Spam Soap will deploy the significant advancements on May 2nd, which will be made available May 5th.

These service advancements are designed to improve the overall ease-of-use and value of Spam Soap. All advancements are a result of customer feedback and our on-going system and service evaluations.

Service alerts for specific maintenance windows can be found on our Support Page.

Click here for the release notes.

Close

To All Our Valued Clients, Partners, and Resellers:

We at Spam Soap would like to thank you for trusting us with your email in 2007. We wish you happiness and health during the holidays and a prosperous New Year.

In an effort to proactively communicate with our clients, Spam Soap will begin regularly posting information about new and existing services, email-related information, and news and events, via RSS. RSS (Really Simple Syndication) is an opt-in medium which sends you updates without clogging up your inbox. Popular RSS readers include Google and Outlook 2007. Subscribe to Spam Soap’s News and Events feed. We welcome your feedback on our methods of communication. This information is also available for direct viewing here at the News and Events section of the website.

Announcing the Spam Soap Deep Content Analysis Filter

Spam Soap recently took steps to eliminate attachment spam (.pdf, .zip, .doc, etc.) by implementing the Deep Content Analysis Filter. This extra level of security was added globally at no additional cost to customers. Learn more . . .

Additional Services from Spam Soap

Did you know that in addition to inbound filtering, Spam Soap also provides Outbound Filtering, Message Continuity and Message Archiving services? To learn more about how your organization can benefit, “click here”http://www.spamsoap.com/additional-services or give us a call.

Get Help

If you have technical questions about Spam Soap, need support, or want information about scheduled maintenance, visit our Support Page. You’ll also find helpful FAQs, Admin and User guides, and the Current Service Status RSS feed.

Online Security Tips

Here are some tips on protecting yourself from threats.

• Only do business with retailers you know and trust, just like you would do if you were purchasing from a physical store. Also, if you want to visit that retailer’s web site, type their URL directly into your browser. Don’t follow links from marketing emails as they could direct you to a fraudulent site.

• Look for security indicators. All legitimate security retailers should protect your confidential information with encryption, even your login to their site. Make sure that not only does the padlock that indicates encryption appear in your browser window, but that the site that the security certificate is registered to matches the site that you are expecting to be purchasing from. If it doesn’t, then assume it to be suspicious.

• Do not use a computer that you are not familiar with or public computers to make online purchases. Web browsers often store information entered onto web forms within their memory for easy reuse later. Someone could easily walk up to one of these available computers, go to a couple of common shopping sites and start writing down whatever information they can find.

Thanks again for your continued business in 2008. If there is anything that you need, please don’t hesitate to contact us.

Close

Spam Soap released new service advancements over December 14-15.

Click here for the full release notes.

Close

– Spam Soap Adds a New Layer to its Security Filtering Process; Advancing Its Stacked Classification Framework Spam Detection Technology –

Costa Mesa, CA. – Nov. 12, 2007 – Spam Soap, Inc., a leading managed security service provider, today announced the deployment of an anti-spam filter that specifically targets any attachment-based spam variations. The new Deep Content Analysis filter is the latest advancement to the Spam Soap Stacked Classification Framework® spam detection system, which is powered by patented technology and combines the most effective spam-fighting filters and techniques in the industry.

PDF (Adobe Portable Document Format) spam is the first variation of attachment-based spam addressed by the new filter, which is now in place to protect all businesses with the Spam Soap® Core Filtering Bundle. In PDF spam, spam content is embedded within attached .pdf documents instead of within the body copy of the message. Unlike any other solution on the market, the Deep Content Analysis filter allows all email attachments to be treated holistically and therefore enables Spam Soap to analyze these messages in their entirety to determine if the email and/or the attachment contain spam or malware before they reach the customer’s network.

“At the height of the PDF spam outbreak, we were seeing PDF spam comprising between 10 to 15 percent of the overall spam volume with spikes up to 30 percent,” said Sam Masiello, director, Threat Management, Spam Soap’s technology provider. “The shift caused by the increase in PDF spam was just the first wave of what we expect to be the next evolution of email-borne threats. In fact, as image spam volumes continue to decline we believe attachment-based spam will take its place and greatly increase. So, we have created the Deep Content Analysis filter, further advancing our Stacked Classification Framework spam detection system, to respond to this threat.”

The Stacked Classification Framework spam detection system includes patented technology using an algorithm based on intelligent reasoning to identify and control spam. Using this multi-layered filtering approach, Spam Soap can dynamically calculate the spam probability of every message and instantly block more than 99 percent of spam at the network perimeter.

Spam Soap is able to seamlessly provide this filtering technology to new and current customers with no additional cost.

Close

Spam Soap introduced service advancements over the weekend of October 12-13.

Click here for the release notes.

Close

ERGOS Technology , a Houston-based provider of managed IT services and Spam Soap Authorized Reseller, recently implemented Spam Soap’s Core Filtering Bundle in a two customer environments. Read the case studies below.

Linux/Microsoft Environment

Microsoft Environment

Close

Morgan Stanley will pay $12.5 million to settle a regulator’s charges that Morgan Stanley Dean Witter repeatedly failed to provide emails and erroneously claimed the emails were lost during the Sept. 11, 2001, terrorist attacks.

For the full article, click here

Close

PSEG Power New York Inc., turned over more than 3,000
e-mails and 211,000 pages of documents to a legal adversary,
but a magistrate judge has found that the company still failed to
comply with a discovery request.

For the full article, click here

Close

Researchers say they’ve discovered a critical weakness in the spam infrastructure.

Click here for the full article.

Close

All companies must get a handle on their data before they can begin to get their ESI [Electronically Stored Information] house in order by putting the appropriate processes and tools in place.

Spam Soap’s Message Archiving services help companies with FRCP compliance.

