CAUCE

25 October 2012

FBI Agent Thomas X. Grasso Receives First J.D. Falk Award

News Release

For Immediate Release

FBI Agent Thomas X. Grasso Receives First J.D. Falk Award
for Establishing DNS Changer Working Group and Protecting End-Users

Baltimore, Maryland, Oct. 25, 2012 – Convincing competitors, disparate business entities and researchers to collaborate – many donating their services and resources – to protect millions of end-users worldwide is no small feat. Yet FBI Supervisory Special Agent Thomas X. Grasso did just that by quietly working behind the scenes to create the DNS Changer Working Group that saved an inestimable number of end-users from losing access to the Web over the last two years. Recognizing his leadership, Grasso received the inaugural J.D. Falk award on Tuesday at the Messaging, Malware and Mobile Anti-Abuse Working Group 26^th General Meeting in Baltimore.

The first-annual J.D. Falk Award

“Tom embodies the kind of personal sense of responsibility and accountability that built the Internet and is vital to its future growth. First, he had the foresight to understand the problem and to realize that something could be done to prevent it. Then it took an enormous commitment of his time and energy to muster the resources and bring dissimilar entities together to accomplish an objective that turned out to be a critical issue for many end-users,” said M³AAWG Co-Chairman Chris Roosenraad.

Grasso created the ad hoc committee based on the relationships and goodwill he had developed over his 12 years working with the Internet industry. He persuaded large corporations to commit time and funds to notify infected customers, and convinced anti-virus vendors, Internet Service Providers and the security research community to cooperate in the project. DCWG members include Georgia Tech, Internet Systems Consortium, Mandiant, National Cyber-Forensics and Training Alliance, Neustar, Spamhaus, Team Cymru, Trend Micro and others.

In November 2011, the FBI’s Operation Ghost Click led to the arrest of six Estonians allegedly behind the distribution of the DNS Changer malware and thought to be operating the illicit Rove Digital advertising network. The malware hijacked Internet searches and re-routed Web browsers of infected computers to fraudulent sites on Rove Digital’s network by altering the DNS settings the computers use to locate websites. Once the rogue servers were turned off, the malware-infected computers that had their settings redirected to them would not have been able to reach the Web.

The DNS Changer Working Group was Grasso’s idea to encourage end-user remediation of the malware and to respond to the massive challenge of potentially millions of users losing access to the Web. The group helped monitor the DNS servers that were now legally operated by the Internet Systems Consortium (ISC) under a court order, and as a result, the infected users received a useful message to clean up their machines instead of suddenly dropping off the Internet.

“The FBI recognizes the invaluable assistance the private sector and academia provided through the DNS Changer Working Group,” said Joseph M. Demarest, assistant director of the FBI’s Cyber Division.

CAUCE founding member J.D. Falk, an active member of M³AAWG and many other industry organizations, was passionate about safeguarding the Internet, end-user security and the impact of cooperative endeavors. The award named after him recognizes individuals for specific achievements that enhance the Internet experience, protect end-users, and embody his spirit of volunteerism and community building. It is administered by M³AAWG with the support of Falk’s employer Return Path Inc. and the Falk family.

Posted by CAUCE on 25 October 2012 in Press Releases, World | Permalink | Comments (0) | TrackBack (0)

24 October 2012

CAUCE, MAAWG, London Action Plan release "Best Practices to Address Online and Mobile Threats" Report

New Online and Mobile Best Practices Clarify Business and Governmental Security Tactics




Baltimore, Oct. 24, 2012 – A cooperative international report available today outlines
Internet and mobile best practices aimed at curtailing malware, phishing, spyware, bots
and other Internet threats, and provides a thorough review of current and emerging
threats.  “Best Practices to Address Online and Mobile Threats” is a comprehensive
assessment of Internet security as it stands today and explains in non-technical language
the proactive steps that can help mitigate risks, according to the report’s two major
contributors, the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) and the
London Action Plan (LAP).

The report is also one of the first global efforts to encourage governments to deploy best
practices, which are more often associated with businesses.  It focuses on four major
areas of concern: malware and botnets, social engineering and phishing, IP and DNS
exploits, and mobile threats. To encourage government participation, it has been
presented to the 34-member country OECD (Organisation for Economic Co-Development) for
review.

“Best Practices to Address Online and Mobile Threats” draws on the tactics that have
proven effective over the past decade to reduce online risks, then augments these with
forward-thinking recommendations for emerging vulnerabilities, such as mobile text spam
and Web abuse. The comprehensive report is available here:



Download Best_Practices_to_Address_Online_and_Mobile_Threats_(Oct_2012)

The report is also available via the London Action Plan site and by way of the Messaging
Anti-Abuse Working Group site.

