Island Nation's Web Domain Now Paradise for Spammers
Security professionals were blindsided by this development -- a new domain that's become a haven for spammers. PW used to belong to Palau, a tiny island country in the Pacific Ocean. Now it's owned by someone else who's been selling it at discount prices. Antispam vendors are now working to update their filters, and the original registrar is assisting in their efforts.
05/20/13 6:00 AM PT
Chances are you've never heard of the tiny Pacific island nation of Palau, but you may be familiar with its former Internet domain: PW.
That's because the domain, now owned by Directi, has become a favorite of spammers.
According to Fort Systems, Directi -- which christened PW "Professional Web" -- began offering the top-level domain to all comers at rock-bottom prices, which attracted spammers.
Symantec spotted a big spike in spam URLs containing the PW domain at the end of April, when almost 50 percent of all spam URLs contained the domain.
"This came out of nowhere," Eric Park, a senior antispam analyst with Symantec told TechNewsWorld.
"If you look at our TLD distribution, .com, .ru, .info -- those are usually at the top of our list," he said.
"But PW was by far the runaway number -- even more than .com," Park added.
Not only is Symantec bolstering its filters to block the spam, but it's also working with the owner of the domain to help curb abuse of it.
"The registrar, from what I can tell, is interested in action to take the spammers down," he said. "Not all registrars care, but these guys seem interested in working with us to shut them out because it's damaging the brand they're trying to push."
An underground infrastructure is being built by cybercriminals to exploit the world's love affair with mobile devices, according to a report issued last week by the Anti-Phishing Working Group.
"The sprawling mobile devices marketplace has spawned an industrialized mobile financial fraud plexus that today drives increasingly sophisticated criminal technical innovation to exploit the mobile devices explosion," the APWG said in a statement.
"And it is funded by increasing revenues derived from potent new developments in mobile malware," the statement said.
As any cybercrime fighter will tell you, information highwaymen go where the money is. Now and in the future, that means mobile.
In the coming years, global mobile payments are predicted to exceed US$1.3 trillion, the APWG noted. That's going to present a motherlode of opportunity for connected criminal gangs.
That opportunity is enhanced by the mobile devices themselves. "These mobile platforms have more of an attack surface, they're vulnerable to more types of attacks, and they have less robust security technology created for them," Tom Kellermann, vice president of Trend Micro, told TechNewsWorld.
"People aren't taking security seriously," he added.
Balking at 2FA
Since adopting two-factor authentication to secure the accounts of users seems like a no brainer, why do some large Internet services, such as Twitter, continue to drag their heels on the practice?
"The bottom line is, do you want to invest in security or not?" Thorsten Trapp, co-founder and CTO of Tyntec, told TechNewsWorld.
In general, two-factor authentication involves something you have and something you know. As implemented by Google and others, it involves sending an SMS message with a code to your cellphone when the service detects any changes in your typical computing habits -- logging in from a new location, for example, or a new device.
At this point, because the technology has proven effective, said Trapp, it's just a matter of internal will more than anything else.
"Even the smallest companies can do it," he said. "It's just how high on the agenda it is."
Two-factor authentication is the way the market is going because it can foil many of the hackers attacking services like Twitter, Facebook and Google, Trapp said.
"I wouldn't say an SMS transmission isn't breakable, but it's 1000 times harder than tapping into an IP connection."
- May 13. Payment card transaction processor EnStage reported as second Indian company breached by criminal ring that pilfered $45 million for ATMs around the world last year. The ring breached EnStage and another Indian firm, ElectraCard, and raised the minimum limits on the payment cards used to withdraw cash from the ATMs.
- May 13. Gartner analyst Jack Santos reports decline in people affected by healthcare data breaches to 2.5 million in 2012 from 11 million in 2011.
- May 13. Presbyterian Anesthesia Associates discloses that data breach compromised personal data, including credit card information, of 9,988 people. No medical information was compromised, according to the healthcare provider.
- May 13. TerraCom and YourTel America revealed that journalists from Scripps Howard News Service, through a third-party vendor, accessed the personal information of some 150,000 prospective clients, that personal information of 200 people was available from Google search and that files of 343 applicants had been accessed from unidentifiable IP addresses. The companies provide government-subsidized phone service to low-income customers.
- May 14. Bloomberg appoints Steve Ross to head company's client data compliance office in wake of discovery that reporters for the company's news arm were spying on users of its financial information terminals.
- May 16. Four former members LulzSec hacker collective received prison sentences in the United Kingdom for cyberattacks launched by the group against government and corporate websites in 2011.
- May 17. Syrian Electronic Army breaches computer of the Financial Times, stealing usernames and passwords of the newspaper's staff with access to its social media accounts and posted unauthorized entries to the sites.
Upcoming Security Events
- May 19-22. 13th annual Computer and Enterprise Investigations Conference (CEIC). Orlando, Fla. Registration: $1,095.
- June 10-13. Gartner Security & Risk Management Summit. National Harbor, Md. Registration: $2,375.
- June 11. Cyber Security Brainstorm. 8 a.m.-2:30 p.m. ET. Newseum, Washington, D.C. Registration for Non-government attendees: Mar. 3-Jun. 10, $495; Onsite, $595.
- June 14-22. SANSfire 2013. Washington Hilton, 1919 Connecticut Ave. NW, Washington, D.C. Course tracks range from $1,800-$4,845.
- June 15-16. Suits and Spooks Conference. La Jolla, Calif. Registration: Securing Our eCity Foundation members, $345; government/military $295; general registration, $595.
- July 24. Cyber Security Brainstorm. 8 a.m.-2:30 p.m. Newseum, Washington, D.C. Registration: government, free; non-government, $395, through July 23; $595 July 24.
- July 27-Aug. 1. Black Hat USA 2013. Caesars Palace, Las Vegas. Registration: through May 31, $1,795; June 1-July 24, $2,195; July 25-Aug. 1, $2,595.