NASDAQ OMX

M3AAWG Recommends Adding New Email Header to Mitigate List Bomb Attacks from Subscription Sign-Up Forms

Dela

SAN FRANCISCO, Nov. 29, 2017 (GLOBE NEWSWIRE) -- Noticing an increase in "list bomb" activity, the Messaging, Malware and Mobile Anti-Abuse Working Group is recommending all blogs and websites with a newsletter or sign-up form add a new header to their verification emails that will help identify and disrupt these attacks. The assault tactic is often used to hide security alerts of illicit activities or to prevent someone, such as a journalist, from receiving vital information.

In the assaults, also called a web-form sign-up attack, criminals use bots to subscribe their targeted victims to thousands of newsletters or other services that automatically send verification emails.  The resulting surge of confirmation emails, in effect, creates a DDoS (Distributed Denial of Service) attack against the users' inboxes. Very often, buried within the unmanageable mountain of verification messages is a notice from a credit card company or other financial institution outlining a forged transaction or an account password reset alert that the victim will never see.

"A few years ago, a torrent of useless verification messages bombarding a user's inbox was an isolated event and was probably the result of a grudge against someone. But today criminals have started using these attacks to subvert the security notifications that many banks, services and e-tailers are now sending.  Their aim is to submerge the specific alert email with details of their fraudulent activities under a sea of meaningless messages or to deny a journalist or activist access to their email altogether," said Severin Walker, M3AAWG Chairman of the Board.

Industry Collaboration Leads to IETF Internet Draft Header Specification

The new message header specification has been submitted to the IETF (Internet Engineering Task Force) at https://datatracker.ietf.org/doc/draft-levine-mailbomb-header/ and is explained in a short paper, M3AAWG Recommendation on Web Form Signup Attacks (www.m3aawg.org/WebFormAttacks), available in the Best Practices section of the M3AAWG website. The new header specifically identifies messages that originate as verification emails from a web-form, such as a subscription confirmation email, so that ISPs and email providers can take action to protect a user's inbox when an extraordinarily high volume of these messages come across their networks.

M3AAWG also recommends that all public subscription and web forms install one of the various types of CAPTCHA image or text challenges used to tell humans from automated sign-ups that are readily available.  This will help protect against bots misusing the site's verification emails in an attack.  

The header concept came out of discussions at the M3AAWG meeting in June among members who noted a significant increase in these attacks.  An ad hoc technical session at the meeting with members from different segments of the messaging industry resulted in M3AAWG Senior Technical Advisor John Levine drafting the specification.  At the following meeting in October, the first members to implement the new specification shared their experiences and reported the process was sustainable.

Levine said, "Criminals routinely use bots to crawl the global web looking for the millions of blogs and newsletter sign-up forms that don't have CAPTCHA then use these sites, with their weaker security, to sign-up victims as part of an attack.  The new header is another level of protection that can have a significant impact on preventing list bombing and we are encouraging email service providers to implement it as soon as possible."

Web form attacks will continue to be monitored at the next M3AAWG meeting to be held February 19-22, 2018 in San Francisco.  The multiple-track event is expected to attract more than 500 participants with sessions addressing diverse topics such as bot mitigation practices, social networking abuse, mobile abuse and pending legislation worldwide.

About the Messaging, Malware and Mobile Anti-Abuse Working Group (M 3 AAWG)

The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.m3aawg.org) members represent more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers.

Media Contact: Linda Marcus, APR, +1-714-974-6356 (U.S. Pacific), LMarcus@astra.cc, Astra Communications

M3AAWG Board of Directors: AT&T; Cloudmark, Inc.; Comcast; dotmailer; Endurance International Group; Facebook; Google; LinkedIn; Mailchimp; Microsoft Corp.; Oath (Yahoo and AOL); Orange; Rackspace; Return Path; SendGrid, Inc.; Vade Secure.

M3AAWG Full Members: 1&1 Internet AG; Adobe Systems Inc.; Agora, Inc.; AOL; Campaign Monitor Pty.; Cisco Systems, Inc.; CloudFlare; Exact Target, Inc.; IBM; iContact; Inteliquent; Internet Initiative Japan (IIJ); Liberty Global; Listrak; Litmus; McAfee; Mimecast; Nominum, Inc.; Oracle Marketing Cloud; OVH; PayPal; Proofpoint; Spamhaus; Sparkpost; Splio; Sprint; Symantec; and USAA.

