Blocking executable content in Office 365 for more aggressive anti-malware protection

Sometimes, spammers and malware writers create malware that passes through our service and arrives in customer inboxes. This is new or unknown malware. The anti-malware engines that we use have not yet created signatures for them, and sometimes the spam rules do not catch them because the small amount of content has nothing for the…

2

Smartphone OS market share vs. malware targeted at that OS

I was reading yesterday on Yahoo News (and on Flipboard yesterday on my tablet) that that the Department of Homeland Security issued a report detailing what platform mobile malware targets on your smartphone. I decided to do a sanity check – how well does the amount of malware targeted at a platform correspond to the…

3

The modern face of mobile malware

At the Virus Bulletin Conference last month in Dallas, Grayson Milbourne and Armando Orozco presented a talk entitled XXX Malware Exposed: An in-depth look at the evolution of XXX Malware. I have renamed it in this blog post to mobile malware because the techniques that malware writers are doing are not unique to any one…

0

Evaluating anti-virus products with field studies

Did you ever wonder how people get malware onto their computer? Or how effective real life A/V software is on zero-day malware? Or just malware in general? Current A/V evaluations have some drawbacks: They are based on automated tests and therefore are not representative of real life They do not account for user behavior They…

0

Do tech-savvy readers practice what they preach?

While at the Virus Bulletin conference in Dallas last week, Sabina Raluca Datcu and Ioana Jelea of BitDefender gave a presentation entitled “Practise what you preach: a study on tech-savvy readers’ immunity to social engineering techiques.” In this talk, presenters spoke about a study they conducted – do tech savvy people actually have better security…

0

What do consumers know about Antivirus?

I’ve been at the Virus Bulletin 2012 conference in Dallas, Texas this week and there have been a lot of good presentations. I took notes on over 20 of them and thought I’d write about some of the more memorable ones. One of them was a presentation entitled Malware and Mrs Malaprop: what do consumers…

0

The Psychology of Spamming, Part 6 - The Flynn Effect

The Flynn Effect Some of the most phished brands are Paypal, HSBC, Bank of America, Facebook, and eBay. All of these sites have security policies set up on their home pages and they are all fairly similar – they use education as a means of informing their user base about what techniques they will never…

0

The Psychology of Spamming, part 5 - Solutions

Solutions So how do we get people to stop falling for scams? Will Cognition Save Us? Thinking about it – Thinking about a decision often changes people’s minds. When people are asked to justify why they like a particular choice, they ended up less happy with their choices. Analyzing our reasons “cognitivizes” our preferences and…

0

The Psychology of Spamming, part 4 - Why we fall for scams

Impact We humans had Stone Age ancestors for a long time and our limbic systems kept us alive; when we feel afraid of something, say snakes, it is because our brains are hard wired to avoid things that could harm us.  The fear response is actually a good thing.  However, eventually our neocortexes evolved.  When…

0

The Psychology of Spamming, part 3 - External factors that influence our decisions

Spam, Emotion and Decision Researchers distinguish between two types of emotions – expected emotions and immediate emotions. Expected emotions are predictions about how we will feel if certain decision outcomes occur. They are forward looking and their benefits are to determine the optimal course of action to maximize our long-term well-being. They are functions of…

0

The Psychology of Spamming, part 2 - The Limbic system, cognition and affect

The Limbic System The limbic system is the center of emotion in the brain and it governs much of our non-conscious behavior. We know from psychological studies that people will sometimes engage in behavior counter to their own best interests in order to satisfy short term desires. This is the work of our limbic system….

0

Israeli officials dispute claims of Stuxnet’s joint US/Israel effort

A few weeks ago, the New York Times published an article saying that the Stuxnet worm, which infected a large number of Iran’s nuclear power plants, was a joint effort between the United States and Israel.  The program began under former president George W. Bush and continued under President Obama. Last month, the Washington Post…

0

Mahdi malware discovered in the Middle East

The other day, a new piece of malware, dubbed “Mahdi’”, was discovered on various computers in the middle east.  Seculert reported on it the other day on their blog, saying that they had stumbled on it a few months ago.  A piece of spam arrived into their labs (by way of a honeypot?) with a…

0

Today is my 8-year anniversary of fighting spam

Today is my 8-year anniversary of fighting spam.  It was July 12, 2004, that I got the job at Frontbridge as a spam analyst and we headed down to Los Angeles for 4 weeks of training.  Here’s a recap of 8 general trends that have happened since then: Image spam – In 2006, there was…

1

More pirated software leads to more malware infections, poorer countries at more risk

I decided to take a look at the relationship between the rate of software piracy and the rate of malware infections.  If you pirate your software, are you more at risk of getting infected with malware?  It sounds plausible so I decided to investigate. First, I downloaded a copy of the 2011 BSA Global Software…

1