Click here for the full story

Close

PDF Spam is largely considered to be the latest generation of image spam, which uses graphics instead of other masking techniques to conceal an unsolicited advertisement’s call to action. With PDF Spam, the images are embedded within attached .pdf documents instead of within the body copy of the message. Our Threat Department reports they are also seeing an increase in PDF Spam which uses text within the .pdf document instead of images.

• The nature of this situation is a constant arms race. The Spam Soap Threat Center is proactively monitoring, testing and developing sophisticated techniques to bring emerging spam threats under control.

• The Premium Anti Spam Multilanguage Filter (included in the Spam Soap Core Filtering Bundle) is effective at recognizing the signature of the PDF, its variants and is capturing a high percentage of the incoming spam.

• We can assume this new assault by spammers will continue to develop as recent estimates state total spam volume will increase 3 to 4 times in the coming months.

• The Heuristics and Bayesian filters used by Spam Soap can be used to hook into the accompanying message text, to recognize the existence of a PDF attachment, etc.

• PDF spam detected up to this point does not contain a virus payload, but our Threat Center anticipates this to appear in the near future.

• Due to the size of PDF spam messages, unprotected users can expect a significant increase in storage and bandwidth.

• PDF Spam has mostly contained images up to this point; however the most recent spam run actually contains text within the PDF body.

If customers do received such messages, they are urged not to open suspect messages or download .pdf files attached to unsolicited messages from unfamiliar senders.

Close

Join us for an informative webinar to learn about Spam Soap’s new Message Archiving services and how they can help you meet compliance standards.

Spam Soap’s archiving packages provides compliance for the following regulations:

• SEC 17a-3 and 17a-4
• Gramm-Leach-Bliley Act
• Health Insurance Portability and Accountability Act (HIPAA)
• Sarbanes-Oxley

Download the Osterman Whitepaper on Archiving

All pre-scheduled webinars have past. If you would like to schedule a webinar, please email us.

Click here for more information on Spam Soap’s Message Archiving.

Close

Spam Soap is pleased to announce Message Archiving, offered in two packages: Message Archive Compliance and Message Archive Surveillance.

For many businesses – particularly public companies and those in healthcare, financial services, law and insurance – monitoring, storing and retrieving email messages is now as important as keeping their financial records in order.

Spam Soap’s archiving packages provides compliance for the following regulations:

• SEC 17a-3 and 17a-4
• Gramm-Leach-Bliley Act
• Health Insurance Portability and Accountability Act (HIPAA)
• Sarbanes-Oxley

Download the Osterman Whitepaper on Archiving

Click here for more information about compliance and our archiving packages.

Click here for pricing information.

To add Message Archiving to your existing Spam Soap account, please contact the Spam Soap sales office.

Close

Spam Soap is pleased to announce Message Continuity service to all clients. Message Continuity provides up to 60 days of rolling webmail access to messages queued in the Disaster Recovery spool. Click here for more information about functionality, and screen shots. Click here for pricing information. To add this service to your existing Spam Soap account, please contact Spam Soap the sales office.

Close

As part our commitment to provide customers with the most effective and easy-to-use managed email security services in the industry, Spam Soap introduced several service advancements on June 25.

Download the release notes here.

Close

Seattle resident Robert Soloway has allegedly sent billions of unwanted and illegal e-mails. He faces 35 counts and decades in prison, according to a newspaper report.

Full story

Close

Two bills being considered by the New Jersey Senate will slap heavy fines and jail time on spammers in hopes of enforcing the impotent CAN-SPAM Act of 2003. Click here for the full story.

Close

Threat Alert Summary: Spam Soap has issued a Threat Alert, based on a large volume of incoming messages containing harmful worm-infected .exe files. Spam Soap updated its spam and virus filters Sunday at 12:13 p.m. PDT (7:13 p.m. Greenwich Mean Time).

Subject Lines: The worm is generally transmitted via emails that appear to announce breaking news stories and which contain subject lines that include, but are not limited to:
• USA Just Have Started World War III
• Missile Strike: The USA kills more that 20000 Iranian citizens
• Israel Just Have Started World War III
• USA Missile Strike: Iran War just have started
• British Muslims Genocide

Attachment Filenames: The worm is generally transmitted via emails that appear to announce breaking news stories and which contain subject lines that include, but are not limited to:
• video.exe
• click here.exe
• clickme.exe
• readme.exe
• read more.exe

In the event a user receives an email with one of the headlines listed above in the Subject line, Spam Soap recommends deleting it immediately. If the email has been opened, users are warned not to open the attachment, which would unleash the Trojan horse on the user’s computer.

Spam Soap Multi-Layered, Managed Protection Against Email Viruses and Worms

Spam Soap provides a multi-layered, fully managed virus protection that delivers optimum protection from worms and viruses at the Internet level – before they can enter and damage a customer’s corporate messaging infrastructure.

Spam Soap’s Complete Email Security solutions leverage’s MX Logic’s proprietary WormTraq® worm detection system, which uses sophisticated content behavior analysis to rapidly identify and intercept zero-hour threats – threats that appear before an anti-virus signature is developed to detect them. Spam Soap also incorporates virus protection from three leading anti-virus engines – Authentium®, McAfee® and Sophos®—which are updated every five minutes to ensure the most current virus and worm protection.

Spam Soap’s multi-layered virus and worm protection frees internal corporate IT resources from managing timely signature updates by shifting the burden of threat management away from the enterprise to Spam Soap. Spam Soap’s Complete Email Security solutions also allow IT administrators the ability to respond to infected email by choosing to have viruses stripped from incoming email, quarantining infected messages for review, or blocking infected email outright.

Close

As part our continuing commitment to provide customers with the most effective and easy-to-use managed email security services in the industry, Spam Soap has introduced the following service advancements, which are designed to improve the user experience and overall performance of the Spam Soap Console, while providing greater security and more detailed reporting. All of the advancements are a result of user feedback and our on-going system and service evaluations.

