Over the weekend some of Green Mountain Access (GMA) email customers received emails with a subject line that read, “Free Download Child Porn Videos, Free Child Sex Video.” When Waitsfield Telecom, GMA's parent company, received word of this they reached out to the National Rural Telecommunications Cooperative (NRTC) and their team started investigating to make sure there wasn’t any criminal activity that needed to be reported to the police.
"The NRTC team was able to quickly identify the emails and were able to determine that these were phishing emails (click bait) that redirected to online gambling websites and did not contain any illegal/inappropriate images, but did contain a very disturbing subject line. At that point, they ran a script that proactively removed any of these emails from customers email boxes and notified Edgewave of the issue," said Waitsfield Telecom spokesperson Kurt Gruendling.
Gruendling said that these phishing emails were able to get through the Edgewavae/Go Secure SPAM filter because they came from valid Gmail accounts.
" Actually, in this case, the SPAM filter worked exactly as designed. As such, blackhole lists didn’t apply since the email was originating from a valid domain name and email address. One would think that Google would have caught it on the outbound SPAM filtering, but they were not," he said.
Edgewave did catch the majority of the emails, more than 200,000 of these messages were blocked, he noted.
The users who did receive these emails in their inbox have an "allow list" entry in place that allows email delivery for the full gmail.com domain.
Most of the users who received these emails, received multiple versions of them over the course of the weekend. Also, since the spammer continued sending emails, customers still could potentially receive additional offensive emails like this, Gruendling pointed out.
"Unfortunately, as we all know, there is no perfect SPAM filter. It is always a balance between email delivery and not blocking legitimate emails that are not SPAM and those emails, such as this, that are obviously SPAM messages. All while spammers are constantly changing their tactics to get around SPAM filter algorithms," he added.