Security news aggregator

Latest coverage for Spam

Spam can deliver phishing links, malware, and fraudulent messages, making it a path for account theft and other cyberattacks.

2 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Spam is unsolicited, usually bulk messaging sent through email, text messages, social platforms, or other communication services. It may be commercial advertising, but security-relevant spam commonly includes deceptive messages designed to look like trusted communications. Automated campaigns can target large numbers of recipients at low cost, while compromised accounts and spoofed sender identities can make messages appear more credible.

Spam is a delivery channel for phishing, malware, fraudulent payment requests, and credential theft; links or attachments should therefore be treated as untrusted until verified. Defenses include reputation and content filtering, user reporting, attachment and URL analysis, and email authentication controls such as SPF, DKIM, and DMARC to reduce sender spoofing. Security teams should preserve relevant message headers and indicators when investigating campaigns, blocking associated infrastructure and checking whether recipients interacted with the content.

Showing 2 most recent headlines Filtered view
Krebs on Security 3 years, 1 month ago

Service Rents Email Addresses for Account Signups

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers.

AI is beefing up the cyber arsenals of both attackers and defenders Sponsored Feature Email is a popular target for cybercriminals, offering an easy way of launching an attack disguised as an innocent message. One moment of inattention on the part of the recipient and the door is open to malware, spam, phishing, perhaps even a dose of the dreaded ransomware. Entire organisations can suffer, not just individual victims.…