Console Security

• Customers can now create strong passwords for access into the Spam Soap Console, helping administrators to increase security and retain greater control over access to the Web-based portal.
• Strong passwords can include any combination of primary characters, numbers or special characters (i.e. U.S. dollar signs ($) or percent signs (%), etc.)

Enhanced Threat Reporting

• Spam Soap Threat Statistics have been enhanced to provide customers with greater insight into all of the threats currently blocked on their behalf by Spam Soap
• Spam and Virus Reports have been expanded to include statistics for messages that are:
  • Identified as Invalid Email and immediately blocked by the Spam Soap Invalid Email Policy.
  • Blocked due to questionable sender reputation following analysis by the IP Reputation Connection Manager.

Streamlined Fail Safe Disaster Recovery

• The new Fail Safe Setup page has been renamed “Disaster Recovery Setup.”
• The page includes an animated Fail Safe status graphic, which represents whether mail is flowing normally or being spooled in Fail Safe. The animation will also show post-Fail Safe delivery, with both new mail being delivered normally and spooled mail being released by Fail Safe.
• Customers can now check the connection between their mail server(s) and Spam Soap via a “Test Connectivity” button.
• Configuration Settings and Fail Safe Notifications have been streamlined to make it easier to configure the service and manage service notifications.

Any questions about these advancements or enhancement requests for future releases can be directed to info@spamsoap.com.

Close

COSTA MESA – March 27, 2007 – Spam Soap Inc., a leading provider of total email security, launched a new website this week. In addition to a new look and feel that engages those shopping for email filtering, the new site provides better and timelier information to Spam Soap’s existing client base. “People who already rely on Spam Soap for their email security need a place to get pertinent information about their email and our service,” said Kevin Krusiewicz, Spam Soap Manager. “We hope the new site helps in providing this vital information.”

Highlights on the new site include:

• Current news articles providing interesting and valuable information about the email and spam industry, trends on email-born threats, and Spam Soap’s current and future service offerings.
• Updated support page with new RSS feed and FAQs.
• New pricing calculator.
• Updated reviews and testimonials from real, current customers.

In the coming weeks and months, additions include an updated Resources Page and Channel Portal where Authorized Resellers and Partners can access tools and materials to help them promote Spam Soap.

“Special thanks to Luke Mysse and Toby Sterrett from Crossgrain Creative Studios who built the site with amazing functionality for easy-to-use user customization,” said Krusiewicz. “We are very pleased with the results.”

If you have any questions, feedback about or suggestions for the new Spam Soap website, please email webmaster@spamsoap.com.

Close

Investor Protection Agency Unveils “Operation Spamalot”

Washington, D.C – March 8, 2007 – The Securities and Exchange Commission this morning suspended trading in the securities of 35 companies that have been the subject of recent and repeated spam email campaigns (see examples). The trading suspensions – the most ever aimed at spammed companies – were ordered because of questions regarding the adequacy and accuracy of information about the companies.

The trading suspensions are part of a stepped-up SEC effort – code named “Operation Spamalot” – to protect investors from potentially fraudulent spam email hyping small company stocks with phrases like, “Ready to Explode,” “Ride the Bull,” and “Fast Money.” It’s estimated that 100 million of these spam messages are sent every week, triggering dramatic spikes in share price and trading volume before the spamming stops and investors lose their money.

“When spam clogs our mailboxes, it’s annoying. When it rips off investors, it’s illegal and destructive,” said SEC Chairman Christopher Cox. “Today’s trading suspensions, and actions that will follow, should send a clear message to spammers: the SEC will hold you accountable.”

Linda Chatman Thomsen, Director of the SEC’s Enforcement Division, said, “Many of these companies are no doubt familiar to anyone who reads their email, because each has been the subject of a spam email campaign. While the Commission cautions investors not to make investment decisions based on anonymous emails they receive, we are also committed to tracking down those who prey on investors with false or misleading information.”

Mark K. Schonfeld, Director of the Commission’s Northeast Regional Office, said, “By halting trading in these stocks we are seeking to protect investors from further harm. But this is only the first step. Our investigation of the perpetrators – the people behind this misconduct – is continuing.”

The securities of each of the 35 companies have been quoted on the Pink Sheets quotations service. Recent trading clearly demonstrates how spam campaigns can affect stock prices and trading volume. For example:

• On Friday, Dec. 15, 2006, shares in Apparel Manufacturing Associates, Inc. (APPM) closed at $.06, with a trading volume of 3,500 shares. After a weekend spam campaign distributed emails proclaiming, “Huge news expected out on APPM, get in before the wire, We’re taking it all the way to $1.00,” trading volume on Monday, Dec. 18, 2006, hit 484,568 shares with the price spiking to over 19 cents a share. Two days later the price climbed to $.45. By Dec. 27, 2006, the price was back down to $.10 on trading volume of 65,350 shares.
• On Dec. 19, 2006, trading in Goldmark Industries, Inc. (GDKI), closed at $.17 on trading volume of 126,286 shares. On Dec. 20, 2006, the spam campaign started, with e-mail proclaiming “GDKI IS MAKING EVERYONE BANK!,” and setting a 5-day price target of $2. By Dec. 28, 2006, spam emails boasted of the price spike that had already been achieved—”$.28 (Up 152% in 2 days!!!)”—and promised a 5-day price target of $1. That same day, GDKI closed at $.35 on a volume of more than 5 million shares. By January 9, 2007, the closing share price was back down to $.15.
• A spam campaign in Healtheuniverse, Inc. (HLUN) stock began on Sept. 4, 2006, with emails incorporating a Healtheuniverse press release proclaiming that HLUN was “focused on being the first to commercialize stem cell applications in the $15 billion worldwide plastic surgery and cosmetic surgery market.” On Sept. 7, 2006, HLUN closed at $.12 per share on trading volume of 3,000 shares. The spam campaign accelerated, and HLUN shares spiked to $.22 per share on Sept. 11, 2006, with over 2.2 million shares trading hands. By Sept. 22, 2006, the closing price had dropped back down to $.11.

