GFI Software, a leading
developer of network security, content security and messaging software,
today announced it is tracking a new method through which spammers send
messages with MP3 attachments that contain the latest pump-and-dump stock
scams.
The spam is a short, 30-second MP3 file recorded at low bit-rate with a
synthetic female voice promoting a particular stock; the voice heavily
distorted to avoid signature-based anti-spam approaches to listen to an edited sample
of MP3 spam).
Spammers are taking advantage of the fact that the MP3 format is one of
the most common in use today and that most anti-spam solutions do not
handle attachments very well because they do not actually analyze the
attachment content.
"MP3 spam is a natural progression from PDF and Excel spam whereby
spammers are exploiting a new file format to be able to send spam. This is
their latest attempt to evade anti-spam filters. There is also a social
engineering aspect to this tactic because people frequently share MP3
files," David Vella, director of product management, said.
To address the MP3 spam threat administrators need to deploy as many
anti-spam techniques as possible, including Bayesian filtering, while at
the same time maintaining a very low level of false positives.
Additionally, administrators can block attachments or place restrictions on
allowable sizes to weed out unwanted material.
GFI MailEssentials includes a second generation Bayesian filtering
engine. This goes beyond the simple analysis of text but also examines the
form and attributes of attachments. The benefit of spam detection via
Bayesian filtering is that the technology automatically tunes itself to
each customer-specific email profile, rather than relying on one 'rule set'
for all customers like other rules-based anti-spam products do. With this
second generation Bayesian filtering technology, GFI is at the forefront of
anti-spam technology thus allowing the company to effectively deal with the
constantly evolving spam techniques.
Users of GFI MailSecurity can also use the content filtering feature to
block spam that is downloaded to the email client based on attachment file
type or size.
GFI MailEssentials
GFI MailEssentials offers anti-spam for Exchange server and other email
servers and eliminates the need to install and update anti-spam software on
each desktop. GFI MailEssentials offers a fast set-up and a high spam
detection rate using Bayesian filtering and other methods. With very low
false positives, GFI MailEssentials will eliminate over 98% of the spam
from your network as well as detect and block phishing emails and hard to
catch image-spam through a Botnet/Zombie check. GFI MailEssentials also
adds email management tools to your mail server: disclaimers, mail
monitoring, Internet mail reporting, list server, server-based auto replies
and POP3 downloading.
GFI
GFI is a leading software developer that provides a single source for
network administrators to address their network security, content security
and messaging needs. With award-winning technology, an aggressive pricing
strategy and a strong focus on small-to-medium sized businesses, GFI is
able to satisfy the need for business continuity and productivity
encountered by organizations on a global scale. Founded in 1992, GFI has
offices in Malta, London, Raleigh, Hong Kong, Adelaide and Hamburg which
support more than 200,000 installations worldwide. GFI is a channel-focused
company with over 10,000 partners throughout the world. GFI is also a
Microsoft Gold Certified Partner.
Source: GFI Software
Digg
Reddit
Slashdot