Planet Antispam

FBI: Online Banking Attacks Reach $100 Million Mark

FBI: Online Banking Attacks Reach $100 Million Mark:

“…the typical scenario involves the victims receiving a phishing e-mail with an infected attachment or malicious link. If the recipient falls for the trick, they end up downloading a key logger that swipes their business or corporate bank account credentials. The thieves then create another user account with the stolen data and begin transferring funds via traditional wire transfers and ACH transfers while pretending to be the legitimate user.”

November 06, 2009 04:02 PM

Al Iverson's DNSBL Resource

Status of DSBL: Dead

The DNSBL called "DSBL" is no more. As of March 11, 2009, their website reports: "DSBL is GONE and highly unlikely to return. Please remove it from your mail server configuration." DSBL was an open relay/open proxy DNSBL. From the website: "DSBL relied on volunteers who, upon receiving spam, would test the IP addresses that sent them spam for open relay and open proxy vulnerabilities. "The

November 06, 2009 03:15 PM

Fake Facebook e-mail “Subject: updated account agreement”

It has been a busy week so far for the writers of e-mail exploits and this Friday morning they continue to try to trick the public into installing their malware. The latest threat to fall into the Sophos spam traps purports to come from Facebook and requests the user to update their account agreement by unzipping and executing an attached file called agreement.exe.

Dear Facebook user,

Due to Facebook policy changes, all Facebook users must submit a new, updated account agreement, regardless of their original account start date.
Accounts that do not submit the updated account agreement by the deadline will have restricted.

Please unzip the attached file and run “agreement.exe” by double-clicking it.

Thanks,
The Facebook Team

Of course we all know that it is pure folly to unzip and run an unknown executable attached to an e-mail, however the implied threat of finding their access to Facebook restricted by ‘the deadline’, whenever that may be, is obviously severe enough to panic a number of the users of Facebook into falling for this trick.

They really should think twice, by agreeing to install agreement.exe they will install a Trojan.

Sophos detects this threat as Troj/Dloadr-CWS.

November 06, 2009 01:46 PM

John Graham-Cumming

Geek Weekend (Paris Edition), Day 2: Foucault's Pendulum

Not very far from The Curie Museum is the former church and now burial place for the great and good men (and one woman) of France: The Pantheon. Inside the Pantheon is the original Foucault's Pendulum.

The pendulum was first mounted in the Pantheon in 1851 to demonstrate that the Earth is rotating. The pendulum swings back and forth in the same plane, but the Earth moves. Relative to the floor (and to the convenient hour scale provided) the pendulum appears to rotate.

The pendulum is on a 67m long cable hanging from the roof of the Pantheon. The bob at the end of the cable weight 27kg. In the Pantheon the pendulum appears to rotate at 11 degrees per hour (which means it takes more than a day to return to its original position). If it were mounted at the North Pole it would 'rotate' once every 24 hours, the pendulum's period of rotation depends on the latitude diminishing to 0 degrees per hour at the equator (i.e. it doesn't 'rotate' at all).

If you take a look at the photograph above you can see that I was there just after 1200. The scale shows the current time measured by the pendulum.

The actual movement of the pendulum is only hard to understand because the common sense assumption is that the floor is not moving, but of course it is. It appears that what we are observing is a pendulum swinging above a fixed floor.

But the floor is actually moving because of the rotation of the Earth. That makes understanding the pendulum's motion harder. The important factor is the Coriolis Effect (sometimes erroneously called the Coriolis Force).

The simplest way to visualize the Coriolis Effect is to imagine firing a gun at the Equator straight northwards along a meridian. Because the Earth rotates the bullet will not land on the meridian, the Earth will have moved and the bullet will land to the west of the meridian. It looks as though a force has acted on the bullet to push it sideways. Of course, there's no actual force, it's just that the frame of reference (i.e. where the observer is) is not stationary.

Essentially the same thing happens with Foucault's Pendulum. The observer and the floor are not stationary and so the pendulum has an apparent motion.

November 06, 2009 01:37 PM

Tis the Season for Christmas Spam

Halloween has barely passed but spammers are already flooding the net with their Christmas spam campaigns. The spam messages sport urgent-sounding headlines like “Quantities are low!” and advertise knock offs of designer handbags, watches and jewelry. Anyone who clicks on the included link is taken to a very slick and legit looking site that is actually malicious. It’s a fake storefront designed to steal personal and financial info. Experts say that the Cutwail botnet is responsible.