The trading suspensions will last for ten business days. The trading suspensions commenced today at 9:30 a.m., EDT, and terminate at 11:59 p.m., EDT, on March 21, 2007.

The 35 companies whose trading was suspended today are: Advanced Powerline Technologies Inc. (APWL), America Asia Petroleum Corp. (AAPM), Amerossi Int’l Group, Inc. (AMSN), Apparel Manufacturing Associates, Inc. (APPM), Asgard Holdings Inc. (AGHG), Biogenerics Ltd. (BIGN), China Gold Corp. (CGDC), CTR Investments & Consulting, Inc. (CIVX), DC Brands International, Inc. (DCBI), Equal Trading, Inc. (EQTD), Equitable Mining Corp. (EQBM), Espion International, Inc. (EPLJ), Goldmark Industries, Inc. (GDKI), GroFeed Inc. (GFDI), Healtheuniverse, Inc. (HLUN), Interlink Global Corp. (ILKG), Investigative Services Agencies, Inc. (IVAY), iPackets International, Inc. (IPKL), Koko Petroleum Inc. (KKPT), Leatt Corporation (LEAT), LOM Logistics, Inc. (LOMJ), Modern Energy Corp. (MODR), National Healthcare Logistics, Inc. (NHLG), Presidents Financial Corp. (PZFC), Red Truck Entertainment Inc. (RTRK), Relay Capital Corp. (RLYC), Rodedawg International Industries, Inc. (RWGI), Rouchon Industries, Inc. (RCHN), Software Effective Solutions Corp. (SFWJ), Solucorp Industries Ltd. (SLUP), Sports-stuff.com Inc. (SSUF), UBA Technology, Inc. (UBTG), Wataire Industries Inc. (WTAF), WayPoint Biomedical Holdings, Inc. (WYPH), and Wineco Productions Inc. (WNCP).

The 35 suspensions concern companies that are not subject to the reporting requirements of the Securities Exchange Act of 1934. Not listed on any exchange, or on the OTC Bulletin Board, the companies’ securities have been quoted on the Pink Sheets quotation service on an unsolicited basis, meaning that the brokers posting quotations for the purchase and sale of the securities are not required to conduct due diligence regarding the issuers.

The Commission cautions broker-dealers, shareholders, and prospective purchasers that they should carefully consider the foregoing information along with all other currently available information and any information subsequently issued by the companies. Further, broker-dealers should be alert to the fact that, pursuant to Rule 15c2-11 under the Exchange Act, at the termination of the trading suspensions, no quotation may be entered unless and until they have strictly complied with all of the provisions of the rule. If any broker-dealer enters any quotation that is in violation of the rule, the Commission will consider the need for prompt enforcement action.

The Commission’s Office of Investor Education and Assistance has information for investors and members of the general public on topics directly related to this action. See http://www.sec.gov/investor/35tradingsuspensions.htm.

Any broker-dealer, investor, or other person with information relating to this matter is invited to email the Securities and Exchange Commission at 35suspensions@sec.gov.

The Commission appreciates the assistance and cooperation of the National Association of Securities Dealers, the Royal Canadian Mounted Police, the British Columbia Securities Commission, and the Ontario Securities Commission.

Close

Costa Mesa, CA – February 19, 2007—Spam Soap, Inc. a leading provider of total email security, included an additional, premium level of filtering into it’s basic spam filtering package, allowing it’s entire client base to enjoy improved results, most without any increase in cost.

The new filtering engine, provided by Cloudmark and MX Logic, uses sophisticated fingerprinting algorithms to flag problematic messages, combined with a live global threat reporting network that is enhanced by a trust evaluation system. Real-time, trusted corroboration provides accurate and “unspoofable” data, and the collection, analysis, and update cycle is fully automated to ensure the fastest possible response time. Corroborated fingerprints that identify spam, phishing and virus attacks are updated instantaneously and distributed to the worldwide network every 60 seconds, stopping an attack within moments of first sighting within the network. Cloudmark’s predictive solution achieves an extremely high accuracy rate with few to no false positives.

“We’ve found that the Cloudmark engine is most effective in blocking image-based spam and wanted all of our customers to experience the benefit, given the fact that this type of spam has increased in the last several months,” said Kevin Krusiewicz, Spam Soap Practice Manager. He went on to say, “Less than 30% of our existing clients will experience any kind of price increase, and those that will have found the increase to be well worth the added benefit. We feel strongly that every Spam Soap client should get the best filtering available.”

Spam Soap continues to leverage “best of breed” technologies for the benefit of its clients as the goal of keeping inboxes clean is a constantly moving target.

Close

First major worm outbreak of 2007 luring email users via bogus ‘news’ emails

ENGLEWOOD, Colo. – January 19, 2007 – MX Logic, Spam Soap’s Partner in filtering technology, issued a threat alert today on the Storm worm, a new mass-mailing worm that began spreading via email late yesterday in Europe.

The MX Logic® Threat Center first detected the Storm worm was at 7:55 p.m. Mountain Time on Thursday and began blocking it immediately on behalf of 14,000 customers worldwide. As of 2:00 p.m. MT today, the Threat Center had seen over 350,000 email messages infected with the virus and reported that the worm accounted for 1 in 325 emails.

“Since December we have seen multiple instances of attackers using social engineering tactics, like tying into the Christmas holiday or yesterday’s storms in Europe, to entice email users,” said Sam Masiello, director of threat management, MX Logic. “The primary danger of this worm is that once opened, it attaches a Trojan horse on the user’s computer that makes the computer vulnerable to hackers.”

