It is a shame that even the IETF has fallen victim to the threats of
CORVID-19, and had to cancel their in-person meetings in Vancouver, but
in the spirit, wanted to remind everyone that we can still help move
discussions around email security forward, without meeting in person.
On that note, took some time out to jump into spam auditor reports and
the spam folder to see what the bad guys are up to right now.
* Increase of fake Job Applicant spam
Seems like someone likes the LeaseWeb IP space for operating this one,
pretty compelling job adds, but instead of real links to resumes, it
links to Malware, a lot of it on Google Drive, but I liked this phishing
URL.. WWW.LIKEDIN.COM/IN/MRNSP, have a feeling it will fool a few
people, assume that someone can get that domain taken down quickly.
* New round of sextortion spam from infected Windows machines
Sure wish ISP's would block port 25 more on dynamic IP(s), *cough*
(Telmex), but this one should not bother too many people, script kiddy
forget to do a trial run I assume.
Return-Path: <{%fromname%}0...@me.com>
Received: from host164.186-13-133.telmex.net.ar (HELO me.com)
(186.13.133.164)
* Bot Traffic Spam is up, after a lull for a couple of weeks
Doesn't appear to be Emotet, but there are a lot of others out there, it
was too much to hope for that they gave up, so I guess there are still
enough email servers out there with lousy spam protection, that they are
getting some fish.
* Increase in Amazon Spammers..
Never did think it would be cost effective, but someone has found a way..
* Gmail 'marketing' company spam on the increase again.
Not sure why bells don't go off with some of these companies, but again
a lot of SEO spammers should getting away with murder. And these are
mostly through their own domains, and not throwaway addresses,
@marketingmaster.in
* POP/IMAP Brute Forcing continuing it's rise..
All bot driven, many different countries, mostly from compromised
routers, yeah they are still a thing, just used for different purposes now.
* Nigerian Prince Spammers returning in full force
I don't really mean they are from Nigerian, but they are using Gmail,
MS, Yahoo, and other 'too big to block', so make sure your email filters
are in good order. Wish those companies would do better on detecting
outbound, could be compromised or fake sign-ups, but the content is like
20 years old..
* And reports of some bad actors using a lot of NameCheap IP Space..
But now back to your regular programming ..
(Been a little quite on here, and I am sure everyone can use a break
from talking about the 'other virus')
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
