Emerging Threats
Taxonomy of Current and Potential Mobile Threats
Abstract
Emerging classes of messaging abuse in the mobile environment have led to neologisms like "smishing," or SMS phishing. Are these mobile threats real, or are they simply media-constructed FUDD that ultimately distracts security managers from more imminent and damaging threats? This paper provides a broad consideration of all potential messaging threats that may confront wireless operators and breaks them down into two broad categories: (1) wireline-to-wireless threats and (2) wireless-specific threats. These two threat types are considered individually due to technical and economic reasons, which play key roles in how likely they are to proliferate in the wireless environment and what are the appropriate methods to stop them.
Anti-Phishing Best Practices for ISPs and Mailbox Providers: A MAAWG Document
While spam is an annoyance, phishing can cause major financial disruptions for those involved. Phishing is becoming a major concern for ISPs, and pressure to take action is coming from both users and the financial institutions that are targets of the attacks. ISPs are being forced to actively participate in the global reduction of phishing attempts to mitigate customer churn and possibility of litigation. This document distills best practices used by members of MAAWG to combat the growing problem of phishing.
New Phishing Attack Utilizing VoIP Technology
Abstract
Cloudmark's Global Threat Network® has recently detected a new variant of the classic email phishing scam that leverages the emerging technology of Voice over IP (VoIP). The attack circulates via an email from a bank with a request that customers call an "official" number to verify account information. The phone number connects the customer by VoIP to a soft PBX system that utilizes an interactive voice recognition (IVR) application. The customer then provides his personal account information, which, in turn, is transcribed and saved by the IVR system.
How Collaborative Filtering Stops Future Forms of Messaging Abuse
Abstract
Conventional anti-virus software relies on a staff of researchers to laboriously isolate and analyze viruses, write signatures, and distribute rules to block them. This process can take up to 24 hours and often blindly blocks many legitimate messages with attached executable code. In contrast, Cloudmark uses automatic fingerprinting algorithms in conjunction with a reputation-based community of trusted reporters to identify and stop viruses in real time. The Cloudmark technology is language-agnostic, format-agnostic, representation-agnostic, and protocol-agnostic – making it particularly suited to combating all forms of messaging abuse.
Why Conventional Anti-Virus Techniques Won't Stop New Threats
Abstract
Conventional anti-spam software looks at fixed patterns, such as words or addresses found in the message or its routing data, to combat spam. Unfortunately, spam changes constantly, rarely employing the exact same language or routing. Cloudmark's anti-spam solution works by extracting flexible fingerprints from messages identified by members of the Global Threat Network, a massive collection of messaging abuse reporters. These fingerprints are examined by the Truth Evaluation System® (TES) to quickly determine the disposition of the content based upon the content reporter's reputation. When taken as a whole, the system allows for fingerprints for any form of content, including viruses, phishing, and spyware, to be identified and passed to content filters at speeds that are much faster than conventional anti-spam or anti-virus products.