The Storm worm is generally transmitted via emails that appear to announce breaking news stories and which contain subject lines that include:

• 230 dead as storm batters Europe
• A killer at 11, he’s free at 21 and kill again!
• Naked teens attack home director
• U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
• British Muslims Genocide

The worm-laden emails contain attachments with names that include:

• Read More.exe
• Full Clip.exe
• Full Story.exe
• Full Video.exe
• Video.exe

In the event a user receives an email with one of the headlines listed above in the Subject line, Spam Soap recommends deleting it immediately. If the email has been opened, users are warned not to open the attachment, which would unleash the Trojan horse on the user’s computer.

Spam Soap Multi-Layered, Managed Protection Against Email Viruses and Worms

Spam Soap provides a multi-layered, fully managed virus protection that delivers optimum protection from worms and viruses at the Internet level – before they can enter and damage a customer’s corporate messaging infrastructure.

Spam Soap’s Complete Email Security solutions leverage’s MX Logic’s proprietary WormTraq® worm detection system, which uses sophisticated content behavior analysis to rapidly identify and intercept zero-hour threats – threats that appear before an anti-virus signature is developed to detect them. Spam Soap also incorporates virus protection from three leading anti-virus engines – Authentium®, McAfee® and Sophos®—which are updated every five minutes to ensure the most current virus and worm protection.

Spam Soap’s multi-layered virus and worm protection frees internal corporate IT resources from managing timely signature updates by shifting the burden of threat management away from the enterprise to Spam Soap. Spam Soap’s Complete Email Security solutions also allow IT administrators the ability to respond to infected email by choosing to have viruses stripped from incoming email, quarantining infected messages for review, or blocking infected email outright.

Spam Soap is one of MX Logic’s largest and most trusted Partners. Clients of Spam Soap enjoy the filtering sophistication and easy administration of MX Logic with the small-business service and support that Spam Soap has always delivered.

Close

Image Spam Tops 2006 Charts, Causing Junk Email Rates to Soar; CAN-SPAM Compliance Consistently Falls Below 1 Percent During Law’s Third Year

ENGLEWOOD, Colo.-Jan. 8, 2007-MX Logic Inc., Spam Soap’s Partner in filtering technology, today issued its 2006 year-end threat summary, reporting that spam rates reached a historic high in December, averaging 88.1 percent of total spam volume.

On seven days in December, spam levels climbed above 90 percent, peaking Dec. 2 at 92.4 percent. The month’s lowest rate of 83.2 percent occurred on Dec. 30. December’s high spam levels culminated a surge in spam that began in July 2006, when the MX Logic® Threat Center reported a daily average spam volume of 77.4 percent – an all-time high up to that point.

In addition, the Threat Center, which monitors threat activity for Spam Soap’s Complete Email Security Service, also reported that rates of compliance with the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, which slumped to 0.25 percent in December, averaged 0.45 percent in 2006. This compares with average compliance rates of 4 percent in 2005 and 3 percent in 2004. The law went into effect on Jan. 1, 2004.

“CAN-SPAM remains a big disappointment, proving to be of little deterrence during the three years of its existence,” said Sam Masiello, director of threat management, MX Logic. “While the act provides some enforcement value, CAN-SPAM is powerless against the increased sophistication of botnets.”

The continued evolution of botnets, which are groups of virus-infected PCs that spammers control remotely to send billions of unwanted email messages a month, includes the 2006 adoption of image spam. Beginning primarily as ads for Rolex watches and cheap Viagra, early image spam incorporated simple images that contained little variance and failed to fool optical character recognition (OCR) software. As 2006 progressed, image spam grew in sophistication to make OCR more difficult. Now featuring mostly stock pump-and-dump scams, image spam includes more complex images, random lines and polygons, as well images divided into randomly sized parts.

In addition to intensifying the flood of spam during 2006, image spam increased the size of email messages – from an average of 16KB in the first quarter of 2006 to 23KB in the fourth quarter.

“We have started to see the next phase of image spam, which works to defeat OCR software even further by including flash movies instead of images,” Masiello said. “Whether via the use of Flash movies or other technologies embedded into email, we can be sure that spammers will continue to look for ways to evolve their current methodologies to outsmart current anti-spam methods. It’s a constant cat-and-mouse game.”

Scott Chasin, MX Logic chief technology officer, added that Internet service providers (ISPs) in 2007 will have to focus more on containment issues, such as walled-garden approaches that quarantine computers sending mass amounts of email. In addition, ISPs will need to continue building ways to counteract spam, which will soon move beyond email.

“Spam will increase by continuing to morph into other mediums, infiltrating the Web 2.0 infrastructure, invading social networks like MySpace and comment blogs, as well as VoIP systems,” Chasin said. “The mainstreaming of VoIP will bring attacks around call hijacking, voice spam insertion and redirection to spam voicemail systems. Thanks to VoIP’s ability to spoof caller ID, we will most likely see ‘tele-spam’ campaigns calling you directly to ‘spam-vertise.’ The bottom line is that, when it comes to Web and email-based threats, 2007 promises to be everything 2006 was – and then some.”

Spam Soap is one of MX Logic’s largest and most trusted Partners. Clients of Spam Soap enjoy the filtering sophistication and easy administration of MX Logic with the small-business service and support that Spam Soap has always delivered.

Close

Holiday Surge in Email Threats May Be Starting Early

ENGLEWOOD, Colo.-Oct. 31, 2006-MX Logic Inc., Spam Soap’s Partner in filtering technology, today announced a 40 percent increase in overall email traffic from July through September, driven primarily by spam and malicious email traffic.

The Threat Center, which monitors threat activity for the Spam Soap’s Complete Email Security service, also reported a 16 percent increase in email worm traffic in September due to Stration (aka Warezov), a worm resembling a Windows update. Once downloaded, Stration modifies host files so that the infected computer cannot download anti-virus updates. The worm then “phones home” to send information about email addresses harvested from the infected machine.

