Cyber Monday sales can mean big savings for shoppers and massive profits for scammers. One campaign Cloudmark has been tracking, as we ramp up to the holiday shopping season, is the UPS “Package Not Delivered” scam designed to prey on online shoppers who are worried about the timely delivery of their purchases. The emails look and feel like they are coming from legitimate shipping outlets such as UPS but in fact, the emails either have virus infected zip files attached to them or they direct recipients to infected sites through the clickable links embedded in the html content.

We’ve seen a number of variants in this campaign (some with attachments, some with no attachments and bad links), all of them personalized to the recipient, and sent from an ever-changing list of fake UPS employees or the generic “UPS Customer Services”.

The from address is faked so that it appears to come from the domain ups.com.  Many of the images are copied from legitimate UPS emails and many of the links go to the legitimate UPS site.   However, clicking on the call-to-action link that says “Track your shipment now” will take the unsuspecting consumer to a website that can infect the computer with a virus.

Initial reports indicate that spammers were testing out the campaign and the effectiveness of the spam defenses.  Cloudmark observed a lull over the weekend, which was followed by a huge blast with rapidly evolving mutations on content.  Cloudmark’s flexible fingerprinting system was able to stop the attack within 12 minutes.

Timeline of the UPS email fraud

With Cyber Monday kicking off the online holiday shopping frenzy, online shoppers should remember to be vigilant about any email message that they receive.  No matter how eager they are for their shiny new purchases to arrvive, they should take the time to check the original shipping confirmation that comes directly from the online vendor where the purchase was made.

In addition, rather than clicking on embedded links in an email, they should go directly to the shipping site and plug in the tracking number.

It is with great sadness that we acknowledge the passing of one of our colleagues in the messaging industry, Jesse David “JD” Falk. JD was a tireless contributor to building a safer Internet. His work at MAAWG, IETF and CAUCE helped make electronic messaging safer for everyone using a computer or phone to communicate. But the work he did in these forums was just one small example of the type of person that JD Falk was. On behalf of Cloudmark, we wish to extend our condolences to his family and friends and colleagues.

For more on JD Falk and his life, or to post your thoughts for his family and friends, please visit http://jdfalkmemorial.org/.

Cloudmark DesktopOne has had a good year.  It reached over million downloads in over 160 countries, it was nominated for SC Magazine’s Readers Choice Awards, and now it has been hand-picked by the discerning PCMag.com editors as Product of the Year  – for the 2^nd year straight!  Only five products earned 5-star ratings–a rating PCMag.com analysts hand out only to what they consider “perfect” products.

Read about it here: http://www.pcmag.com/article2/0,2817,2396200,00.asp#fbid=htkPikoKIN3

To find out more and to download your FREE copy, go to www.cloudmarkdesktop.com.

Cloudmark CTO Jamie de Guerre was invited to participate in a Cybersecurity Partners Breakfast with Secretary Janet Napolitano at the NASDAQ Headquarters in New York Tuesday, 18 October.

The event was invite only and consisted of 25-30 senior executive from organizations such as AT&T, Google, Microsoft, Verizon and others including Cloudmark. The breakfast discussion focused on public and private sector efforts and partnerships that address issues related to cybercrime, and enabled organizations to share knowledge of cyber security trends while interacting with fellow senior industry and government cyber security leaders.

If you have a smart phone with a QR reader, then you can scan the QR code below and it will prepare a text message with the text “HELP” to send to the short code 7726 (S-P-A-M).

If your mobile operator supports reporting text spam to 7726, then you should get back a text that confirms that 7726 is for spam reporting.

If you don’t have a smart phone, or a QR reader, you can still test it out.  Just type the word HELP as text message and send it to 7726.

If you don’t get a message back, it may be that your mobile provider uses a different short code or they may not have implemented spam reporting yet.  In which case, you should refer to their website to find out the recommended way to report spam.

Always remember that spam is unsolicited, unwanted messages from someone you don’t know.  If you signed up for the text messages, then you should be able to unsubscribe by replying “STOP” to any message they send you.

This week, at the Federal Cybersecurity Conference & Workshop in Baltimore hosted by the Department of Homeland Security, there was a panel on Email Authentication that explained why authenticated email is vital to their interests. Being able to trust email from federal agencies is highly important to them, not merely for communication among agencies but also between the government and its constituents.

