Spam threat turns table on ISPs

By

Spammers are turning the table on Internet Service Providers by using a new form of trojan that sends email from the ISPs themselves.

"I guess it's the logical thing to do," said Jay Heiser, research director at analysts Gartner. "If customers have access to information from ISPs that can be used to re-route emails through them, then it only makes sense."


The trojan works by sending spam via the mail server of its computer's registered ISP. Blocking spam coming from ISPs is difficult unless sophisticated content filtering is implemented, so the technique could herald a major rise in spam.

"Over the last few months ISPs have responded to the problem of zombie networks sending spam by blocking port 25 [the port through which emails from personal computers are sent]," said Paul Wood chief information security analyst as secure messaging firm Messagelabs.

"What this trojan does is to figure out the host from the ISP, so its not specifically dumb robots sending spam but the ISPs themselves."

Comcast was one of the providers that blocked port 25, a move that immediately reduced spam traffic. Now it, and many other ISPs are under threat from the new spamming technique.

Earlier this year US ISP Verizon came under attack for its brute blocking of port 25, refusing to accept emails sent from Europe. "Sometimes these policies just don't work," said Wood.

www.messagelabs.com
www.gartner.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
ispsonsecurityspamtablethreatturns

Sponsored Whitepapers

Transforming IT for the Hybrid Era
Transforming IT for the Hybrid Era
Powering secure AI at the Edge: What you need to know before it’s too late
Powering secure AI at the Edge: What you need to know before it’s too late
Ditch the Spreadsheets. Build a System That Grows With You.
Ditch the Spreadsheets. Build a System That Grows With You.
Gaining a Competitive Advantage with Communication APIs
Gaining a Competitive Advantage with Communication APIs
Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance

Events

Most Read Articles

Microsoft knew of SharePoint security flaw in May, initial patch ineffective

Microsoft knew of SharePoint security flaw in May, initial patch ineffective
ACSC alerts to exploited MS SharePoint remote code execution flaw

ACSC alerts to exploited MS SharePoint remote code execution flaw
"PoisonSeed" attack does not bypass hardware MFA

"PoisonSeed" attack does not bypass hardware MFA
Qantas obtains court order to prevent third-party access to stolen data

Qantas obtains court order to prevent third-party access to stolen data
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?