As if that weren’t enough, believe it or not, Valentine’s Day themed spam has already been spotted as well! The spams are in the form of love letters and hawk male enhancement products and shady internet pharmacies claiming to offer cheap Viagra and Cialis. In addition, spam exploiting the 2010 World Cup, which is over 6 months away. Those spams are thinly veiled 419 or Nigerian scam messages. The Cutwail and Rustock botnets are responsible. It appears spammers are getting a very early jump on upcoming holidays and events and are trying a variety of different scams. This is only the beginning. Expect more holiday themed spam and malware attacks to be unleashed as the season unfolds.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Tis the Season for Christmas Spam

November 06, 2009 12:57 PM

John Graham-Cumming

Some real data about JavaScript tagging on web pages

Since March of this year I've been running a private web spider looking at the number of web tags on web pages belonging to the Fortune 1000 and the top 1,000 web sites by traffic. Using the spider I've been able to see which products are deployed where, and how those products are growing or shrinking.

The web tags being tracked are those used for ad serving, web analytics, A/B testing, audience measurement and similar.

The spider captures everything about the page, including screen shots, and I'm able to drill in to see the state of a page and all its includes at the time of spidering. Here's shot of Apple with all the detail that the spider keeps.

The first interesting thing is to look at the top 1,000 web sites by traffic and see how many different tags are deployed per page. The average is 2.21, but if you exclude those that have no tags at all then the average is 3.10. Here's the distribution of number of tags against percentage of sites.

And of course, it's possible to see the market share of various different products. Here are the top 10 that I am tracking. Google Analytics has an impressive 43% of the top 1,000 web sites by traffic.

Since I've been tracking over time it's also possible to watch the growth (and decline). Here's the growth in the average number of tags on a web page (excluding pages that have no tags) since March 2009.

Since I also keep all the JavaScript and HTML for a page it's a breeze to calculate page weights. Here's a chart showing the size of HTML and JavaScript for the top 1,000 web pages by traffic. The x-axis shows the size of the page (excluding images) in kilo- or megabytes. The y-axis is the percentage of sites in that band.

I was shocked when I saw that list and suspected a bug. How could their be web sites with megabytes of non-image content? It turned out that it wasn't a bug. For example, at the time of downloading the HTML and JavaScript for Gawker was over 1Mb.

In a previous post I showed in detail the tagging on a site and that 29% of the non-graphic content was JavaScript used for web tagging. Here's another chart showing what percentage of web page markup is included JavaScript (this can include stuff like jQuery and web tagging products).

The really surprising thing there is how much JavaScript there is on pages. For many pages it's the majority of non-graphic content. Take for example Subscene where the home page HTML is about 18k but then masses of JavaScript are included (including over 200k from Facebook, a similar amount from UPS and various other bits of code).

If you delve into the tags actually used by various products you'll see that the sizes of JavaScript used for them varies a lot. comScore's Beacon is tiny (just 866 bytes)!

Finally, you might be asking yourself which site had 16 different tags on it. The winner is the celebrity gossip site TMZ.

November 06, 2009 11:58 AM

Identity theft is the real thing

Last week, a Wall Street Journal article entitled “The fallacy of identity theft” may have given some people the mistaken impression that there’s nothing to worry about, and that everyone’s identities are safe. Unfortunately, however, that’s not quite the case, and yes, you do need to be paranoid about it. It’s the real deal, and identity thieves can, and do on a regular basis, steal peoples’ identities and wreak havoc on their lives.

The article starts out by deconstructing the term “identity theft” which makes it seem less dangerous than it really is and states that “identity theft” doesn’t steal anybody’s true identity, or personhood of what makes them what they are. When you are a victim of this crime, you remain you, but that’s only a small consolation when a stranger is charging up luxury cruises and fur coats on your credit card. It’s a semantic bit of theory that was actually played out on the “Family Guy” cartoon when actor James Woods stole the identity of cartoon character Peter Griffin, to the point of moving into Peter’s home, sitting at his dinner table and sleeping in his bed. It was a funny episode, but of course, that’s not what identity theft really is.

The article comments about how experts “hounded” people into shredding bank statements and being vigilant about monitoring credit reports, but the fact is, doing so really is a good idea. It’s not a conspiracy by manufacturers of shredding machines, or of companies offering various fee-based monitoring and protection services. And here’s the real kicker, at the end of the article: “It turns out that ‘identity theft’ is one of the most brilliant linguistic constructs ever, with its terrifying specter of losing not just your money—but your soul. Maybe it’s time that we renamed it what it is: a fear campaign designed to get us to buy expensive services that we don’t need.”