A complete member list is available at http://www.m3aawg.org/about/roster.




This announcement is distributed by Nasdaq Corporate Solutions on behalf of Nasdaq Corporate Solutions clients.
The issuer of this announcement warrants that they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: Messaging Anti-Abuse Working Group (M3AAWG) via Globenewswire

Om

NASDAQ OMX
NASDAQ OMX



Följ NASDAQ OMX

Abonnera på våra pressmeddelanden.

Senaste pressmeddelandena från NASDAQ OMX

BIMobject AB: Kallelse till extra bolagsstämma den 5 september 2018. Patrick Söderlund och Hjalmar Winbladh föreslås som nya styrelseledamöter i BIMobject AB. Split 2:1 föreslås.15.8.2018 15:30Pressmeddelande

Aktieägare representerande cirka 49 procent av rösterna i BIMobject AB har meddelat att de föreslår att Hjalmar Winbladh och Patrick Söderlund väljs till nya styrelseledamöter vid en extra bolagsstämma onsdagen den 5 september 2018. Ben O'Donnell lämnar sitt uppdrag som styrelseledamot i samband med den extra bolagsstämman. Styrelsen kommer därefter att bestå av Stefan Larsson (VD), Anders Wilhjelm (ordförande), Johannes Reischböck, Philippe Butty, Hjalmar Winbladh och Patrick Söderlund. Vidare föreslås ändrad ersättning till styrelsen. Nytt arvode utgår med 800 000 kronor, fördelat mellan styrelseordförande och Söderlund om 400 000 kronor vardera. Styrelsen föreslår även att stämman beslutar om aktieuppdelning av befintliga utestående aktier i förhållande 2:1. Patrick Söderlund, född 1973 och svensk medborgare, är Chief Design Officer samt Executive Vice President på Electronic Arts. I denna roll leder han utvecklingen av bolagets tekniska innovationer och bolagets marknadsföringsteam

BIMobject AB: Notice to attend Extraordinary General Meeting on September 5, 2018. Patrick Söderlund and Hjalmar Winbladh proposed as new Board Members in BIMobject AB. A split 2:1 is proposed.15.8.2018 15:30Pressmeddelande

Shareholders representing approximately 49 percent of the votes in BIMobject AB have announced that they propose that Hjalmar Winbladh and Patrick Söderlund are appointed new Board Members at an Extraordinary General Meeting to be held on Wednesday September 5, 2018. Ben O'Donnell resigns as Board Member in connection with the Extraordinary General Meeting. The Board will thereafter be composed of Stefan Larsson (CEO), Anders Wilhjelm (Chairman), Johannes Reischböck, Philippe Butty, Hjalmar Winbladh and Patrick Söderlund. Furthermore, a change in remuneration to the Board is proposed. The new Board fee totals SEK 800,000 and is to be divided between the Chairman and Söderlund with SEK 400,000 each. The board also proposes that the General Meeting resolves to split the company's shares 2:1. Patrick Söderlund, born in 1973 and a Swedish citizen, is Chief Design Officer and Executive Vice President at Electronic Arts. In his present role he manages the development of technology innovation

BIMobject AB: Offentliggörande av delårsrapport april - juni 201815.8.2018 08:00Pressmeddelande

Den fullständiga rapporten finns även tillgänglig på bolagets hemsida (info.bimobject.com). Andra kvartalet 2018 Faktureringen ökade med 83 procent och uppgick till 33 MSEK (18). Koncernens nettoomsättning ökade med 75 procent och uppgick till 28 MSEK (16). Fördelning mellan projekt och webservices (prenumerationer) var 40/60 procent (60/40). Bruttomarginalen ökade till 86 procent (81). Koncernens rörelseresultat förbättrades och uppgick till -15 MSEK (-17). Resultat per aktie uppgick till -0,29 SEK (-0,31) före utspädning. Kassaflödet från löpande verksamheten uppgick till -18 MSEK (-15). Ackumulerat antal användare ökade och uppgick till cirka 845 000. Ackumulerat antal nedladdningar uppgick till 25,5 miljoner. Antalet tillverkare uppgick till 1230. Styrelsen beslutade att påbörja processen för notering av bolaget vid Nasdaq Stockholm. Viktiga händelser andra kvartalet BIMobject ingår samarbete med Pipe Retail Solution för att effektivisera digital butiksplanering. BIMobject tecknar

