It seems that spammers, those irritants of your inbox, are working a “regular” job just like you or me. They put in long hours, for the most part they work weekdays and with the exception of the night owls, work regular business hours. This according to the IBM X-Force Kassel research team which operates a massive network of spam honeypots.

By gathering billions of unsolicited “spam” emails every year the team can easily identify and study trends in the world of spam.

Most recently the team looked at what a typical spammer’s workweek looked like and here are some of the interesting things they found.

1.  The Weekly Grind – much like the rest of the working world, spammers and their bots apparently work a typical work week with typical hours. Over 83% of spam email is sent during the business week with the highest concentration being delivered on Tuesday, Wednesday and Thursday.

Source: IBM X-Force Kassel

2. Business Hours – The typical spammer works business hours…North America and European hours. Sure it makes for a long day, starting with early morning in Europe and not slacking off until near the end of East coast business hours (around 4pm). IBM feels that this pattern is driven in part by the types of malware being delivered which are more targeted towards businesses rather than individuals.

3. Some Folks Work Nights and Weekends – So while the principle targets are corporate employees, there is a dedicated contingent of spammers who work weekends, especially weekend nights, rounding out the spamming ebb and flow.

4. Where the Spammers Live – Based upon IP address tracking it would appear that the primary locations for spammers are:

Source: IBM X-Force Kassel

Spammers are Dedicated to their Craft

The spammers are a dedicated bunch. The work day-in and day-out, delivering their messages to their victims relentlessly. And, of course, they continue to innovate from the type of message sent to the type of attachment used to the type of malware exploit delivered.

Konsultek is Dedicated to Security

When your foe is as dedicated as the spammers are you need someone on your team who is just as dedicated and even more innovative. That’s where Konsultek comes in. We’ve been developing world class security solutions for over 20 years. If you think it’s about time you trimmed your diet of spam, give us a call and we’ll help you develop a solution that will have you saying “no thank you” to spam, no matter how many times it’s offered to you.

 

read more

SPAM on the Rise Globally

On March 23rd, 2017, posted in: Spammers by konweb

We highlighted the release of The 2017 Cisco Annual Cybersecurity report in our blog post a few weeks back. Today, SPAM is on the menu and the same Cisco report serves up some very interesting insights into the growth of global spam.

According to the report:

  • 65% of all email globally is spam
  • 8-10% of spam in 2016 was malicious. More troubling however is that 75% of spam in October, 2016 contained malicious attachments
  • From August to October 2016 there was a dramatic rise in the number of IP addresses deemed spammy and subsequent blocked
  • Cisco researchers attribute much of the rise of spam in 2016 to the Necurs botnet ( a primary distributor of the Locky ransomare

 

Konsultek Knows Spam

Spam is problematic for every organization. In its most benign form the sheer volume of spam can overload inboxes and waste valuable employee time. In its most malignant form spam can trick employees into inviting malware into networks or even sending funds to cybercriminals masquerading as suppliers.

At Konsultek, spam is just one of things we take of the buffet of cyber threats so that your employees, your organization and your network are protected. If you are interested in learning more about how we can help your organization please give us a call.

 

read more

Mega Spammer Leaks 1.37 Billion Emails

On March 7th, 2017, posted in: Hackers, Spammers by konweb

Monday morning, March 6, 2017 started off with a teaser announcement from data breach storm chaser Chris Vickery over at MacOS security software specialists MacKeeper. The announcement stated that later in the morning the identity of a breach victim with 1.37 BILLION records compromised would be identified.

Wow 1.37 Billion is a LOT of records! For perspective, there are only about 300 Million people in the whole United States. A breach of that size can only happen to an organization that either has a lot of individual users/customers, a large government agency or perhaps a large scale data aggregator.

The Internet was immediately on fire with speculation as to who might have been breached… Facebook? Salesforce? Apple? Alibaba?

Well, a few hours later the mystery was solved when Chris Vickery revealed on the MacOS blog that the “victim” was one of the largest email spammers in the world! Wow, no one had that on their radar.

SPAM SPAM SPAM

The spammers, who position themselves as legitimate marketers under the name River City Media, use automation and hacking techniques to send out an estimated 1 Billion emails a day with a team that numbers around a dozen. While everyone despises spam email, at some level you have to admire the sheer spamming scale that Alvin Slocombe and Matt Ferris, the River City Media principles, were able to operate at.

 

Another Dark Day for Privacy

In addition to emails, the database contains real names, IP addresses and frequently physical addresses. It would appear that these details may be headed over to law enforcement authorities so “big brother” just got a huge windfall.

Kudos to the Spam Assassins

You can bet that this is only the beginning of the story and that much more will come to light in the months ahead. Certainly all the investigators involved, MacKeeper Security Research Center, CSOOnline, and Spamhaus deserve a huge helping of kudos for clearing up, at least a little bit, the inboxes of over a billion spam victims in one fell swoop.

How Secure is Your Network?

You would think that a group of professional spammers would have appreciated and deployed the best security measures possible. It just goes to show that any operation, illegal or otherwise can be brought to a screeching halt when a data breach occurs.

Don’t let something like this happen to your organization!

Get proactive on challenging your own network security before it is too late.  From executive assessments to vulnerability discovery and breach simulation Konsultek can help. Give us a call to find out how we can help you identify and quantify your network security risks in a proactive manner.

 

read more