Advice like this is what lulls people into a false sense of security and prevents them from taking the precautions that they need to take. Is it a fear campaign? To a degree, yes, it is. But it’s based on fear of something very real. So there is reason to be afraid and one must take the necessary steps to protect oneself – because you could be a victim.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Identity theft is the real thing

November 06, 2009 11:05 AM

John Graham-Cumming

Security Now #221

I was a guest on Security Now this week and the podcast has now been released (as has a transcript). Steve Gibson and some other people asked me to provide the presentation in some relatively readable format.

The original presentation is here, but it, ironically, requires JavaScript and Adobe Flash. So here are two additional formats: old style Microsoft PowerPoint and PDF.

November 06, 2009 09:37 AM

Spam Wars Dispatches

Facebook, Part Two

Earlier today we had a Facebook phishing scam to capture login credentials. Now Facebook is being abused as a way to get spam recipients to install a Trojan:

From: "Facebook Support" <confirmation@facebook.com>
Subject: Facebook Password Reset Confirmation.Support Message.
Hey [removed] ,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
Your Facebook.

The attachment is a file named Facebook_Details_11c97.zip. Unfortunately, VirusTotal shows only 5% recognition by antivirus products.

November 06, 2009 06:30 AM

November 06, 2009 05:28 AM

How a phish works

Recently we have received a PayPal phishing email and it looks like this.

It is not hard to spot that this email is a phish since clicking on the link does not take us to PayPal.com but to some remote site (which is already blocked by Sophos’s web appliance).

The web page loaded from this site disguises itself as PayPal.com as shown below.

However, this web page is just an image of the real PayPal.com web page. All the tabs and links on this fake web page can not be selected and only the email address and password text field can be used. This is another obvious sign that the web site is fake. By logging in with some fake email address and password we were lead to the following page.

By clicking on the link we were directed to another web page as shown below.

How can we tell that this web page is fake? It is quite simple, this page has the following URL.

We provided some fake account and address information, the site then redirects us to a page asking us to supply our banking details.

We then decided to supply more fake banking information to the web page and see where it will lead us. As a result we were lead to the following page.

Finally, the site will refresh and redirect us to the genuine PayPal.com web page.

November 05, 2009

Terry Zink

The Story of Conficker, part 2

The Conficker Working Group Is Born

In January 2009, representatives from a number of security research companies and domain registrars, along with the anti-botnet Shadowserver Foundation, began discussing how best to implement a defensive Domain Name Service (DNS) strategy to handle domain registrations. To coordinate the significant amount of e-mail being generated by these discussions, the group established the CONFICKER e-mailing list on January 28, which drew a growing number of security researchers and members from law enforcement, academia, and industry, in addition to members representing each of the eight TLDs used by Conficker. Enlisting the support of the TLD operators would prove to be a vital step in containing the Conficker threat, enabling the group to block domain names more efficiently and at far less expense than would be possible through the commercial registration process.

By early February 2009, working group members had instituted a process for registering as many domain names as possible, before the Conficker operators could register them, and assigning them to IP addresses belonging to six sinkholes (server complexes designed to absorb and analyze malware traffic) operated by organizations belonging to the working group. Infected computers looking for command-and-control servers would contact the sinkholes instead, providing researchers with valuable telemetry for analyzing the spread of the worm. A number of Internet service providers (ISPs) were also able to use this telemetry data to identify infected computers.

Around the same time, the Internet Corporation for Assigned Names and Numbers (ICANN), which is responsible for allocating IP addresses and managing the Internet domain name system, invited the group to deliver a presentation on its domain registration efforts to a meeting of the ICANN board of directors. The board expressed its support for the program and assigned two staffers to help coordinate it. Despite these efforts, the Conficker operators were still able to register some domains before the working group could get to them. To mitigate this, researchers at Kaspersky Lab, an anti-malware vendor headquartered in Russia, worked with OpenDNS, a free network resolution service used by many organizations and individuals, to compute a year’s worth of Conficker domain names and proactively point them at the group’s sinkholes. Any infected computer belonging to an OpenDNS user would not be able to contact any of the Conficker command-and-control servers, even on domains the Conficker operators had been able to secure.