“As a globally cooperative effort, the report brought together an unprecedented team of
experts who outlined safe computing tactics in uncomplicated, accessible language for
end-users, large and small businesses, and governments. This is also one of the first
efforts to update industry recommendations recognizing that public agencies are important
online enterprises, and just as companies need to implement best practices, so do
governments,” Alex Bobotek, M3AAWG co-chairman said.

CAUCE President John Levine noted "We were honored to work with Industry Canada, M3AAWG,
and the other organizations. Online security is such a massive problem that working
partnerships among governments, business, and non-profits such as CAUCE is the only
logical way forward to deal with these issues."

The international community collaboratively stepped up to generate the report in a
public-private partnership led by André Leduc, Manager of the National Anti-Spam Coordinating
Body at Industry Canada. Industry experts from M3AAWG, LAP and other
organizations, such as CAUCE, contributed to it.
CAUCE President John Levine, and Executive Director Neil Schwartzman were part of the
Paris delegation that presented the report to the OECD committee on consumer protection,
it was also reviewed by the Working Party on Information Security and Privacy (WPISP).

Online threats are evolving as Internet and mobile technologies play a more vital role in
many business models, attracting cybercriminals who target users on popular platforms such
as laptops, tablets, smartphones and other handheld devices. As the Internet economy
grows, implementing the best practices detailed in the report will help reduce illegal
activities such as spam, phishing, malware and spyware distribution, botnet deployment,
the redirection of Internet traffic to malicious websites and denial of service attacks.

Posted by CAUCE on 24 October 2012 in Canada, News, United States, World | Permalink | Comments (0) | TrackBack (0)

12 October 2012

Changes to the CAUCE Board of Directors & New Member

Over the past months, there have been a few changes and it is fitting that we acknowledge them here

Directors Matt Sergeant and Mike 'der mouse' Parker have both resigned, moving on to new ventures outside of the anti-abuse world. We thank them both for their years of service and sage contributions to the CAUCE braintrust. They both now have CAUCE emeritus status.

So as to maintain a full compliment of directors, we are happy to announce the following additions

April lorenzen

Ms. Lorenzen is an anti-spam researcher, speaker and consultant. a Senior Technical Adviser to MAAWG, and CEO of Server Authority Inc.

Jeff Williams

Mr. Williams is a technology strategist specializing in security, privacy and former adjunct professor of risk management and telecommunications. With over twenty years in industry including twelve at Microsoft he has had numerous opportunities to make the internet a better place through the takedown of various botnets, partnership with law enforcement on a variety of matters, consultation with government bodies from numerous countries, and participation in various programs such as Microsoft's Project MARS and Microsoft Security Response Alliance. Jeff is also a regular speaker on a variety of security and privacy topics at industry events and an occasional guest lecturer for universities.

Sam Masiello

Mr. Masiello is the former General Manager, and Chief Security Officer of (CAUCE corporate member) Return Path Inc. He previously worked at McAfee, MX Logic, Inc, and has a BS, Computer Science from the State University of New York at Buffalo.

Welcome to all three of our newest board members!

As well, we would like take this opportunity to welcome Message Bus Inc. as the latest corporate member of CAUCE, joining Return Path, and MailChimp. Welcome, and thank-you all for your support.

Posted by CAUCE on 12 October 2012 in World | Permalink | Comments (0)

10 October 2012

CRTC Issues CASL (Canada's Anti-Spam Law) Regulation Guidelines

The Canadian Radio-television and Telecommunications Commission today issued two important guideline documents related to their previously-published Regulations

Guidelines on the interpretation of the Electronic Commerce Protection Regulations (CRTC)
Compliance and Enforcement Information Bulletin CRTC 2012-548
PDF version
Additional reference: Telecom Regulatory Policy 2012-183
Ottawa, 10 October 2012

and

Guidelines on the use of toggling as a means of obtaining express consent 
Compliance and Enforcement Information Bulletin CRTC 2012-549
PDF version
Additional reference: Telecom Regulatory Policy 2012-183
Ottawa, 10 October 2012

As well we are told that the second-round iteration of the Industry Canada Regulations will be published later this month.

Posted by CAUCE on 10 October 2012 in Canada, Legal | Permalink | Comments (0) | TrackBack (0)

06 October 2012

Inbound Email Filtering Sued Over Privacy Issues, This Time in Canada

In a case that parallels many of the aspects of the three cases filed in July 2012 in California, against Google & Yahoo!, retiree Wayne Plimmer of Sechelt, British Columbia filed a class action suit against Google on October 4, 2012.