Spam levels also hit the highest reported all year in September, accounting for an average of 77.4 percent of all email through the Threat Center. This compares to 72 percent in each of the first two months of the third quarter.

“While email-borne viruses had been leveling off gradually in the earlier part of the year, the upward trend for email and Web threat activity in the third quarter is particularly significant, because we typically don’t see that kind of increase until November and December,” said Sam Masiello, director of Threat Management, MX Logic. “Businesses that operate without email and Web security may be getting inundated much sooner than the holiday season.”

The company also reported that, on average, 0.27 percent of all unsolicited commercial email it filtered in September 2006 complied with The Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act – the federal anti-spam law. This compares with 0.3 percent compliance in August and 0.75 percent compliance in July. Current compliance rates for the CAN-SPAM Act hover under one percent – a significant erosion from past years’ averages of 3 percent to 4 percent.

Spam Soap is one of MX Logic’s largest and most trusted Partners. Clients of Spam Soap enjoy the filtering sophistication and easy administration of MX Logic with the small-business service and support that Spam Soap has always delivered.

Close

Usual Suspects Dominate Month’s Top Email Worms

DENVER- May 3, 2006 – Spam Soap’s Partner in filtering technology, MX Logic Inc., today released its latest data on email security. Key among the company’s findings is that spam accounted for an average of 61 percent of all email through the Threat Center in April.
This compares to 56 percent in March 2006 and 70 percent in April 2005. The highest daily spam volume during April 2006 occurred on Saturday, April 15, when spam accounted for 84 percent of all email filtered.

The company also reported that, on average, 0.5 percent of all unsolicited commercial email it filtered in April complied with The Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act – the federal anti-spam law. This compares with 0.6 percent compliance in March 2006 and 4 percent compliance in April 2005.
Top Email Viruses and Worms in April
In addition to data on spam, the top five email worms in April were:

1. Mytob (the MX Logic Threat Center saw 125 variants in April)
2. Lebreat
3. Nyxem.D (aka Kama Sutra)
4. Mydoom.bb
5. Lovgate.AD

“Many of these worms or their variants have been around for months,” Chasin said. “They continue to proliferate, long after the initial outbreak, partly because end users continue to fall victim to the social engineering tactics used by worm authors.”

Emerging Trends: “Malcryption” and Ransomware

MX Logic also reported the increased use of encryption as a tool to make it more difficult to detect networks of zombie PCs and phishing sites and enable the hijacking of informational assets from personal computers and business networks.

“Spammers, malware authors and others play a perpetual cat-and-mouse game, subverting the legitimate use of technology, like encryption, to initiate stealthier, more sophisticated attacks,” Chasin said.

One emerging trend is “malcryption,” which is the adoption of encryption technology by malware authors to hide their communication and bypass sophisticated content filtering technologies.

“Malware authors have already used encryption to increase the stealth of their attacks and decrease the chance of detection,” Chasin said. “Encryption is being used to seed the Internet with zombie PCs and to cloak the command-and-control communications sent by malware authors to zombie PCs over Internet Relay Chat (IRC). It is also being used in peer-to-peer networks, like instant messaging, meaning there is no central command-and-control.”

On April 30, the SANS Internet Storm Center reported that a bot network created by the W32.NugacheA@mm worm is leveraging encrypted peer-to-peer networks to communicate with other infected PCs – unlike most bot networks, which send communications to compromised PCs through static central command-and-control host PCs. The Nugache worm propagates through email, network shares and instant messaging networks. The worm uses AOL Instant Messenger to send out URLs that host malicious code. Once users click on the URL, their PCs become infected.

Encryption is also being used in ransomware attacks, in which malware authors infect a PC with malicious code, encrypt proprietary information and then hold it for ransom. On March 12, a Trojan known as Troj/Zippo A (aka Cryzip) emerged. The Trojan creates password-protected ZIP files on the infected computer and then demands a $300 ransom for their decryption. On April 26, the Troj/Ransom-A emerged. Once activated, the trojan displays pornographic images and a message claming it will delete one file every 30 minutes until the user pays a ransom of $10.99 via Western Union.

“The emergence of ransomware is a disturbing trend,” Chasin said. “While these types of threats are not yet a common occurrence, users should take precautions to protect themselves.”
Spam Soap urges users to:

• Update anti-virus engines frequently and scan their PCs for infection
• For businesses, deploy a solution that provides multi-layered protection, including zero-hour threat protection (protection from threats that appear before an anti-virus signature is developed to detect them)
• Avoid opening suspicious messages, even messages that appear to be from a known sender
• Never open the attachment in a suspicious message
• Back up important computer files so that if their PC does become compromised, they can retrieve files

Monitoring billions of messages per month for over 8,300 organizations worldwide, the Threat Center combines advanced, accurate and up-to-the-minute email defense technology and human-messaging expertise to protect Spam Soap customers from spam, viruses, worms, phishing attacks and other email threats.

Spam Soap is one of MX Logic’s largest and most trusted Partners. Clients of Spam Soap enjoy the filtering sophistication and easy administration of MX Logic with the small-business service and support that Spam Soap has always delivered.

Close

Marginal CAN-SPAM Compliance Persists; Phishing Attacks Increase in Volume and Sophistication

DENVER - December 13, 2005 – Spam Soap’s Partner in filtering technology, MX Logic Inc., reported that on average, spam accounted for 68 percent of all email traffic through the Threat Center in 2005. This compares to 77 percent in 2004.

Peaking at 78 percent in November, spam dropped to its lowest volume, 60 percent, in May.

“Predictions of the impending death of spam are premature,” said Scott Chasin, chief technology officer, MX Logic. “While significant advances in anti-spam technology have made it possible to relieve email users of unwanted commercial email before it hits their inboxes, spam still makes up the majority of all email traffic – imposing a significant burden on the Internet and on the effectiveness of email.”

