This week has been dedicated to Spam of two kinds, neither of which are anywhere as yummy as the American canned meat sung about by Monty Python.
The first are the good old fashioned email messages promising the user a share of meelions of dollah if they respond to the email with their bank account details – so called ‘419’ scams, together with all other associated email scams sent out using compromised devices (typically aging webservers) corrupted with bulk mailing malware.
“Where did these go?” You might be wondering, “Come to mention it, I haven’t seen one of those in some time”, well not if you are an Outlook.com/Hotmail subscriber who were subjected to no fewer than 17 hours of irresistible offers from Nigerian Princes, Russian brides and offers to enlarge body parts this week after some major issue with the Spam filters of Microsoft’s flagship cloud based email services.
This issue did not (thankfully) impact users of the Office365 service, in fact some commentators believe it was to do with the on-going backend migration and consolidation of all MS mail platforms into Office365, an assertion neither confirmed or denied by Microsoft. In fact Microsoft said very little about the cause or remediation of this event, leaving many users in the dark and either angry or wryly amused by their new popularity.
The point of this is that when you put your stuff in the cloud, you put your faith in the cloud and if it goes wrong it does so on a big scale, so it is important not to forget basic education and drills ever. How practical this will be when the user of the future doesn’t remember the bad old days and becomes complacent remains to be seen. Russian brides all round.
The second portion of Spam that has been served up this week is just as interesting. Users who subscribe to a number of credential services (Lifelock and MyIdcare.com for instance) have been informed that their Dropbox details have been exposed on The Dark Web (Mwahahaha).
Upon checking, it is apparent that there has been no breach at Dropbox whatsoever, although it is a bit late to prevent reputational damage to them! What appears to have happened is that data breached years ago, in this case the 2013 breach at Tumblr, is being recycled, correlated and having been used for its original purpose now sold to the lowest bidder in spreadsheet format.
As we reported with the brouhaha surrounding the LinkedIn data breach a few weeks ago, one has to have a highly cynical perspective on these mass breach announcements, something that it is difficult to encode in a Threat Intelligence system which is exactly why these credential agencies are spamming their users with incorrect and very frightening updates.
There really is no alternative than to exercise caution, stay informed, use different passwords for different systems, and two factor authentication where you can. Try not to become complacent.
If you were in receipt of any really special Spam emails via the Outlook.com issues, do let us know. We kind of miss them.
If you would like to discuss any of the issues in this week’s blog, please contact us on: 020 7517 3900 or email [email protected].