Email security firm Halon discovers why 1 in 3 Americans would knowingly open a suspicious email and the subsequent retaliation they take on spammers
Halon, the technology leader in email security, today announced the results of its U.S. survey ‘Email Spam and Related User Behavior’. Conducted by market research group TNS Global, the survey discovered that 94.7 percent of Americans received at least one email containing a virus, spyware, or malware. About one in eleven (8.8%) opened the attachment and infected their computer. Almost a third (30.2%) came dangerously close to doing the same, opening the email but stopping short of opening the attachment. These spam emails bogusly claim to come most often from banking institutions (15.9%), social media sites like Facebook or Twitter (15.2%), and online payment services (12.8%).
One in three Americans admit they would open an unsolicited email—even if it seems suspicious—depending on its subject line. For women, spam email messages containing invites from social networks are alluring, while men are tempted to open ones with the time-tested suggestions of money, power, and sex. Specifically, the survey found that women are more likely to open emails from social-media related accounts (8.2% to 5.6%), but that men are nearly three times as likely to open unsolicited bulk emails that promise monetary rewards (9.4% to 3.8%) and far likelier to open emails professing to include naked photos of celebrities (2.8% to 0.6%), themselves (2.3% to 0.9%) or friends (1.1% to 0%).
— Spam email is an unfortunate fact of life in the computer age. Users have become more aware of the threats they face, but spammers have also become craftier in disguising these messages. said Halon’s North American CEO and co-founder, Jonas Falck. Web hosting and email service providers don’t always prevent spam email threats from being delivered, so people need to be careful when encountering suspicious emails that may hijack their computer or render it inoperable.
Halon’s survey also indicates that Americans’ traditional understanding of spam has expanded beyond unsolicited sales offers. These include social media posts (mentioned by 41.5%), text messages (40.8%), and phone messages (35.1%). Even people’s friends and acquaintances weren’t immune from the spam “tag,” with 26.2% sending messages people didn’t find interesting and, thus, earning the distinction.
Nearly one in three Americans (31.4%) are likely to take action against people who sent spam. In fact, men were more likely than women to take action against the sender when discovering spam (35.5% to 26.5%), especially in a more confrontational manner, such as an angry email (8.9% to 1.0%), angry phone call (7.0% to 4.2%), angry social media post (3.8% to 1.9%), or angry text (3.1% to 0.4%).
People were alerted to email spam in many cases by a message’s subject line (70.5%), more than half of the time (42.9%) when the text in the subject line was in “ALL CAPS.” Other common triggers that made users aware of spam were the senders email address (67.9%), strange formatting (62.4%) and strange language (56%).
Survey Methodology: This survey was conducted online within the United States by TNS via its omnibus product on behalf of Halon in August 2013, among 1,000 adults ages 18 and older. For complete survey methodology, including raw data and weighting variables, please contact William McCormick at Grayling.
We have some exciting news! The upgrade to FreeBSD 9 and overall refactoring was not the only treatment the Halon MTA got this autumn and winter. We have collected feedback and performed evaluations of how our customers uses the web interfaces, trying to figure out what the best possible reporting and logging experience would be like. Read on to see what this has resulted in.
We have migrated to the new web interface from the security router series. That means a prettier UI, faster loading times, the ability to link directly to certain views using URLs with query strings, and better utilisation of your screen’s full width.
Let’s start with the mail tracking. The new UI provides some benefits of its own; displaying more information, auto-scaling all columns, and faster loading. We have combined the history, queue and quarantine within the same page. It’s pageable with a variable page size, so that you can view as many messages as you like per page. It has multi-select actions, for better queue management (viewing perhaps 1000 messages matching a certain search query, and bouncing them all). Finally, the “eye” icon brings up an inspector which you can use to view details for a message by just hovering items in the list.
The new log searcher is a lot faster than the previous, and can render thousands of lines without hogging your web browser. Most importantly, it can search multiple cluster nodes at the same time, viewing the number of hits (in real-time) per cluster node as a green badge. In that way, you can start a search for an IP address, and then ask someone to try sending the message again, and you will (when tailing in real-time) see a green badge on the cluster node which received the connection. Extremely handy.
The new reporting and graphs are based on the SR series code. That means a new statd which is fast, produces beautiful graphs, with real-time graphs, customisable legends, etc. Best of all is however that you can graph anything you like. To start with, you can create legends yourself; just look at the pie chart in the bottom right width the edit button clicked. You can even use math expressions to calculate values. Even cooler, you can use the new HSL stat() function in any flow, producing counters for whatever you like. There counters automatically becomes graphs and pie charts. I believe this is the most powerful reporting available in any mail security product ever. Perhaps any appliance.
Scripting, such as the system authentication script that allows for remote authentication and custom access levels, has become a lot better thanks to a great scripting editor with syntax highlighting and the ability to test the script using a “sandbox environment”.
The new web UI from the SR series doesn’t only bring nice real-time graphs, but also a true ANSI terminal.
We have made the already awesome clustering a lot easier to configure; with one “create cluster” guide joining two initial units, and one “add node” guide for adding a third, fourth, etc node to an existing cluster.
Skapa ett battre liv for dina medmanniskor och tjana pengar pa det
Vi erbjuder dig ett arbete pa fritiden, lon fran 90 EUR i timman
Fa 90 EUR kontant i handen for den forsta timmens arbete inom tre dagar
you’re certainly not alone (and not using our spam filters). At about 7 pm yesterday (Swedish time) someone thought it would be a good idea to send a massive burst of spam. It seems that for many of our customers, that single spam outbreak accounted for as much as 70-90% of the total traffic. It seems that all of them used “yahoo.nl” as sender domain, which (unsurprisingly) doesn’t use SPF.