The formation of the Conficker Working Group (CWG) was officially announced to the public on February 12, 2009, as what a number of news stories characterized as an unprecedented example of global cooperation in the computer security industry, and a potential blueprint for dealing with threats in the future. The CWG had grown from an e-mail list for nine individuals to a group of more than 30 member organizations from around the world, coordinating complex activities through a robust communications infrastructure. On the day the CWG was announced, the group had successfully registered every Conficker domain name for the next 10 days, a genuine—if temporary—victory over the Conficker operators.

Conficker, Part 1
Conficker, Part 2
Conficker, Part 3

November 05, 2009 11:10 PM

Enemieslist

new pats posted - 20091105 (maintenance pats release)

45019 patterns, 11500 right anchor strings, 187816 test IPs.

Some more contribs and updates. There were several interim releases since
11/04; I'll continue to do this and only mention major releases from now
on. Eventually, we will move to a more automated publishing model and
I'll have to figure out whether anyone finds these notices useful or if
I will just stop doing them altogether.

Download them here:

sendmail:
http://enemieslist.com/downloads/sendmail_access_db
http://enemieslist.com/downloads/rightanchors

postfix:
http://enemieslist.com/downloads/postfix_regexp_table
http://enemieslist.com/downloads/postfix_regexp_table-20091105

exim:
http://enemieslist.com/downloads/exim_hosts
http://enemieslist.com/downloads/exim_hosts-20091105

November 05, 2009 10:12 PM

Technology Liberation Front: Google’s Privacy Dashboard: Another Major Step Forward in User Empowerment & Transparency

Technology Liberation Front: Google’s Privacy Dashboard: Another Major Step Forward in User Empowerment & Transparency:

‘Google’s announcement of its Privacy Dashboard…is a major step forward in both informing users about what data Google has tied to their account in each of Google’s many products and in empowering users to easily manage their privacy settings for each product. If users decide they’d rather “take their ball and go home,” they can do that, too, by simply deleting their data.’

November 05, 2009 10:10 PM

Silent Noise

I should receive money transfer?

I know I should not receive any money transfer from Western Union or a parcel from DHL.

Even someone claims so at least a couple of times each day lately.
But look out for the attachments, this is a real cat and mouse race.

The last one I received only a few minutes ago were only detected by 2 AV-vendors.
ClamAV calls it "Suspect.Bredozip-zippwd-4" and Sophos "Troj/BredoZp-L".
All according to VirusTotal.

November 05, 2009 10:10 PM

All Spammed Up: ICANN move contributing to URL spoofing?

All Spammed Up: ICANN move contributing to URL spoofing?:

“With the addition of International Domain Names, which ICANN will be expanding next year, phishers found another way to disguise their spoofing by taking advantage of similarities between some of the characters in foreign and Latin alphabets. What makes that approach superior to other typographic tricks is that a target may have no way of knowing that he or she is headed to a spoofed address. That’s because in certain fonts foreign characters look like Latin characters.”

November 05, 2009 09:09 PM

Seth's Blog: The unclicking 84%

Seth's Blog: The unclicking 84%:

“…all of the clicks for all the ads online come from only 16% of the surfers, and most of them come from just 4% of all internet users.”

November 05, 2009 08:08 PM

Spam Wars Dispatches

Facebook Login Credentials Phishing

Here's a believable phishing message aimed at capturing Facebook accounts and username/password pairs to accomplish a variety of nastiness:

From: "Facebook" <update+zzbvjrnbpbnx@facebookmail.com>
Subject: New login system
Dear Facebook user,

In an effort to make your online experience safer and more enjoyable, Facebook will be implementing a new login system that will affect all Facebook users. These changes will offer new features and increased account security.
Before you are able to use the new login system, you will be required to update your account.

Please click on the link below to update your account online now:

http://www.facebook.com.[removed].eu/globaldirectory/LoginFacebook.php?ref=20244492275620965881064893464436522177812276399621698&email=[removed]@dannyg.com

If you have any questions, reference our New User Guide.

Thanks,
The Facebook Team

It was easy for me to recognize this as a fake from the inbox listing because I'm one of the few remaining people on Earth who doesn't have a Facebook account. But even if you're a Facebook user, any email message that talks about security, logging in, or passwords should set your Suspicion switch to High. This carefully crafted message uses a long URL that looks to be to facebook.com — unless you understand how URLs work, in which case you'd see that the URL is actually to a .eu domain. Moreover, the URL and very Facebook-looking phishing page at the URL destination are wired to display your login name (email address) already filled into the login form — most likely just like a real Facebook login page.

Many malware followers wonder how any user could be fooled into yielding login credentials to a phisher, even after so much publicity about such attacks. This is how.

