Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

Spam Propagation Findings

Ingrid

⇤ Compromised Systems Findings

Spam Propagation is composed of compromised systems sending unsolicited commercial and/or bulk email.

If a company offers a bulk email sending service, such as a digital marketing company that sends marketing material on behalf of their customers, they are excluded from the Spam Propagation risk vector. These companies are identified with an envelope icon next to their name on their company overview.

SPM App: Findings ➔ Findings Table

CM App:

  1. Select a company from your Companies List.
  2. Go to Vendor Risk ➔ Findings

Insurance App:

  1. Select a company from your Companies List.
  2. Go to Client Risk ➔ Findings

Bitsight API: GET /v1/companies/entity_guid/findings?risk_vector=spam_propagation

Learn how to track spambots.

To protect our data sources, destination mail server information or destination IP addresses are not provided. Use the source IP address and IP block ranges in your infrastructure as a compass to narrow your search for spambots. Spambot activity in the source IP address may not be the same IP address of your company mail servers.

Finding Details

*Availability varies based on the detection mechanism.

The details include the data in Findings, Compromised Systems details, and also the following information:

Field Description
Email From Address The email address assigned in the “From” email header field of a spam email.
Email HELO string* The domain of the Simple Mail Transfer Protocol (SMTP) client.
Email Sender The email address of the original sender of a spam email.
Email Subject The subject line of the spam email.
Observations The number of times the spam propagation was observed in a 24-hour period, between midnight UTC one day and midnight UTC the next day.
Spam Relay IP The IP address of the email relay used by the Send-Safe program to distribute spam.
Spam Type The method (e.g., Snowshoe, which disguises the true number of sent messages) or tool used to send spam (e.g., the Darkmailer spamming service).
Detection Mechanism The method used to detect the infection.
  • October 29, 2024: Findings Table navigation instructions moved from Risks to a new Findings section in the menu.
  • January 19, 2024: Findings Table navigation by application.
  • April 6, 2021: Forensics integrated into Findings.

Related articles

Feedback

0 comments

Please sign in to leave a comment.