I was reading an article about the rise of image based spam. Now i have seen various statistics from different anti-spam companies saying that the amount of spam emails compared to the total number of emails is anywhere between 66% and 90% of the total. I had seen 91% quoted as well. I supposed looking at the amount of email sitting in my junk and spam folders i would think the lower 66% more likely, although it is still a hell of a lot of spam. It does make me think what do these companies class as spam, but that is for another post.
What really intrigued me in the article was the fact that image base spam now comprises 25% of the total spam problem, up from 5% a year ago and that the average size of a spam mail has risen from 9KB to 13KB.
Now i can hear lots of people saying “so what!”. Well if 60% of your inbound email is spam and you don’t manage your spam correctly, then this is a lot of resources (bandwidth, storage and productivity) waisted on junk email. The fact that image spam is on the rise means that even more of the bandwidth and storage resources will be waisted.
So why are these evil spammers turning to image based based spam? The answer is easy, to keep one step ahead of the anti-spam companies. Traditional anti-spam methods just searched text so HTML or image based spam would by pass the anti-spam filters. So the anti-spam brigade added OCR and other image scanning services to allow them to catch image based spam.
Naturally enough the spammers have adapted and now have added background patterns etc. to fool OCR and other image based anti-spam services. It is of course the ever changing nature of information security that the good guys are almost always playing catch up.
So what can you do. I have seen it suggested that you should setup your mail servers to only accept mail from your white list, i.e. only accept mail from certain mail domains. Of course for the majority of companies this wouldn’t be acceptable so what can you do.
Well for goodness sake, don’t do nothing. Make sure you have a good anti-spam service whether it is hosted externally or part of your infrastructure. Don’t just depend on a free or cheap service that only looks for text based key words or denies emails from domains on a spam database.
Now i’m off to take advantage of that offer i recieved in my email this morning, an extra couple of inches…….
Well it’s almost that time of the month again, when everyone with an MS server or desktop needs to pay attention to the latest security email from Micrsoft and start testing the patches when they are issued. I see that this time the advanced notification has 12 security updates with the obligatory “some may be critical”. It always bugs me that they say there will x number and some may be critical. Why not just issue the patches and be damned with advanced notification. Nowdays you are almost guaranteed that some will be critical. Of course you could always bypass the testing and just download and install automatically like most home & SME users will.
And lets wait for the avalanche of “is Linux\Apple more sucure” headlines. Anybody that subscribes to the Cert and UNIRAS (or what ever it is called now) alerts will know that the various -ux implementations and Apple all have their fair share of vulnerabilities, it’s just that no one out there really cares enough to put too much effort into taking advantage of them.
Avaya one-X Quick Edition is an innovative peer-to-peer phone system for locations with 20 users or less. It is simple to set-up and use, and is ideal for small businesses and small branch offices requiring an intelligent communications solution that is easy to support and maintain.
Avaya’s one-X Quick Edition is a plug-and-play solution with system intelligence based in each Quick Edition IP phone. No advanced installation skills are required and the need for a separate server or processor unit is eliminated. All that’s required is a standard 10/100Mbps switched Local Area Network (LAN). Avaya’s one-X Quick Edition is a professional phone system tailored to the needs of small businesses supporting the most commonly used telephony applications including voicemail, conferencing and auto-attendant.
Avaya’s one-X Quick Edition phones support connection to SIP trunks. This gives small businesses the potential to reduce their telephony costs by connecting to an Avaya-validated SIP service provider. Enterprise branch offices can connect via SIP trunks to a central site with an Avaya SIP Enablement Services (SES) environment. In either case, traditional analogue trunk connections can also be made using the optional Quick Edition G11 4-port PSTN (Public Switched Telephone Network) Gateway.
Installation and set-up is simple. Avaya’s one-X Quick Edition phones are plugged directly into the LAN and once powered, automatically “discover” each other and prompt for network and user name. Once entered, the phones are fully operational in a matter of minutes. As an office grows, new employees can be added to the system by simply adding a new phone to the network. When deployed in small offices with 20 phones or less, one-X Quick Edition does not require any QoS (Quality of Service) configuration or formal network assessment.
The distributed nature of peer-to-peer technology provides business continuity advantages by eliminating a single point of telephony failure. Avaya one-X Quick Edition phones also automatically back-up one another’s voice mail.
If business needs change or functionality requirements outgrow the capabilities of the system, Avaya’s one-X Quick Edition offers businesses the flexibility to migrate to more advanced solutions such as Avaya IP Office or Avaya Communication Manager. This enables businesses to reuse the Avaya 4600 series IP handsets with these other systems
“Small businesses today demand the same benefits from technology as their larger competitors but also demand simplicity and a low cost of sale” said Paul Louden, Country Manager, SME Business, UK & Ireland “With the availability of Avaya’s one-X Quick Edition, our Distributors and BusinessPartners will be able to provide their SME customers with a highly efficient, flexible IP telephony solution, with a product migration strategy that can be developed at their own pace without risking their investment.”
Trend Micro announced the latest version of its Worry-Free Security Solutions. The newest version, CSM 3.5, builds upon the success of previous versions by extending all-in-one integrated protection against malicious, emerging web-threats such as spyware through a powerful new anti-spyware engine; by improving anti-spam effectiveness; and by maintaining ease of implementation and use.
The latest edition of Trend Micro™ Worry-Free Security for SMB have been designed to meet the security challenges faced by small organisations and channel partners, by providing a dedicated security product with single-step installation and deployment, plus proactive defences against traditional and emerging malware.