November 05, 2009 07:10 PM

ExactTarget: Real Email Threat #3: Lax Permission

ExactTarget: Real Email Threat #3: Lax Permission:

“The issue of permission presents one of the greatest threats to the future of email marketing. …consumers want greater control over email. They want control over SPAM, they want to be able to unsubscribe from email more easily, and they want greater control over the frequency of commercial email coming to their inboxes. …The belief that marketers can send email to their customers based on a ‘prior existing relationship’—the premise for email appends—is dead. Customers don’t want the practice to continue.”

November 05, 2009 07:04 PM

SFGate: Internet gear isn't isolating us, study says

SFGate: Internet gear isn't isolating us, study says:

“Fears that the Internet and other personal technologies are making Americans socially isolated are unfounded…people who use the Internet, instant messaging, mobile phones, photo sharing sites and social networks benefit from being more likely to have a larger, more diverse core of close confidants.”

November 05, 2009 06:04 PM

Word to the Wise: Senders need to take responsibility

Word to the Wise: Senders need to take responsibility:

“…senders need to stop waiting for the ISPs to define good practices. Senders need to implement standards and good practices just because they’re good practices, not because the ISPs are dictating the practices. Senders need to stop customers from doing bad things, and dump them if they won’t stop. Senders need to stop relying on ISPs for specific answers to why mail is being blocked. Senders need to take responsibility for the mail going across their networks.”

November 05, 2009 05:04 PM

Advertising Age: Latest Ad Scammers: Faux Ad Agency Execs

Advertising Age: Latest Ad Scammers: Faux Ad Agency Execs:

“Ads have long been a gateway for spammers and hackers to distribute malicious code, but now the crooks are showing a new level of sophistication by posing as agency executives walking right into the front doors of well-known publishers.”

November 05, 2009 04:03 PM

ICANN move contributing to URL spoofing?

By the middle of next year, the lock that Latin alphabets have had on Internet domain names will be broken, when a plan announced last week by the International Corporation for Assigned Names and Numbers, better known as ICANN, is implemented. That prospect may have phishers licking their lips.

The move–claimed by ICANN as the biggest technical change in the 40-year history of the Internet–will allow domain names to be created in languages such as Arabic, Korean, Greek, Hindi, Japanese and Cyrillic. It was initially approved in 2008, but finalization won’t be completed until the organization wraps up its conference in Seoul, Korea. While the new non-Latin alphabet addresses won’t start appearing until next year, ICANN expects to see applications for the domains appearing as early as next month.

ICANN estimates that more than half of the Internet’s 1.6 billion surfers use non-Latin alphabets and that the acceptance of those alphabets in domain names will save 60 billion to 100 billion keystrokes a day by averting the need to type country codes in Web addresses. Some countries are already using their native alphabets in domain names, but their country codes are in a Latin letter set. Bulgaria, for example, uses Cyrilic, but uses .bg for its country code.

ICANN has been testing the new technology behind the change for two years–a process that phishers are keenly aware of. They’ve exploited a variation of a technique, called URL spoofing, that leverages non-Latin characters in domain names to divert unsuspecting Websters to malicious Internet sites to rip off their personal information and infect their computers with malware.

URL spoofing substitutes an outlaw Web address for a legitimate one. A simple way to do that is to exploit the state of spelling among English-speaking people. A site like eddiebaur.com might fool the eye of a casual Web surfer looking for outdoor gear from Eddie Bauer. Gaps in domain coverage can also aid spoofers. Who can forget the adult website owner who registered whitehouse.com and siphoned traffic intended for whitehouse.gov? Poor screen typography has also been a rich source of exploitation for phishers. For example, g00gle.com can appear to be google.com in some screen fonts.

With the addition of International Domain Names, which ICANN will be expanding next year, phishers found another way to disguise their spoofing by taking advantage of similarities between some of the characters in foreign and Latin alphabets. What makes that approach superior to other typographic tricks is that a target may have no way of knowing that he or she is headed to a spoofed address. That’s because in certain fonts foreign characters look like Latin characters. For example, a Cyrillic “o” will look like its Latin counterpart in many fonts. While a netizen may not be able to distinguish between the two o’s, his or her browser can, and it will act accordingly, taking the unwitting cybertraveler to some Internet back alley where he or she can be fleeced.