Fortunately, the combination of Commtouch’s RPD and our own (Halon) outbreak signatures was able to block it entirely, from 6 pm.
We can see that a lot of this was also blocked at IP level. The “normal” amount of IP blocks is almost invisible in the graphs, compared to the spam outbreak. I’ve removed the axis of the graphs, but let me tell you this. One of our customers, which is a large hosting provider, blocked more than 4 million of those per hour. That sure is a pretty persistent spammer.
We said to ourselves; “wouldn’t graphs that update every second with live data be useful”, and a few hours later the statd process was tweaked to output 1-second measurements of traffic, CPU, firewall states, etc. and the graph library was modified to dynamically populate data-points (in addition to the “historical” rrdtool file format support that it currently has).
API-wise, this translates into the commandRun API. The normal graphs, populated over time, is fetched using the graphFile API call, which takes an argument such as “interface-em0-packets” and returns the raw rrdtool database data. For real-time graphs, this translates into executing “statd -g interface-em0-packets” using the command-API. While we were at it, we added both “historical” and real-time graphs for firewall states.
In the web user interface, add graphs as usual, and select “Real-time” as time interval (instead of Recent, Day or whatever it says).
GOTHENBURG, Sweden, 02 Mar 2011 — Virus Bulletin has since 2009 given out the prestigious VBSpam Verified award, in order to help customers choose anti-spam solutions which actually keeps their promised false-positive and spam catch rates. In the latest test Halon delivered as promised with ease.
After years of experience on the field; testing tools for spam and malware protection, Virus Bulletin started in early 2009, focusing on testing various vendors in the anti-spam segment. VBSpam tests products by sending vast amounts of real-time spam simultaneous to all participants, to simulate a fair real-world scenario, so customer knows what to expect.
Halon participated for the first time in a VBSpam test, this month of March 2011. Halon achieved a top placement and was awarded with the “VBSpam Verified” award, which was the result of a catch rate of 99,71 % without a single false positive.
— We are very proud, and pleased to see that our product outperforms larger competitors on the market, says Peter Falck, CEO, Halon Security.
Halon protects and secures both inbound and outbound communication and is being used in business ranging from very small to large and hosting/carrier-class corporations. Halon supports next-generation Internet and mail security technologies such as IPv6, DNSSEC and DKIM, which makes your IT investments long-term future-proof. It runs on many virtualization platforms and on bare-metal.
Today, on the 2nd of September we release 188.8.131.52. Neat, right?
Among the new features you’ll find the DNSSEC trusting the newly signed root anchor, administration user interface improvements and the usual stability and performance enhancements.
Now why would you care? Well, this could be your first step into the next generation of e-mail security. Why not start DKIM tagging when you’re at it?
There are small, yet useful features are well. Let’s say you want to implement a reporting rate control in your outgoing recipient flow, so that users or servers doesn’t send outgoing spam. In this example, we do this per-username ($saslusername, a pre-defined variable in the recipient flow) limiting the number of e-mail to 100 every hour, while sending at most one warning e-mail to the administrator about this every day and per user.
GOTHENBURG, Sweden, 25 Aug 2010 — Halon Security, is proud to announce its addition to the VMware partner family.
Halon is a complete package for clean incoming and outgoing email between email servers from spam, viruses, malware and other threats. Halon runs as a virtual machine in virtualization solutions such as the VMware virtualization family. Since it utilizes system resources that are already in place, no additional hardware needs to be purchased and powered on, which enables any IT department to lower its environmental footprint and save money at the same time. It doesn’t get any greener than that.
— We are incredibly proud to have VMware put the spotlight on us, a small company from Gothenburg in Sweden. The VSP has done extremely well here in Europe and we hope that the addition in the VMware Marketplace will help more customers around the world find us and this incredible product, says Peter Falck, founder and CEO at Halon Security.
The VMware Marketplace features the VMware partners and their products. A total of approximately 1400 products are on display on the web site and out of these only 29 have been given the VMware Ready certification, of which Halon Security are one.
GOTHENBURG, Sweden, 26 Apr 2010 — Halon Security’s popular e-mail gateway is now being upgraded to a completely new version. New features include support for DKIM, DNSSEC, better performance and lower hardware requirements, which together make the perfect solution for web hosting and Internet service providers.
Halon Security’s solution for email protection is constantly developing in order to give its users support for modern standards and exciting new features. In version 2.2 there are plenty of new features.
Version 2.2 has by a substantial work of Halon developers in Gothenburg almost got into a “turbo mode” by significantly lower hardware requirements and properly optimized code.
Our developers never rest when it comes to making our products more efficient and more environmentally friendly. It is a job that will benefit both our customers and our environment, says Peter Falck, CEO of Halon Security.
It has also support for a number of interesting standards. It can now handle domain name that is cryptographically signed as DNSSEC. Another major new feature is support for DomainKeys Identified Mail, or DKIM, which allows a company or organization to take responsibility for an email, and ensure that the sender is legitimate by cryptographic keys that signs each e-mail message.
Both of these standards contributes to less spam and more efficient use of bandwidth on the Internet. These are functions that ISPs and web hosting are increasingly seeking to be able safeguard their customers’ e-mail.
Halon has long been one of the world’s best products when it comes to stopping spam. Now we are also one of the world’s best products in terms of allowing companies to use their e-mail environment more efficiently and safely, says Peter Falck, CEO of Halon Security
The Halon MTA is a flexible email operations and security platform.
It enables organisations that operate large-scale email services to offer competitive features by rapid implementation
and to lower maintenance costs through reliable deployment and reduced complexity.