- November 8, 2002 - Malicious
Software Warning - We want you to know about a new kind of malicious
software that has been causing problems for some of our customers. It's called
"Friend Greetings" and it is made by a company called "Permissioned
Media, Inc." This software is similar to many of today's more prolific
worms/viruses because one of its primary functions is to use your list of
contacts to e-mail itself and replicate. As a result, we consider the program
to be a worm and recommend that you become familiar with it and others like
it, so that you can prevent it from infecting your computer. Once installed,
this software, also known as "adware" or "spyware," can
create pop-up advertisements, perform functions which may threaten your privacy,
and saturate your Internet link and e-mail server with massive amounts of
useless e-mail. What makes it different than most worms is that it isn't designed
to stealthily sneak its way onto your PC. Instead, it notifies you before
it downloads, and even makes you acknowledge two licensing agreements before
it will install. The licensing agreement even states, "IF YOU DO NOT
WANT US TO ACCESS YOUR CONTACT LIST AND SEND AN E-MAIL MESSAGE TO PERSONS
ON THAT LIST, DO NOT DOWNLOAD, INSTALL, ACCESS OR USE FRIENDGREETINGS."
So technically, it's not a virus or a worm, but it may as well be. The latest
virus definitions for Norton Antivirus will
prevent this program from running, but it's best not to install it in
the first place. Here's our advice: If you are presented with a dialog box
on your computer that looks similar to the one pictured below and you're not
100% certain what it means, click No! If you click yes, you
are agreeing to download and install software which may damage your computer
and computers belonging to other people you know! Only click yes if you're
absolutely sure you know what you're downloading and absolutely
sure it's legitimate software from a trusted source.
- September 17, 2002 - Infrastructure
Upgrade - ACS has installed a new e-mail server. This new machine
will not actually house any mail boxes. Its job will be to accept incoming/outgoing
messages from/to the Internet, filter them for spam, and deliver acceptable
messages to the e-mail servers that house our customers' mailboxes. This methodology
allows the servers that house the mailboxes to operate with greater security
and efficiency because they're not exposed directly to the Internet. This
new server is a Pentium 4 class machine with 1 Gigabyte of memory and RAID-5.
We've been watching this server very closely since putting it into production
and early indications are that it's very fast!
- September 12, 2002 - ACS Subscribes
to NJABL - In the ongoing effort to fight spam, ACS has subscribed
to a "DNS-delivered Blackhole List" also known as a DNSBL. A DNSBL
is a database of Internet addresses that are known to be sources of spam.
As a subscriber to such a list, we are able to check servers that try to deliver
mail to our customers and see if they're a known source of spam. If they are,
their e-mail will be blocked. There are many DNSBL's out there; we chose "Not
Just Another Bogus List" for their conservative, objective, and empirical
methods for inclusion on their list. They have a vigilant and responsive staff
of volunteers who tirelessly update the list, constantly adding new offenders
as well as reviewing and removing entries that are shown to have restored
their legitimacy. Just in the first few days after implementing the list,
NJABL helped us filter out thousands of spam messages that would likely have
polluted our customers' mailboxes.
- September 5, 2002 - News from
ACS about spam - The Problem: Unsolicited commercial e-mail
(also known as spam) During the last six months, we have seen an astonishing
increase in the amount of spam coming into our network. So much so, in fact,
that we'll soon be adding a new e-mail server to handle the increased traffic.
We know how frustrating this is. Like our clients, we depend on e-mail to
do business and vehemently detest spam. What we're doing about it:
Recently, we at ACS have been working very hard to beef up our defenses against
spam. We have combed through a great deal of the spam that has been coming
into our network and have created a list of nearly 400 domain names that are
associated with the most prolific and egregious spammers. These domain names
include obvious garbage like "top-special-offers.com," and "fantasticdealsonline.com" as well as some other not-so-obvious offenders.
Since putting this additional filter list into place, we've seen a significant
decrease in the amount of spam making it into our mailboxes. And we hope that
you're seeing an improvement too. In addition to this latest effort, ACS is
planning other innovative approaches to spam prevention and defense which
we'll announce as we roll them out. In the meantime, we would encourage you
to take a look at the top 5 things you can do to defend yourself against spam.
Top 5 things you can do to defend yourself against spam:
1. Never, ever answer spam. Not only would you be putting yourself
at risk for a scam, you're rewarding the spammer for their actions. As long
as spam makes money for the offenders, it will continue.
2. Do not follow directions to "unsubscribe" or "have yourself removed
from the list." Spammers often sound apologetic for spamming you and offer
to immediately remove your e-mail address form their list if you follow their
directions. More often than not, it's a trap. By following their directions
you're simply confirming that you read and received the spam, which makes
your e-mail address that much more valuable to spammers on the mailing-list
market. This is a sure way to receive even more spam!
3. When websites show a button that says, "E-mail this to a friend,"
don't use it! News sites, humor sites, and greeting card sites, will keep
all the e-mail addresses people enter in and have been known to sell the databases
for profit. Some are honest and haven't done so... yet.
4. Create a "throw away" e-mail address on Yahoo or Hotmail which you
can use when a website requires an e-mail address to sign up for their product
or service. That way, if they end up putting you on their mailing-list or
selling your address to spammers, you won't have to give them the e-mail address
you use to do business.
5. Be careful who you give your e-mail address to. Ask the people whom
you give your e-mail address to respect your privacy and not to enter your
address into any website or send e-mail to you and lots of other people at
the same time. Often times, if you let them know that it's important to you
that your address be kept private, they'll be more thoughtful about how it's