A tweet from @threatpost that warned: “Twitter spam may become more context-aware” pointed me over to this article that had some interesting bits, like:

“Twitter malware and spam uses a pretty straightforward attack vector. You get a twitter message from an account (usually with an attractive female avatar) telling you that you’ll get something awesome if you click on the helpfully provided link. Most people don’t click, because they realize that if a hot chick sends you a link on twitter claiming you’ll win a free iPad, it’s probably not legit.”

The author goes on to predict that twitter spam will get a lot more sophisticated and targeted, and it will get harder and harder for people to determine who to trust and who’s a bot (speaking of bots) and who’s not a bot:

“Twitter link spam will get a lot more context aware in 2012 and it’s going to be difficult to make an eyeball determination whether someone you don’t know has sent you a link because they follow you and they think you will be interested in a topic, or they are just trying to spam you”

As a matter of fact, we get a lot of tweets from scantily clad fembots that try to make us click malicious links, so we built an app to deal with that. It’s called Unfurlr, and you’re free to use it too, whenever the fembots come knocking –>  http://unfurlr.com  (bookmark it now, because they will come knocking)

And here’s a little more background info about Unfurlr.

ZDnet recently posted a report from Commtouch about how spammers and hackers seem to be trending away from botnets, and going after compromised personal email and social accounts instead (hotmail, gmail, facebook, etc).  They found that of the spam sent from Hotmail, almost 30% came from compromised accounts. Perhaps not so coincidentally, Hotmail just released a new “my friend’s been hacked” reporting mechanism.

Even though these reports center around personal webmail services and personal social accounts, ESP customers should look into beefing up their security as well.

Read More

We recently experimented with crowdsourcing the review of outgoing campaigns from MailChimp’s servers. Normally, if our Omnivore algorithms detect something suspicious about a campaign, we’ll automatically suspend the account and follow up with a review by our internal Compliance Team. But we’ve been testing the idea of also sending the campaign to Amazon’s Mechanical Turk service for manual review by humans. We simply showed the email to a “turker” and asked them, “Is this spam?”

The experiment only involved sending roughly 7,000 email campaigns over to be reviewed. But within the first 2 days, we started getting back some unexpected, yet fascinating results.

In particular, there were certain email templates that kept getting repeatedly flagged as spam by these human reviewers, even though they weren’t spam at all.

All these “false positives” had some common design traits, so we thought we should share our findings…

Read More

One of the hardest, dirtiest jobs we ESPs have to do is manage bouncebacks. We send a few bajillion emails out, and a kajillion bounces inevitably come back. Now, we have to scan every single one of those complicated email headers to figure out what type of bounce it was, then decide what to do with it. If we get a “hard” bounce, that usually means the account we tried to deliver email to doesn’t exist (and so we should clean the member from that list). If we get a “soft” bounce, that usually means the account exists, but we should try again later. Not to mention FBL parsing, and simply filtering out the spam that we get before we can even get to the bounces. It’s like sorting through a dumpster to find recyclables or something. Not very glamorous.

It would be all fine and dandy if people would follow delivery status notification best practices and guidelines. But they don’t. Sometimes this is a reaction to spam, and sometimes it’s just ignorance.

For example, some server admins insert snarky messages in their email headers, like “We don’t want your message. If you send email to us again, we’ll report you.” Well, that’s their prerogative and all, and we’re happy to never send to them again, but if they simply hard bounced the email, we’d be able to clean it from the list faster.

Then there are some ISPs who are downright deceptive with their bounceback codes…

Read More

In January, we announced Omnivore, our massive anti-spam research project that ran 61 trillion email data comparisons using genetic optimization algorithms in order to teach our network how to automatically detect and prevent abuse.

For those of you who don’t know, we built Omnivore in order to prepare for our big Freemium plan that we launched back on September 1st, 2009. We didn’t want to offer a free email marketing service without having a scalable system in place to protect our deliverability (not to mention the sanity of our Compliance Team).  Good thing, too.

In just under a year, MailChimp grew from 85,000 users to over 430,000. We couldn’t have grown 5-fold like that without Omnivore.

Here’s an update on what we’ve learned so far…

Read More