Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Don't Risk the Blacklist - Stop Outbound Spam


Published on

One of the biggest challenges service providers face springs from inside their own infrastructure. Spam attacks emanating from within cause irreparable damage to business and network reputation, not …

One of the biggest challenges service providers face springs from inside their own infrastructure. Spam attacks emanating from within cause irreparable damage to business and network reputation, not to mention customer confidence.

Published in: Internet

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. 21 August 2014 © 2014 CYREN Confidential and Proprietary OUTBOUND SPAM: DON’T RISK THE BLACKLIST! December 4, 2013
  • 2. © 2014 CYREN Confidential and Proprietary 2 AGENDA  Introduction  The Business Challenge of Outbound Spam  The Limitations of Traditional Approaches  The CYREN Approach  Summary  Q&A
  • 3. © 2014 CYREN Confidential and Proprietary 3 POLL QUESTION #1 Have you had an IP address blocked or blacklisted in the last 12 months? (Yes/No)
  • 4. © 2014 CYREN Confidential and Proprietary 4 OUTBOUND SPAM IS A HEADACHE  66% of providers rate outbound spam an important or extremely important issue  87% believe email providers must actively eliminate zombies  ~40% have had IPs blocked or blacklisted in last 12 months  49% report outbound spam is damaging their corporate reputation  56% of customers with email blocked due to provider spam problems would switch to one that does not block innocent users Source: Osterman Research/CYREN
  • 5. © 2014 CYREN Confidential and Proprietary 5 OUTBOUND SPAMMING METHODS  Acquire compromised user accounts  A valid account, compromised by phishing or malware  Bot/Zombie is leveraged by external spammer to propagate spam  Create user accounts just for spamming
  • 6. © 2014 CYREN Confidential and Proprietary 6 BUSINESS IMPACT  Blocked IP Ranges  Appearing in IP reputation DBs  Lost Revenue and Profit  Removing addresses from blacklists  Increased support for unhappy customers  Customer churn  Reputational damage  Recurring Attacks  Spamming continues at lower volumes
  • 7. © 2014 CYREN Confidential and Proprietary 7 POLL QUESTION #2 What best describes your process for getting removed from blacklists? 1) No fixed process 2) Phone calls/emails by operations 3) Automated (nobody has to do anything) 4) No process – we never get blacklisted
  • 8. © 2014 CYREN Confidential and Proprietary 8 LIMITATIONS OF TRADITIONAL APPROACHES  Block port 25  Disrupts legitimate usage  Reverse Inbound Spam Filter  Slow response to new outbreaks  Ineffective locally and regionally  Increased risk of false positives  Throttling/Rate Limiting  Spammers learn to send below the limit These approaches are ineffective because they only treat symptoms, not the underlying problem
  • 10. © 2014 CYREN Confidential and Proprietary 10 CYREN IS A TRUSTED SECURITY PARTNER TO THE LEADERS 180+ Partners with over 550 million End Users
  • 11. © 2014 CYREN Confidential and Proprietary 11 GLOBAL REACH OFFICESDATA CENTERS © 2014 CYREN Confidential and Proprietary
  • 12. © 2014 CYREN Confidential and Proprietary 12 © 2014 CYREN Confidential and Proprietary 12 WHAT MAKES US DIFFERENT
  • 13. © 2014 CYREN Confidential and Proprietary 13 WHAT MAKES US DIFFERENT + SPEED ACCURACY REAL-TIME INSIGHT We see more than anyone else. RECURRENT PATTERN DETECTION Our patented detection technology GLOBALVIEW™ CLOUD The most robust transaction base in the industry - 12 Billion/day
  • 14. © 2014 CYREN Confidential and Proprietary 14  We focus on our core competencies so you can focus on yours.  Products designed for partners  Won’t compete for your business COMMITTED TO PARTNER SUCCESS WHAT MAKES US DIFFERENT © 2014 CYREN Confidential and Proprietary
  • 15. © 2014 CYREN Confidential and Proprietary 15 THE UNIQUE CYREN APPROACH TO OUTBOUND SPAM  Block based on global patterns  Block using local patterns  Identify and Report senders  Manage approved users Providing effective blocking and the information needed to resolve the root cause of outbound spam
  • 16. © 2014 CYREN Confidential and Proprietary 16 Local RPD Analyze local traffic Detect patterns Store signatures 2 HOW DOES IT WORK? Global RPD Analyze billions of global emails/day Detect recurrent patterns Store signatures of spam emails Compare email signatures to find global and local spam Service Provider Outbound Spam Engine Internet 1 3  Uses the common characteristic of all spam - mass distribution  Global RPD identifies outbreaks instantly by distribution patterns  Local RPD detects based on local patterns with configurable thresholds GlobalView Cloud
  • 17. © 2014 CYREN Confidential and Proprietary 17 IN AN EMBEDDED DEPLOYMENT MODEL  Service Integration via SDK  Integrates directly into your infrastructure  Simple to configure and deploy  Stops Outbound Spam  Identifies Compromised Legitimate Accounts  Highlights Malicious Spam Accounts  Simple, Easy Deployment  Unzip CYREN Daemon On MTA or Other Server  Open .conf file and insert the license key and connection string  Start running traffic
  • 18. © 2014 CYREN Confidential and Proprietary 18 IDENTIFYING OUTBOUND SPAM ACCOUNTS
  • 19. © 2014 CYREN Confidential and Proprietary 19 SUMMARY: CYREN OUTBOUND ANTISPAM (OAS)  Outbound Spam causes significant issues and cost  Traditional approaches yield poor results  CYREN OAS uniquely deals with outbound spam by:  Blocking spam at source - even when unique to a network  Pinpointing the accounts - whether compromised or pre-built  Documenting the root cause  OAS provides a comprehensive solution to:  Avoid costly blacklisting  Reduce customer churn  Increase profitability
  • 20. © 2014 CYREN Confidential and Proprietary “Our customers now enjoy the very highest level of protection from the nuisance of spam emails, without risk of having their critical communications erroneously blocked” CTO – “Spammers were using phished accounts to send spam from our network. We needed a solution to recover compromised accounts, block spammers and prevent our IP addresses from being blacklisted” EVP, Hostway “We have gone from being blacklisted every week, to not being blacklisted at all for the last 18 months” SVP, Hoster
  • 21. © 2014 CYREN Confidential and Proprietary QUESTIONS?
  • 22. © 2014 CYREN Confidential and Proprietary THANK YOU