The new process of Domain Assurance developed by Return Path starts by auditing all email streams to determine their authentication, and then creating a domain registry where any improperly authenticated emails get blocked. Companies can get automatic notices regarding any phishing or spoofing attacks to their brands, and ISPs can better protect their clients.

The service is currently available in Beta and is being provided through partnerships with Yahoo!, Comcast, Tucows and Cloudmark. The Domain Assurance service will have its commercial launch in the third quarter of 2010.

Source | TheWhir
Photo | Flickr

The one-person arbitration panel sided with Delta, agreeing with the airline that the domain was being used in bad faith.

According to the WIPO, Blazek was using the Delta name fraudulently, claiming to sell airline tickets and collecting credit card numbers in the process. He also failed to respond when the dispute was filed by Delta.

Sounds like an open-and-shut case to me.

Photo | LeeA

They are insisting that the restrictions be implemented at the time of registration so that anyone who attempts to register a .SE domain with the word “bank” in it will simply be denied. I can only guess that those with legitimate cause for using such a domain would have to jump through hoops to get approved. This outlines a problem that plagues organizations trying to crack down on fraudulent activities with unreasonably harsh restrictions. The only ones who get inconvenienced are the honest customers.

PTS argues that they are protecting people from financial fraud (such as phishing) by restricting who can use the word “bank”. In reality, all they are doing is making it more difficult for real banks to register domains. Those who wish to steal identities and financial information will simply find other means. PTS’ approach only addresses the symptoms rather than offering a cure.

Source: CircleID
Photo: Flickr

McAfee’s annual survey revealed that Biel had surpassed Paris Hilton and Brad Pitt as the riskiest celebrity to search for. People looking for pictures, wallpapers, screensavers, and videos often encounter websites phishing schemes, spyware, and viruses. Nearly half of all websites claiming to have Jessica Biel screensavers are malicious.

“Cybercriminals are star watchers too—they latch onto popular celebrities to encourage the download of malicious software in disguise,” McAfee Avert Labs VP Jeff Green said in a statement.

Malware can be particularly dangerous because attackers often use someone’s computer to attack other computers or servers without their knowledge. Such computers can remain infected for long periods of time without any visible symptoms. They can also be used to steal private financial information from an unsuspecting user. While there is software that can scan your computer and warn you of potential dangers, the best defense is to only visit websites you trust.

Source: Ars Technica
Photo: Flickr

The botnet was linked to Rock Phish, a Russian gang. After an investigation, authorities traced the malware to its source: a web hosting company in Latvia called Real Host. Now, the Swedish service provider Telia Sonera, which provided service to Real Host, has shut down their Internet connections. There was no report about what legal action will be taken on the owners of the company.

Malware has become an underground leg of the software industry. Gangs like Rock Phish can purchase botnets like Zeus for about $1000 on the black market. It does not take them long to make up the difference when they can launch attacks on millions of computers, stealing hundreds or even thousands of credit card numbers and banking information.

Source: ComputerWeekly.com
Photo: Flickr

China leads the list with 338 million users, with the US trailing at 227 million. Japan, India, and Brazil round out the top five. The UK is a bit lower with 48 million users, reflective of its smaller population. The interestingly neglected part of this data and most raw data like it, is that there is no analysis of the website content.

Of the 1 trillion websites out there, how many are made up of malware, spam harvestors, phishing, fraud, schemes, ad portals, parked domains, and cybersquatting? Furthermore, of the sites that are none of the above mentioned, how many are actually useful and worth visiting? While it may be the job of Google and Bing to index legitimate sites, it will be up to someone else to catalog and evaluate them. As the Internet continues to grow, so does the need for some time of organization.

Source: News.com.au
Photo: Flickr

By only allowing financial institutions to register a .banco.ar name, bank customers can easily tell if a suspect website is legitimate or not. The extension will be administered by NIC Argentina, an entity responsible for the country’s domains governed by the Ministry of Exterior Affairs and Culture.

The idea for the name came from a similar project, the .tur.ar extension for tourism sites. The creation of .banco.ar comes at at time when Latin American domains are being registered at record rates. This year alone registrations in the region have grown by 10%. The .ar domain saw the second-highest growth with 21,892 registrations in June.

Source | iProfesional.com

Identity thieves and other cyber criminals typical have password sniffing software and a lot of practice guessing passwords of people they want to exploit. There are a few easy steps you can take to make sure your password is rock solid. First, make sure you use a combination of letters and numbers. Using all of one or the other just makes it easier to hack. You can also consider using mixed case letters. Next, make sure that you avoid common words or number combinations. It should look totally random, even if it is not.

Finally, you should consider rotating your password, trying different combinations. If you have used the same password for the past two years, you could be asking for trouble. There are a plethora of password generators on the web and for PCs that can make the process a little easier. Some of them will check the strength of your passwords. This feature is also built into many operating systems like Linux. Knowing your password is safe makes your job and your web host’s job a lot easier.

“It is important that end users are educated and it is important that IT managers take measures against attacks,” said Dermot Harnett, Symantec’s senior director of anti-spam engineering and a co-author of the State of Spam and State of Phishing monthly reports.

“There are products — not just Symantec’s — that managers can use. It is important that we as a community protect ourselves,” Harnett told InternetNews.com.

The attackers often use forged emails to initially gain access to an unsuspecting user’s Facebook account, but once they are in the door, they can rely solely on Facebook to spread their spam or phishing scheme. They try to acquire private information until they have enough to get what they are really after: money. Their ultimate goal is still to get bank account information and credit card numbers. Phishers also target free web hosting services where they can quickly setup sites anonymously.

Source: Internetnews.com
Photo: Flickr

Most notably, spam has increased by 5.1% since April. It now accounts for 90.4% of email. Where you live depends on what time of day you receive spam. American spam activity peaks between 9-10 AM, while Europeans get a steady spewing of unwanted email all day. Asians get their spam in the wee hours of the morning.

Interestingly, there’s been a trend for spammers not to write long emails, but just include a message title and link. If more spam is being sent out, at least no one is having War and Peace delivered to their inbox each day.

Spam originates in equal amounts from all parts of the globe, but most is sent out to coincide with American working hours. Over half of it comes from botnets, a collection of thousands of “zombie” computers compromised by malware. To botnets alone, codenamed Donbot and Rustock, account for 18.2% and 16.1% of spam respectively.

The report debunked the myth that malicious content is only found on newer, less reputable websites. Data collected earlier this month by Symantec reveals that 84.6% of domains hosting malware are over a year old. These are mostly social networking sites or hacked domains. Cyber criminals are targeting legitimate domains for their reputation.

The United Kingdom is the third most-spammed country, where 90.3% of email is spam. Hong Kong was number-one with 92.3%

On average, 1 in 317.8 emails contain a virus. The UK seems to get more viruses- 1 in 199.8 emails carry one. In the United States, the threat is more than 50% less ,with only 1 out of 473.4 emails being infected. Finally, 1 out of every 279.0 emails was found to play host to a phishing attack.

The report’s findings will be very useful to developers and IT professionals. If spam filter designers know that most spam goes out between 9-10 AM, for example, they can code their software to be extra vigilant during that time of the day. Because more established website are being attacked than ever before, webmasters need to pay more attention to security.

The full report can be downloaded here (PDF). The information was collected by observing live data feeds from 14 datacenters around the world. Billions of email messages and webpages were scanned.