Cyber crime is only likely to increase, despite the best efforts of government agencies and cyber security experts. Its growth is being driven by the expanding number of services available online and the increasing sophistication of cyber criminals who are engaged in a cat-and-mouse game with security experts. With the right level of preparation and specialist external assistance, it is possible to control damages, and recover from a cyber breach and its consequences.
Yahoo has sent out another round of account compromise notifications, warning users that hackers may have accessed their accounts by using forged cookies instead of passwords. How many in total, the company wouldn’t say. This attack is not exactly news, as the company disclosed it in November 2016 in a SEC filing. But, after the revelations about the massive Yahoo breaches from 2013 and 2014, it passed largely unnoticed. A first round of notifications to potentially affected users went out in December 2016, but that was obviously not the end of it.
Administrators of Hadoop Distributed File System (HDFS) clusters have evidently not heeded warnings that surfaced last month about securing software with insecure default settings. Attacks on Hadoop clusters have wiped the data of at least 165 installations, according to GDI Foundation security researchers Victor Gevers, Niall Merrigan, and Matt Bromiley. The trio report that 5,300 Hadoop clusters are presently exposed to the internet, some of which may be vulnerable.
ProofPoint posted about their discovery of a new ransomware called Serpent that is being distributed via SPAM emails. It was further determined that this ransomware appears to be a new variant of the HadesLocker and Wildfire ransomware family. Unfortunately, at this time there is no way to decrypt files encrypted by the Serpent Ransomware.
How to Avoid the SPAM Folder in Easy Steps
Internet Service Providers (ISPs) are waging an endless war against the spammers who invade our mailboxes.
This war has heavy casualties in the form of “false positives”—legitimate commercial emails mistakenly routed by spam filters to bulk folders.
If your marketing results suffer because you struggle to reach inbox space consistently, keep reading and learn 10 foolproof steps for avoiding the SPAM folder.
Avoid Purchased Lists
Have you ever been tempted to grow your list by a million potential customers in no time? Have you been to forums where thousands of “targeted leads” are sold for a few bucks?
Purchased lists are ticking time bombs, waiting to devastate your reputation as a sender. Riddled with dead emails and spam traps, they quickly inform mailbox providers that you break the rules by sending unsolicited emails.
At best, your messages may end up in junk folders. At worst, you may be branded as a spammer.
If you still buy emails lists, STOP NOW.
Watch What You Say
Spam filters analyze your content. There are no magic keywords to enhance deliverability, but limiting the use of risky words—such as free, buy, promo, etc.—reduces the likelihood of your emails landing in the spam folder.
- Link only to legitimate sites with reputable domains.
- Don’t go crazy with email size (30 kb is just fine.)
- Balance the image-to-text ratio.
- Host your images at credible services only.
Team Up With A Reliable ESP
Email Service Providers (ESP) are evaluated as senders based on the reputation of the Internet Protocol (IP) addresses and domains of their clients.
Careless ESPs with low scores on the IP addresses of their senders are destined for spam folder delivery. Eventually, they will be blocked by the providers like Gmail, Yahoo! Mail, and Hotmail.
ESPs that send only solicited emails and ban spammers from their platforms have greater credibility with mailbox providers. Their Customers are more likely to experience undisturbed inbox delivery if they follow the steps outlined in this post.
If you are on a dedicated IP space, you should definitely look at the certification provided by a company called Return Path. Once they audit your mailing practices, you can get a Sender Score Certified status which will guarantee that you inbox at most of the major ISPs out there. This service is not free, but it definitely deserves a closer look. The money spent on the fees should be easily returned by the increased conversions.
Avoid Dirty Tricks
What may have been effective in 1997 no longer works today. Remember, being caught red-handed in any of these practices may cause permanent damage to your deliverability ratios:
- Hashbusting: Inserting random characters in the subject line or content to fool spam filters, e.g. “F.ree. p.r!z.e”
- Deceptive Subject Lines: Starting the subject line with “Re:” or “Fwd:” to suggest an ongoing communication with the sender.
- Misleading Claims: Subject line stating that the recipient has won a prize, while the copy lists conditions that have to be met in order to claim it.
- Image Text: Concealing a text message in an image to fool spam filters.
Whitelist Me, Please!
Your Email Marketing Service (EMS) asks mailbox providers, such as Gmail and Yahoo Mail, to whitelist your domain or Internet Protocol (IP) address. That is why it’s important to send marketing emails through a reputable EMS, rather then sending emails from your own email server or email account.
When confirming your new subscribers (e.g. via a welcome email), ask them to add your “From” address to their address books. It is a foolproof way to release all future emails from the constraints of the spam filters. This is so easy, yet practiced so rarely.
It Matters Where You’re “From”
Mailbox providers evaluate more than just the sender’s IP, domain and content. Yahoo! Mail, in particular, pays close attention to your From field addresses.
Our internal analysts have even noticed variations in deliverability results from using the address firstname.lastname@example.org versus email@example.com.
- Avoid frequent changes of From field names
- Avoid obscure From field names, such as: “firstname.lastname@example.org”, “email@example.com”
- Use clear, trustworthy From field names, such as: “contact@”, “newsletter@”, “support@”, feedback@”
Stick to a limited number of verified, recognizable From field names. Build a good reputation for those addresses by sending only engaging, solicited emails, and you’ll notice the difference.
No Risk, No Problem
Your email campaigns may contain risky elements that are detrimental to the deliverability of your messages. Here’s a brief checklist to go through before you hit the “Send” button:
- Be careful with words associated with the language of sales. If overused, they may trigger spam filters and route your emails to junk folders. Risky words include: “prize”, “free”, “bonus”, “buy, “purchase”, “order” etc.
- Common sense will tell you that one exclamation mark per sentence is enough. Never shout at your subscribers, (e.g. “Buy my e-book now!!!”). Exclamation marks are especially risky in email subject lines.
- Never overdo the use of “ALL CAPS.” When emphasis is needed, use a maximum of one word per sentence in all capitals, never a whole sentence.
Monitor Your Deliverability
Want an easy way to monitor deliverability that costs you nothing? Add a “seeded” list of email addresses using ISPs that your customers use most often, such as Gmail, Yahoo Mail, AOL, and Hotmail.
Set up approximately 5 mailboxes at each provider then include the seed email addresses in your mailing list. After each newsletter is deployed, log in to each seed account and verify whether the email was delivered successfully by that provider. Pronto!
If you notice a deliverability problem, check your adherence to the other 9 points listed in this post. If you still experience problems, consult with your Email Marketing Service about how to resolve the problem.
Stay In Touch!
Sending emails once every two or three months can be more detrimental than sending multiple emails daily. Why? Your Customers might forget all about you.
If subscribers fail to recognize the From field, they may delete your message, hurting your “open” ratio. Even worse, they may forget signing up for your list and generate negative feedback by marking messages as spam.
There are lots of good reasons for maintaining a steady flow of communication, rather than relying on infrequent, massive “blasts.
Intrusions happen, threats emerge and your security operation needs to be at its peak efficiency. Anglo African solutions can quickly intercept threats and thus help in avoiding data breaches. For more information about cyber security kindly contact Anglo African on 2331636 or by e-mail at firstname.lastname@example.org