2005: After Two Years, CAN-SPAM Compliance Remains Low

MX Logic also reported that on average, only 4 percent of unsolicited commercial email complied with the Controlling the Assault of Non-Solicited Pornography and Marketing Act, the nearly 2-year-old federal anti-spam law. This compares with 3 percent in 2004.

“Despite the consistently low levels of compliance, the CAN-SPAM Act has been fundamental in allowing the government and ISPs to take action against some of the top spammers,” Chasin said.

In 2005 the CAN-SPAM Act enabled federal and state agencies, as well as Internet service providers (ISPs), to put several high-profile spammers out of business. A list of some of the high-profile enforcement action against spammers and a graph depicting 2005 monthly spam volumes and CAN-SPAM compliance rates is available online at http://www.mxlogic.com/pdf/2005CAN-SPAM.pdf

“The CAN-SPAM Act can only go so far in stopping spam,” Chasin said. “The law’s real value is in enforcement, and it may also serve as a litmus test for future legislative efforts to govern the misuse of technology.”

MX Logic has tracked compliance with the CAN-SPAM Act since the law went into force on Jan. 1, 2004, by examining a random sample of 10,000 unsolicited commercial emails each week. In determining whether an unsolicited email complies with the law, the messages meet the following criteria:

• Subject line is consistent with the body of the message;

• The email contains a postal address;

• The email includes an unsubscribe mechanism; and,

• In the case of adult-oriented email, the message bears the FTC-mandated “SEXUALLY EXPLICIT” label in the subject line.

2005: Phishing Attacks Increase in Volume and Sophistication

As predicted at the beginning of the year, phishing attacks increased in frequency and sophistication in 2005. In recent months, the Threat Center saw a monthly increase in phishing emails of 14 percent. According to a survey earlier this year by the PEW Internet & American Life Project, 35 percent of email users now report they have received unsolicited email requesting personal financial information.

Phishing attacks have moved beyond mass emails that spoof the email address of a bank or other online commerce site asking the recipient to verify passwords, account numbers or other personal financial information. Over the past year the Threat Center has reported several new types of phishing attacks and fraud including:

• Spear Phishing: Rather than casting a wide net, the phisher sends spoofed email to a targeted group of recipients. For example, a spear phisher will target employees of an organization by sending an email that purports to be from the IT department and requests usernames, passwords and other confidential information.

• Malware Injection: The phisher uses social engineering to convince a recipient to open an email attachment or download a file, which includes malware such as keyloggers, session hijackers, Web Trojans and malware that poisons the host file.

• Content Injection Phishing: Hackers compromise a server, leveraging an existing security vulnerability to alter the legitimate content on the site. This recently happened when illegitimate content was inserted into a federal government Web site. A phishing email was then sent out, claiming to be from the Internal Revenue Service and informing recipients that they could claim a tax refund by completing online forms on the www.govbenefits.gov site.

• Man-in-the Middle Phishing: Using proxy services, phishers position themselves between the user and the legitimate online commerce site and invisibly intercept financial data.

• Pharming: Users are maliciously re-directed to spoofed sites while surfing the Web. Unlike phishing, pharming does not require an email with a URL to a phony Web site to lure a user into divulging personal financial information. Pharming can be the result of malware injection or DNS cache poisoning.

Phishing attacks, malware injection and pharming attacks will continue in 2006, putting more urgency on the need for effective email authentication; Web defense technology; the deployment of multi-factor authentication by banking and online commerce sites; and, end-user education.

2005: Efforts to Block Port 25 and Implement Email Authentication Continue

“Beyond enforceable anti-spam laws and continued technology innovation, effectively stopping spam and fraudulent email will require continued efforts to develop and implement an industry-wide email authentication protocol and more aggressive and comprehensive blocking of port 25 by ISPs,” Chasin said.

In May 2005 the FTC, along with 35 government partners from over 20 countries, unveiled “Operation Spam Zombies,” an international campaign designed to educate ISPs and other Internet-connectivity providers about zombie PCs – neglected, “always-connected” broadband PCs that spammers hijack by installing a spam Trojan. Once infected with a spam Trojan, zombie PCs provide worm authors with remote command-and-control spam-distribution capabilities, allowing them to create a legion of zombie computers that can pump out unwanted email and initiate Denial of Service (DoS) attacks.

Operation Spam Zombies includes encouraging ISPs to block port 25 – an Internet gateway that is used for sending email traffic on the Internet – for inappropriate use, and identifying and quarantining customers with suspicious emailing patterns.

In 2005, the Threat Center reported that on average, 51 percent of all spam was sent from zombie PCs.

In 2005, the Threat Center also gathered statistics surrounding adoption rates of two email authentication protocols – Sender Policy Framework (SPF) and Sender ID. In a sample of more than 17.6 million unique email messages that passed through the Threat Center from Nov. 13 through Nov. 19, 2005, MX Logic found that:

• 8.4 percent were from domains that had published an SPF record, 84 percent of which were spam-sending domains; and,

• 0.10 percent were from domains that had published a Sender ID record, 86 percent of which were spam-sending domains.

“Active industry discussion around domain-level email authentication has yet to promote mass implementation,” Chasin said. “I am hopeful that continued industry cooperation on this front will yield more progress in 2006.”

2005: A Sobering Year
The MX Logic Threat Center also reported that there were over 17,000 new viruses or variants discovered in 2005 and that on average, one in 38 of all email messages it filtered was infected with a virus or worm. The prolific Sober mass-mailing worm was responsible for the biggest outbreaks of the year. The largest outbreak of the year was W32/Sober.Z (aka W32.Sober.X@mm, W32/Sober@MM!M681,WORM_SOBER.AG, Sober.Y, and W32/Sober-{X, Z}), which at its height infected one in eight messages that passed through the Threat Center.