BIMobject AB: Interim Report April - June 201815.8.2018 08:00Pressmeddelande

Second quarter 2018 Billing increased by 83 percent to SEK 33 (18) million. The Group's net sales increased by 75 percent to SEK 28 (16) million. The distribution between projects and web services (subscriptions) was 40/60 (60/40) percent. The gross margin increased to 86 (81) percent. The Group's operating profit improved to SEK -15 (-17) million. Basic earnings per share amounted to SEK -0.29 (-0.31). Cash flow from operating activities was SEK -18 (-15) million. The accumulated number of users increased to approximately 845,000. The accumulated number of downloads amounted to 25.5 million. The number of manufacturers was 1,230. The Board decided to initiate the process of listing the Company on Nasdaq Stockholm. Significant events during the second quarter BIMobject forms strategic partnership with Pipe Retail Solution to streamline digital planning of retail spaces. BIMobject signs Letter of Intent with leading US 3D media company Matterport. CEO's comments EQT Ventures' investment

Immunicum AB (publ) to Present Preclinical Data on Ilixadencel in Combination with CPIs and Immune Enhancers at ESMO 2018 Congress13.8.2018 08:00Pressmeddelande

Press Release 13 August 2018 Immunicum AB (publ) to Present Preclinical Data on Ilixadencel in Combination with CPIs and Immune Enhancers at ESMO 2018 Congress Immunicum AB (publ; IMMU.ST) announced today that the company will present a poster on its lead development candidate, ilixadencel, at the European Society for Medical Oncology (ESMO) 2018 Congress, held October 19-23, 2018 in Munich, Germany. Immunicum will announce the complete data through a press release following the presentation. The poster abstract will also be published in the ESMO 2018 Congress Abstract Book, a supplement to the official ESMO journal, Annals of Oncology. Poster Information: Title: Intratumoral administration of pro-inflammatory allogeneic, "off-the-shelf", dendritic cells in combination with anti-PD-1 or anti-CD137 has a synergistic anti-tumor effect Presentation Number: 440P Presenter: Dr. Alex Karlsson-Parra, Chief Scientific Officer Date & Time: Monday, October 22, 2018; 12.45 - 13.45 CET Location: H

Immunicum AB (publ) presenterar prekliniska data för ilixadencel i kombination med checkpointhämmare och immunaktiverare på 2018 års ESMO-kongress13.8.2018 08:00Pressmeddelande

Pressmeddelande 13 augusti 2018 Immunicum AB (publ) presenterar prekliniska data för ilixadencel i kombination med checkpointhämmare och immunaktiverare på 2018 års ESMO-kongress Immunicum AB (publ; IMMU.ST) tillkännagav idag att bolaget kommer att presentera en poster om sin ledande produktkandidat, ilixadencel, på 2018 års kongress för European Society for Medical Oncology (ESMO) , som hålls den 19-23 oktober 2018 i München i Tyskland. Immunicum kommer att offentliggöra fullständiga data i ett pressmeddelande som följer efter presentationen. En sammanfattning av postern kommer också att publiceras i ESMO 2018 Congress Abstract Book, ett komplement till ESMO:s officiella årsbok, Annals of Oncology. Posterinformation: Titel: Intratumoral administration of pro-inflammatory allogeneic, "off-the-shelf", dendritic cells in combination with anti-PD-1 or anti-CD137 has a synergistic anti-tumor effect (Intratumoral administration av pro-inflammatoriska allogena dendritiska celler som kan lagr

I vårt pressrum kan du läsa de senaste pressmeddelandena, få tillgång till pressmaterial och hitta kontaktinformation.

Besök vårt pressrum