Here is a copy of the complaint : Download PlimmerV.Google

The suits alleges that Google has breached sections 1 and 3 of the British Columbia Privacy Act R.S.B.C. 1996 c. 373 and s.52 of the Federal Competition Act R.S.C. 1985 c. C-34

Some news coverage notes that the class has not yet been approved (anyone in British Columbia who has sent email to a Gmail account), and that should this lawsuit be successful, this may prohibit the use of anti-virus and anti-spam software on inbound mail. The suit also alleges that Google invaded users’ privacy, violated solicitor-client, physician-patient, pastor-penitent and journalist-source privilege, and infringed upon copyright.

CAUE President has blogged about the U.S. Federal and California cases here and here

The BC Privacy Act reads:

Continue reading "Inbound Email Filtering Sued Over Privacy Issues, This Time in Canada" »

Posted by CAUCE on 06 October 2012 in Canada, United States, World | Permalink | Comments (0) | TrackBack (0)

02 October 2012

Dutch Anti-spam Legal Action

OPTA, the anti-spam Regulator today announced a fine of 100,000 euroes was levied against Companeo SA for sending 15,000,000 spam messages in 2009

Here's a translation of the news release, from the original Dutch:

The OPTA, the Independent Post and Telecommunications Authority, has Companeo SA a fine of
100,000 dollars for sending spam to mostly business recipients. "Sending spam is forbidden
because it causes a lot of frustration and unnecessary costs. Trust in the Internet is
important, especially now that more and more people online are active. "Stresses Chris
Fonteijn, president of OPTA. Companeo sent from late 2009 to early 2011 nearly 15 million
commercial e-mails which was not authorized, or careless manner in which consent was
requested. Companeo stopped the offense, after examination by OPTA was informed of the
investigation.

No permission or careless OPTA is the case on the track thanks to complaints
www.spamklacht.nl . There are a total of 680 complaints about these mailings. The
complainants stated that they Companeo the newsletter and / or emails from
vraaguwofferte.com received, as she had not given here. What was going on? Through the
website of Companeo entrepreneurs can request a custom quote. This application enables
entrepreneurs to check whether they are for the newsletter Companeo to enroll and / or
offers of "Companeo partners' wishes to receive. This is twice the error Companeo detail.
First, the company added all e-mail addresses to its mailing list, whether consent had
been given or not. Secondly, the request for consent on behalf of 'Companeo partners' so
unclear that an entrepreneur when checking it could have no idea who it was held mail.
These mails were sent by vraaguwofferte.com making it for entrepreneurs at all clear was
that the message came from Companeo.

Companeo can still objection and appeal against the fine.

Knowing what is allowed if you electronic messages?
www.spamklacht.nl/ik-verzend-elektronische-berichten/

Posted by CAUCE on 02 October 2012 in World | Permalink | Comments (0)

UK regulators fine text spammers over $400,000

According to a BBC report, the United Kingdom Information Commissioner's Office (ICO) will be levying large fines on mobil phone text spammers. In March the ICO started asking consumers to report unwanted calls, texts, and emails, and was deluged with over 30,000 complaints. After sifting through them, they identified bulk text spammers, and announced fines of over £250,000 (about $400,000) unless the spammers can show that they had the permission of the texts' recipients, which of course they can't.

Here in the US, text spam is illegal under the TCPA, the law that forbids junk faxes and other recipient-pays telephone messages, and a few court cases have confirmed it. The FTC has not made text spam a major emphasis, but given the amount ot text spam we're seeing, they need to, soon.

Posted by John L on 02 October 2012 in Technology, World | Permalink | Comments (0) | TrackBack (0)

26 July 2012

A new Definition of 'Opt-in'

In April, I stayed at the Hotel Carelton in San Francisco. Today, I received an email sent on their behalf with some interesting headers:

From: Joie de Vivre <VIP@crm.SafeCRM.com> (1)

Subject: 20% Off Our Best Available Rates For A Limited Time!!!

Date: July 26, 2012 12:12:01 PM PDT

To: Neil Schwartzman <redacted@gmail.com>

Reply-To: Joie de Vivre <createjoy@jdvhotels.com>

N.B.: Neither the From: nor the reply-to are ostensibly related to Hotel Carleton.

