Clik here to view.
The Psychology of Spamming, part 2 - The Limbic system, cognition and affect
The Limbic SystemThe limbic system is the center of emotion in the brain and it governs much of our non-conscious behavior.We know from psychological studies that people will sometimes engage in...
View ArticleClik here to view.
The Psychology of Spamming, part 3 - External factors that influence our...
Spam, Emotion and DecisionResearchers distinguish between two types of emotions – expected emotions and immediate emotions. Expected emotions are predictions about how we will feel if certain decision...
View ArticleClik here to view.
The Psychology of Spamming, part 4 - Why we fall for scams
ImpactWe humans had Stone Age ancestors for a long time and our limbic systems kept us alive; when we feel afraid of something, say snakes, it is because our brains are hard wired to avoid things that...
View ArticleClik here to view.
The Psychology of Spamming, part 5 - Solutions
SolutionsSo how do we get people to stop falling for scams?Will Cognition Save Us?Thinking about it - Thinking about a decision often changes people’s minds. When people are asked to justify why they...
View ArticleClik here to view.
The Psychology of Spamming, Part 6 - The Flynn Effect
The Flynn EffectSome of the most phished brands are Paypal, HSBC, Bank of America, Facebook, and eBay. All of these sites have security policies set up on their home pages and they are all fairly...
View ArticleClik here to view.
Mail from legitimate webmail sources
For many years, I have tracked spam from botnets and reported on it on this blog. I have analyzed those botnets’ distribution patterns by number of IPs, number of messages per email envelope and...
View ArticleClik here to view.
What do consumers know about Antivirus?
I’ve been at the Virus Bulletin 2012 conference in Dallas, Texas this week and there have been a lot of good presentations. I took notes on over 20 of them and thought I’d write about some of the more...
View ArticleClik here to view.
A Plan for Email over IPv6, part 1 – Introduction, and How Filters Work in IPv4
Last week, myself and a colleague from work did a presentation at the Virus Bulletin conference entitled “A Plan for Email Over IPv6.” I have written about this previously on this blog, but this paper...
View ArticleClik here to view.
A Plan for Email over IPv6, part 2 – Why we use IP blocklists in IPv4, and...
IP BlocklistsBlocklists are populated in a number of different ways. Some use spam traps to capture email to email addresses that have never been used publically, others use statistical algorithms to...
View ArticleClik here to view.
A Plan for Email over IPv6, part 3 – A solution
A solutionHow do we deal with it?Eventually, the Internet community will come up with a permanent solution for email over IPv6 but in the meantime, a transition model is required. The use of IPv6...
View ArticleClik here to view.
A Plan for Email over IPv6, part 4 – Population of the whitelists
Population of the whitelistsHow do email receivers go about populating whitelists?The whole strength of email is that you can hear from people you’ve never heard from before; new people outside your...
View ArticleClik here to view.
A Plan for Email over IPv6, part 5 – Removals, Key differences and standards
What happens if spammers get on the whitelists?The question arises – what happens if a spammer gets onto the whitelist? Maybe they have compromised an IP address of a good sender. Or maybe they snuck...
View ArticleClik here to view.
Do tech-savvy readers practice what they preach?
While at the Virus Bulletin conference in Dallas last week, Sabina Raluca Datcu and Ioana Jelea of BitDefender gave a presentation entitled “Practise what you preach: a study on tech-savvy readers’...
View ArticleClik here to view.
Measuring the cost of cybercrime
Last week at Virus Bulletin in 2012, Tyler Moore of Southern Methodist University (SMU) gave a talk entitled "Measuring the cost of cyber crime.” It was a study done in collaboration with multiple...
View ArticleClik here to view.
The pros and cons of Bring Your Own D(evice|estruction)
At the Virus Bulletin conference this past September in Dallas, Righard Zwienenberg from ESET gave a presentation entitled BYOD. BYOD stands for Bring Your Own Device, but he reframed the acronym to...
View ArticleClik here to view.
Will cyberwar create new rules of engagement? And will there be a draft?
I read an interesting article on ReadWriteWeb yesterday entitled New Cyberwar Rules Of Engagement: Will The U.S. Draft Companies To Fight? by Brian Proffitt.In it, Proffitt reports on a speech given by...
View ArticleClik here to view.
How should large financial institutions use hosted filtering?
This post is an opinion piece that reflects what I think are best practices. Should large financial institutions use hosted email services? Services like ours (Forefront Online Protection for Exchange,...
View ArticleClik here to view.
Evaluating anti-virus products with field studies
Did you ever wonder how people get malware onto their computer? Or how effective real life A/V software is on zero-day malware? Or just malware in general? Current A/V evaluations have some...
View ArticleClik here to view.
A couple of unsurprising tidbits on passwords
Digital Trends published an article yesterday entitled What’s the Worst Password of 2012?Retaining the number one spot as the least secure password for yet another year, people that continue to use the...
View ArticleClik here to view.
The modern face of mobile malware
At the Virus Bulletin Conference last month in Dallas, Grayson Milbourne and Armando Orozco presented a talk entitled XXX Malware Exposed: An in-depth look at the evolution of XXX Malware. I have...
View Article