Spam Outbreak Alert : Snowshoe/Rotating Domain type spam

03/26/2020 1035 9184

DESCRIPTION:
Spam Outbreak Alert : Snowshoe/Rotating Domain type spam

RESOLUTION:
This alert has been issued due to an increase in spam being reported as false negatives are increasingly sharing the following characteristics:

• Snowshoe/Rotating Domain type spam

Issue Summary:

Around mid-August, we started seeing an uptick in spam that were coming from various IP addresses with rotating sending domains. While the body of the message may contain multiple variations, including image based content, word poisoning, and other random content, the sending domain and source IP were rotating frequently. The very nature of this type of spam threat, attempts to circumvent spam protection by exploiting the frequency of scheduled updates. SonicWall is continuously making updates to its policies to mitigate the outbreaks of newer Snowshoe/Rotating domain spam campaigns through the analysis of current submissions and as collected by our spam feeds.

Current Action items actively being pursued:

Continuous investment is being made into root cause analysis of these attacks; we continue to add to our IP reputation data, to effectively block the sources of which these spam threats are originating from.

• New policy filters are being created around the clock to mitigate new spam threats
• Existing policy filters are being reviewed and updated to increase effectiveness

To report continued false negative spam samples, please reach out to our Technical Support Team.