DTG News and Else
The Design Center / DT&G & Else / NEWS ITEM  

Security: Backscatter Spam

new type of spam attack is growing exponentially

We reported two weeks ago that the User-groups.net and graphic-design.com was pounded and pounded for several days by thousands of Backscatter Spam. To guard ourselves, I deleted ALL the email addresses to both domains, switching exclusively to SpamCop. Now, my email was bouncing back to them. The problem is, it was bouncing good mail too. Hundreds of contacts had to be notified of the switch. Fortunately, I caught it early enough and was able to avoid the fate of another site, freedom-to-tinker.com, which was hit last week, and as of today, has still not come back up.

In Backscatter Spam the spammer grabs your e-mail address, using it in the from-line of a mass-spam. The rest of the spam is the same as usual. Since the "sent from" line looks legit, email filters intercept the spam. If it hits a dead address then the mail bounces back to -- guess who? You -- that's who. Or, in our case, ME!

A recent ComputerWorld.com article reports that this type of spam attack is growing exponentially.

For now, there's a solution for Windows users:

Astaro Corporation has deployed Astaro Security Gateway, which can detect and block what is known as backscatter.

Astaro Security Gateway implements an open source solution called BATV, which stands for Bounce Address Tag Validation, in order to combat this type of spam. This program embeds an encrypted signature into the hidden header of every outgoing mail message. Every time a bounce email comes into the Astaro product, it checks for this code. "If the signature is not there," says Astaro Product Evangelist Angelo Comazzetto, "we know with great certainty that the message did not originate from someone behind our device, and the message can thus be disposed of."

Spammers use backscatter to target email recipients by means of creating false "bounce" messages to them. Due to the legitimate-looking nature of this type of message, it has a very high open/read rate compared to normal spam. Further, many inferior mail-filters automatically pass bounce messages through their various anti-spam checks in order to ensure delivery of the notification-style message to the user. The spammer has therefore met his objective and delivered his message to the intended recipient through a third party mail server, and the user is highly likely to read it.

BATV is enabled by default in Astaro Security Gateway and can be toggled by way of a single check box.

Comazzetto explains further, "While rare, administrators of those domains that have any issues with BATV can make use of a granular exceptions list that can be used to remove senders, recipients, or entire domains from BATV and/or our other checks."

Astaro Corporation is headquartered in Burlington, Massachusetts and Karlsruhe, Germany. The Astaro Security Gateway, simplifying Email, Web & Network Security, has won numerous industry awards and is protecting over 30,000 networks in 60 countries. Astaro products are distributed by a worldwide network of nearly 2,500 solution partners who offer local support and services. For more information, please visit www.astaro.com. Burlington, MA (May 08,2008)


Return to &Else News & Views. . .


Participate in your Design Center

Lots of fun and information for all... don't forget, any community is only as good as the participation of its members. We invite your tips, tricks, comments, suggestions and camaraderie.

Learning, training, tips, tricks, and moreThe Design Bookshelf team reads and reviews the best books for the creative visual designer, desktop publishing practitioner and visual communicator. If you want to know it -- we'll show you the very best way to learn it... in the Designer's Bookshelf

Get more out of your computer: join a user group - There are computer clubs around the world called "user groups" where you find fellow computer users ready and willing to share a wealth of information. If you're not a UG member, you should be.. find a group at the User Group Network

Photoshop FAQ - Got a question? Get an answer: in the Photoshop 911 FAQ if you don't find the answer there, you can ask your question or send your problem to the Photoshop 911 Team

Advertise your products or services among these pages! Call: 540-433-8402 for details.