How To Best Fight Spam

If you are a LinkedIn user, you may have been among the 6.46 million users who’s password was published on the Internet due to a recent data breach.

If not, you are one of the lucky ones. But even these users will likely find themselves a target for spammers looking to take advantage of people worried that their password is floating around cyberspace somewhere.

Unfortunately for LinkedIn’s users, the social network has been sending legitimate emails to its users. The spam campaign, therefore, couldn’t have come at a worse time as some users will receive messages that look legitimate asking the recipient to confirm his or her email address by following a link embedded in the message. But instead of resetting the victim’s password, clicking the link will take them to an illegal online pharmacy selling Viagra and other medications.

The result of an upward trend

Some industry experts are left to wonder if the data breach was actually part of a coordinated effort by cybercriminals to compliment their spamming campaign. Regardless, the most recent attempts do reflect an upward trend in spam and phishing attempts.

According to the Email Security Report from Eleven, a German security provider, the amount of spam, phishing and malware laden emails are on the rise.

Spam, according to the report, is up 17.3 percent, phishing 23.6 percent and malware delivered via email increased by 251.6 percent over the same time period.

While these numbers are certainly troublesome they are nothing new. The rise in the use of email for cybercrime has been on a steady uptick for quite some time. In fact, only recently have some industry reports showed that there was a slight decrease in spam for a period after large botnets were taken down. But even those reports drew some skepticism.

Bucking the trend

Not all companies find themselves under a deluge of spam and other illegitimate emails.

Generally, those companies who don’t find themselves constantly fighting the spam battle have a few things in common. They have a trusted anti-spam solution in place that offers multiple layers of security, they have sound email policies with employee buy in and they are proactive.

Putting an anti-spam solution in place can be intimidating, especially for a smaller company who doesn’t have the budget to spend on some of the expensive hardware appliances that vendors are often pushing.

However cost shouldn’t be a prohibitive factor, and if you do your research you will find that quality anti-spam solutions can be found tailored specifically for small to medium sized enterprises. And these solutions not only stop incoming spam, but they help prevent malware outbreaks and filter outgoing messages.

However, simply adding a piece of hardware or software to your current infrastructure alone won’t solve a company’s spam problem. To compliment that shiny new appliance in the server cabinet your organization has to have a solid email compliance policy in place. Not only that, but you need to make sure that both management and your co-workers see the importance of such a policy so they have complete buy in. If you need some help deciding what to put into your company email policies, check out this article for some guidance.

Finally, the champions in the fight against spam also make sure that they are proactive. And this is the most important piece to the puzzle.

Like other organizations, they have anti-spam solutions in place and their policies are followed. But the main difference is they had them in place before spam, malware and phishing were a problem in the first place.

Too many companies look to security as an expense that they just don’t have the budget for. Then when disaster strikes they realize that the clean-up costs and the damage done to their reputation far outweighs what they would have spent to guard against spam and other email related security concerns.

Email borne threats will continue to exist as long as there are ways that cybercriminals can make money from them. And these threats will rise and fall depending on different variables, however those who are smart about how to handle these threats will continue on, business as usual.

If you worked for company who was proactive about their email security, share with us what they did to stop spam at the gates.

Written by Jeff

0 Comments

  1. Alexis Conor · June 13, 2012

    Proactive is, I think, the keyword. You need to be able to have anti-spam built into the very infrastructure of your company and have it a priority that gets reviewed and updated regularly in order to keep attacks at a minimum, and successful attacks as close to zero as possible. Adopting a more secure approach after an attack is effective as well, sure, but then the damage has already been done to your systems, data, and reputation.

  2. Angelo Taniel · June 17, 2012

    You can never say it won’t happen to me. Because the minute when you’re most complacent is the time when you’re most vulnerable. No matter how small you are as a company or how less sensitive of an information you hold in your network, information’s value is relative. Whatever maybe considered as irrelevant can be highly important to someone. Knowing how to take advantage of seemingly trivial data is a skill by the most successful of spammers.

    Paranoia has its advantages. When paranoia is ruled more than logic than the fear, certain calculations precautions are used. Most people even call it as foresight. And isn’t foresight a necessary business skill?

  3. Ara Silver · June 29, 2012

    I am lucky to find a partner with our HR department. They are believers of the internet usage and information handling policies that we collaborated in developing. Inspite that cooperation, enforcement is a problem. HR is beset with a host of other urgent maters like sexual harassment lawsuits and other legal compliance issues.

    Inspite their support and programs towards educating employees and enjoining/mandating them to comply with our policies, we still notice some deviants.

    It’s going to be a long and hard process. But, it’s going to be a worthy process, nonetheless. Maintaining our good graces with the HR department will always be key.

Leave A Reply