Spam as much of a threat as viruses, says Cisco
By Darien Graham-Smith
Posted on 27 Apr 2010 at 17:01
Unwanted email has traditionally been considered a nuisance, rather than a threat. But according to networking giant Cisco, spam is now a major delivery method for malware.
“Spam is changing,” said Cisco IronPort product manager Swastik Bihani, speaking to PC Pro at the InfoSec expo at Earls Court. “85% of the spam messages we see contain some kind of link, and more and more of those links are leading to malware sites.”
Bihani explained that the universal availability of email makes it a perfect vehicle for attacks. “In any medium you’ll find bad guys trying to exploit the system for their own benefit. But the ubiquity of email gives it an especially good ‘return on investment’ for a criminal.”
According to Cisco’s estimates, the average individual with an email address receives 30 items of spam every day; but Bihani was confident that the dangers could be defeated.
“We believe that email can be fixed. Of course, basic education to end users is important, but for enterprises and smaller companies we also recommend SPF,” he explained, referring to the Sender Policy Framework that allows mail servers to verify the origin of incoming email.
Asked whether SPF would become standard for home users too, Bihani declined to speculate. “In the long run, security companies need to work with the authorities to help them locate the bad guys and cut out the problem at the source. We need to wipe away the threats altogether.”
From around the web
SPF the answer?
SPF is a good system, but it isn't going to work unless everyone gets on board. I have SPF enabled on my home mail server, but I have to maintain a huge whitelist because so many companies don't use it. To give you an idea, some of the companies in my whitelist are: Samsung, British Airways, Countrywide, Ebay, Eden Project, Eurostar, Facebook, LoveFilm, Cotton Traders, Borders, Photobox, PayPal, SamKnows, Runnymede Council, Canterbury Council, RSPB, Ticketmaster and Webroot. If we can't get companies like these to adopt SPF then it doesn't stand much chance of success.
By jgwilliams on 28 Apr 2010 
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Publishing your email address isn't a security disaster
- Why antivirus is fighting a losing battle in your office
- Four year olds used to steal their parents' data
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
advertisement
