 sj |
||
|
||
BS: Tech too: The Latest in SPAM
| JohnInKansas | 15 Jul 08 - 02:00 PM | |
| Peace | 15 Jul 08 - 02:02 PM | |
| Jeri | 15 Jul 08 - 02:19 PM | |
|
|
|
|||||||||||
|
BS: Tech too: The Latest in SPAM
|
Share Thread
|
||||||||||
|
Subject: BS: Tech too: The Latest in SPAM From: JohnInKansas Date: 15 Jul 08 - 02:00 PM People here shouldn't really need a warning, but might want to pass on to less knowing friends that there has been a notable change in the "Phish hooks" being used by malware distributors. 'TABLOID' SPAM IS WORM'S NEWEST TURN Posted: Tuesday, July 15 at 05:00 am CT by Bob Sullivan [at MSNBC Red Tape Chronicles] No, presidential candidate Barack Obama was not found dead in a "shock accident." John McCain was not "found unconscious in a toilet." Will Smith wasn't "found dead in bathtub" either. And Britney Spears has not broken her arm in a "freak poolside accident." The truth is quite a bit more subtle. A Microsoft security upgrade in April largely dismantled a network of hijacked computers used by criminals to send spam, and the hackers are desperately trying to rebuild it. To entice users to click on the links that will infect their computers with the notorious Storm worm, they have dispatched an avalanche of e-mail with fantastic news headlines in recent weeks. The average Net user is getting about 60 of the phony news bulletins per day, says the security firm MessageLabs. Here's a sampling of subject lines: "Bill Clinton in today's Times - thank god Hilary didn't beat Obama." "Beijing Olympics canceled upon the death of China's president." "Obama bows out of presidential race." "Scandal rocks Obama as lurid sex video leaked?" "Dog digs grave for owner." And perhaps the most fantastic of all, "Oil falls below $100 a barrel." No, spammers haven't hired a bunch of former supermarket tabloid writers. They're just doing what they do best – exploiting human nature. The Storm worm is the Internet's version of Broadway's "Phantom of the Opera" -- the longest running hit show around. Storm first appeared in January 2007, teasing users with a headline about deadly storms that hit Europe -- "230 dead as storm batters Europe," it said, offering a link to a full story. Clickers found themselves infected with the Storm worm. Storm was an immediate hit for the hackers, who managed to trick hundreds of thousands of recipients into clicking on the booby-trapped link. That enabled them to build an enormous network of hijacked computers, called a botnet, which they use to send out more spam or commit other Internet crimes. There have been hundreds of Storm variants since the first one, sent by a loosely affiliated gang of computer criminals. Some estimates say that up to 10 million PCs have been infected with Storm at one time or another. But in April, Microsoft updated its malicious software removal tool, much to the chagrin of the hackers. About four-fifths of the vast Storm network was cut off, said Paul Wood, a security researcher at MessageLabs. "That really cut into (the hackers) business model." Wood said. "So they are trying to do something to regain their power." That something is a huge spam campaign with over-the-top subject lines, all designed to be an irresistible click to recipients. Storm has always relied on fake news to entice e-mail recipients, but this latest surge is so creative it would be amusing if the e-mails didn't pack a very serious punch. Storm's creators are believed to be in Russia, but it's obvious from the headlines that they have a solid understanding of U.S culture. "Oprah Winfrey survives horror highway crash." "Michael Jordan confesses to relationship with Madonna a decade ago." "Martha Stewart found unconscious in home." "Obama challenges McCain to a marathon race to see who is fit as the commander-in-chief for USA." "Scientists estimate oil to run out earlier than expected in 2012." "Lindsay Lohan crashes brand new Lamborghini." Obviously, the strategy works -- or the spammers would have moved on to something else, says Dylan Morss, manager of business intelligence at Symantec. "This is a tried and true social engineering tactic," Morss said. "These are almost incredulous headlines, but you kind of want to look. They are going for a common human vice here." Symantec says it has blocked 200 million of these spam messages since April. Users who click on the link in the body of the e-mail are sometimes sent to a harmless-looking herbal supplement page hawking body part enhancement. Others are sent to a pornographic video Web site that imitates YouTube, and told they must install a plug-in to view the videos. Agreeing to download any software from porn sites is a recipe for certain Web disaster. But even the supplement sites can be laced with malicious software, Wood says. To stay safe, never click on a link in an e-mail, even If a subject line about presidential candidates or a Hollywood stars piques your interest. Instead, fire up your Web browser and go to a major news site like msnbc.com to check it out. If John McCain really has challenged Barack Obama to a duel in Weehawken, N.J., I promise our politics section will have the story. And if Madonna is linked to any other famous athlete, Courtney Hazlett and Scoop will be all over it. See more headlines /quote (sorry for the length, but the site rolls over to new subjects almost daily, and old articles get harder to find.) John |
|
Subject: RE: BS: Tech too: The Latest in SPAM From: Peace Date: 15 Jul 08 - 02:02 PM Thanks, John. |
|
Subject: RE: BS: Tech too: The Latest in SPAM From: Jeri Date: 15 Jul 08 - 02:19 PM The latest spam at Mudcat seems to be the usual gobbledegook (which some poor souls feel they need to reply to) and the 'respect' spam and 'I agree with the previous post' and 'can you help me, I'm going to (some country name)...', along with the 'news story of the day' such as John posted. Jeff has made it so the spammers can't post piles of links, so most of this stuff is just annoying. If you're not sure if something's spam, look at the message title. I suppose it's an artifact of the spamware, but the message title will be different from the thread title. If you read Mudcat using 'Messages since last visit', it appears as though they started a new thread with a new title. Please, PLEASE don't reply to spam. We moderators are probably going to see it and delete it, but we won't see and delete your post, so you're gonna look less than the brilliant person you really are. |
