Just another update, on what our spam auditing team is seeing as trends
This week, notable activity that our teams are seeing...
* Amazon AWS abuse continues, pretty obvious spammers
You would think that when 500-1000 IP(s) are detected each day that
Amazon would worry about running out of clean IP(s), but we noticed
they added a bunch of new ones this week. Seems like there are about
three really aggressive players using AWS. Looks like they are
either using old email lists, or doing list scrubbing as well.
* GoDaddy, while it has been at the annoyance level for a while, lately
we have seen a large increase. Not sure what they use for outbound
rate limiting, but most of it is related to 'do you want a list of XX
users' to send spam to? Templates modify regularly, but a single
sender sure gets a lot out, and continues for a long time..
* A big rush from Azure happened again this week, but they appear to
have been stomped out 'fairly' quickly, using throwaway freenom
domains to send COVID related scams..
* More Russian hosting providers with poor customer vetting processes.
* o265 leakage
* SendGrid phishing attacks continue unabated.. Netflix and other
targets, still not 100% if this is bad sign-ups or compromised
accounts. As well, a lot of Dridex spam, eg malicious .xls
attachments, fake job interviews and fake invoice spam. You 'think'
that malicious attachments would set flags off at SendGrid
* Digital Ocean spammers, send email phishing 'Your account has been
locked' type, some of it pretty targeted.
As a whole, a lot less spam from the compromised IoT devices, and a
reduction of IoT brute force and email guessing attacks, with more
coming from the big cloud providers.
Everyone keep safe this weekend, go have a nice walk or bike ride in the
sun..
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