Now, I never signed up to be on their mailing loist, but I figured I'd give them a break and unsubscribe, so I clicked this link (again, seemingly unrelated to the hotel)

http://www.data2gold.com/cc3/RmvRPC.wow?5Q09376I525C1U43414E403I3B1W514S4Q6F5H1F596G600G4K515Y674235MUNGED

Now here's the thing that really got my goat, the landing page on the unsubscribe:

Thank You!

We have removed munged@gmail.com from our list.

We do not provide your information to any other company ever and we will not contact you again at this email address.

Thank you for helping us maintain a true opt-in list.

A true opt-in list, just for the record, would be one that I signed up to, not one that I was forcibly subscribed to, pending my unsubscribe.You're welcome.

(1) SafeCRM.com

Digital Alchemy
   5750 Stratum Drive
   Fort Worth, Texas 76137
   United States

(2) data2gold.com

Registrant:
   Digital Alchemy, LLC
   5750 Stratum Drive
   Fort Worth, Texas 76137
   United States

A little poking around sees these domains on the digital alchemy nameservers

da2go.com
da2go.net
data2gold.com
data2gold.net
data2gold.us
dataintogold.com
datatogold.com
digitalalchemyusa.com
disneytriptips.com
gone2fun.com
gone2sun.com
guestfocus.com
mercutiomdef.com
orlandotriptips.com
orlandotripwiz.com
orlandotripwizard.com
safecrm.com
safecrm.org
turndata2gold.com
turndatatogold.com
turningdata2gold.com
turningdataintogold.com
turningdatatogold.com

Posted by CAUCE on 26 July 2012 in United States | Permalink | Comments (0) | TrackBack (0)

18 July 2012

New MAAWG Award Named in honour of CAUCE Founder J.D. Falk

CAUCE is delighted to see our founding member honoured in such a manner, our sincere thanks go out to MAAWG and Return Path for this fitting gesture.

Seeking to throw a little light on those making the Internet a safer experience for all, the Messaging, Malware and Mobile Anti-Abuse Working Group is now accepting nominations for the first annual J.D. Falk Award, named after the dedicated industry advocate who was instrumental in the growth of M³AAWG and other technical organizations. The award, developed in conjunction with his employer Return Path, Inc. and his family, celebrates J.D. Falk’s life by honoring a specific achievement that enhances the Internet experience, protects end-users, and embodies his spirit of volunteerism and community building.

Nominees can be individuals or teams in an academic or company environment who have developed a service, created a specification or security mechanism, generated notable research, or produced other work reducing online abuse and improving the Internet. The award comes with an honorarium provided by Return Path and M³AAWG will sponsor the winning candidate's attendance at the upcoming 26^th M³AAWG General Meeting in Baltimore, Md., Oct. 23-25, where the award will be presented.

“J.D. was a passionate leader and a creative technician who had an ardent sense of humor that came into play when he was facing down obstacles. He had a gift for bringing people together to accomplish difficult tasks. We believe it’s important to instill these qualities in the future of the Internet and are looking to recognize professionals who embody these values,” said Chris Roosenraad, M³AAWG co-chairman for messaging.

more ...

Nominations for the J.D. Falk Award can be made here

Posted by CAUCE on 18 July 2012 in World | Permalink | Comments (0) | TrackBack (0)

19 June 2012

Hoodia spammer Brian McDaid goes to jail

Brian McDaid was a chiropractor who ran an affiliate spam scheme in 2005-2006 for Hoodia and other weight loss nostrums. He called his company Sili Neutraceuticals.

In 2007, the FTC charged that he falsely advertised that Hoodia caused rapid weight loss. In 2008, they got a $2 million judgement against him and confiscated all of his assets.

But not only was the stuff he was selling bogus, he was using affiliates he found on the Bulkbarn web site to advertise, and to nobody's surprise (except, perhaps, his) the affiliates spammed like crazy. To accept the orders from the affiliates he registered large numbers of domain names for web sites hosted on bullet-proof servers overseas. He was indicted by a Philadelphia grand jury on criminal CAN SPAM charges in March 2011, and subsequently pled guilty.

On May 1, McDaid was sentenced in Philadelphia Federal Court. Judge Dalzell found that even though there was little chance of McDaid resuming his spamming career, due to the seriousness of his crimes, he was sentenced to two years in prison. CAUCE president John Levine testified for the government at the hearing, explaining that spamming, particularly on the large scale that McDaid did, placed huge unneccesary costs on the recipients and their mail providers.

For a first person report from the hearing, see http://jl.ly/Email/mcdaid.html

Posted by John L on 19 June 2012 in United States | Permalink | Comments (0) | TrackBack (0)