How many users access spam emails, click on the links found within, and open attachments intentionally? Why are they doing it, and who are they holding responsible for the spread of malware and spam in general, while conveniently excluding themselves?

A newly released survey from the Messaging Anti-Abuse Working Group (MAAWG), summarizing the results of the group’s second year survey of email security practices, offers an interesting insight into the various interactions end users tend to have with spam emails.

Key findings of the survey:

• Nearly half of those who have accessed spam (46%) have done so intentionally – to unsubscribe, out of curiosity, or out of interest in the products or services being offered
• Four in ten (43%) say that they have opened an email that they suspected was spam
• Among those who have opened a suspicious email, over half (57%) say  they have done so because they weren’t sure it was spam and one third (33%) say they have done so by accident
• Canadian users are those most likely to avoid posting their email address online (46%).  Those in the U.S., Canada and Germany are most likely to set up separate email addresses in order to avoid receiving spam
• Many users do not typically flag or report spam or fraudulent email
• When it comes to stopping the spread of viruses, fraudulent email, spyware and spam, email users are most likely to hold ISPs and ESPs (65%) and anti-virus software companies (54%) responsible
• Less than half of users (48%) hold themselves personally responsible for stopping these threats

It’s interesting to see the paradox of end users blaming ISPs and antivirus vendors, whereas 43% of the surveyed users said that they have accessed spam emails, and that they do not typically flag or report these emails.

What the majority of the survey participants appear to be unaware of, is that, despite the fact that since early days of spam, spammers have been attempting to verify the validity of the emails, by attempting to unsubscribe themselves, the users are confirming that their email is valid. In short, it means even more spam. (read more of this article)

The best way to block 98% of SPAM destined for you mailbox is to sign up  for Secure Mail by Prime Networking. (Read More)

Soon your computer could be crawling with ants. Not the kind that show up in the cracks in your driveway, but little digital pieces of code that crawl your network and may someday replace that cumbersome anti-virus program. Researchers at Pacific Northwest National Laboratory (PNNL) in Richland, Washington, and Wake Forest University, North Carolina have developed a concept they call “swarm intelligence.” The concept is that these digital ants will crawl through a network looking for worms and other malware and attack it before it can infect the network.

“Our idea is to deploy 3,000 different types of digital ants, each looking for evidence of a threat,” explained Errin Fulp, researcher at Wake Forrest. “As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants. Each time a digital ant identifies some evidence, it is programmed to leave behind a stronger scent. Stronger scent trails attract more ants, producing the swarm that marks a potential computer infection.”

The digital ants offer several advantages over traditional “static” anti-virus programs. Digital ants move throughout the network looking for threats instead of waiting for the intruding malware to come to them. This does away with those annoying scans that rob resources and slow productivity. Further, digital ants learn and adapt to malicious code variants. There is no need to continually update, unlike today’s anti-virus.
Could digital ants be the answer to the PC owners anti-virus prayers? It is to early to tell, but the concept definitly holds promise.

Steve Marks