ICANN has believed for a long time that homographic attacks that exploit IDNs are a manageable problem. For example, it noted in a statement released in 2005:

“While the recent publicising of the IDN-based homograph attack potential has brought this issue to wider public attention, the possibilities of the expansion of homograph exploits has been a topic of research and discussion within the ICANN community since before the adoption of IDN standards. Significant work has been done to define implementation practices such as IDN Language Registry Tables, and guidelines for restricting or managing mixed-character-set domain name registrations.”

“ICANN is concerned about the potential exacerbation of homograph domain name spoofing as IDNs become more widespread,” it added, “and is equally concerned about the implementation of countermeasures that may unnecessarily restrict the use and availability of IDNs.”

Despite ICANN’s optimism, the verdict will reamin out on how manageable the spoofing problem is until cyberspace starts getting flooded with IDNs and the phishers start working their malevolence on them.

Phishing is becoming increasingly popular among Black Hats as a vehicle for Internet crime. The Anti-Phishing Working Group, in an analysis released last month, noted that unique phishing reports submitted to the organization hit an all time high of 37,758 in May. The number of phishing websites also peaked during the first six months of this year, reaching 49,084, the highest figure since April 2007, when a record 55,643 sites were reported.

The APWG also revealed that the unique instances of domains used to target specific brands reached an all time high of 21,085 in June, a 92 percent increase over January of this year.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

ICANN move contributing to URL spoofing?

November 05, 2009 03:17 PM

Is it art? Controversy over OSX/LoseGame-A

Last week, SophosLabs released detection for OSX/LoseGame-A and following Symantec’s publishing detection (which they call OSX.Loosemaque) there has been some controversy about whether this is a game or malware (see 1, 2, 3).

From my point of view this is malware. Why?

The warning screen isn’t multi-lingual if English isn’t your first language you will still recognize ‘PRESS ANY KEY TO CONTINUE’.
Even if English is your first language a child looking for games on the computer will not read the warning but press through to the game.

Lose Lose warning screen

Would our corporate customers want this on their networks?

The concept behind OSX/LoseGame-A is ill conceived and it is likely to have malicious consequences not considered by the author.

November 05, 2009 11:12 AM

9 Benefits of Hosted Antispam Services

211738_7448 Cloud computing is a popular topic these days. One of the ways in which cloud computing is being delivered to businesses is by hosted email security services.

A hosted email security provider offers antivirus and antispam protection for their customers using servers hosted off the customer’s premises. This delivery model carries many benefits to the customers.

Equipment Costs – by choosing a hosted service the customer is not required to purchase their own server hardware to run the security product on their own premises.

Support Costs – support is included in the monthly fee to the hosted provider, so the customer is not required to hire and retain staff to manage an on-premise solution. The hosted provider is responsible for all maintenance and upgrades to keep the service running smoothly.

License Costs – because the customer is not running their own server they also save on software licensing costs. Furthermore they are simply paying a per-user license cost to the hosted provider.

Bandwidth – because any virus or spam emails are filtered by the hosted provider that traffic never reaches the customer’s network, saving their bandwidth which is both a cost and a performance benefit.

Scalability – the customer benefits by only having to pay per-user, and then having the flexibility to scale up as necessary by buying more licenses. For on-premises solutions this may eventually lead to outgrowing an existing server, whereas with hosted services the provider manages their overall capacity needs for all of their customers and is responsible for scaling up as necessary to meet demand.

Features – end user control and comprehensive reporting are two features common to hosted services. Some on-premises solutions lack these important features.

Simplicity – for large businesses with multiple network entry points a hosted service offers a single point of entry for email rather than having to manage multiple points of entry each with their own security product installed.

Flexibility – if a hosted service is not performing well or meeting expectations the customer can simply switch to another service without wasting expenditure. For on-premises solutions switching to a new product can be costly because the existing product has already been paid for.

Compatibility – hosted services operate independent to their customer’s normal choice of server operating system or email platform. For on-premises solutions a customer is often constrained by which products will be compatible with their other systems.

The benefits of hosted email security solutions are quite clear and for many businesses a hosted service will be a much more cost effective option than on-premises solutions. Certainly all businesses should carefully consider hosted offerings when they are evaluating antispam solutions for themselves.

TITLE: Benefits of Hosted Antispam Services

Cloud computing is a popular topic these days. One of the ways in which cloud computing is being delivered to businesses is by hosted email security services.

Equipment Costs – by choosing a hosted service the customer is not required to purchase their own server hardware to run the security product on their own premises.

Features – end user control and comprehensive reporting are two features common to hosted services. Some on-premises solutions lack these important features.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

9 Benefits of Hosted Antispam Services

November 05, 2009 09:41 AM