliability to cryptocurrencies; invent technologies to broadly scan large swaths of the Internet and automate the detection and patching of vulnerabilities; and establish the science of censorship resistance by developing accurate models of the capabilities of censors. According to NSF, long-term support for fundamental cybersecurity research has resulted in public key encryption, software security bug detection, spam filtering and more.
An anonymous reader writes: The U.S. Department of Justice has announced that Dimitry Belorossov, a.k.a. Rainerfox, an operator of the "Citadel" malware, has been sentenced to 4.5 years in prison following a guilty plea. Citadel was a banking trojan capable of stealing financial information. Belorossov and others distributed it through spam emails and malvertising schemes. He operated a 7,000-strong botnet with the malware, and also collaborated to improve it. The U.S. government estimates Citadel was responsible for $500 million in losses worldwide. Belorossov will have to pay over $320,000 in restitution.
jfruh writes: The latest attack vector hackers are taking advantage of: Google's Webmaster tools, which allow domain owners to index new pages for searching and react quickly to Google-detected malware. It's that last capability that hackers are after, tweaking things to keep infected sites under their control longer. From the ITWorld story: "According to the Sucuri researchers, by becoming verified owners for compromised websites, attackers can track how well their BHSEO campaigns perform in Google Search. They can also submit new spam pages to be indexed faster instead of waiting for them to be discovered naturally by Google's search robots, they can receive alerts if Google flags the websites as compromised, and, most importantly, they can remove legitimate owners of the site from the Search Console."
An anonymous reader writes: The American Egg Board targeted publications, popular food bloggers, and a celebrity chef as part of an effort to combat a perceived threat from Hampton Creek, an egg-replacement startup backed by some of Silicon Valley's biggest names, according to internal emails. The Gaurdian reports: A detailed review of emails, sent from inside the AEB and obtained by the Guardian, shows that the lobbyist's anti-Hampton Creek campaign sought to:
- Pay food bloggers as much as $2,500 a post to write online recipes and stories about the virtue of eggs that repeated the egg lobby group's "key messages."
- Confront Andrew Zimmern, who had featured Hampton Creek on his popular Travel Channel show Bizarre Foods and praised the company in a blog post characterized by top egg board executives as a "love letter."
- Target publications including Forbes and Buzzfeed that had written broadly positive articles about a Silicon Valley darling.
- Unsuccessfully tried to recruit both the animal rights and autism activist Temple Grandin and the bestselling author and blogger Ree Drummond to publicly support the egg industry.
- Buy Google advertisements to show AEB-sponsored content when people searched for Hampton Creek or its founder Josh Tetrick.
An anonymous reader writes: I have, for a while now, been collecting IP addresses from which email spam has been sent to, or attempted to be relayed through, my email server. I was wondering if I should publish them, so that others can adopt whatever steps are necessary to protect their email servers from that vermin. However, I am facing ethical issues here. What if the addresses are simply spoofed, and therefore branding them as spamming addresses might cause harm to innocent parties? What if, after having been co-opted by spammers, they are now used legitimately? I wonder if there's a market for all the thousands of webmail addresses that send Slashdot nothing but spam.
An anonymous reader points out The Register's story that recent changes to the spam filters that Google uses to pare down junk in gmail evidently are a bit overzealous. Linus Torvalds, who famously likes to manage by email, and whose email flow includes a lot of mailing lists, isn't happy with it. Ironically perhaps, it was only last week that the Gmail team blogged that its spam filter's rate of false positives is down to less than 0.05 per cent. In his post, Torvalds said his own experience belies that claim, and that around 30 per cent of the mail in his spam box turned out not to be spam. "It's actually at the point where I'm noticing missing messages in the email conversations I see, because Gmail has been marking emails in the middle of the conversation as spam. Things that people replied to and that contained patches and problem descriptions," Torvalds wrote.
An anonymous reader writes: According to Symantec's latest Intelligence Report, spam has fallen to less than 50% of all email in June – a number we haven't seen in over a decade. Of all emails received by Symantec clients in June, junk emails only accounts for 49.7% down from 52.1% in April which shows a huge drop. Year over year, spam has decreased as well due to internet providers doing a better job at filtering and shutting down spam bots.