“Without question, 2005 was the year of the Sober worm, with the most recent variant, Sober.Z, quickly becoming the biggest mass-mailing worm that our Threat Center has ever seen,” Chasin said. “The Sober worm author or authors now have an extensive army of infected PCs with command-and-control capabilities.”

The 2005 Sober outbreaks were not motivated by economic profit, but by ego and, in some instances, by a Neo-Nazi political agenda. This is contrary to the bulk of malware, which is largely motivated by economic gain.

In total, there have been over 30 variants of the Sober worm. The most notorious variants of 2005 included:

• W32/Sober.N (aka W32/Sober.P, W32/Sober.P@mm, W.32/Sober.O@mm, and W.32/Sober.S@mm), May 4: Inboxes were flooded with messages indicating that the recipient had won tickets to the 2006 World Cup, thereby enticing the recipient to open the attachment.

• W32/Sober.Q, May 14: Leveraged PCs infected by Sober.N to send out spam messages that contained URLs to Web sites with right-wing, German nationalistic content. One of the URLs pointed to the home page of Germany’s right-wing National Democratic Party (NPD).

• W32/Sober.Z, Nov. 21: Sober.Z spoofed email addresses to suggest that the message was sent by the FBI or CIA and requested that the attachment be opened to verify charges brought against the email recipient. Sober.Z accounted for 51 percent of all worm-infected messages in November. As a result of the Sober.Z outbreak, the MX Logic Threat Center saw a 275 percent increase in worm-infected email compared to the average for the three months prior. Additionally, Sober.Z traffic remained high well after the initial days of the outbreak. Sixteen days after initially identifying and blocking the worm, the MX Logic Threat Center reported that 60 percent of all messages it filtered were infected with the worm.

“At the end of the day, these worms spread because end users continue to fall victim to social-engineering tactics and because not enough is being done to identify and shut down zombie PCs,” Chasin said. “As a result, I fully anticipate that there will be more variants of the Sober worm in 2006.”

Spam Soap is one of MX Logic’s largest and most trusted Partners. Clients of Spam Soap enjoy the filtering sophistication and easy administration of MX Logic with the small-business service and support that Spam Soap has always delivered.

Close

Outbound Message Filtering enables businesses and service providers to proactively integrate email policy enforcement for all messages leaving corporate networks en route to valued customers or business partners.

• Prevent the distribution of company-sensitive information
• Prohibit outbound delivery of email with inappropriate content
• Strip oversize attachments
• Block the transmission of harmful viruses and worms

Outbound Message Filtering also enables businesses to protect intellectual property by preventing the accidental or intentional distribution of sensitive or proprietary internal information. Finally, integrating outbound message filtering allows businesses to enforce policies that help comply with legislative, privacy and security regulations.

Available as part of our comprehensive email defense solution, Outbound Message Filtering is critical to overall network protection

Close

This strategic partnership brings additional email protection by adding a combination of proven spam filters, leading anti-virus engines, content filtering, and email attack protection. Also, we now provide domain-oriented policy controls, effortless administration, and comprehensive end-user tools.

Spam Soap is one of MX Logic’s largest and most trusted Partners. Clients of Spam Soap enjoy the filtering sophistication and easy administration of MX Logic with the small-business service and support that Spam Soap has always delivered.

Close

A year after it went into effect, the federal CAN-SPAM Act is a “miserable” failure, a messaging security firm that monitors compliance with the anti-spam legislation said Tuesday.

“CAN SPAM has done a miserable job,” said Scott Chasin, the chief technology officer of Denver, Colo.-based MX Logic. Read more: http://www.techweb.com/wire/showArticle.jhtml?articleID=56900383

Close

Affecting computers running Microsoft Windows this update resolves a newly-discovered, privately reported vulnerability. A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system.

A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. Any program that processes JPEG images on the affected systems could be vulnerable to this attack, and any system that uses the affected programs or components could be vulnerable to this attack. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Spam Soap now secures your infrastructure so that email will not spread this vulnerability and has a foundation to protect against future JPEG related vulnerabilities.

Click here for more info:
http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx

Close

Look for Spam Soap in the September 16th issue of Network Computing in the Anti-Spam Resource Guide starting on page 80.

Close

Nucleus Research finds that spam will cost large US companies nearly $2,000 per employee in lost productivity this year. According to a report just released, spammers are winning the war for the control of corporate e-mail boxes, and US corporations are losing—big.

The report, Spam: The Serial ROI Killer, based on a survey of workers at Fortune 500 companies, by Nucleus Research, has found that despite the passage of the CAN-SPAM Act and widespread adoption of technologies designed to block unsolicited commercial messages aimed at workers’ e-mail boxes, companies will experience $1,934 in lost productivity per employee this year – over twice the level of last year.

While a nearly $2,000 per year loss per employee may sound high to some, most corporations estimate only a tenth of that, Nucleus says its estimate of the annual cost of spam is relatively conservative. That figure does not take into consideration the dollar expense of IT personnel, software, CPU hardware or bandwidth hogged by spam. It also doesn’t account for the less visible costs of spam, such as the negative impact of virus-triggered network outages on customer satisfaction or increased corporate exposure to harassment suits. eMarketer.com

Close

Spam Soap is proud to introduce our Outlook Sender Tool, a plug in that enables Outlook users to easily report email to Spam Soap .

Outlook Sender has been tested with all versions of Outlook and installs easily. Reporting uncaught spam is then a simple matter of selecting the message(s), clicking the new toolbar icon, and selecting “spam@spamsoap.com.” It forwards unwanted messages including headers to our filter adjustment team and deletes them from your mailbox. For people checking the Spambox, Outlook Sender also simplifies the reporting of non-spam email.

Click here to read more and download this free tool
“http://www.spamsoap.com/docs/spamsoap_outlook_sender.zip

Close