It was explained that in the recent past a couple of US senators have had to arrange sudden press conferences to spread the word that, contrary to what’s been said in email, they are not dead. Apparently there had been forged email campaigns making such claims, causing some amount of chaos, and they needed to be dispelled. The FBI, IRS, and the House domains have also been the target of forged email or phishing campaigns.

Cloudmark was invited to present the perspective of industry to the audience of mainly CIO-level representatives from various branches of the federal government. We highlighted not only the importance of deploying email authentication technologies like SPF and DKIM and why they’re great, but also why they’re not enough. Domain reputation, the obvious next step along the path to securing email, became the focus. Some good questions were asked about the viability and vulnerability of such systems when they’re based on user feedback. Fortunately, we have a lot of good experience in that area from our commercial product and open source history, which supported the discussion.

We’re encouraged to see that the federal government has taken such an interest in these issues. We presented some ideas of how they can help with respect to deploying policy and services from their side of the fence, and we’re looking forward to making progress with them.

A few weeks ago we announced that our free consumer anti-spam product Cloudmark DesktopOne was approaching a million downloads and to commemorate this significant product milestone we ran a $500 gift card contest for new and existing customers, with the winner being randomly selected as soon as we reached the millionth download.  We reached the millionth download (and then some!) this week, and I am pleased to announce that our lucky winner is R. Suarez from Boston, Massachusetts.   The contest was a huge success, and for all of you  participated, you already know how much spam you don’t get anymore!

You can still download DesktopOne, the best, free, anti-spam software for your inbox.  Be sure to Like us on Facebook facebook.com/cloudmark.desktopone and follow us on Twitter twitter.com/desktopone for product updates and announcements, plus be the first to know about promotions and giveaways!

Cloudmark’s drive to equip users with the power to report messages they didn’t sign up for (using the 7726 (S-P-A-M) GSMA service) and protect mobile users from spammy text messages,  means that we spend a lot of time thinking about the negative content that gets sent by spammers.

So it’s nice to be reminded that text messages have a lot of power to be used for good.

I love this story from tatango’s SMS marketing blog.  The Boy Scout National Jamboree allowed parents and scouts to sign up for text message updates.  They then used text messaging to keep in touch and send updates.  They sent the scouts messages like: “As u head back, stay with the group or at least a buddy. Remember to go left at the asphalt road and head back.”

They were also able to let parents know that a tornado that touched down in DC, hadn’t impacted the Jamboree and that everyone was ok, minutes after the tornado passed through.

It’s a really nice example of the positive power of  text messaging.  You can check out the full story here: http://www.tatango.com/blog/tatango-customer-spotlight-boy-scout-troop-831/

After numerous discussions and spirited debate, the IETF has finally published a couple of important new RFCs related to DKIM. RFC6376 is the update to DKIM itself that does a thorough job cleaning up the original version, and RFC6377 provides recommended practices for using DKIM with respect to mailing lists. With this, DKIM has advanced from being a Proposed Standard to a Draft Standard, indicating a level of maturity and stability held by only a small fraction of Internet protocols in use.

As I’ve written before, DKIM (DomainKeys Identified Mail) allows one to attach a domain name to a message in a way that provides some assurance of its valid use. Since the rest of an email message can essentially be forged, this is a big development in the advancement of messaging trust and security. DKIM is an important input to concepts like domain reputation systems, a topic that will be covered during a session at the MAAWG conference next month. Domain reputation stands to be a key component of message security systems in the future, especially as the transition to IPv6 continues. The IETF is also considering a working group to tackle the concept of delivering reputation services in a reliable and open way, and DKIM will likely be a prominent figure in sample implementations.

Cloudmark is pleased to be a part of the support and advancement of this work!

An interesting new report* from The Pew Research Center’s Internet and American Life project, says that 95% of 18 to 24 year olds own a cell phone, 97% of the cell phone owners use text messaging, and they send an average of 110 text messages per day.

That’s a lot of texting they’re doing.

People in the older age groups, tend to send fewer texts per day on average.  It would be interesting to know if the younger age group sends more texts because they have more time to send text messages or because they’re more comfortable with the technology.

Either way, text messaging is an important part of how people communicate, which is why Cloudmark supports the rollout of a common short code: 7726 (S-P-A-M) to report any unwanted text messages, so that those 110 messages per day, continue to be messages that people want.

Text Messages per Day by Age Group

*Smith, Aaron. Americans and Text Messaging. Pew Internet & American Life Project, Sept 19, 2011. http://pewinternet.org/Reports/2011/Cell-Phone-Texting-2011/Main-Report.aspx?view=all, accessed on Sept 21, 2011.